[LFC4]

I'm running a Windows 8 system on a Lenovo z580 that has become extremely infected. I ran malware bytes and found the "crypt" service disabled and after malware bytes prompted a restart I now can't run and Microsoft security tools. When I try to start the program I get "Microsoft security client error 0x80070426"

[Advertisements]

Hi LFC4,



My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):

• Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
• Please do not install any new software while we are working on this system as it may hinder our process.
• Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
• Please do not try to fix anything without being ask.
• Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
• Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
• Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
• If you are confused about any instruction stop and ask. Do not keep on going.
• Do not repeat the steps if you face any problems.
• I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
• Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
• The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

 

• Step #1 Scan with RogueKiller
  • Download Rogue Killer from one of the suitable links below to your Desktop.
    • Download link for 32 bit system
    • Download link for 64 bit system
  • Click on Scan;
  • The scan won't take long;
  • Click on Report to open the log.
  • Copy and paste the content of the log in your next reply.

 

• Step #2 Scan with Farbar Recovery Scan Tool
  • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
    Download link for 32 bit system
    Download link for 64 bit system
  • Right-click on the program and choose Run as administrator;
  • Put tick-mark on all boxes under Whitelist and Optional Scan;
  • Click on Scan;
  • After the scan two notepad files will be opened --
    • FRST.txt;
    • Addition.txt
  • Copy and Paste the contents of the logs in your next reply.

 

• Required Log(s):
  • RogueKiller Report
  • FRST Log(s) --
    • FRST.txt
    • Addition.txt

Regards,
Valinorum

[Valinorum]

Hi LFC4,



My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):

• Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
• Please do not install any new software while we are working on this system as it may hinder our process.
• Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
• Please do not try to fix anything without being ask.
• Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
• Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
• Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
• If you are confused about any instruction stop and ask. Do not keep on going.
• Do not repeat the steps if you face any problems.
• I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
• Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
• The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

 

• Step #1 Scan with RogueKiller
  • Download Rogue Killer from one of the suitable links below to your Desktop.
    • Download link for 32 bit system
    • Download link for 64 bit system
  • Click on Scan;
  • The scan won't take long;
  • Click on Report to open the log.
  • Copy and paste the content of the log in your next reply.

 

• Step #2 Scan with Farbar Recovery Scan Tool
  • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
    Download link for 32 bit system
    Download link for 64 bit system
  • Right-click on the program and choose Run as administrator;
  • Put tick-mark on all boxes under Whitelist and Optional Scan;
  • Click on Scan;
  • After the scan two notepad files will be opened --
    • FRST.txt;
    • Addition.txt
  • Copy and Paste the contents of the logs in your next reply.

 

• Required Log(s):
  • RogueKiller Report
  • FRST Log(s) --
    • FRST.txt
    • Addition.txt

Regards,
Valinorum

[LFC4]

Thank you very much for your time ...

RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Moo [Admin rights]
Mode : Scan -- Date : 07/18/2014  07:34:08

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 16 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 68.238.96.12  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 68.238.96.12  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{03765EC4-1691-4D77-81D0-137949147D93} | DhcpNameServer : 61.12.0.50 61.12.0.99  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B3B140A0-11BB-4CDE-AA76-031DE13EC4DA} | DhcpNameServer : 192.168.1.1 68.238.96.12  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{03765EC4-1691-4D77-81D0-137949147D93} | DhcpNameServer : 61.12.0.50 61.12.0.99  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B3B140A0-11BB-4CDE-AA76-031DE13EC4DA} | DhcpNameServer : 192.168.1.1 68.238.96.12  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3832023844-2766403604-2622685999-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3832023844-2766403604-2622685999-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3832023844-2766403604-2622685999-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3832023844-2766403604-2622685999-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3832023844-2766403604-2622685999-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3832023844-2766403604-2622685999-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BPVT-24HXZT3 +++++
--- User ---
[MBR] 48fe2b803d522e2d0fc0d2ce60c63280
[BSP] 9e69e9df758e16a0edcb629c935a5877 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Moo (administrator) on KKDOINGWORK on 18-07-2014 08:22:37
Running from C:\Users\Moo\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope {A7E06035-F34D-49EE-A7C7-958E50F18486} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM - {A7E06035-F34D-49EE-A7C7-958E50F18486} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {A7E06035-F34D-49EE-A7C7-958E50F18486} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {A7E06035-F34D-49EE-A7C7-958E50F18486} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {A7E06035-F34D-49EE-A7C7-958E50F18486} URL =
SearchScopes: HKCU - {A7E06035-F34D-49EE-A7C7-958E50F18486} URL =
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.24.0.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.96.12

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File

==================== Services (Whitelisted) =================

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-17] (Broadcom Corporation.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-07-16] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware1\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware1\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-17] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2014-02-24] (Intel Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2014-05-18] (Razer Inc)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows ® Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)
S3 btwampfl; \??\C:\windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 vm332avs; \SystemRoot\System32\Drivers\vm332avs.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498
C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB
C:\Windows\System32\drivers\ACPI.sys A3BDA4D1186C8F47FA1BC8E91F197537
C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C
C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2
C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43
C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8
C:\Windows\System32\drivers\AcpiVpc.sys 3B42D95D20CD2AACDB0564471AE43ED7
C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F
C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72
C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75
C:\Windows\system32\drivers\afd.sys 9E975BDC89C83900B2C534C4E1B018F8
C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9
C:\Windows\System32\drivers\amdk8.sys FB88D16B55F788EEB7590584FE2D8F1A
C:\Windows\System32\drivers\amdppm.sys 81402FF3373CE4DF77D5C874E369A985
C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304
C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164
C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7
C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233
C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7
C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644
C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A
C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9
C:\Windows\System32\drivers\bxvbda.sys 45C6EC94DE3D466B4B452EA0E3870321
C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334
C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606
C:\Windows\system32\drivers\bcbtums.sys BAA00D80B2CFADFFAC8E552D06D4A1A2
C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183
C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E
C:\Windows\System32\drivers\BthAvrcpTg.sys 351075A2ADDF86F5C4BA10CA27E8973D
C:\Windows\system32\DRIVERS\BthEnum.sys 20BACDB113A0195EA5DCB8F3A660BD9A
C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4
C:\Windows\System32\drivers\BthHFHid.sys 531D83EA26C5FFAA79F0A1DC3B0698CF
C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C
C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97
C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957
C:\Windows\System32\Drivers\BTHport.sys 8BD82AE3B077665AFDFAEA6ED5B3937F
C:\Windows\System32\Drivers\BTHUSB.sys 100E21C77568CF4CB7817A2BC3F91B98
C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772
C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE
C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E
C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3
C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313
C:\Windows\System32\Drivers\cng.sys 1894FD2D5966A81D3B07A7C4D8724D59
C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92
C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D
C:\Windows\System32\drivers\dam.sys E8A676D196E9A4DED7A6C74DEA90FA4E
C:\Windows\System32\Drivers\dfsc.sys 09D9EB9E7898F8E6561473A20CC808B9
C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0
C:\Windows\System32\drivers\disk.sys 560495FF4CA22E1D9B1972FA18F43B6F
C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A
C:\Windows\system32\drivers\drmkaud.sys 013C53A30F896F00C563FD53E695AEF4
C:\Windows\System32\drivers\dxgkrnl.sys C58425E4F1E115BB271FBF3FC348AB11
C:\Windows\system32\DRIVERS\e1i63x64.sys 651FBD69A9713D623D456A240F96179C
C:\Windows\System32\drivers\evbda.sys C815C4FAE6A816DFB58975F3D0396692
C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098
C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2
C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B
C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03
C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282
C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4
C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397
C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02
C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D
C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D
C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705
C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8
C:\Windows\System32\DRIVERS\fvevol.sys 79E687A2829B9EBDF488F78260651094
C:\Windows\System32\drivers\fxppm.sys 3EF3FCCC0E70EEC5C2AD996F32BBA642
C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D
C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541
C:\Windows\System32\Drivers\msgpioclx.sys A1F17108F3ED752D2614D767792327C5
C:\Windows\system32\drivers\HdAudio.sys 9FC1F11D4D19F61DFE5CC878B4557D3A
C:\Windows\System32\drivers\HDAudBus.sys 8D6810577E9C4F56DCB8E9BACAC7287B
C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C
C:\Windows\System32\drivers\hidbth.sys A25BAE8C1F2830C8E5625EC7E4E968BE
C:\Windows\System32\drivers\hidi2c.sys AC0526C4E3A7954F750B8F8D95EFB340
C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06
C:\Windows\System32\drivers\hidusb.sys 590B6F71BCDA4368B4BF7D8DF22B60F7
C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF
C:\Windows\System32\drivers\HTTP.sys 47DBBF38E00C3F7404B71F6509241EF1
C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94
C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27
C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C
C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3
C:\Windows\System32\drivers\iaStorA.sys 0FE66A51D81A25AACEAAE4C26308121D
C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62
C:\Windows\system32\DRIVERS\igdkmd64.sys C38AFE18A40ADF005647090DD3AC24F3
C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320
C:\Windows\system32\drivers\RTKVHD64.sys DDC860724AEF8F8E42AC61E6585769C6
C:\Windows\system32\DRIVERS\IntcDAud.sys 890144FA6AB42F2B54EE633BF96A019A
C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24
C:\Windows\System32\drivers\intelppm.sys F9E126AA767E2E6E3128434A43C9F713
C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9
C:\Windows\System32\drivers\IPMIDrv.sys 6E98A046A12AA113F8898AA5D612BD6E
C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02
C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C
C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2
C:\Windows\System32\drivers\msiscsi.sys F5F0DE1B7F256997501EECECE9648108
C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21
C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6
C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87
C:\Windows\System32\Drivers\ksecdd.sys A4751040DB14E30E61A4E47481C77274
C:\Windows\System32\Drivers\ksecpkg.sys E427D299CFE267A2465D3AAF81440ED9
C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0
C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC
C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2
C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F
C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC
C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F
C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368
C:\windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60
C:\windows\system32\drivers\mwac.sys 0664F6335F108F38FE08C3CA747311EE
C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C
C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0
C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B
C:\Windows\system32\DRIVERS\monitor.sys 83EB0BF7E6EBD5B1AAC97F9DBD5EB935
C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E
C:\Windows\System32\drivers\mouhid.sys CB2527B8B87D83E56FBF3944BBB6F606
C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD
C:\Windows\System32\drivers\mpsdrv.sys 36BF4D86F166ACBC14F0B8B8F90CBCEA
C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC
C:\Windows\System32\DRIVERS\mrxsmb.sys 1EEAA5A62E8C49DDF58798F06F78BFFA
C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3
C:\Windows\System32\DRIVERS\mrxsmb20.sys BFBE1EA55ECC15733933D429E384BCA4
C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13
C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2
C:\Windows\System32\drivers\msgpiowin32.sys 62435ABF8D6199659D451DFBC94E773C
C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40
C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E
C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C
C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD
C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604
C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641
C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269
C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84
C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E
C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1
C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001
C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A
C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664
C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479
C:\Windows\System32\drivers\ndis.sys EAB473DFB958489D3145FE4DD5F5E77B
C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440
C:\Windows\system32\DRIVERS\ndistapi.sys 8757D4A9701F9F4B59978839F46C32A7
C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\System32\Drivers\NDProxy.sys FC891984160AAD8D3F047888C6BF1467
C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770
C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A
C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11
C:\Windows\system32\DRIVERS\NETwew00.sys 4E28478C4CE7A0258BAE7127F8CE1AD6
C:\Windows\system32\DRIVERS\NETwNs64.sys 57B9C04D673F236D41FAB03842C8640B
C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4
C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1
C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947
C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0
C:\Windows\System32\Drivers\Ntfs.sys 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD
C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D
C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2
C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9
C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036
C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766
C:\Windows\System32\drivers\partmgr.sys C1D7BA7F0DE487DFEEB51BF8D3EC5562
C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2
C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837
C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269
C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27
C:\Windows\System32\drivers\pdc.sys 674B0AAFB88A04D313B032C623F6AC9A
C:\Windows\System32\drivers\peauth.sys 70DBB6A8B52B3830922F1C5789E1BEEB
C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD
C:\Windows\System32\drivers\processr.sys 8DA167F8967AB35A2487095CB1B879A0
C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF
C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E
C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F
C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA
C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE
C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042
C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4
C:\Windows\System32\DRIVERS\rdbss.sys B72C33DBD5326B3864CF2091AF8B906B
C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68
C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3
C:\Windows\System32\drivers\rdpvideominiport.sys 3B4F32CA8B37584ECF98BCE136E38B96
C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151
C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4
C:\Windows\system32\DRIVERS\rfcomm.sys 17EF582CBC4809F96B9E6D0543480763
C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF
C:\Windows\System32\Drivers\RtsUVStor.sys 8EB6DCEB7473C232D8BC9A886E3183AC
C:\Windows\system32\DRIVERS\Rt630x64.sys 7D9DA8EC6784A9EE213C676709D46BE6
C:\Windows\System32\drivers\rzendpt.sys B6105E2B2F81D8CBA5A5E005F97EA4F5
C:\Windows\System32\drivers\rzudd.sys D30A8C2D23A7AB6664028A9C72E1809E
C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A
C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92
C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E
C:\Windows\System32\drivers\sdbus.sys 6D3A4C1E3E809C02476B32ACB68C1707
C:\Windows\System32\drivers\sdstor.sys 6BF842A03DAA25CBBA9A585E25731E06
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C
C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD
C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6
C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB
C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1
C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2
C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 4A2972573225A2DE4DEC0AD68529DF0F
C:\Windows\System32\drivers\spaceport.sys 465F3C355CE5ED2779B8F460F14C5A78
C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202
C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6
C:\Windows\System32\DRIVERS\srv2.sys 0DE224F7B8041B17AA53D00327A86396
C:\Windows\System32\DRIVERS\srvnet.sys 9400C71F5A1A380B494B6922F007D485
C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7
C:\Windows\System32\drivers\storahci.sys C588BBD37B432CE3204E5765B459E6B2
C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2
C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59
C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9
C:\Windows\system32\DRIVERS\SynTP.sys 157DFCD1E83E964A5074742AE2DFA0C1
C:\Windows\System32\drivers\tcpip.sys AF6A8D27FCABFF85DDC1D4599582B4FE
C:\Windows\system32\DRIVERS\tcpip.sys AF6A8D27FCABFF85DDC1D4599582B4FE
C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989
C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7
C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4
C:\Windows\system32\drivers\tpm.sys 151BD0387B1B320CC9AACE6DB071803B
C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3
C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513
C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740
C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A
C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026
C:\Windows\System32\drivers\ucx01000.sys AA48AEC5CEB2AA8ED1B1A5758B017F72
C:\Windows\System32\DRIVERS\udfs.sys DC5A461591C71AF7F19DC048A81E3F88
C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A
C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860
C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09
C:\Windows\System32\drivers\usb3Hub.sys 30F02F642C2D141CAABD412B48A29D76
C:\Windows\System32\drivers\usbccgp.sys 2AF9F0E16D75B8F783A1ACE74EF51C9B
C:\Windows\System32\drivers\usbcir.sys B395B62B62F28106218FA6FB17F4C797
C:\Windows\System32\drivers\usbehci.sys 742BAFBB51C5B7811098ADE8C7EF5534
C:\Windows\System32\drivers\usbhub.sys 566A32B2054C8E5360DB7839F64D0F58
C:\Windows\System32\drivers\UsbHub3.sys 12EAB6FB15B572D9C6D9FFC33F87EC3F
C:\Windows\System32\drivers\usbohci.sys F656F5D696A921DA67E98CF9C2BEDA20
C:\Windows\System32\drivers\usbprint.sys BA3ABE0CD1C14B3295BAD0F076B84CAC
C:\Windows\System32\drivers\USBSTOR.SYS F77177F6C95B2116EE7AD23B5EF57007
C:\Windows\System32\drivers\usbuhci.sys 1BBB5F562E80CF9E2F1587150FE3216E
C:\Windows\System32\Drivers\usbvideo.sys 75357960FD491E12416342CA12975FDA
C:\Windows\System32\drivers\USBXHCI.SYS 8ABF3C3ED6BF5ED15DC947795FF6ACAC
C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8
C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE
C:\Windows\System32\drivers\vhdmp.sys 8628FA679F0EC4B709CCD1F6B6A3233B
C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D
C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0
C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91
C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18
C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824
C:\Windows\System32\drivers\volsnap.sys 2FB3CDFD5EAF4CD9D4AFAF96877D13AE
C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D
C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353
C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC
C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611
C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F
C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86
C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9
C:\Windows\system32\DRIVERS\wanarp.sys B69492CBD928534160594A7B33602575
C:\Windows\system32\DRIVERS\wanarp.sys B69492CBD928534160594A7B33602575
C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB
C:\Windows\system32\drivers\WdBoot.sys 260F8DFC4D5748F4CCB9B19CFB0E58EA
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\system32\drivers\WdFilter.sys 880FFFC4D5BBBB4187B6B04AB2E8C32A
C:\Windows\System32\DRIVERS\wfplwfs.sys FE762D3498719C3A23471BBA62F747B4
C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60
C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084
C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3
C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6
C:\Windows\system32\drivers\ws2ifsl.sys 58D492F986EC519ECDD54D93618758F8
C:\Windows\system32\DRIVERS\wsvd.sys 72B4E9DF6456C43C42A1419B09486045
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\drivers\XHCIPort.sys 6FDEE5E0741A3FFA5E5772C6C94E3F64

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-18 08:22 - 2014-07-18 08:22 - 00029805 _____ () C:\Users\Moo\Desktop\FRST.txt
2014-07-18 08:21 - 2014-07-18 08:22 - 00000000 ____D () C:\FRST
2014-07-18 08:20 - 2014-07-18 08:20 - 02086912 _____ (Farbar) C:\Users\Moo\Desktop\FRST64.exe
2014-07-18 07:28 - 2014-07-18 07:28 - 05336664 _____ () C:\Users\Moo\Desktop\RogueKillerX64.exe
2014-07-18 07:28 - 2014-07-18 07:28 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-18 07:28 - 2014-07-18 07:28 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-18 07:23 - 2014-07-18 07:23 - 00000117 _____ () C:\windows\system32\netcfg-1063656.txt
2014-07-18 07:06 - 2014-07-18 07:06 - 00000000 ____D () C:\Program Files\Synaptics
2014-07-18 07:05 - 2014-07-18 07:05 - 00000117 _____ () C:\windows\system32\netcfg-16339640.txt
2014-07-18 06:01 - 2014-07-18 06:01 - 00000117 _____ () C:\windows\system32\netcfg-12523937.txt
2014-07-18 06:01 - 2014-07-18 06:01 - 00000117 _____ () C:\windows\system32\netcfg-12482000.txt
2014-07-18 03:57 - 2014-07-18 03:57 - 00000131 _____ () C:\windows\system32\netcfg-5038406.txt
2014-07-18 03:55 - 2014-07-18 03:56 - 00000156 _____ () C:\windows\system32\netcfg-4961609.txt
2014-07-18 03:54 - 2014-07-18 03:55 - 00000156 _____ () C:\windows\system32\netcfg-4871796.txt
2014-07-18 03:51 - 2014-07-18 03:51 - 00000117 _____ () C:\windows\system32\netcfg-4676937.txt
2014-07-18 03:49 - 2014-07-18 03:49 - 00000131 _____ () C:\windows\system32\netcfg-4559828.txt
2014-07-18 03:48 - 2014-07-18 03:49 - 00000156 _____ () C:\windows\system32\netcfg-4542812.txt
2014-07-18 03:48 - 2014-07-18 03:48 - 00000117 _____ () C:\windows\system32\netcfg-4502640.txt
2014-07-18 03:31 - 2014-07-18 03:31 - 00000131 _____ () C:\windows\system32\netcfg-3512531.txt
2014-07-18 02:33 - 2014-07-18 02:33 - 00000117 _____ () C:\windows\system32\netcfg-26156.txt
2014-07-18 02:32 - 2014-07-18 02:32 - 00000117 _____ () C:\windows\system32\netcfg-9978859.txt
2014-07-18 02:28 - 2014-07-18 02:28 - 00000117 _____ () C:\windows\system32\netcfg-9721750.txt
2014-07-18 02:27 - 2014-07-18 02:27 - 00001100 _____ () C:\windows\system32\netcfg-9628781.txt
2014-07-18 02:27 - 2014-07-18 02:27 - 00000161 _____ () C:\windows\system32\netcfg-9629765.txt
2014-07-18 02:27 - 2014-07-18 02:27 - 00000117 _____ () C:\windows\system32\netcfg-9659890.txt
2014-07-18 02:26 - 2014-07-18 02:26 - 00000139 _____ () C:\windows\system32\netcfg-9583906.txt
2014-07-18 02:07 - 2014-07-18 02:07 - 00000117 _____ () C:\windows\system32\netcfg-8477203.txt
2014-07-18 02:07 - 2014-07-18 02:07 - 00000117 _____ () C:\windows\system32\netcfg-8465515.txt
2014-07-18 00:57 - 2014-07-18 00:57 - 00000117 _____ () C:\windows\system32\netcfg-4231484.txt
2014-07-18 00:56 - 2014-07-18 00:56 - 00000117 _____ () C:\windows\system32\netcfg-4166750.txt
2014-07-18 00:45 - 2014-07-18 00:45 - 00000117 _____ () C:\windows\system32\netcfg-3563531.txt
2014-07-18 00:45 - 2014-07-18 00:45 - 00000117 _____ () C:\windows\system32\netcfg-3563500.txt
2014-07-18 00:45 - 2014-07-18 00:45 - 00000117 _____ () C:\windows\system32\netcfg-3563453.txt
2014-07-18 00:41 - 2014-07-18 00:41 - 00000139 _____ () C:\windows\system32\netcfg-3270625.txt
2014-07-17 23:45 - 2014-07-17 23:45 - 00000117 _____ () C:\windows\system32\netcfg-71702718.txt
2014-07-17 23:25 - 2014-07-17 23:25 - 00000117 _____ () C:\windows\system32\netcfg-70447796.txt
2014-07-17 23:24 - 2014-07-17 23:24 - 00000117 _____ () C:\windows\system32\netcfg-70418343.txt
2014-07-17 22:22 - 2014-07-17 22:22 - 00000117 _____ () C:\windows\system32\netcfg-66687390.txt
2014-07-17 22:22 - 2014-07-17 22:22 - 00000117 _____ () C:\windows\system32\netcfg-66687343.txt
2014-07-17 22:22 - 2014-07-17 22:22 - 00000117 _____ () C:\windows\system32\netcfg-66687296.txt
2014-07-17 12:53 - 2014-07-17 12:53 - 00000117 _____ () C:\windows\system32\netcfg-32559937.txt
2014-07-17 12:13 - 2014-07-17 12:13 - 00000117 _____ () C:\windows\system32\netcfg-30192343.txt
2014-07-17 12:13 - 2014-07-17 12:13 - 00000117 _____ () C:\windows\system32\netcfg-30167312.txt
2014-07-17 11:19 - 2014-07-17 11:19 - 00000131 _____ () C:\windows\system32\netcfg-26949375.txt
2014-07-17 09:11 - 2014-07-17 09:11 - 00000117 _____ () C:\windows\system32\netcfg-19244953.txt
2014-07-17 09:10 - 2014-07-17 09:10 - 00000117 _____ () C:\windows\system32\netcfg-19183140.txt
2014-07-17 05:01 - 2014-07-18 05:29 - 00007614 _____ () C:\Users\Moo\AppData\Local\Resmon.ResmonCfg
2014-07-17 04:36 - 2014-07-18 07:06 - 00000423 _____ () C:\windows\setupact.log
2014-07-17 04:36 - 2014-07-17 04:36 - 00000117 _____ () C:\windows\system32\netcfg-2770203.txt
2014-07-17 04:36 - 2014-07-17 04:36 - 00000000 _____ () C:\windows\setuperr.log
2014-07-17 04:35 - 2014-07-17 04:35 - 00000117 _____ () C:\windows\system32\netcfg-2708468.txt
2014-07-17 03:51 - 2014-07-17 03:51 - 00000117 _____ () C:\windows\system32\netcfg-24203.txt
2014-07-17 03:50 - 2014-07-17 03:50 - 00000117 _____ () C:\windows\system32\netcfg-13214812.txt
2014-07-17 03:35 - 2014-07-17 03:35 - 00000117 _____ () C:\windows\system32\netcfg-12333187.txt
2014-07-17 03:34 - 2014-07-17 03:34 - 00000117 _____ () C:\windows\system32\netcfg-12275593.txt
2014-07-17 01:33 - 2014-07-17 01:33 - 00000117 _____ () C:\windows\system32\netcfg-4987203.txt
2014-07-17 01:32 - 2014-07-17 01:32 - 00000117 _____ () C:\windows\system32\netcfg-4952953.txt
2014-07-17 00:51 - 2014-07-17 00:51 - 00000117 _____ () C:\windows\system32\netcfg-2458984.txt
2014-07-17 00:49 - 2014-07-17 00:50 - 00001095 _____ () C:\windows\system32\netcfg-2368593.txt
2014-07-16 23:52 - 2014-07-16 23:52 - 00110122 _____ () C:\Users\Moo\Desktop\OTL.Txt
2014-07-16 23:52 - 2014-07-16 23:52 - 00029342 _____ () C:\Users\Moo\Desktop\Extras.Txt
2014-07-16 23:49 - 2014-07-16 23:49 - 00000117 _____ () C:\windows\system32\netcfg-1375953.txt
2014-07-16 23:48 - 2014-07-16 23:48 - 00602112 _____ (OldTimer Tools) C:\Users\Moo\Desktop\OTL.exe
2014-07-16 23:42 - 2014-07-16 23:43 - 00000156 _____ () C:\windows\system32\netcfg-972484.txt
2014-07-16 23:41 - 2014-07-16 23:41 - 00000131 _____ () C:\windows\system32\netcfg-895562.txt
2014-07-16 23:33 - 2014-07-16 23:33 - 00000117 _____ () C:\windows\system32\netcfg-437921.txt
2014-07-16 22:47 - 2014-07-16 23:35 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 22:43 - 2014-07-16 22:47 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-16 22:43 - 2014-07-16 22:43 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 22:43 - 2014-07-16 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 22:43 - 2014-07-16 22:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware1
2014-07-16 22:43 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-16 22:43 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-16 20:59 - 2014-07-16 21:25 - 00000696 _____ () C:\windows\PFRO.log
2014-07-16 20:20 - 2014-07-16 23:26 - 00000000 ____D () C:\windows\pss
2014-07-16 18:14 - 2014-07-16 20:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-16 18:14 - 2014-07-16 18:14 - 00000117 _____ () C:\windows\system32\netcfg-3676406.txt
2014-07-16 18:14 - 2014-07-16 18:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 17:15 - 2014-07-16 17:15 - 00000117 _____ () C:\windows\system32\netcfg-104328.txt
2014-07-16 17:14 - 2014-07-16 17:14 - 00001445 _____ () C:\Users\Moo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-16 17:09 - 2014-07-16 17:10 - 00000000 ____D () C:\Users\Moo\Documents\WPA Files
2014-07-16 17:09 - 2014-07-16 17:09 - 00000000 ____D () C:\Users\Moo\AppData\Local\Windows Performance Analyzer
2014-07-16 17:08 - 2014-07-16 17:08 - 00000117 _____ () C:\windows\system32\netcfg-6805640.txt
2014-07-16 16:09 - 2014-07-16 16:09 - 00000117 _____ () C:\windows\system32\netcfg-3291421.txt
2014-07-16 16:09 - 2014-07-16 16:09 - 00000117 _____ () C:\windows\system32\netcfg-3281875.txt
2014-07-16 15:24 - 2014-07-18 01:45 - 00034874 _____ () C:\windows\DirectX.log
2014-07-16 15:16 - 2014-07-16 15:16 - 00000117 _____ () C:\windows\system32\netcfg-118828.txt
2014-07-16 15:14 - 2014-07-16 15:14 - 00000117 _____ () C:\windows\system32\netcfg-472125.txt
2014-07-16 15:09 - 2014-07-16 15:09 - 00000117 _____ () C:\windows\system32\netcfg-160000.txt
2014-07-16 15:06 - 2014-07-16 15:06 - 00000117 _____ () C:\windows\system32\netcfg-2858343.txt
2014-07-16 14:59 - 2014-07-16 14:59 - 00000117 _____ () C:\windows\system32\netcfg-2436812.txt
2014-07-16 14:57 - 2014-07-16 14:57 - 00000000 ____D () C:\Users\Moo\Documents\WPR Files
2014-07-16 14:56 - 2014-07-16 14:56 - 00000000 ____D () C:\ProgramData\WindowsPerformanceRecorder
2014-07-16 14:45 - 2014-07-16 14:45 - 00000117 _____ () C:\windows\system32\netcfg-1588562.txt
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\Program Files\Application Verifier
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-07-16 14:42 - 2014-07-16 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-07-16 14:41 - 2014-07-16 14:41 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-07-16 14:38 - 2014-07-16 14:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-16 14:19 - 2014-07-16 14:19 - 00000117 _____ () C:\windows\system32\netcfg-31625.txt
2014-07-16 14:18 - 2014-07-16 14:18 - 00000117 _____ () C:\windows\system32\netcfg-173343.txt
2014-07-16 14:16 - 2014-07-16 14:16 - 00000117 _____ () C:\windows\system32\netcfg-28421.txt
2014-07-16 14:15 - 2014-07-16 14:16 - 00305896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-16 14:15 - 2014-07-16 14:15 - 00000117 _____ () C:\windows\system32\netcfg-6161187.txt
2014-07-16 14:10 - 2014-07-16 22:11 - 00026585 _____ () C:\windows\WindowsUpdate.log
2014-07-16 13:16 - 2014-07-16 13:16 - 00001095 _____ () C:\windows\system32\netcfg-2602125.txt
2014-07-16 13:15 - 2014-07-16 13:15 - 00000156 _____ () C:\windows\system32\netcfg-2552328.txt
2014-07-16 13:14 - 2014-07-16 13:14 - 00000117 _____ () C:\windows\system32\netcfg-2505843.txt
2014-07-16 13:14 - 2014-07-16 13:14 - 00000117 _____ () C:\windows\system32\netcfg-2502109.txt
2014-07-16 13:13 - 2014-07-16 13:13 - 00000131 _____ () C:\windows\system32\netcfg-2413296.txt
2014-07-16 12:33 - 2014-07-16 12:33 - 00000117 _____ () C:\windows\system32\netcfg-32781.txt
2014-07-16 12:32 - 2014-07-16 12:32 - 00000117 _____ () C:\windows\system32\netcfg-15459328.txt
2014-07-16 12:23 - 2014-07-18 07:18 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3832023844-2766403604-2622685999-1001
2014-07-16 12:20 - 2014-07-16 12:20 - 00000000 ____H () C:\Users\Moo\Documents\Default.rdp
2014-07-16 12:20 - 2014-07-16 12:20 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\WebApp
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\Documents\Lenovo
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\Documents\CyberLink
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Lenovo
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\CyberLink
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\AppData\Local\Cyberlink
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-16 11:53 - 2014-07-16 11:53 - 00000117 _____ () C:\windows\system32\netcfg-13119093.txt
2014-07-16 11:53 - 2014-07-16 11:53 - 00000117 _____ () C:\windows\system32\netcfg-13117375.txt
2014-07-16 08:15 - 2014-07-16 08:15 - 00000117 _____ () C:\windows\system32\netcfg-29171.txt
2014-07-16 08:14 - 2014-07-16 08:14 - 00000117 _____ () C:\windows\system32\netcfg-14688765.txt
2014-07-16 08:11 - 2014-07-16 08:11 - 00000117 _____ () C:\windows\system32\netcfg-14489265.txt
2014-07-16 08:10 - 2014-07-16 08:10 - 00000117 _____ () C:\windows\system32\netcfg-14458687.txt
2014-07-16 08:10 - 2014-07-16 08:10 - 00000117 _____ () C:\windows\system32\netcfg-14455437.txt
2014-07-16 08:07 - 2014-07-16 08:07 - 00000117 _____ () C:\windows\system32\netcfg-14254750.txt
2014-07-16 08:07 - 2014-07-16 08:07 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Intel WiDi
2014-07-16 08:07 - 2014-07-16 08:07 - 00000000 ____D () C:\Users\Komp\AppData\Local\Intel WiDi
2014-07-16 08:07 - 2014-07-16 08:07 - 00000000 ____D () C:\Users\Komp\AppData\Local\Intel
2014-07-16 07:45 - 2014-07-16 07:45 - 00000117 _____ () C:\windows\system32\netcfg-12935359.txt
2014-07-16 07:44 - 2014-07-16 07:44 - 00000117 _____ () C:\windows\system32\netcfg-12894421.txt
2014-07-16 04:42 - 2014-07-16 04:42 - 00000117 _____ () C:\windows\system32\netcfg-1940828.txt
2014-07-16 04:41 - 2014-07-16 04:41 - 00000117 _____ () C:\windows\system32\netcfg-1879062.txt
2014-07-16 04:19 - 2014-07-16 19:20 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3832023844-2766403604-2622685999-1002
2014-07-16 04:15 - 2014-07-16 04:15 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 04:10 - 2014-07-16 04:10 - 00000117 _____ () C:\windows\system32\netcfg-43046.txt
2014-07-16 04:09 - 2014-07-16 04:09 - 00000117 _____ () C:\windows\system32\netcfg-3056453.txt
2014-07-16 03:19 - 2014-07-16 03:19 - 00000117 _____ () C:\windows\system32\netcfg-40234.txt
2014-07-16 03:18 - 2014-07-16 03:18 - 00000117 _____ () C:\windows\system32\netcfg-6441140.txt
2014-07-16 03:10 - 2014-07-16 03:10 - 00000117 _____ () C:\windows\system32\netcfg-5971171.txt
2014-07-16 03:09 - 2014-07-16 03:09 - 00000117 _____ () C:\windows\system32\netcfg-5909375.txt
2014-07-16 02:14 - 2014-07-16 02:14 - 00000117 _____ () C:\windows\system32\netcfg-2579031.txt
2014-07-16 02:05 - 2014-07-16 02:05 - 00000117 _____ () C:\windows\system32\netcfg-2080656.txt
2014-07-16 01:48 - 2014-07-17 10:13 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Notepad++
2014-07-16 01:47 - 2014-07-16 02:13 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Notepad++
2014-07-16 01:47 - 2014-07-16 02:13 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-07-16 01:41 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2014-07-16 01:41 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2014-07-16 01:41 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2014-07-16 01:41 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2014-07-16 01:41 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2014-07-16 01:41 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-07-16 01:41 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll
2014-07-16 01:41 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2014-07-16 01:41 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2014-07-16 01:41 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll
2014-07-16 01:41 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2014-07-16 01:41 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2014-07-16 01:41 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2014-07-16 01:41 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2014-07-16 01:41 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2014-07-16 01:41 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2014-07-16 01:41 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2014-07-16 01:41 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2014-07-16 01:41 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2014-07-16 01:41 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2014-07-16 01:41 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2014-07-16 01:41 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2014-07-16 01:41 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2014-07-16 01:41 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2014-07-16 01:41 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_41.dll
2014-07-16 01:41 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2014-07-16 01:41 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_41.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2014-07-16 01:41 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2014-07-16 01:41 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2014-07-16 01:41 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2014-07-16 01:41 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2014-07-16 01:41 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2014-07-16 01:41 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll
2014-07-16 01:41 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll
2014-07-16 01:41 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2014-07-16 01:41 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2014-07-16 01:41 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2014-07-16 01:41 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2014-07-16 01:41 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2014-07-16 01:41 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2014-07-16 01:41 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2014-07-16 01:41 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2014-07-16 01:41 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2014-07-16 01:41 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2014-07-16 01:41 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2014-07-16 01:41 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2014-07-16 01:41 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2014-07-16 01:41 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2014-07-16 01:41 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2014-07-16 01:41 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2014-07-16 01:41 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2014-07-16 01:41 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2014-07-16 01:41 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2014-07-16 01:41 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2014-07-16 01:41 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2014-07-16 01:41 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2014-07-16 01:41 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2014-07-16 01:41 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2014-07-16 01:41 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2014-07-16 01:41 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2014-07-16 01:41 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2014-07-16 01:41 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2014-07-16 01:41 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2014-07-16 01:41 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2014-07-16 01:41 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2014-07-16 01:41 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2014-07-16 01:41 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2014-07-16 01:41 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2014-07-16 01:41 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2014-07-16 01:41 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2014-07-16 01:41 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2014-07-16 01:41 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2014-07-16 01:41 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2014-07-16 01:41 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2014-07-16 01:41 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2014-07-16 01:41 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2014-07-16 01:41 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2014-07-16 01:41 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2014-07-16 01:41 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2014-07-16 01:41 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2014-07-16 01:41 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2014-07-16 01:41 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2014-07-16 01:41 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2014-07-16 01:41 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2014-07-16 01:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2014-07-16 01:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2014-07-16 01:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2014-07-16 01:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2014-07-16 01:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2014-07-16 01:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2014-07-16 01:41 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2014-07-16 01:41 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2014-07-16 01:41 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2014-07-16 01:41 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2014-07-16 01:41 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2014-07-16 01:41 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2014-07-16 01:41 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2014-07-16 01:41 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2014-07-16 01:41 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2014-07-16 01:41 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2014-07-16 01:40 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2014-07-16 01:40 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2014-07-16 01:40 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2014-07-16 01:40 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2014-07-16 01:40 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2014-07-16 01:40 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2014-07-16 01:40 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2014-07-16 01:40 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2014-07-16 01:40 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2014-07-16 01:40 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2014-07-16 01:40 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2014-07-16 01:40 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2014-07-16 01:40 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2014-07-16 01:40 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2014-07-16 01:40 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2014-07-16 01:40 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2014-07-16 01:40 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2014-07-16 01:40 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2014-07-16 01:40 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2014-07-16 01:40 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2014-07-16 01:40 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2014-07-16 01:40 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2014-07-16 01:40 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2014-07-16 01:40 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2014-07-16 01:40 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2014-07-16 01:40 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2014-07-16 01:40 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2014-07-16 01:40 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2014-07-16 01:40 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2014-07-16 01:40 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2014-07-16 01:40 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
2014-07-16 01:40 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll
2014-07-16 01:40 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
2014-07-16 01:40 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll
2014-07-16 01:40 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2014-07-16 01:40 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2014-07-16 01:40 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2014-07-16 01:40 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2014-07-16 01:40 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
2014-07-16 01:40 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll
2014-07-16 01:40 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2014-07-16 01:40 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2014-07-16 01:40 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2014-07-16 01:40 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2014-07-16 01:40 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2014-07-16 01:40 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2014-07-16 01:40 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2014-07-16 01:40 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2014-07-16 01:40 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2014-07-16 01:40 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2014-07-16 01:32 - 2014-07-16 01:32 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-16 01:32 - 2014-07-16 01:32 - 00000000 ____D () C:\Users\Komp\AppData\Local\Razer
2014-07-16 01:31 - 2014-07-16 01:31 - 00000117 _____ () C:\windows\system32\netcfg-32515.txt
2014-07-16 01:30 - 2014-07-16 01:30 - 00000117 _____ () C:\windows\system32\netcfg-1650765.txt
2014-07-16 01:28 - 2014-07-16 01:30 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-07-16 01:28 - 2014-07-16 01:28 - 00000000 ____D () C:\Users\Moo\AppData\Local\Razer
2014-07-16 01:28 - 2014-07-16 01:28 - 00000000 ____D () C:\ProgramData\Razer
2014-07-16 01:28 - 2014-07-16 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-07-16 01:21 - 2014-07-16 01:21 - 00000117 _____ () C:\windows\system32\netcfg-1097828.txt
2014-07-16 01:04 - 2014-07-16 01:04 - 00000451 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-16 01:02 - 2014-07-16 01:02 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2014-07-16 01:02 - 2014-07-16 01:02 - 00000704 _____ () C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2014-07-16 00:59 - 2014-07-16 00:59 - 00000117 _____ () C:\windows\system32\netcfg-2475546.txt
2014-07-16 00:55 - 2014-07-16 00:55 - 00000348 _____ () C:\windows\system32\netcfg-2208203.txt
2014-07-16 00:55 - 2014-07-16 00:55 - 00000117 _____ () C:\windows\system32\netcfg-2214062.txt
2014-07-16 00:55 - 2014-07-16 00:55 - 00000117 _____ () C:\windows\system32\netcfg-2207203.txt
2014-07-16 00:50 - 2014-07-16 00:50 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-16 00:37 - 2014-07-16 00:37 - 00000117 _____ () C:\windows\system32\netcfg-1145437.txt
2014-07-16 00:13 - 2014-07-16 00:13 - 00000117 _____ () C:\windows\system32\netcfg-985593.txt
2014-07-16 00:09 - 2014-07-16 00:09 - 00000117 _____ () C:\windows\system32\netcfg-746625.txt
2014-07-16 00:02 - 2014-07-16 00:02 - 00000117 _____ () C:\windows\system32\netcfg-290921.txt
2014-07-16 00:01 - 2014-07-16 00:01 - 00000117 _____ () C:\windows\system32\netcfg-273406.txt
2014-07-15 23:43 - 2014-07-15 23:43 - 00000117 _____ () C:\windows\system32\netcfg-7320046.txt
2014-07-15 23:42 - 2014-07-15 23:42 - 00001139 _____ () C:\windows\system32\netcfg-7265578.txt
2014-07-15 23:42 - 2014-07-15 23:42 - 00000117 _____ () C:\windows\system32\netcfg-7266093.txt
2014-07-15 23:42 - 2014-07-15 23:42 - 00000000 ____D () C:\Users\Moo\Documents\Bluetooth Exchange Folder
2014-07-15 23:15 - 2014-07-15 23:15 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Nitro PDF
2014-07-15 22:55 - 2014-07-15 22:55 - 00000117 _____ () C:\windows\system32\netcfg-4457921.txt
2014-07-15 22:45 - 2014-07-15 22:45 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Macromedia
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Intel
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Adobe
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo\AppData\Local\VirtualStore
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\ProgramData\eBay
2014-07-15 22:41 - 2014-07-15 22:41 - 00262144 _____ () C:\windows\system32\config\userdiff
2014-07-15 22:18 - 2014-07-15 22:18 - 00000000 ___HD () C:\$SysReset
2014-07-15 21:58 - 2014-07-15 21:58 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-15 21:52 - 2014-07-18 06:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-15 21:52 - 2014-07-15 21:52 - 00000978 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-15 21:52 - 2014-07-15 21:52 - 00000020 ___SH () C:\Users\Moo\ntuser.ini
2014-07-15 21:52 - 2014-07-15 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-15 21:51 - 2014-07-15 21:51 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Macromedia
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-537812.txt
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-534390.txt
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-534375.txt
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-532921.txt
2014-07-15 21:49 - 2014-07-15 21:49 - 00000000 ____D () C:\Users\Komp\AppData\Local\Broadcom
2014-07-15 21:48 - 2014-07-15 22:43 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-07-15 21:47 - 2014-07-15 21:47 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Adobe
2014-07-15 21:45 - 2014-07-15 21:45 - 00000020 ___SH () C:\Users\Komp\ntuser.ini
2014-07-15 21:45 - 2014-07-15 21:45 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Intel
2014-07-15 21:45 - 2014-07-15 21:45 - 00000000 ____D () C:\Users\Komp\AppData\Local\VirtualStore
2014-07-15 21:44 - 2014-07-15 21:44 - 00000608 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2014-07-15 21:43 - 2014-07-16 17:08 - 00000000 ____D () C:\Users\Komp
2014-07-15 21:43 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo
2014-07-15 21:43 - 2014-07-15 21:43 - 00020958 _____ () C:\windows\diagwrn.xml
2014-07-15 21:43 - 2014-07-15 21:43 - 00020958 _____ () C:\windows\diagerr.xml
2014-07-15 21:43 - 2014-07-15 21:43 - 00000117 _____ () C:\windows\system32\netcfg-95125.txt
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Moo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Moo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Moo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-15 21:43 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-13 02:31 - 2014-07-13 02:31 - 00010032 _____ () C:\Users\Komp\Desktop\cfgtarik.txt
2014-07-13 02:21 - 2014-07-13 02:36 - 00000587 _____ () C:\Users\Komp\Desktop\oldassCfg.txt
2014-07-08 13:21 - 2014-07-15 21:58 - 00000219 _____ () C:\Users\Komp\Desktop\Counter-Strike Global Offensive.url
2014-07-08 13:01 - 2014-07-16 00:32 - 00000000 ____D () C:\Users\Komp\AppData\Local\Packages
2014-07-08 12:51 - 2014-07-15 23:28 - 00000000 ____D () C:\Users\Moo\AppData\Local\Packages

==================== One Month Modified Files and Folders =======

2014-07-18 08:22 - 2014-07-18 08:22 - 00029805 _____ () C:\Users\Moo\Desktop\FRST.txt
2014-07-18 08:22 - 2014-07-18 08:21 - 00000000 ____D () C:\FRST
2014-07-18 08:20 - 2014-07-18 08:20 - 02086912 _____ (Farbar) C:\Users\Moo\Desktop\FRST64.exe
2014-07-18 08:02 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-18 07:28 - 2014-07-18 07:28 - 05336664 _____ () C:\Users\Moo\Desktop\RogueKillerX64.exe
2014-07-18 07:28 - 2014-07-18 07:28 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-18 07:28 - 2014-07-18 07:28 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-18 07:23 - 2014-07-18 07:23 - 00000117 _____ () C:\windows\system32\netcfg-1063656.txt
2014-07-18 07:18 - 2014-07-16 12:23 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3832023844-2766403604-2622685999-1001
2014-07-18 07:07 - 2012-09-24 18:34 - 00002982 _____ () C:\windows\System32\Tasks\Synaptics TouchPad Enhancements
2014-07-18 07:06 - 2014-07-18 07:06 - 00000000 ____D () C:\Program Files\Synaptics
2014-07-18 07:06 - 2014-07-17 04:36 - 00000423 _____ () C:\windows\setupact.log
2014-07-18 07:06 - 2012-07-26 00:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-18 07:05 - 2014-07-18 07:05 - 00000117 _____ () C:\windows\system32\netcfg-16339640.txt
2014-07-18 07:05 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-18 06:01 - 2014-07-18 06:01 - 00000117 _____ () C:\windows\system32\netcfg-12523937.txt
2014-07-18 06:01 - 2014-07-18 06:01 - 00000117 _____ () C:\windows\system32\netcfg-12482000.txt
2014-07-18 06:01 - 2014-07-15 21:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 05:29 - 2014-07-17 05:01 - 00007614 _____ () C:\Users\Moo\AppData\Local\Resmon.ResmonCfg
2014-07-18 03:57 - 2014-07-18 03:57 - 00000131 _____ () C:\windows\system32\netcfg-5038406.txt
2014-07-18 03:56 - 2014-07-18 03:55 - 00000156 _____ () C:\windows\system32\netcfg-4961609.txt
2014-07-18 03:55 - 2014-07-18 03:54 - 00000156 _____ () C:\windows\system32\netcfg-4871796.txt
2014-07-18 03:51 - 2014-07-18 03:51 - 00000117 _____ () C:\windows\system32\netcfg-4676937.txt
2014-07-18 03:49 - 2014-07-18 03:49 - 00000131 _____ () C:\windows\system32\netcfg-4559828.txt
2014-07-18 03:49 - 2014-07-18 03:48 - 00000156 _____ () C:\windows\system32\netcfg-4542812.txt
2014-07-18 03:48 - 2014-07-18 03:48 - 00000117 _____ () C:\windows\system32\netcfg-4502640.txt
2014-07-18 03:31 - 2014-07-18 03:31 - 00000131 _____ () C:\windows\system32\netcfg-3512531.txt
2014-07-18 03:26 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-18 03:26 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-07-18 02:37 - 2012-07-26 00:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-18 02:33 - 2014-07-18 02:33 - 00000117 _____ () C:\windows\system32\netcfg-26156.txt
2014-07-18 02:32 - 2014-07-18 02:32 - 00000117 _____ () C:\windows\system32\netcfg-9978859.txt
2014-07-18 02:28 - 2014-07-18 02:28 - 00000117 _____ () C:\windows\system32\netcfg-9721750.txt
2014-07-18 02:27 - 2014-07-18 02:27 - 00001100 _____ () C:\windows\system32\netcfg-9628781.txt
2014-07-18 02:27 - 2014-07-18 02:27 - 00000161 _____ () C:\windows\system32\netcfg-9629765.txt
2014-07-18 02:27 - 2014-07-18 02:27 - 00000117 _____ () C:\windows\system32\netcfg-9659890.txt
2014-07-18 02:26 - 2014-07-18 02:26 - 00000139 _____ () C:\windows\system32\netcfg-9583906.txt
2014-07-18 02:07 - 2014-07-18 02:07 - 00000117 _____ () C:\windows\system32\netcfg-8477203.txt
2014-07-18 02:07 - 2014-07-18 02:07 - 00000117 _____ () C:\windows\system32\netcfg-8465515.txt
2014-07-18 01:45 - 2014-07-16 15:24 - 00034874 _____ () C:\windows\DirectX.log
2014-07-18 00:57 - 2014-07-18 00:57 - 00000117 _____ () C:\windows\system32\netcfg-4231484.txt
2014-07-18 00:56 - 2014-07-18 00:56 - 00000117 _____ () C:\windows\system32\netcfg-4166750.txt
2014-07-18 00:45 - 2014-07-18 00:45 - 00000117 _____ () C:\windows\system32\netcfg-3563531.txt
2014-07-18 00:45 - 2014-07-18 00:45 - 00000117 _____ () C:\windows\system32\netcfg-3563500.txt
2014-07-18 00:45 - 2014-07-18 00:45 - 00000117 _____ () C:\windows\system32\netcfg-3563453.txt
2014-07-18 00:41 - 2014-07-18 00:41 - 00000139 _____ () C:\windows\system32\netcfg-3270625.txt
2014-07-17 23:45 - 2014-07-17 23:45 - 00000117 _____ () C:\windows\system32\netcfg-71702718.txt
2014-07-17 23:25 - 2014-07-17 23:25 - 00000117 _____ () C:\windows\system32\netcfg-70447796.txt
2014-07-17 23:24 - 2014-07-17 23:24 - 00000117 _____ () C:\windows\system32\netcfg-70418343.txt
2014-07-17 22:22 - 2014-07-17 22:22 - 00000117 _____ () C:\windows\system32\netcfg-66687390.txt
2014-07-17 22:22 - 2014-07-17 22:22 - 00000117 _____ () C:\windows\system32\netcfg-66687343.txt
2014-07-17 22:22 - 2014-07-17 22:22 - 00000117 _____ () C:\windows\system32\netcfg-66687296.txt
2014-07-17 12:53 - 2014-07-17 12:53 - 00000117 _____ () C:\windows\system32\netcfg-32559937.txt
2014-07-17 12:13 - 2014-07-17 12:13 - 00000117 _____ () C:\windows\system32\netcfg-30192343.txt
2014-07-17 12:13 - 2014-07-17 12:13 - 00000117 _____ () C:\windows\system32\netcfg-30167312.txt
2014-07-17 11:21 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\NDF
2014-07-17 11:19 - 2014-07-17 11:19 - 00000131 _____ () C:\windows\system32\netcfg-26949375.txt
2014-07-17 10:13 - 2014-07-16 01:48 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Notepad++
2014-07-17 09:11 - 2014-07-17 09:11 - 00000117 _____ () C:\windows\system32\netcfg-19244953.txt
2014-07-17 09:10 - 2014-07-17 09:10 - 00000117 _____ () C:\windows\system32\netcfg-19183140.txt
2014-07-17 04:36 - 2014-07-17 04:36 - 00000117 _____ () C:\windows\system32\netcfg-2770203.txt
2014-07-17 04:36 - 2014-07-17 04:36 - 00000000 _____ () C:\windows\setuperr.log
2014-07-17 04:35 - 2014-07-17 04:35 - 00000117 _____ () C:\windows\system32\netcfg-2708468.txt
2014-07-17 03:51 - 2014-07-17 03:51 - 00000117 _____ () C:\windows\system32\netcfg-24203.txt
2014-07-17 03:50 - 2014-07-17 03:50 - 00000117 _____ () C:\windows\system32\netcfg-13214812.txt
2014-07-17 03:35 - 2014-07-17 03:35 - 00000117 _____ () C:\windows\system32\netcfg-12333187.txt
2014-07-17 03:34 - 2014-07-17 03:34 - 00000117 _____ () C:\windows\system32\netcfg-12275593.txt
2014-07-17 01:33 - 2014-07-17 01:33 - 00000117 _____ () C:\windows\system32\netcfg-4987203.txt
2014-07-17 01:32 - 2014-07-17 01:32 - 00000117 _____ () C:\windows\system32\netcfg-4952953.txt
2014-07-17 00:51 - 2014-07-17 00:51 - 00000117 _____ () C:\windows\system32\netcfg-2458984.txt
2014-07-17 00:50 - 2014-07-17 00:49 - 00001095 _____ () C:\windows\system32\netcfg-2368593.txt
2014-07-17 00:35 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\rescache
2014-07-16 23:52 - 2014-07-16 23:52 - 00110122 _____ () C:\Users\Moo\Desktop\OTL.Txt
2014-07-16 23:52 - 2014-07-16 23:52 - 00029342 _____ () C:\Users\Moo\Desktop\Extras.Txt
2014-07-16 23:49 - 2014-07-16 23:49 - 00000117 _____ () C:\windows\system32\netcfg-1375953.txt
2014-07-16 23:48 - 2014-07-16 23:48 - 00602112 _____ (OldTimer Tools) C:\Users\Moo\Desktop\OTL.exe
2014-07-16 23:43 - 2014-07-16 23:42 - 00000156 _____ () C:\windows\system32\netcfg-972484.txt
2014-07-16 23:41 - 2014-07-16 23:41 - 00000131 _____ () C:\windows\system32\netcfg-895562.txt
2014-07-16 23:35 - 2014-07-16 22:47 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 23:33 - 2014-07-16 23:33 - 00000117 _____ () C:\windows\system32\netcfg-437921.txt
2014-07-16 23:26 - 2014-07-16 20:20 - 00000000 ____D () C:\windows\pss
2014-07-16 22:47 - 2014-07-16 22:43 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-16 22:43 - 2014-07-16 22:43 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 22:43 - 2014-07-16 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 22:43 - 2014-07-16 22:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware1
2014-07-16 22:11 - 2014-07-16 14:10 - 00026585 _____ () C:\windows\WindowsUpdate.log
2014-07-16 21:25 - 2014-07-16 20:59 - 00000696 _____ () C:\windows\PFRO.log
2014-07-16 20:59 - 2014-07-16 18:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-16 19:20 - 2014-07-16 04:19 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3832023844-2766403604-2622685999-1002
2014-07-16 18:14 - 2014-07-16 18:14 - 00000117 _____ () C:\windows\system32\netcfg-3676406.txt
2014-07-16 18:14 - 2014-07-16 18:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 17:15 - 2014-07-16 17:15 - 00000117 _____ () C:\windows\system32\netcfg-104328.txt
2014-07-16 17:14 - 2014-07-16 17:14 - 00001445 _____ () C:\Users\Moo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-16 17:10 - 2014-07-16 17:09 - 00000000 ____D () C:\Users\Moo\Documents\WPA Files
2014-07-16 17:09 - 2014-07-16 17:09 - 00000000 ____D () C:\Users\Moo\AppData\Local\Windows Performance Analyzer
2014-07-16 17:08 - 2014-07-16 17:08 - 00000117 _____ () C:\windows\system32\netcfg-6805640.txt
2014-07-16 17:08 - 2014-07-15 21:43 - 00000000 ____D () C:\Users\Komp
2014-07-16 16:09 - 2014-07-16 16:09 - 00000117 _____ () C:\windows\system32\netcfg-3291421.txt
2014-07-16 16:09 - 2014-07-16 16:09 - 00000117 _____ () C:\windows\system32\netcfg-3281875.txt
2014-07-16 15:16 - 2014-07-16 15:16 - 00000117 _____ () C:\windows\system32\netcfg-118828.txt
2014-07-16 15:14 - 2014-07-16 15:14 - 00000117 _____ () C:\windows\system32\netcfg-472125.txt
2014-07-16 15:09 - 2014-07-16 15:09 - 00000117 _____ () C:\windows\system32\netcfg-160000.txt
2014-07-16 15:06 - 2014-07-16 15:06 - 00000117 _____ () C:\windows\system32\netcfg-2858343.txt
2014-07-16 14:59 - 2014-07-16 14:59 - 00000117 _____ () C:\windows\system32\netcfg-2436812.txt
2014-07-16 14:57 - 2014-07-16 14:57 - 00000000 ____D () C:\Users\Moo\Documents\WPR Files
2014-07-16 14:56 - 2014-07-16 14:56 - 00000000 ____D () C:\ProgramData\WindowsPerformanceRecorder
2014-07-16 14:45 - 2014-07-16 14:45 - 00000117 _____ () C:\windows\system32\netcfg-1588562.txt
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\Program Files\Application Verifier
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-07-16 14:43 - 2014-07-16 14:43 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-07-16 14:43 - 2014-07-16 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-07-16 14:41 - 2014-07-16 14:41 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-07-16 14:41 - 2014-07-16 14:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-16 14:19 - 2014-07-16 14:19 - 00000117 _____ () C:\windows\system32\netcfg-31625.txt
2014-07-16 14:18 - 2014-07-16 14:18 - 00000117 _____ () C:\windows\system32\netcfg-173343.txt
2014-07-16 14:16 - 2014-07-16 14:16 - 00000117 _____ () C:\windows\system32\netcfg-28421.txt
2014-07-16 14:16 - 2014-07-16 14:15 - 00305896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-16 14:15 - 2014-07-16 14:15 - 00000117 _____ () C:\windows\system32\netcfg-6161187.txt
2014-07-16 13:16 - 2014-07-16 13:16 - 00001095 _____ () C:\windows\system32\netcfg-2602125.txt
2014-07-16 13:15 - 2014-07-16 13:15 - 00000156 _____ () C:\windows\system32\netcfg-2552328.txt
2014-07-16 13:14 - 2014-07-16 13:14 - 00000117 _____ () C:\windows\system32\netcfg-2505843.txt
2014-07-16 13:14 - 2014-07-16 13:14 - 00000117 _____ () C:\windows\system32\netcfg-2502109.txt
2014-07-16 13:13 - 2014-07-16 13:13 - 00000131 _____ () C:\windows\system32\netcfg-2413296.txt
2014-07-16 12:33 - 2014-07-16 12:33 - 00000117 _____ () C:\windows\system32\netcfg-32781.txt
2014-07-16 12:32 - 2014-07-16 12:32 - 00000117 _____ () C:\windows\system32\netcfg-15459328.txt
2014-07-16 12:32 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-16 12:27 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-16 12:24 - 2012-09-24 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-07-16 12:24 - 2012-09-24 18:45 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-07-16 12:24 - 2012-09-24 18:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-16 12:22 - 2012-09-24 18:18 - 00000000 ____D () C:\ProgramData\Intel
2014-07-16 12:22 - 2012-09-24 18:15 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-07-16 12:20 - 2014-07-16 12:20 - 00000000 ____H () C:\Users\Moo\Documents\Default.rdp
2014-07-16 12:20 - 2014-07-16 12:20 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\WebApp
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\Documents\Lenovo
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\Documents\CyberLink
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Lenovo
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\CyberLink
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\Users\Moo\AppData\Local\Cyberlink
2014-07-16 12:17 - 2014-07-16 12:17 - 00000000 ____D () C:\ProgramData\Lenovo
2014-07-16 12:17 - 2012-09-24 18:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-16 11:53 - 2014-07-16 11:53 - 00000117 _____ () C:\windows\system32\netcfg-13119093.txt
2014-07-16 11:53 - 2014-07-16 11:53 - 00000117 _____ () C:\windows\system32\netcfg-13117375.txt
2014-07-16 08:15 - 2014-07-16 08:15 - 00000117 _____ () C:\windows\system32\netcfg-29171.txt
2014-07-16 08:14 - 2014-07-16 08:14 - 00000117 _____ () C:\windows\system32\netcfg-14688765.txt
2014-07-16 08:11 - 2014-07-16 08:11 - 00000117 _____ () C:\windows\system32\netcfg-14489265.txt
2014-07-16 08:11 - 2012-09-24 18:22 - 00016234 _____ () C:\windows\system32\results.xml
2014-07-16 08:10 - 2014-07-16 08:10 - 00000117 _____ () C:\windows\system32\netcfg-14458687.txt
2014-07-16 08:10 - 2014-07-16 08:10 - 00000117 _____ () C:\windows\system32\netcfg-14455437.txt
2014-07-16 08:07 - 2014-07-16 08:07 - 00000117 _____ () C:\windows\system32\netcfg-14254750.txt
2014-07-16 08:07 - 2014-07-16 08:07 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Intel WiDi
2014-07-16 08:07 - 2014-07-16 08:07 - 00000000 ____D () C:\Users\Komp\AppData\Local\Intel WiDi
2014-07-16 08:07 - 2014-07-16 08:07 - 00000000 ____D () C:\Users\Komp\AppData\Local\Intel
2014-07-16 07:45 - 2014-07-16 07:45 - 00000117 _____ () C:\windows\system32\netcfg-12935359.txt
2014-07-16 07:44 - 2014-07-16 07:44 - 00000117 _____ () C:\windows\system32\netcfg-12894421.txt
2014-07-16 04:42 - 2014-07-16 04:42 - 00000117 _____ () C:\windows\system32\netcfg-1940828.txt
2014-07-16 04:41 - 2014-07-16 04:41 - 00000117 _____ () C:\windows\system32\netcfg-1879062.txt
2014-07-16 04:15 - 2014-07-16 04:15 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 04:10 - 2014-07-16 04:10 - 00000117 _____ () C:\windows\system32\netcfg-43046.txt
2014-07-16 04:09 - 2014-07-16 04:09 - 00000117 _____ () C:\windows\system32\netcfg-3056453.txt
2014-07-16 03:19 - 2014-07-16 03:19 - 00000117 _____ () C:\windows\system32\netcfg-40234.txt
2014-07-16 03:18 - 2014-07-16 03:18 - 00000117 _____ () C:\windows\system32\netcfg-6441140.txt
2014-07-16 03:10 - 2014-07-16 03:10 - 00000117 _____ () C:\windows\system32\netcfg-5971171.txt
2014-07-16 03:09 - 2014-07-16 03:09 - 00000117 _____ () C:\windows\system32\netcfg-5909375.txt
2014-07-16 02:14 - 2014-07-16 02:14 - 00000117 _____ () C:\windows\system32\netcfg-2579031.txt
2014-07-16 02:13 - 2014-07-16 01:47 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Notepad++
2014-07-16 02:13 - 2014-07-16 01:47 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-07-16 02:05 - 2014-07-16 02:05 - 00000117 _____ () C:\windows\system32\netcfg-2080656.txt
2014-07-16 01:32 - 2014-07-16 01:32 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-16 01:32 - 2014-07-16 01:32 - 00000000 ____D () C:\Users\Komp\AppData\Local\Razer
2014-07-16 01:31 - 2014-07-16 01:31 - 00000117 _____ () C:\windows\system32\netcfg-32515.txt
2014-07-16 01:30 - 2014-07-16 01:30 - 00000117 _____ () C:\windows\system32\netcfg-1650765.txt
2014-07-16 01:30 - 2014-07-16 01:28 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-07-16 01:28 - 2014-07-16 01:28 - 00000000 ____D () C:\Users\Moo\AppData\Local\Razer
2014-07-16 01:28 - 2014-07-16 01:28 - 00000000 ____D () C:\ProgramData\Razer
2014-07-16 01:28 - 2014-07-16 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-07-16 01:21 - 2014-07-16 01:21 - 00000117 _____ () C:\windows\system32\netcfg-1097828.txt
2014-07-16 01:04 - 2014-07-16 01:04 - 00000451 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-16 01:02 - 2014-07-16 01:02 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2014-07-16 01:02 - 2014-07-16 01:02 - 00000704 _____ () C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2014-07-16 01:02 - 2012-09-24 18:17 - 00000000 ____D () C:\Program Files\Intel
2014-07-16 01:00 - 2014-05-21 17:15 - 00187348 _____ () C:\windows\system32\resTHA.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00180164 _____ () C:\windows\system32\resELL.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00176020 _____ () C:\windows\system32\resRUS.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00161876 _____ () C:\windows\system32\resARA.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00161332 _____ () C:\windows\system32\resHEB.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00161268 _____ () C:\windows\system32\resJPN.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00156692 _____ () C:\windows\system32\resFRA.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00156676 _____ () C:\windows\system32\resHUN.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154980 _____ () C:\windows\system32\resKOR.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154884 _____ () C:\windows\system32\resITA.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154884 _____ () C:\windows\system32\resDEU.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154724 _____ () C:\windows\system32\resROM.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154612 _____ () C:\windows\system32\resESN.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154180 _____ () C:\windows\system32\resPLK.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00154036 _____ () C:\windows\system32\resSKY.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00153844 _____ () C:\windows\system32\resNLD.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00153284 _____ () C:\windows\system32\resPTB.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00153140 _____ () C:\windows\system32\resTRK.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00153108 _____ () C:\windows\system32\resCSY.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00152980 _____ () C:\windows\system32\resPTG.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00152564 _____ () C:\windows\system32\resFIN.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00152132 _____ () C:\windows\system32\resHRV.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00151684 _____ () C:\windows\system32\resSVE.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00151508 _____ () C:\windows\system32\resSLV.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00150580 _____ () C:\windows\system32\resNOR.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00150068 _____ () C:\windows\system32\resDAN.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00148756 _____ () C:\windows\system32\resENU.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00146980 _____ () C:\windows\system32\resCHT.cui
2014-07-16 01:00 - 2014-05-21 17:15 - 00146148 _____ () C:\windows\system32\resCHS.cui
2014-07-16 00:59 - 2014-07-16 00:59 - 00000117 _____ () C:\windows\system32\netcfg-2475546.txt
2014-07-16 00:59 - 2014-05-21 17:15 - 23048704 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 18032640 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 17791136 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 17409536 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 16586584 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 16114320 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 08120320 _____ (Intel Corporation) C:\windows\system32\ig7icd64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 06364672 _____ (Intel Corporation) C:\windows\SysWOW64\ig7icd32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 04590152 _____ (Intel Corporation) C:\windows\system32\igdusc64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 04342744 _____ (Intel Corporation) C:\windows\system32\Gfxv4_0.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 04339160 _____ (Intel Corporation) C:\windows\system32\Gfxv2_0.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 03791872 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys
2014-07-16 00:59 - 2014-05-21 17:15 - 03658520 _____ (Intel Corporation) C:\windows\SysWOW64\igdusc32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 02813952 _____ () C:\windows\system32\iglhxa64.cpa
2014-07-16 00:59 - 2014-05-21 17:15 - 02023936 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 01755648 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 01673216 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 01551872 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 01137080 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 01132960 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00930264 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00734208 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00655360 _____ (Intel Corporation) C:\windows\system32\igfxDH.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00544216 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00543704 _____ (Intel Corporation) C:\windows\system32\DPTopologyAppv2_0.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00501720 _____ (Intel Corporation) C:\windows\system32\igfxEM.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00450520 _____ (Intel® Corporation) C:\windows\system32\Drivers\IntcDAud.sys
2014-07-16 00:59 - 2014-05-21 17:15 - 00433560 _____ () C:\windows\system32\igdmd64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00393176 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00392664 _____ (Intel Corporation) C:\windows\system32\CustomModeAppv2_0.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00373248 _____ (Intel Corporation) C:\windows\system32\igfxOSP.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00358912 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00348088 _____ () C:\windows\SysWOW64\igdmd32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00330240 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00315352 _____ (Intel Corporation) C:\windows\system32\igfxCUIService.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00294912 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00291328 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00279000 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00267264 _____ (Intel Corporation) C:\windows\system32\igfxDI.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00254976 _____ () C:\windows\system32\igfxCPL.cpl
2014-07-16 00:59 - 2014-05-21 17:15 - 00249856 _____ (Intel Corporation) C:\windows\system32\igfxLHM.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00244184 _____ (Intel Corporation) C:\windows\system32\igfxHK.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00223744 _____ () C:\windows\system32\igdde64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00218808 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00212992 _____ (Intel Corporation) C:\windows\system32\igfxDTCM.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00191448 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00187408 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00183808 _____ () C:\windows\SysWOW64\igdde32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00183800 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3621.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00160256 _____ () C:\windows\system32\igdail64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00158032 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00155136 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00153048 _____ (Intel Corporation) C:\windows\system32\difx64.exe
2014-07-16 00:59 - 2014-05-21 17:15 - 00142848 _____ () C:\windows\SysWOW64\igdail32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00070144 _____ () C:\windows\system32\igfxCUIServicePS.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00069632 _____ ( ) C:\windows\system32\igfxDHLibv2_0.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00064000 _____ (Khronos Group) C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\Intel_OpenCL_ICD32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00057856 _____ ( ) C:\windows\system32\igfxDHLib.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00044025 _____ () C:\windows\system32\iglhxo64.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00043816 _____ () C:\windows\system32\iglhxc64_dev.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00043494 _____ () C:\windows\system32\iglhxc64.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00043298 _____ () C:\windows\system32\iglhxg64_dev.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00043256 _____ () C:\windows\system32\iglhxg64.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00042079 _____ () C:\windows\system32\iglhxo64_dev.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00031408 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00030720 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00010752 _____ ( ) C:\windows\system32\igfxDILib.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00010240 _____ ( ) C:\windows\system32\igfxEMLibv2_0.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00010240 _____ ( ) C:\windows\system32\igfxEMLib.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00010240 _____ ( ) C:\windows\system32\igfxDILibv2_0.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLibv2_0.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLib.dll
2014-07-16 00:59 - 2014-05-21 17:15 - 00002568 _____ () C:\windows\system32\iglhxs64.vp
2014-07-16 00:59 - 2014-05-21 17:15 - 00001125 _____ () C:\windows\system32\iglhxa64.vp
2014-07-16 00:59 - 2012-09-24 18:21 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.DLL
2014-07-16 00:59 - 2012-09-24 18:21 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.DLL
2014-07-16 00:59 - 2012-08-22 01:14 - 00444376 _____ (Intel Corporation) C:\windows\system32\igfxTray.exe
2014-07-16 00:55 - 2014-07-16 00:55 - 00000348 _____ () C:\windows\system32\netcfg-2208203.txt
2014-07-16 00:55 - 2014-07-16 00:55 - 00000117 _____ () C:\windows\system32\netcfg-2214062.txt
2014-07-16 00:55 - 2014-07-16 00:55 - 00000117 _____ () C:\windows\system32\netcfg-2207203.txt
2014-07-16 00:50 - 2014-07-16 00:50 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-16 00:37 - 2014-07-16 00:37 - 00000117 _____ () C:\windows\system32\netcfg-1145437.txt
2014-07-16 00:32 - 2014-07-08 13:01 - 00000000 ____D () C:\Users\Komp\AppData\Local\Packages
2014-07-16 00:27 - 2012-07-26 01:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-16 00:18 - 2012-09-24 18:27 - 00000000 ____D () C:\Program Files\Lenovo
2014-07-16 00:13 - 2014-07-16 00:13 - 00000117 _____ () C:\windows\system32\netcfg-985593.txt
2014-07-16 00:09 - 2014-07-16 00:09 - 00000117 _____ () C:\windows\system32\netcfg-746625.txt
2014-07-16 00:02 - 2014-07-16 00:02 - 00000117 _____ () C:\windows\system32\netcfg-290921.txt
2014-07-16 00:01 - 2014-07-16 00:01 - 00000117 _____ () C:\windows\system32\netcfg-273406.txt
2014-07-15 23:56 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\spool
2014-07-15 23:56 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\setup
2014-07-15 23:43 - 2014-07-15 23:43 - 00000117 _____ () C:\windows\system32\netcfg-7320046.txt
2014-07-15 23:42 - 2014-07-15 23:42 - 00001139 _____ () C:\windows\system32\netcfg-7265578.txt
2014-07-15 23:42 - 2014-07-15 23:42 - 00000117 _____ () C:\windows\system32\netcfg-7266093.txt
2014-07-15 23:42 - 2014-07-15 23:42 - 00000000 ____D () C:\Users\Moo\Documents\Bluetooth Exchange Folder
2014-07-15 23:30 - 2012-09-24 18:45 - 00000000 ____D () C:\Program Files (x86)\LenovoPhotos
2014-07-15 23:28 - 2014-07-08 12:51 - 00000000 ____D () C:\Users\Moo\AppData\Local\Packages
2014-07-15 23:15 - 2014-07-15 23:15 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Nitro PDF
2014-07-15 23:10 - 2012-09-24 18:49 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-07-15 23:08 - 2012-09-24 18:34 - 00000000 ____D () C:\Program Files (x86)\USB Camera2
2014-07-15 23:08 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\System
2014-07-15 23:06 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\restore
2014-07-15 22:59 - 2012-08-01 09:50 - 00000000 ____D () C:\windows\Panther
2014-07-15 22:55 - 2014-07-15 22:55 - 00000117 _____ () C:\windows\system32\netcfg-4457921.txt
2014-07-15 22:45 - 2014-07-15 22:45 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Macromedia
2014-07-15 22:43 - 2014-07-15 21:48 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Intel
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo\AppData\Roaming\Adobe
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\Users\Moo\AppData\Local\VirtualStore
2014-07-15 22:42 - 2014-07-15 22:42 - 00000000 ____D () C:\ProgramData\eBay
2014-07-15 22:42 - 2014-07-15 21:43 - 00000000 ____D () C:\Users\Moo
2014-07-15 22:41 - 2014-07-15 22:41 - 00262144 _____ () C:\windows\system32\config\userdiff
2014-07-15 22:41 - 2012-07-26 01:13 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-07-15 22:18 - 2014-07-15 22:18 - 00000000 ___HD () C:\$SysReset
2014-07-15 21:58 - 2014-07-15 21:58 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-15 21:58 - 2014-07-08 13:21 - 00000219 _____ () C:\Users\Komp\Desktop\Counter-Strike Global Offensive.url
2014-07-15 21:52 - 2014-07-15 21:52 - 00000978 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-15 21:52 - 2014-07-15 21:52 - 00000020 ___SH () C:\Users\Moo\ntuser.ini
2014-07-15 21:52 - 2014-07-15 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-15 21:51 - 2014-07-15 21:51 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Macromedia
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-537812.txt
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-534390.txt
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-534375.txt
2014-07-15 21:50 - 2014-07-15 21:50 - 00000117 _____ () C:\windows\system32\netcfg-532921.txt
2014-07-15 21:49 - 2014-07-15 21:49 - 00000000 ____D () C:\Users\Komp\AppData\Local\Broadcom
2014-07-15 21:47 - 2014-07-15 21:47 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Adobe
2014-07-15 21:45 - 2014-07-15 21:45 - 00000020 ___SH () C:\Users\Komp\ntuser.ini
2014-07-15 21:45 - 2014-07-15 21:45 - 00000000 ____D () C:\Users\Komp\AppData\Roaming\Intel
2014-07-15 21:45 - 2014-07-15 21:45 - 00000000 ____D () C:\Users\Komp\AppData\Local\VirtualStore
2014-07-15 21:45 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-07-15 21:45 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\WinStore
2014-07-15 21:44 - 2014-07-15 21:44 - 00000608 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2014-07-15 21:44 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\Recovery
2014-07-15 21:44 - 2012-07-25 22:37 - 00000000 ___HD () C:\Users\Default
2014-07-15 21:44 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-15 21:43 - 2014-07-15 21:43 - 00020958 _____ () C:\windows\diagwrn.xml
2014-07-15 21:43 - 2014-07-15 21:43 - 00020958 _____ () C:\windows\diagerr.xml
2014-07-15 21:43 - 2014-07-15 21:43 - 00000117 _____ () C:\windows\system32\netcfg-95125.txt
2014-07-13 02:36 - 2014-07-13 02:21 - 00000587 _____ () C:\Users\Komp\Desktop\oldassCfg.txt
2014-07-13 02:31 - 2014-07-13 02:31 - 00010032 _____ () C:\Users\Komp\Desktop\cfgtarik.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {c4c9a511-06b5-11e2-b47e-806e6f6e6963}
                        {a63eb2a5-06e0-11e4-ac2a-b8f582c709fd}
                        {a63eb2a6-06e0-11e4-ac2a-b8f582c709fd}
                        {a63eb2a7-06e0-11e4-ac2a-b8f582c709fd}
                        {a63eb2a8-06e0-11e4-ac2a-b8f582c709fd}
                        {a63eb2a9-06e0-11e4-ac2a-b8f582c709fd}
                        {a63eb2aa-06e0-11e4-ac2a-b8f582c709fd}
                        {a63eb29f-06e0-11e4-ac2a-b8f582c709fd}
timeout                 2

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {a63eb2ad-06e0-11e4-ac2a-b8f582c709fd}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmware Application (101fffff)
-------------------------------
identifier              {06286143-0c19-11e4-beb7-806e6f6e6963}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {39bd45d5-0890-11e4-be93-806e6f6e6963}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {499a8f39-0d7b-11e4-be87-806e6f6e6963}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {973310e9-0be8-11e4-beb3-806e6f6e6963}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a10332a0-06ad-11e2-be69-806e6f6e6963}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb29c-06e0-11e4-ac2a-b8f582c709fd}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb29d-06e0-11e4-ac2a-b8f582c709fd}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb29e-06e0-11e4-ac2a-b8f582c709fd}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb29f-06e0-11e4-ac2a-b8f582c709fd}
description             PCI LAN: EFI Network (IPv6)

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a0-06e0-11e4-ac2a-b8f582c709fd}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a1-06e0-11e4-ac2a-b8f582c709fd}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a2-06e0-11e4-ac2a-b8f582c709fd}
description             Setup

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a3-06e0-11e4-ac2a-b8f582c709fd}
description             Boot Menu

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a4-06e0-11e4-ac2a-b8f582c709fd}
description             Diagnostic Splash

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a5-06e0-11e4-ac2a-b8f582c709fd}
description             ATA HDD: WDC WD5000BPVT-24HXZT3                 

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a6-06e0-11e4-ac2a-b8f582c709fd}
description             USB HDD:

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a7-06e0-11e4-ac2a-b8f582c709fd}
description             ATAPI CD: MATSHITA DVD-RAM UJ8D1                 

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a8-06e0-11e4-ac2a-b8f582c709fd}
description             USB FDD:

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2a9-06e0-11e4-ac2a-b8f582c709fd}
description             PCI LAN: EFI Network (IPv4)

Firmware Application (101fffff)
-------------------------------
identifier              {a63eb2aa-06e0-11e4-ac2a-b8f582c709fd}
description             USB CD:

Firmware Application (101fffff)
-------------------------------
identifier              {afc8eb63-0d66-11e4-be85-806e6f6e6963}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\lrsBootMgr.efi
description             Lenovo Recovery System

Firmware Application (101fffff)
-------------------------------
identifier              {c4c9a511-06b5-11e2-b47e-806e6f6e6963}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager

Windows Boot Loader
-------------------
identifier              {a63eb2ab-06e0-11e4-ac2a-b8f582c709fd}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{a63eb2ac-06e0-11e4-ac2a-b8f582c709fd}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{a63eb2ac-06e0-11e4-ac2a-b8f582c709fd}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \windows\system32\winload.efi
description             Windows 8
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {a63eb2ab-06e0-11e4-ac2a-b8f582c709fd}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \windows
resumeobject            {a63eb2ad-06e0-11e4-ac2a-b8f582c709fd}
nx                      OptIn
bootmenupolicy          Standard
detecthal               Yes

Resume from Hibernate
---------------------
identifier              {43e6542e-06b3-11e2-82ad-089e01317842}
device                  partition=C:
path                    \windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {a63eb2ab-06e0-11e4-ac2a-b8f582c709fd}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Resume from Hibernate
---------------------
identifier              {a63eb2ad-06e0-11e4-ac2a-b8f582c709fd}
device                  partition=C:
path                    \windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {a63eb2ab-06e0-11e4-ac2a-b8f582c709fd}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {a63eb2ac-06e0-11e4-ac2a-b8f582c709fd}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi

 

LastRegBack: 2012-08-01 08:51

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Moo at 2014-07-18 08:23:08
Running from C:\Users\Moo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Intelligent Touchpad (HKLM-x32\...\{DD7D6D84-93AB-48CA-A759-94324E341CBA}) (Version: 2.00.0012.0723 - Lenovo)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Nitro Pro 7 (HKLM\...\{72D264E5-0C44-42DF-820B-621303E5C183}) (Version: 7.4.1.21 - Nitro PDF Software)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.0.9 - Lenovo)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SDK Debuggers (x32 Version: 8.100.26629 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (x32 Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{25981ccc-475f-4b68-850b-89d3fc287ff1}) (Version: 8.100.26695 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
WPT Redistributables (x32 Version: 8.100.26695 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26629 - Microsoft) Hidden

==================== Restore Points  =========================

16-07-2014 06:06:02 Removed Amazon Browser App
17-07-2014 07:08:00 Windows Modules Installer
18-07-2014 08:44:59 Installed DirectX

==================== Hosts content: ==========================

2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {A4FF65A8-6D80-45B7-946B-436410F6046D} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-15] (Synaptics Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\windows\SYSTEM32\dism.exe [2012-07-25] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DA771714-5BA8-4C16-AB98-A1C86D85E43B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

==================== Loaded Modules (whitelisted) =============

2012-09-24 18:17 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "SynLenovoGestureMgr"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "Dolby Home Theater v4"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"

==================== Faulty Device Manager Devices =============

Name: Intel® USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: MATSHITA DVD-RAM UJ8D1
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2014 07:06:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 15.5.0.2, time stamp: 0x50070789
Faulting module name: MurocApi.dll, version: 15.5.0.1, time stamp: 0x500706ce
Exception code: 0xc0000005
Fault offset: 0x0000000000026390
Faulting process id: 0x708
Faulting application start time: 0xZeroConfigService.exe0
Faulting application path: ZeroConfigService.exe1
Faulting module path: ZeroConfigService.exe2
Report Id: ZeroConfigService.exe3
Faulting package full name: ZeroConfigService.exe4
Faulting package-relative application ID: ZeroConfigService.exe5

Error: (07/17/2014 10:13:55 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-3832023844-2766403604-2622685999-1002}/">.

Error: (07/17/2014 10:13:46 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-3832023844-2766403604-2622685999-1002}/">.

System errors:
=============
Error: (07/18/2014 08:16:23 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (07/18/2014 07:07:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/17/2014 10:25:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (07/17/2014 10:25:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (07/17/2014 00:48:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/16/2014 11:26:16 PM) (Source: DCOM) (EventID: 10005) (User: KKDOINGWORK)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/16/2014 08:58:51 PM) (Source: DCOM) (EventID: 10005) (User: KKDOINGWORK)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/16/2014 06:13:29 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (07/16/2014 06:13:29 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (07/16/2014 06:13:29 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Microsoft Office Sessions:
=========================
Error: (07/18/2014 07:06:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec0000005000000000002639070801cfa2917f9cc136C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllc7f1cfe0-0e84-11e4-be8c-9c4e3663a0b8

Error: (07/17/2014 10:13:55 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3832023844-2766403604-2622685999-1002}/

Error: (07/17/2014 10:13:46 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3832023844-2766403604-2622685999-1002}/

==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 6004.91 MB
Available physical RAM: 4112.46 MB
Total Pagefile: 10100.91 MB
Available Pagefile: 8592.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:215.35 GB) (Free:179.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: E7FAF362)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

[Valinorum]

Hi LFC4,

Did you created this folder: C:\Program Files (x86)\Malwarebytes Anti-Malware1? Also, by Microsoft Security Tool, do you mean Microsoft Security Essential or Windows Defender as the former was replaced by the latter on Windows 8.

[LFC4]

I apologize for the delay I have been traveling these past few days, yes I created the malware bytes1 folder (not sure why at the moment). My system has been using windows defender as well.

[Valinorum]

Not seeing any RootKit traces. They may have been removed earlier. Is Windows Defender the only issue you are having?

• Step #3 Scan with Farbar Service Scanner
  • Please download Farbar Service Scanner by Farbar to your Desktop from the link below.
    Download Link
  • Right-click and choose Run as Administrator;
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

• Required Log(s):
  • FSS.txt

Regards,
Valinorum

[LFC4]

Farbar Service Scanner Version: 21-07-2014
Ran by Moo (administrator) on 22-07-2014 at 20:49:18
Running from "C:\Users\Moo\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

Windows Autoupdate Disabled Policy:
============================

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

 

The troubles came when I did a full system restore and now trying to get all my drivers/software/etc back up to date. Thank you again for your help!

[Valinorum]

The troubles came when I did a full system restore and now trying to get all my drivers/software/etc back up to date.

Have you updated them? Does the problem persist?

[LFC4]

I just changed my settings back to do automatic updates so I will see. What do you know about the MingLiu font/Razer synapse software? Maybe I'm being overprotective but I wonder if that's where my problems are coming from.

[Valinorum]

MingLiu Font is used in Microsoft Office and Workstations as a Traditional Chinese font. See here. The latter program is a driver for Razor products mostly used for Gaming boosters. If you are not a gamer or do not play high quality games, you can remove it.

[LFC4]

I am an intensive gamer   I updated my computer last night and seems to be running better ...Thank you

[Valinorum]

Perusing your logs, I see no infection currently present in your system. Unless you are having any issue(s), the machine appears to be Malware-free as we speak.

 

♣ Removal of Tools and Quarantined Files ♣

 

Despite the tools we have used are clean, they are powerful removal tools and made in a way so that they carry out any commands given to them without (most cases) asking for a confirmation. In the hands of an inept person, they can make the machine un-bootable -- a scenario we do not wish to see. Also, we need to remove the quarantined files/folders from your system as a dormant malware can be as bad as an active one if given the proper environment. I shall now give you the guidelines to remove the tools and the quarantined files from your system.

• Cleanup with Delfix
  Please download DelFix by Xplode to your Desktop.
  Download Link
  • Double-click to run the program;
    • Note: Windows Vista/7/8 users right-click and choose Run as administrator
  • Make sure that all the boxes are checked;
  • Click Run;
  • A log will be opened after the operation is finished;
  • Copy and Paste it in your next reply

 

♣ Prevention and Future Guidelines ♣

 

Prevention is better than cure -- goes the old saying. As much as we love to see you visit our site, we do not want to see you having your PC infected by malwares again.

• Keep Windows up-to-date.
  It is extremely important that you keep your operating system (Windows) updated when updates are made available. It is set to alert you, so be sure not to ignore these notices and to allow the updates to install. Many of these are critical security packages which could very possibly be the difference between your picking up a future infiltration and simply passing right by it unharmed.
• Run antivirus software and keep it up-to-date, too.
  Antivirus software is your safety net if all other protections fail. The first line of defense is smart computing, of course, but everyone needs a backup. I'd recommend Microsoft Security Essentials or avast!, both of which are excellent, as well as free. Once they're installed, check periodically to ensure they have been successfully updating as well. An out-of-date antivirus is not a happy antivirus!
• Keep your web browser plugins and other programs updated also.
  This tip is rarely shared by technicians and its importance is not widely recognized, but it's absolutely critical. Programs such as Java, Adobe Flash Player and Adobe Reader, Internet Explorer, and myriad other such web-exposed items are deeply vulnerable to attack, which can quickly lead to a hopelessly infected system no matter what protection you currently have installed. The reason is that these programs are ubiquitous, but are also not perfect and are extremely complex... and as such, security vulnerabilities are discovered and exploited by hackers hoping to gain control over your machine. By performing every update for these programs as soon as it's made available, you will greatly reduce your exposure to dangerous internet threats.
  
  A great way to do this is to install the Filehippo Update Checker and run it regularly. Also, try not to ignore any notifications you receive regarding updates to programs already installed on your PC.
  
  No scripts is an excellent security device too. I like it but it is not for everyone because it requires you to take action if you want to see some things (pop ups, banners etc.) on sites you visit.
  
  Download NoSript by Giorgio Maone.
  
  Note: Sometimes you will get a site telling you that you need to install Java when actually all you need to do is enable the site through the no script icon down on the right hand side of your computer.
• Watch out for new threat named CryptoLocker
  CryptoLocker is a new type ransomware family malware that encrypts your important files and asks for a ransom to decrypt them. At the moment of posting this reply there are no tools that can undo the havoc this malware causes. We can help you to remove the malware from your system but the files that was encrypted cannot be recovered without the decryption key. So, I ask for your forbearance and practice constant vigilance. Please read the following article to acknowledge yourself about the safety measures.
  How to prevent your computer from becoming infected by CryptoLocker.
• And last of all, surf smart.
  It doesn't matter how well the autopilot system works if the pilot keeps flying the plane into mountain ranges. Don't forget that no matter how much you have protecting yourself, your security ultimately begins and ends with you. Don't visit dangerous or questionable web sites, avoid suspicious links on Facebook and emails/email attachments you're unsure about, and just generally keep your wits about you, and you'll be much safer. Also, avoid illegal downloads, cracks, "warez", and all other too-good-to-be-true internet offerings: they're typically laden with malware. Be smart and you can avoid most threats lurking about the darker corners of the internet! And for even more tips, see our article, How Did I Get Infected in the First Place?
  
  

Regards,
Valinorum

[LFC4]

# DelFix v10.7 - Logfile created 25/07/2014 at 07:05:38
# Updated 27/04/2014 by Xplode
# Username : Moo - KKDOINGWORK
# Operating System : Windows 8  (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\Moo\Desktop\Addition.txt
Deleted : C:\Users\Moo\Desktop\Extras.Txt
Deleted : C:\Users\Moo\Desktop\FRST.txt
Deleted : C:\Users\Moo\Desktop\FRST64.exe
Deleted : C:\Users\Moo\Desktop\FSS.exe
Deleted : C:\Users\Moo\Desktop\FSS.txt
Deleted : C:\Users\Moo\Desktop\OTL.Txt
Deleted : C:\Users\Moo\Desktop\OTL.exe
Deleted : C:\Users\Moo\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Moo\Desktop\Shortcut.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1 [Removed Amazon Browser App | 07/16/2014 06:06:02]
Deleted : RP #2 [Windows Modules Installer | 07/17/2014 07:08:00]
Deleted : RP #3 [Installed DirectX | 07/18/2014 08:44:59]
Deleted : RP #4 [Windows Update | 07/24/2014 02:37:03]

New restore point created !

 

 

Can't thank you enough Valinorum, for your patience as well as assistance

[Valinorum]

Browse safely in the future.

[Valinorum]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.