Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 Laptop Won't Boot - Black Screen [Closed]


  • This topic is locked This topic is locked

#1
Spider-Man

Spider-Man

    Member

  • Member
  • PipPipPip
  • 167 posts

Hi

 

I had a virus (or viruses!) on my laptop, which were taken care of by MBAM Pro (protection was disabled when I installed some software and wasn't re-activated, probably the reason how the malware got through!).

 

Within a day or so, I had a problem with the laptop (Samsung) intermittently not recognising a hard drive was attached during boot (confirmed in BIOS). I tested this was the case by trying 2 other known to be working hard drives and the problem continued. I contacted Samsung to see if there was a BIOS update available (apparently this is a fairly common problem with Samsung laptops and there is a BIOS upgrade available for some affected machines, mine not being one of them). So, Samsung advised to install the latest drivers via S Agent, which I did. I usually leave my laptop on all day, every day - it's virtually used as a desktop - so when exactly the problem I am now suffering from was created, I don't have a definitive answer.

 

Basically, windows would load up, displaying the normal Starting Windows with Windows logo, then displaying a black screen with the mouse cursor, but the actual login page is never shown.

 

I tried starting in Safe Mode, which would scroll through all the drivers loading, and stop on 'amdkmpf.sys' - so, I got another working hard drive, installed W7 and all the laptop drivers, rebooted to make sure all those drivers were OK, then slaved across the windows/system32/drivers/ folder, just incase that amdkmpf.sys or any other were corrupt, as Startup Repair said "Windows cannot repair the problem automatically". I ran chkdsk /f /r, no problems found. Sfc /scannow from command line reports something along the lines of a pending repair requires reboot - I read up on this problem and removed the pending.xml and reboot.xml files from /windows/winsxs/ to no avail, I still get the same message every time I try to run sfc /scannow.

 

I then thought, perhaps it's malware related, so I set up an AVG Boot CD and ran it, sure enough, it did find a few things, but nothing of any great meaning (mostly picked up on viruses being scam emails with attachments).

 

I then found a post on here, about Farbar Recovery Scan Tool. I subsequently ran this and have the log, which I will post shortly. In the meantime, I have also tried running startup repair 3 times from the W7 CD, to no avail. Apparently I'm now on the 30th repair attempt, which Windows still cannot resolve due to the problem "may be caused by unspecified changes" - very helpful!

 

I've tried every boot option by pressing F8 (Last Known Good Config, Safe Mode, etc) and still cannot get into Windows. The closest I get is by booting normally - but am left with this black screen.

 

Unfortunately, windows/minidumps/ is empty - no BSOD log file is created when Windows BSOD's (which it appears to do after a while after hanging on amdkmpf.sys when trying to start in safe mode) - but I do have some 'CBS.log' files. I guess the Farbar log is my last hope....

 

I was hoping one of you kind people could take a look at this Farbar log and see if there is anything suspicious looking which may be causing the problem.

 

Thanks!
 


Edited by Spider-Man, 10 January 2015 - 07:34 AM.

  • 0

Advertisements


#2
Spider-Man

Spider-Man

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 167 posts

Farbar log:-

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by SYSTEM on MININT-GFN2G2G on 10-01-2015 11:43:28
Running from f:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet003
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885432 2012-06-10] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI] authuitu.dll <==== ATTENTION!
HKU\Spider-Man\...\Policies\system: [DisableLockWorkstation] 0
IFEO\hpcustpartic.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoev.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msotd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\visio.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung)
S4 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2014-08-28] (Autodata Limited)
S4 ColdFusion 10 .NET Service; C:\ColdFusion10\cfusion\jnbridge\CFDotNetsvc.exe [77824 2007-04-04] ()
S4 ColdFusion 10 Application Server; C:\ColdFusion10\cfusion\bin\coldfusionsvc.exe [365056 2011-07-21] (Adobe Systems Inc)
S4 ColdFusion 10 ODBC Agent; C:\ColdFusion10\cfusion\db\slserver54\bin\swagent.exe [696320 2014-04-03] ()
S4 ColdFusion 10 ODBC Server; C:\ColdFusion10\cfusion\db\slserver54\bin\swstrtr.exe [114688 2014-04-03] ()
S4 ColdFusion10JettyService; C:\ColdFusion10\cfusion\jetty\jetty.exe [532480 2014-04-03] (Flexera Software)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [640840 2014-08-31] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-20] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-20] (Malwarebytes Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG)
S4 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [46912 2013-07-30] (Spiceworks, Inc.)
S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S4 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2012-08-17] (Clarus, Inc.)
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
S4 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [24576 2013-06-23] (Apache Software Foundation)
S4 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [12867584 2013-06-23] ()
S4 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-30] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-19] (Advanced Micro Devices, Inc.)
S3 Fwleaf; C:\Windows\System32\DRIVERS\fwleaf.sys [27872 2013-12-23] (NETGEAR)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
S3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2013-02-04] (Leaf Networks)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-20] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-20] (Malwarebytes Corporation)
S3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
S3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
S3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2014-12-08] (Intel Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 3CF80AF339FBA0FCF0875941D562B24C
C:\Windows\System32\DRIVERS\atikmpag.sys 8E42DD898956FEFD47A2689FDA7DA0D3
C:\Windows\System32\DRIVERS\amdkmpfd.sys FFCB1F4FEAC8AB77887031F8AD0D7C06
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btath_flt.sys 78B183A794A08978EA0A8D017054352B
C:\Windows\System32\DRIVERS\athrx.sys 3D68A1EEF77307142636AF5127990BCB
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\drivers\btath_a2dp.sys 26D5F579D12FA37224CC32F2F4BB4FA8
C:\Windows\System32\drivers\btath_avdt.sys 38B5D9ACC7BC80E737F8F86127B6B47B
C:\Windows\System32\DRIVERS\btath_bus.sys 3FE1E64011BF4EA727AD0C8A26C303C2
C:\Windows\System32\DRIVERS\btath_hcrp.sys 6EFA8C93009E0BE0886C2422C7D20BC5
C:\Windows\System32\DRIVERS\btath_lwflt.sys 168506D0F0C8DF588F8A7E25C58A2DE6
C:\Windows\System32\DRIVERS\btath_rcp.sys 7C8FB1D73BD279DD914CCA6ED0F4F62B
C:\Windows\System32\DRIVERS\btfilter.sys 8384F2A67FF10A6E1843F036E66A4D7F
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 1ED08A6264C5C92099D6D1DAE5E8F530
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fltsrv.sys 88F5A4E744B72385B9A61659879FCC67
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\drivers\ftdibus.sys 0B0E36E669B47E256BE7BDB66D76CCCF
C:\Windows\System32\drivers\ftser2k.sys D35D8310AA13DC851EC2319D1640A17B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\System32\DRIVERS\fwleaf.sys CC07E6A85532E7A104834AF41855940B
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcmon.sys BDDBCFF870442B3C24C158CD53079132
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\DRIVERS\HtcVComV64.sys 7C7C986776D00E575BFBDE5DCBDC615D
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys C224331A54571C8C9162F7714400BBBD
C:\Windows\System32\DRIVERS\iaStorA.sys 446B0F411F742CC253918AE88703EA85
C:\Windows\System32\DRIVERS\iaStorF.sys 80A542D70433BABC5E196432478CBB00
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 3FB253E8059A1AAC3A8B83A31D094CC5
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 5C20DBF6A00AF50C7CB74DB233E03AF0
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys 846354992EBB373F452EB9182D501B08
C:\Windows\System32\DRIVERS\iusb3hub.sys 1D88A23853387D34D52CC8F9DDBFC56C
C:\Windows\System32\DRIVERS\iusb3xhc.sys FC5EFD7C797DF19DFB999F0605A7924E
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\leafnets.sys 83EC58ED3ACA5028919028667BABF490
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579
C:\Windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3
C:\Windows\system32\drivers\mwac.sys A646C2DDB8C46E9B20A326FAF566646C
C:\Windows\System32\DRIVERS\mcdbus.sys 79D51E7F5926E8CE1B3EBECEBAE28CFF
C:\Windows\SysWOW64\DRIVERS\mcdbus.sys 79D51E7F5926E8CE1B3EBECEBAE28CFF
C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys D3BDDC034F80F72E3C598E633B309E10
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys ADCD6BBF6974A8D0C250E6259E1421EC
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Netwsw02.sys 87473262743FB71A63E3A506385DA836
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\npf.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PSKMAD.sys 05A0C2744CEAC6F1B723EC469B650EF0
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys CE2EF8030932B98832EB2F9580C5B1DD
C:\Windows\System32\Drivers\RtsUVStor.sys D4A7B5BE29413AFE27DFA2054DCEF957
C:\Windows\System32\DRIVERS\Rt64win7.sys 3713DACCA1025B05A6343104112708D9
C:\Windows\system32\Drivers\SABI.sys 62DB6CC4B0818F1B5F3441241B098F12
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SGdrv64.sys 2FE1CD3AA602414841DB10AD96C95A5E
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snapman.sys 348F3039E192A84FADE1E2C6C4257500
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys EEBA2CB52304BE9574ADFAA38F40BFD4
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys 45427C4B8CAC6B241478F149B935CD80
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmci.sys BE8E5E5D53ACF71D4E8E686B68C99B04
C:\Windows\system32\drivers\VMkbd.sys 4F19996D0765835797EC7B5F35D12240
C:\Windows\System32\DRIVERS\vmnetadapter.sys 18AA5F4A3B1204AD00045EE5AD39BCDB
C:\Windows\System32\DRIVERS\vmnetbridge.sys 04CD4347CD9E8C40F78AD51F7FF426D0
C:\Windows\system32\drivers\vmnetuserif.sys F550680013FEA869820CB8320FAA2352
C:\Windows\System32\DRIVERS\vmusb.sys 5E6B64631689382413131EF2E959E35D
C:\Windows\system32\drivers\vmx86.sys 227E4EA654B4D52C2AAA8B1DCD5C45DE
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\DRIVERS\vpcuxd.sys 63F4E10873BEB4124028C6D1A66B0968
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vsock.sys CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 11:43 - 2015-01-10 11:43 - 00000000 ____D () C:\FRST
2015-01-10 01:54 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-10 01:53 - 2010-11-20 19:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2015-01-10 01:53 - 2009-07-13 17:16 - 00791552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2015-01-10 01:53 - 2009-07-13 17:15 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2015-01-10 01:52 - 2009-07-13 17:15 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\connect.dll
2015-01-10 01:52 - 2009-07-13 17:15 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-01-10 01:52 - 2009-07-13 17:14 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe
2015-01-10 01:51 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-10 01:51 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-01-10 01:31 - 2015-01-08 10:06 - 00000205 _____ () C:\reboot.xml
2015-01-08 17:53 - 2013-06-18 06:46 - 00591360 _____ (Realtek ) C:\Windows\System32\Drivers\Rt630x64.sys
2015-01-08 17:53 - 2012-08-23 06:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2015-01-08 17:53 - 2012-03-26 11:09 - 14748416 _____ (Intel Corporation) C:\Windows\System32\Drivers\igdpmd64.sys
2015-01-08 17:53 - 2012-03-19 21:15 - 00032896 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdkmpfd.sys
2015-01-08 17:53 - 2011-12-05 20:23 - 00331264 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2015-01-08 17:26 - 2015-01-08 08:19 - 00000144 _____ () C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-08 17:26 - 2015-01-08 01:19 - 00000451 _____ () C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-01-08 17:26 - 2014-12-04 04:57 - 04268448 _____ (Intel(R) Corporation) C:\Windows\System32\wlihvui.dll
2015-01-08 17:26 - 2014-10-01 11:54 - 00187508 _____ () C:\Windows\System32\resTHA.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00180324 _____ () C:\Windows\System32\resELL.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00176180 _____ () C:\Windows\System32\resRUS.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00162036 _____ () C:\Windows\System32\resARA.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00161492 _____ () C:\Windows\System32\resHEB.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00161428 _____ () C:\Windows\System32\resJPN.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00156852 _____ () C:\Windows\System32\resFRA.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00156836 _____ () C:\Windows\System32\resHUN.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00155140 _____ () C:\Windows\System32\resKOR.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00155044 _____ () C:\Windows\System32\resITA.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00155044 _____ () C:\Windows\System32\resDEU.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00154884 _____ () C:\Windows\System32\resROM.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00154772 _____ () C:\Windows\System32\resESN.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00154340 _____ () C:\Windows\System32\resPLK.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00154196 _____ () C:\Windows\System32\resSKY.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00154004 _____ () C:\Windows\System32\resNLD.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00153444 _____ () C:\Windows\System32\resPTB.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00153300 _____ () C:\Windows\System32\resTRK.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00153268 _____ () C:\Windows\System32\resCSY.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00153140 _____ () C:\Windows\System32\resPTG.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00152724 _____ () C:\Windows\System32\resFIN.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00152292 _____ () C:\Windows\System32\resHRV.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00151844 _____ () C:\Windows\System32\resSVE.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00151668 _____ () C:\Windows\System32\resSLV.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00150740 _____ () C:\Windows\System32\resNOR.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00150228 _____ () C:\Windows\System32\resDAN.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00148916 _____ () C:\Windows\System32\resENU.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00147140 _____ () C:\Windows\System32\resCHT.cui
2015-01-08 17:26 - 2014-10-01 11:54 - 00146308 _____ () C:\Windows\System32\resCHS.cui
2015-01-08 17:26 - 2014-04-18 18:35 - 00000731 _____ () C:\Windows\System32\RTSLCS.dll
2015-01-08 17:26 - 2012-07-26 07:22 - 00385480 _____ (Microsoft Corporation) C:\Windows\System32\vcamp110.dll
2015-01-08 17:26 - 2010-11-20 18:52 - 00000040 _____ () C:\Windows\System32\Network_LLU.log
2015-01-08 17:25 - 2014-12-04 04:57 - 02495904 _____ (Intel(R) Corporation) C:\Windows\System32\iwmssvc.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 12196712 _____ (Intel Corporation) C:\Windows\System32\igd10iumd64.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 10956576 _____ (Intel Corporation) C:\Windows\System32\igdumdim64.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 04598392 _____ (Intel Corporation) C:\Windows\System32\igdusc64.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00734720 _____ (Intel Corporation) C:\Windows\System32\MetroIntelGenericUIFramework.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00665088 _____ (Intel Corporation) C:\Windows\System32\igfxDH.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00504208 _____ (Intel Corporation) C:\Windows\System32\igfxEM.exe
2015-01-08 17:25 - 2014-10-01 11:54 - 00450576 _____ (Intel Corporation) C:\Windows\System32\igdmd64.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00372736 _____ (Intel Corporation) C:\Windows\System32\igfxOSP.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00319376 _____ (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
2015-01-08 17:25 - 2014-10-01 11:54 - 00272384 _____ (Intel Corporation) C:\Windows\System32\igfxDI.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00250368 _____ (Intel Corporation) C:\Windows\System32\igfxLHM.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00246672 _____ (Intel Corporation) C:\Windows\System32\igfxHK.exe
2015-01-08 17:25 - 2014-10-01 11:54 - 00214016 _____ (Intel Corporation) C:\Windows\System32\igfxDTCM.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00183296 _____ (Intel Corporation) C:\Windows\System32\igfxCoIn_v3958.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00160256 _____ () C:\Windows\System32\igdail64.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00070144 _____ () C:\Windows\System32\igfxCUIServicePS.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00069632 _____ ( ) C:\Windows\System32\igfxDHLibv2_0.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00058368 _____ ( ) C:\Windows\System32\igfxDHLib.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00010752 _____ ( ) C:\Windows\System32\igfxDILib.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00010240 _____ ( ) C:\Windows\System32\igfxEMLibv2_0.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00010240 _____ ( ) C:\Windows\System32\igfxEMLib.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00010240 _____ ( ) C:\Windows\System32\igfxDILibv2_0.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00005120 _____ ( ) C:\Windows\System32\igfxLHMLibv2_0.dll
2015-01-08 17:25 - 2014-10-01 11:54 - 00005120 _____ ( ) C:\Windows\System32\igfxLHMLib.dll
2015-01-08 17:25 - 2014-10-01 11:53 - 04354448 _____ (Intel Corporation) C:\Windows\System32\Gfxv4_0.exe
2015-01-08 17:25 - 2014-10-01 11:53 - 04350864 _____ (Intel Corporation) C:\Windows\System32\Gfxv2_0.exe
2015-01-08 17:25 - 2014-10-01 11:53 - 00932752 _____ (Intel Corporation) C:\Windows\System32\GfxUIEx.exe
2015-01-08 17:25 - 2014-10-01 11:53 - 00546704 _____ (Intel Corporation) C:\Windows\System32\DPTopologyApp.exe
2015-01-08 17:25 - 2014-10-01 11:53 - 00546192 _____ (Intel Corporation) C:\Windows\System32\DPTopologyAppv2_0.exe
2015-01-08 17:25 - 2014-10-01 11:53 - 00400272 _____ (Intel Corporation) C:\Windows\System32\CustomModeApp.exe
2015-01-08 17:25 - 2014-10-01 11:53 - 00399760 _____ (Intel Corporation) C:\Windows\System32\CustomModeAppv2_0.exe
2015-01-08 17:25 - 2012-11-05 14:26 - 05620192 _____ (Microsoft Corporation) C:\Windows\System32\mfc110u.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 05592520 _____ (Microsoft Corporation) C:\Windows\System32\mfc110.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00104400 _____ (Microsoft Corporation) C:\Windows\System32\mfcm110u.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00104392 _____ (Microsoft Corporation) C:\Windows\System32\mfcm110.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00074704 _____ (Microsoft Corporation) C:\Windows\System32\mfc110fra.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00074704 _____ (Microsoft Corporation) C:\Windows\System32\mfc110deu.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00073680 _____ (Microsoft Corporation) C:\Windows\System32\mfc110esn.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00072656 _____ (Microsoft Corporation) C:\Windows\System32\mfc110ita.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00070608 _____ (Microsoft Corporation) C:\Windows\System32\mfc110rus.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00064976 _____ (Microsoft Corporation) C:\Windows\System32\mfc110enu.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00053712 _____ (Microsoft Corporation) C:\Windows\System32\mfc110jpn.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00053200 _____ (Microsoft Corporation) C:\Windows\System32\mfc110kor.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00046032 _____ (Microsoft Corporation) C:\Windows\System32\mfc110cht.dll
2015-01-08 17:25 - 2012-11-05 14:26 - 00046032 _____ (Microsoft Corporation) C:\Windows\System32\mfc110chs.dll
2015-01-08 17:25 - 2012-04-17 22:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2015-01-08 17:25 - 2012-04-17 22:01 - 00058880 _____ (AMD) C:\Windows\System32\coinst.dll
2015-01-08 17:25 - 2012-03-26 11:19 - 00755188 _____ () C:\Windows\System32\igkrng700.bin
2015-01-08 17:25 - 2012-03-26 11:19 - 00561508 _____ () C:\Windows\System32\igfcg700m.bin
2015-01-08 17:25 - 2011-12-05 20:22 - 00014848 _____ (Intel(R) Corporation) C:\Windows\System32\IntcDAuC.dll
2015-01-08 17:25 - 2011-09-12 10:05 - 00003917 _____ () C:\Windows\System32\atipblup.dat
2015-01-08 17:25 - 2010-11-20 19:28 - 00029815 _____ () C:\Windows\System32\InstallPackage_ETW.Log
2015-01-08 17:25 - 2010-11-20 18:52 - 00000050 _____ () C:\Windows\System32\Local_LLU.log
2015-01-08 17:25 - 2010-11-20 18:52 - 00000015 _____ () C:\Windows\System32\LocalGroupAdminAdd.log
2015-01-07 14:19 - 2015-01-07 14:19 - 00000000 _____ () C:\Windows\System32\config\SOFTWAREb03d91f3
2015-01-07 00:21 - 2015-01-07 00:21 - 96468992 _____ () C:\Windows\System32\config\SOFTWARE56bbef8d
2015-01-06 23:19 - 2015-01-07 14:19 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2015-01-06 00:55 - 2015-01-06 00:55 - 00000000 __SHD () C:\found.000
2015-01-03 17:40 - 2015-01-09 13:19 - 10052456 _____ () C:\Windows\System32\FNTCACHE.DAT
2015-01-03 17:39 - 2015-01-09 16:15 - 00142962 _____ () C:\Windows\PFRO.log
2015-01-03 13:53 - 2015-01-03 13:53 - 00000000 ____D () C:\63a4ed5641d9eae6f2caba8d
2015-01-02 12:59 - 2015-01-02 12:59 - 00003510 _____ () C:\Users\Spider-Man\Desktop\laptop licenses - inc win8 oem key for samsung.txt
2015-01-02 12:53 - 2015-01-02 12:59 - 00000000 ____D () C:\Users\Spider-Man\Downloads\produkey-x64
2015-01-02 12:52 - 2015-01-02 12:52 - 00000000 _____ () C:\Users\Spider-Man\Downloads\produkey-x64.zip
2014-12-27 11:04 - 2014-12-27 11:04 - 00000000 ____D () C:\Program Files (x86)\Vectorian Inc
2014-12-27 11:03 - 2014-12-27 11:03 - 00000000 _____ () C:\Users\Spider-Man\Downloads\installvectoriangiotto.exe
2014-12-27 10:43 - 2014-12-27 10:43 - 00000000 ____D () C:\Program Files (x86)\Easy GIF Animator
2014-12-27 10:42 - 2014-12-27 10:42 - 00000000 _____ () C:\Users\Spider-Man\Downloads\egifan6.exe
2014-12-27 09:50 - 2014-12-27 09:50 - 00000000 ____D () C:\Program Files (x86)\Falco GIF Animator
2014-12-27 09:50 - 2011-07-18 19:05 - 00000046 _____ () C:\Program Files (x86)\Falco.url
2014-12-26 07:04 - 2014-12-26 07:04 - 00000000 ____D () C:\Users\Spider-Man\Documents\GIF Animations
2014-12-26 07:04 - 2014-12-26 07:04 - 00000000 ____D () C:\Program Files (x86)\GIF Animator
2014-12-26 07:03 - 2014-12-26 07:03 - 05595688 _____ (Creabit ) C:\Users\Spider-Man\Downloads\GIFAnimator-Setup.exe
2014-12-23 10:39 - 2014-12-23 10:39 - 00064613 _____ () C:\Users\Spider-Man\Desktop\4455_8439.jpeg
2014-12-17 22:40 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-12-17 22:40 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 12:45 - 2014-12-17 12:45 - 00000000 ____D () C:\Users\Spider-Man\AppData\Local\Nero_AG
2014-12-17 10:55 - 2014-12-17 12:43 - 00000000 ____D () C:\Users\Spider-Man\AppData\Local\Isoplex
2014-12-17 10:55 - 2014-12-17 10:55 - 00000000 ____D () C:\Users\Spider-Man\AppData\Roaming\RSATom
2014-12-17 10:54 - 2014-12-17 10:55 - 00000000 ____D () C:\Program Files (x86)\Isoplex
2014-12-16 15:50 - 2014-12-16 15:50 - 60018700 _____ (Isoplex, Inc. ) C:\Users\Spider-Man\Downloads\isoplex-setup-1.0.4.exe
2014-12-15 15:40 - 2014-12-24 19:23 - 00001914 _____ () C:\Windows\setupact.log
2014-12-15 15:40 - 2014-12-15 15:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-15 15:32 - 2014-12-15 15:32 - 00000000 ____D () C:\Program Files (x86)\Filedrop
2014-12-15 15:29 - 2014-12-15 15:29 - 19130837 _____ (Filedrop ) C:\Users\Spider-Man\Downloads\Filedrop.exe
2014-12-15 12:33 - 2014-12-15 12:33 - 00154328 _____ () C:\Users\Spider-Man\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-12 18:54 - 2014-12-12 18:54 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-12-12 18:54 - 2014-12-12 18:54 - 00000000 ____D () C:\Users\Spider-Man\AppData\Local\eSupport.com
2014-12-12 18:54 - 2014-12-12 18:54 - 00000000 ____D () C:\Program Files (x86)\eSupport.com
2014-12-12 18:53 - 2014-12-12 18:53 - 01176984 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Spider-Man\Downloads\driveragent-setup-794.exe
2014-12-12 18:45 - 2014-12-12 18:45 - 00000000 ____D () C:\Program Files (x86)\Western Digital Corporation
2014-12-12 18:44 - 2014-12-12 18:45 - 00000000 _____ () C:\Users\Spider-Man\Downloads\WinDlg_v1_27.zip
2014-12-12 17:17 - 2014-04-24 08:34 - 00633704 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2014-12-12 17:17 - 2014-04-24 08:34 - 00028008 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorF.sys
2014-12-12 15:01 - 2014-12-12 15:01 - 00000000 ____D () C:\Intel
2014-12-11 12:57 - 2014-12-11 12:57 - 00000000 ____D () C:\Users\Spider-Man\AppData\Roaming\Digiarty
2014-12-11 12:56 - 2014-12-11 12:56 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2014-12-11 12:52 - 2014-12-11 12:52 - 00000000 ____D () C:\Users\Spider-Man\AppData\Roaming\Faasoft Video Converter
2014-12-11 12:52 - 2014-12-11 12:52 - 00000000 ____D () C:\Program Files (x86)\Faasoft
2014-12-11 08:25 - 2014-12-11 08:25 - 00000000 ____D () C:\Users\Spider-Man\Downloads\f6flpy-x64
2014-12-11 07:55 - 2014-12-11 07:55 - 00000000 ____D () C:\Users\Spider-Man\Intel
2014-12-11 06:49 - 2014-12-11 06:49 - 00000000 ____D () C:\ProgramData\Acronis
2014-12-11 06:47 - 2014-12-11 06:47 - 00276256 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\snapman.sys
2014-12-11 06:47 - 2014-12-11 06:47 - 00118560 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\fltsrv.sys
2014-12-11 06:47 - 2014-12-11 06:47 - 00001209 _____ () C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2014-12-11 06:47 - 2014-12-11 06:47 - 00001209 _____ () C:\ProgramData\Desktop\Acronis Disk Director 12.lnk
2014-12-11 06:47 - 2014-12-11 06:47 - 00000000 ____D () C:\Program Files (x86)\Acronis

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 11:09 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-10 11:01 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-10 10:57 - 2014-05-08 09:12 - 00000000 ___SD () C:\Windows\System32\CompatTel
2015-01-09 23:44 - 2014-06-15 09:45 - 00000000 ____D () C:\ADCDA2
2015-01-09 13:19 - 2014-06-30 02:26 - 00000000 ____D () C:\ProgramData\VMware
2015-01-08 16:38 - 2009-07-13 21:13 - 00781298 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-01-08 08:29 - 2014-01-04 07:45 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-01-08 08:29 - 2013-04-02 13:38 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-07 20:02 - 2014-12-09 16:55 - 25059840 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 14412800 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 06039552 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 02885120 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-01-07 20:02 - 2014-12-09 16:55 - 02358272 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 02125312 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-01-07 20:02 - 2014-12-09 16:55 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00718848 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-01-07 20:02 - 2014-12-09 16:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00580096 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00389296 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-01-07 20:02 - 2014-12-09 16:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-01-07 20:02 - 2014-12-09 16:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2015-01-07 20:02 - 2013-12-18 19:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-01-07 20:02 - 2013-12-18 19:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2015-01-07 20:02 - 2013-12-18 19:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2015-01-07 20:02 - 2013-12-18 19:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2015-01-07 20:02 - 2013-12-18 19:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2015-01-07 20:02 - 2013-12-18 19:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2015-01-07 20:02 - 2013-12-18 19:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2015-01-07 20:02 - 2013-12-18 19:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2015-01-07 20:02 - 2013-12-18 19:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2015-01-07 17:53 - 2013-04-02 11:21 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-03 13:55 - 2013-04-02 12:45 - 00000000 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 13:54 - 2013-07-31 01:22 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-03 13:52 - 2013-07-31 01:22 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-02 12:50 - 2014-05-27 15:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-12-27 20:52 - 2014-10-10 09:02 - 00000000 ____D () C:\Users\Spider-Man\Desktop\SAS
2014-12-27 20:52 - 2013-04-04 10:08 - 00001704 _____ () C:\Users\Spider-Man\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-12-27 20:43 - 2013-04-03 01:08 - 00000000 ____D () C:\Users\Spider-Man\AppData\Roaming\FileZilla
2014-12-24 14:59 - 2014-05-27 15:13 - 00000000 ____D () C:\Users\Spider-Man\AppData\Roaming\vlc
2014-12-24 09:37 - 2014-04-16 15:44 - 00000132 _____ () C:\Users\Spider-Man\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-12-24 09:36 - 2013-08-04 15:42 - 00000132 _____ () C:\Users\Spider-Man\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-23 15:01 - 2013-11-25 14:21 - 00000000 ____D () C:\Users\Spider-Man\AppData\Roaming\Notepad++
2014-12-19 02:43 - 2009-07-13 20:45 - 00029136 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 02:43 - 2009-07-13 20:45 - 00029136 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-17 12:45 - 2014-07-02 15:07 - 00000000 ____D () C:\Users\Spider-Man\AppData\Local\Nero
2014-12-15 12:40 - 2014-07-30 12:13 - 00000000 ____D () C:\Users\Spider-Man\Documents\PNY Memory Stick
2014-12-15 12:38 - 2014-02-26 06:21 - 00000000 ____D () C:\Users\Spider-Man\Documents\PENDrive Backup
2014-12-13 16:14 - 2014-08-29 04:47 - 00000000 ____D () C:\Users\Spider-Man\AppData\Local\Adobe
2014-12-13 15:03 - 2013-04-02 11:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 15:03 - 2013-04-02 11:57 - 00071344 _____ () C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-13 15:03 - 2013-04-02 11:57 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-13 15:03 - 2013-04-02 11:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 14:27 - 2013-04-03 07:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-13 14:27 - 2013-04-03 07:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 14:25 - 2014-01-12 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-13 14:25 - 2013-04-02 11:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-13 07:33 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-12 19:16 - 2013-04-03 04:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 17:07 - 2014-01-06 13:59 - 00000000 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-12 17:03 - 2009-07-13 21:08 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-12 16:53 - 2013-04-02 12:39 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-12 16:47 - 2013-04-02 13:45 - 00000000 ____D () C:\ProgramData\Intel
2014-12-12 16:47 - 2013-04-02 13:44 - 00000000 ____D () C:\Program Files\Intel
2014-12-11 07:55 - 2013-04-02 09:24 - 00000000 ____D () C:\users\Spider-Man
2014-12-11 06:44 - 2014-08-05 15:29 - 00000000 ____D () C:\Users\Spider-Man\Desktop\Personal
2014-12-11 05:00 - 2014-05-27 15:38 - 00000000 ____D () C:\Program Files\Recuva

Files to move or delete:
====================
C:\Windows\Tasks\{915ED9CB-7196-4396-8194-34519CCCA219}.job


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================


==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {60c0a7ef-9c04-11e2-a2fe-9bff8601647a}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {60c0a7ef-9c04-11e2-a2fe-9bff8601647a}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\60c0a7f1-9c04-11e2-a2fe-9bff8601647a\Winre.wim,{60c0a7f2-9c04-11e2-a2fe-9bff8601647a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\60c0a7f1-9c04-11e2-a2fe-9bff8601647a\Winre.wim,{60c0a7f2-9c04-11e2-a2fe-9bff8601647a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {60c0a7ef-9c04-11e2-a2fe-9bff8601647a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {60c0a7f2-9c04-11e2-a2fe-9bff8601647a}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\60c0a7f1-9c04-11e2-a2fe-9bff8601647a\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8083.48 MB
Available physical RAM: 7198.42 MB
Total Pagefile: 8081.63 MB
Available Pagefile: 7175.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:5.36 GB) NTFS
Drive f: () (Removable) (Total:14.92 GB) (Free:14.83 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0A535886)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 6E697373)
No partition Table on disk 1.


LastRegBack: 2014-12-25 01:47

==================== End Of Log ============================

  • 0

#3
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello Spider-Man,

No need to enclose your logs in a code box. Just paste normally into the thread. :)

Now

Please download the attached fixlist.txt file to your flashdrive .

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

Also, try a reboot and let me know how it goes.


  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP