Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

crypto/rsa64/temp/tmp3892.exe tries to install TR/crypt.xpack.70252


  • This topic is locked This topic is locked
39 replies to this topic

#1 priestfoxley

priestfoxley

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 16 June 2014 - 04:47 PM

Avira stops it from installing, but it always comes back as a different file when deleted and quarantined. Avira keeps finding MASSIVE numbers of viruses, from 9 to 46, then tells me access is denied, and nothing is quarantined. All files detected are some variation of crypt.xpack, or crypt.zpack. I am having no slowdown issues, connection issues, or functions problems, but I would like to find out where these programs are coming from and prevent it from reoccuring. I use web of trust, scriptblocker, adware blocker, and firefox has javascript disabled on everything. I generally only use my computer for online gaming through Steam. I frequently use programs with keystroke loggers to modify video game .DLL files to cheat on single player video games.

BC AdBot (Login to Remove)

 


#2 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 16 June 2014 - 06:10 PM

Oh, and my right click doesn't work. any time I right click to create a new folder, it tells me that explorer.exe has crashed and it restarts.

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:32 PM

Posted 21 June 2014 - 04:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/537968 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 22 June 2014 - 04:11 PM

My AV keeps blocking varied types of a virus called Xpack, and I cannot right click. I use avira, MBAM, ADWcleaner, roguekiller, and it shows clean, but popups mentioning that the virus has been stopped continues. it shows up in a folder in my Program Files called

crypto/rsa64/temp/tmp3892.exe tries to install TR/crypt.xpack.70252

which happens to be copypasta, but still true. I also can't right click, open new folders, or explorer.exe crashes. slowdown seems nonexistant,but I have a pretty good computer. I delete and log and quarantine the temp files, but they always come back as a different name. same folder, though.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.55.2
Run by Priest at 16:34:08 on 2014-06-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8140.4843 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
C:\Program Files (x86)\Cobian Backup 11\cbService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [DellSystemDetect] C:\Users\Priest\AppData\Local\Apps\2.0\RWPD7DA1.O7Z\5Y0PVEY8.MVJ\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
uRun: [Egtion] regsvr32.exe C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll
mRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
mRun: [FAStartup] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8347B078-AF35-4D64-BAF3-392AD5D6B6A4} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8347B078-AF35-4D64-BAF3-392AD5D6B6A4}\E474D494D2353544E65647 : DHCPNameServer = 8.8.8.8 8.8.4.4
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli FAPassSync
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Command Center Controllers] "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - facebook.com
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-6-10 32544]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2014-4-21 21616]
R1 {4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64;{4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64;C:\Windows\System32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64.sys [2014-5-12 61104]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-4-21 28600]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2014-6-10 301512]
R2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-6-3 277032]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2012-6-15 14704]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-4-21 430160]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-4-21 430160]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-4-21 112080]
R2 Avira.OE.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-5-5 124496]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2014-6-16 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity;C:\Program Files (x86)\Cobian Backup 11\cbService.exe [2014-6-16 1131008]
R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-6-10 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-6-10 21055432]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-6-10 413128]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-4-21 2655768]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-11-2 27760]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2014-4-21 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2014-4-21 39464]
R3 dcdbas;System Management Driver;C:\Windows\System32\drivers\dcdbas64.sys [2014-4-22 38472]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-4-23 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-11-2 76912]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-6-10 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-6-10 40392]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-11-2 337512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-9-17 5338848]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-22 19456]
S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\Windows\System32\drivers\S3XXx64.sys [2013-6-5 73984]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-22 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-22 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-21 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-4-21 1039952]
.
=============== Created Last 30 ================
.
2014-06-22 07:36:19    189440    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\temp\tmp3824.exe
2014-06-21 16:20:18    590336    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\temp\tmp9011.exe
2014-06-20 00:42:29    --------    d-----w-    C:\Users\Priest\AppData\Roaming\PowerISO
2014-06-16 23:01:12    --------    d-----w-    C:\Program Files (x86)\Cobian Backup 11
2014-06-16 20:37:42    --------    d-----w-    C:\Users\Priest\AppData\Roaming\OpenOffice
2014-06-16 08:04:18    --------    d-----w-    C:\Users\Priest\AppData\Roaming\3909
2014-06-16 07:59:51    --------    d-----w-    C:\GOG Games
2014-06-16 07:44:15    --------    d-----w-    C:\Users\Priest\AppData\Local\SKIDROW
2014-06-15 05:57:33    --------    d-----w-    C:\Users\Priest\AppData\Local\calibre-cache
2014-06-15 05:50:55    --------    d-----w-    C:\Users\Priest\AppData\Roaming\calibre
2014-06-11 16:50:25    221184    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\temp\tmp157C.exe
2014-06-11 08:12:59    812248    ----a-w-    C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-06-11 08:08:45    801280    ----a-w-    C:\Windows\System32\usp10.dll
2014-06-11 08:08:45    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2014-06-11 08:08:42    288192    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-11 08:08:42    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-06-11 08:08:26    2048    ----a-w-    C:\Windows\SysWow64\msxml6r.dll
2014-06-11 08:08:26    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2014-06-11 08:08:26    2048    ----a-w-    C:\Windows\System32\msxml6r.dll
2014-06-11 08:08:26    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2014-06-11 08:08:26    2002432    ----a-w-    C:\Windows\System32\msxml6.dll
2014-06-11 08:08:26    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2014-06-11 08:08:26    1389056    ----a-w-    C:\Windows\SysWow64\msxml6.dll
2014-06-11 08:08:26    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2014-06-10 18:34:18    --------    d-----w-    C:\Windows\SysWow64\NV
2014-06-10 18:34:18    --------    d-----w-    C:\Windows\System32\NV
2014-06-10 18:22:37    601432    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-06-10 17:33:23    1715176    ----a-w-    C:\Windows\System32\nvspbridge64.dll
2014-06-10 17:33:23    1291232    ----a-w-    C:\Windows\SysWow64\nvspbridge.dll
2014-06-10 17:33:23    1279480    ----a-w-    C:\Windows\System32\nvspcap64.dll
2014-06-10 17:33:23    1122312    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2014-06-10 17:33:23    --------    d-----w-    C:\Users\Priest\AppData\Local\NVIDIA Corporation
2014-06-10 17:33:23    --------    d-----w-    C:\Users\Priest\AppData\Local\NVIDIA
2014-06-10 17:32:50    40392    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2014-06-10 17:32:50    37320    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2014-06-10 17:32:50    34760    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2014-06-10 16:18:48    --------    d-----w-    C:\Program Files (x86)\OpenOffice 4
2014-06-09 17:54:31    2278912    ------w-    C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll
2014-06-09 08:56:22    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-06-09 07:49:48    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2014-06-07 19:25:32    --------    d-----w-    C:\Program Files\Common Files\ActivIdentity
2014-06-07 19:25:32    --------    d-----w-    C:\Program Files (x86)\ActivIdentity
2014-06-07 04:37:17    --------    d-----w-    C:\Users\Priest\AppData\Roaming\XRay Engine
2014-06-05 22:08:29    --------    d-----w-    C:\Users\Priest\AppData\Roaming\NCH Software
2014-06-05 22:08:23    --------    d-----w-    C:\Program Files (x86)\NCH Software
2014-06-04 16:44:41    3584    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\temp\tmp4D77.exe
2014-06-02 19:17:48    33240    ----a-w-    C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-06-02 19:17:25    --------    d-----w-    C:\Program Files\iTunes
2014-06-02 19:17:25    --------    d-----w-    C:\Program Files (x86)\iTunes
2014-06-02 19:16:33    --------    d-----w-    C:\Program Files\Bonjour
2014-05-31 00:08:29    --------    d-----w-    C:\ProgramData\RogueKiller
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\fc25c5f7f0de617f8c341dfa82a48a90\Worms Revolution.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e1bd713e865871ee7aeaa61756ea4676\Entente - WW1 Battlefields.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e050bb87f5bf392f1093ce26e8399627\Age of Empires II HD.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c2c7d0eee23780461e42fa986563aaf6\Zoo Tycoon 2 Extinct Animals.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\78d6a3099e4fb9d2b04552c2dd8fbdc9\Might And Magic Clash of Heroes.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\70ce11d312b77e3fd2a6dd528b9c4280\You Dont Know Jack.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\62a40d07ac45ffc828e13c8787408f77\Tom Clancys H.A.W.X. 2 Open Skies Expansion.exe
2014-05-27 11:59:39    12582912    ----a-w-    C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1ccd0876dde1b0913d4da4366500055e\Driver San Francisco.exe
2014-05-26 20:26:58    --------    d-----w-    C:\Users\Priest\AppData\Roaming\Olxayzi
.
==================== Find3M  ====================
.
2014-05-30 10:02:37    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22    5782528    ----a-w-    C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56    2266112    ----a-w-    C:\Windows\System32\wininet.dll
2014-05-30 07:56:50    4244992    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10    1790976    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-05-27 09:34:15    112080    ----a-w-    C:\Windows\System32\drivers\avgntflt.sys
2014-05-20 01:25:42    6769096    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-05-20 01:25:42    3514144    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-05-20 01:25:39    927520    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-05-20 01:25:38    76064    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2014-05-20 01:25:38    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-05-20 01:25:38    387528    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-05-20 01:25:38    2560968    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-05-20 01:25:38    1078616    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2014-05-14 23:49:42    3774821    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-05-09 06:14:03    477184    ----a-w-    C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-05-08 09:32:11    3178496    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11    16384    ----a-w-    C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-24 16:25:04    61104    ----a-w-    C:\Windows\System32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64.sys
2014-04-23 04:42:22    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-23 04:42:22    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-22 05:57:51    119512    ----a-w-    C:\Windows\System32\drivers\43E31A4F.sys
2014-04-22 03:54:33    84720    ----a-w-    C:\Windows\System32\drivers\avnetflt.sys
2014-04-21 23:47:15    119512    ----a-w-    C:\Windows\System32\drivers\0D6B620C.sys
2014-04-21 13:48:44    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:32    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-03-31 16:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 16:35:13.28 ===============
 

I do have my windows CD, but I also have a slow internet connection and my entire steam library downloaded. resetting from scratch would take a very long time.

 

Thank you for your time.

You will have my gratitude.

thank you for your help.

 

Attached File  attach.zip   2.99KB   0 downloads



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,133 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:32 PM

Posted 23 June 2014 - 08:04 AM

Greetings priestfoxley and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • Attached System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 23 June 2014 - 11:45 AM

why do I not have permission?



#7 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 23 June 2014 - 11:48 AM

Ok, if I post the copy paste logs of the FRST, the attachments, and the other file, it tells me "I do not have permission to do that".

Removing the attachment doesnt help. the heck is going on?



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,133 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:32 PM

Posted 23 June 2014 - 12:37 PM

Please try to just copy and paste the 2 Farbar logs.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 24 June 2014 - 02:13 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Priest (administrator) on PRIEST-TERMINAL on 23-06-2014 12:09:55
Running from C:\Users\Priest\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392872 2010-11-29] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-15] (Alienware)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity)
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe [95560 2010-04-04] (Sensible Vision )
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-03-11] (Power Software Ltd)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\FastAccess-x32: C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
HKU\S-1-5-21-1986783134-1514256620-860527245-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1986783134-1514256620-860527245-1000\...\Run: [Egtion] => regsvr32.exe C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll <===== ATTENTION
HKU\S-1-5-21-1986783134-1514256620-860527245-1000\...\Run: [DellSystemDetect] => C:\Users\Priest\AppData\Local\Apps\2.0\RWPD7DA1.O7Z\5Y0PVEY8.MVJ\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-04-21] (Dell)
HKU\S-1-5-21-1986783134-1514256620-860527245-1000\...\MountPoints2: F - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-19] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC1347FE5285DCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: SSOIEAddonBHO Class - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default
FF SelectedSearchEngine: Google
FF Homepage: facebook.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: TabletManager Class - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\{7861566E-0069-5DF6-0C49-25DDC5B8E7EF} [2014-05-26]
FF Extension: WOT - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-05-15]
FF Extension: Block site - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014-04-25]
FF Extension: Ponyhoof - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\ponyhoof@ponyhoof.little.my.xpi [2014-04-21]
FF Extension: NoScript - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-15]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-05-20]
FF Extension: Adblock Plus - C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-21]

Chrome:
=======
CHR Extension: (TabletManager Class) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-06-20]
CHR Extension: (Google Docs) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-07]
CHR Extension: (Google Drive) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-10]
CHR Extension: (YouTube) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-22]
CHR Extension: (Google Search) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
CHR Extension: (Gmail) - C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-22]

==================== Services (Whitelisted) =================

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
R2 FAService; C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2409800 2010-04-04] (Sensible Vision )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543424 2014-05-29] (Valve Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [301512 2014-05-19] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R1 {4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64; C:\Windows\System32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64.sys [61104 2014-04-24] (StdLib)
S3 amdkmdap; system32\DRIVERS\atikmpag.sys [X]
S3 mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-23 12:09 - 2014-06-23 12:10 - 00016611 _____ () C:\Users\Priest\Downloads\FRST.txt
2014-06-23 12:09 - 2014-06-23 12:09 - 00000000 ____D () C:\FRST
2014-06-23 12:08 - 2014-06-23 12:08 - 02082816 _____ (Farbar) C:\Users\Priest\Downloads\FRST64.exe
2014-06-23 02:59 - 2014-06-23 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MidSpace
2014-06-23 02:58 - 2014-06-23 02:58 - 03313664 _____ () C:\Users\Priest\Downloads\SEToolboxSetup-01.035.005.2.msi
2014-06-23 02:58 - 2014-06-23 02:58 - 00000000 ____D () C:\Program Files (x86)\MidSpace
2014-06-23 02:01 - 2014-06-23 04:53 - 00000000 ____D () C:\Users\Priest\Downloads\Total Recall EXTENDED (2012)
2014-06-23 02:00 - 2014-06-23 05:20 - 00000000 ____D () C:\Users\Priest\Downloads\Mr. Rogers Neighborhood #1 (30 episodes) (640x480 x264, AAC or AC3)
2014-06-22 22:26 - 2014-06-22 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transistor
2014-06-22 21:30 - 2014-06-22 21:30 - 00006928 _____ () C:\Users\Priest\AppData\Local\recently-used.xbel
2014-06-22 20:09 - 2014-06-22 20:09 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-22 20:08 - 2014-06-22 20:08 - 00000000 ____D () C:\Users\Priest\Downloads\Chuzzle Deluxe
2014-06-22 19:23 - 2014-06-22 20:09 - 00000000 ____D () C:\Users\Priest\Downloads\Mr. Rogers Neighborhood #2 (20 episodes) (640x480 x264, AAC)
2014-06-22 19:13 - 2014-06-22 19:15 - 10419106 ____R () C:\Users\Priest\Downloads\Chuzzle Deluxe.zip
2014-06-22 16:40 - 2014-06-22 16:40 - 00003061 _____ () C:\Users\Priest\Desktop\attach.zip
2014-06-22 16:35 - 2014-06-22 16:40 - 00008192 _____ () C:\Users\Priest\Desktop\attach.txt
2014-06-22 16:35 - 2014-06-22 16:35 - 00024185 _____ () C:\Users\Priest\Desktop\dds.txt
2014-06-22 16:33 - 2014-06-22 16:33 - 00688992 ____R (Swearware) C:\Users\Priest\Downloads\dds.com
2014-06-19 20:45 - 2014-06-19 20:45 - 00000000 ____D () C:\Users\Priest\Documents\Facepalm Games
2014-06-19 20:42 - 2014-06-19 20:42 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\PowerISO
2014-06-18 19:39 - 2014-06-18 19:55 - 112616784 _____ (Apple Inc.) C:\Users\Priest\Downloads\iTunes64Setup.exe
2014-06-18 18:54 - 2014-06-18 18:54 - 01305274 _____ () C:\Users\Priest\Downloads\HoxHud P1.2 Manual install.7z
2014-06-18 17:43 - 2014-06-18 17:44 - 00000000 ____D () C:\Users\Priest\Downloads\Zedd
2014-06-18 17:00 - 2014-06-18 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Swapper
2014-06-18 16:51 - 2014-06-18 16:51 - 00000000 ____D () C:\Users\Priest\Downloads\Divergent (Audiobook)
2014-06-17 20:17 - 2014-06-17 20:18 - 00001450 _____ () C:\Users\Priest\Downloads\HotFixv15.2.rar
2014-06-17 05:28 - 2014-06-17 05:31 - 16392851 _____ () C:\Users\Priest\Downloads\PPv15R(1).rar
2014-06-17 04:34 - 2014-06-17 04:38 - 15412254 _____ () C:\Users\Priest\Downloads\PPv15R.rar
2014-06-16 19:21 - 2014-06-17 20:36 - 761751060 _____ () C:\Users\Priest\Downloads\BBC.Jeremy.Clarkson.War.Stories.2of2.The.Greatest.Raid.of.All.DVDrip.x264.AC3.MVGroup.org.mp4
2014-06-16 19:01 - 2014-06-16 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2014-06-16 19:01 - 2014-06-16 19:01 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
2014-06-16 17:30 - 2014-06-16 17:33 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\Priest\Downloads\cbSetup.exe
2014-06-16 16:37 - 2014-06-16 16:37 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\OpenOffice
2014-06-16 04:04 - 2014-06-16 04:04 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\3909
2014-06-16 04:03 - 2014-06-16 04:03 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-06-16 04:00 - 2014-06-16 04:00 - 00001680 _____ () C:\Users\Public\Desktop\Papers, Please.lnk
2014-06-16 04:00 - 2014-06-16 04:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-06-16 03:59 - 2014-06-16 03:59 - 00000000 ____D () C:\GOG Games
2014-06-16 03:33 - 2014-06-16 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exkee
2014-06-15 13:38 - 2014-06-15 13:38 - 882642960 _____ () C:\Windows\MEMORY.DMP
2014-06-15 13:38 - 2014-06-15 13:38 - 00262160 _____ () C:\Windows\Minidump\061514-43477-01.dmp
2014-06-15 13:38 - 2014-06-15 13:38 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 02:14 - 2014-06-15 02:23 - 15244718 _____ () C:\Users\Priest\Downloads\calibre-1.40.0(1).msi
2014-06-15 01:57 - 2014-06-15 01:57 - 00000000 ____D () C:\Users\Priest\AppData\Local\calibre-cache
2014-06-15 01:55 - 2014-06-18 18:10 - 00000000 ____D () C:\Users\Priest\Documents\Calibre Library
2014-06-15 01:50 - 2014-06-15 01:57 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\calibre
2014-06-13 01:39 - 2014-06-13 01:40 - 00018511 _____ () C:\Windows\DirectX.log
2014-06-11 22:52 - 2014-06-11 23:42 - 56019968 _____ () C:\Users\Priest\Downloads\calibre-1.39.0.msi
2014-06-11 04:13 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 04:13 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 04:13 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 04:13 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 04:13 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 04:13 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 04:13 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 04:13 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 04:13 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 04:13 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 04:13 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 04:13 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 04:12 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 04:12 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 04:12 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 04:12 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 04:12 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 04:12 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 04:12 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 04:12 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 04:12 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 04:12 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 04:12 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 04:12 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 04:12 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 04:12 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 04:12 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 04:12 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 04:12 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 04:12 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 04:12 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 04:12 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 04:12 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 04:12 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 04:12 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 04:12 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 04:12 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 04:12 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 04:12 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 04:12 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 04:12 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 04:12 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 04:12 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 04:12 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 04:12 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 04:12 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 04:12 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 04:12 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 04:12 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 04:12 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 04:12 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 04:12 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 04:12 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 04:12 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 04:08 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 04:08 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 04:08 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 04:08 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 04:08 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 04:08 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 04:08 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 04:08 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 04:08 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 04:08 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 04:08 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 04:08 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 03:38 - 2014-06-18 19:39 - 00000000 ____D () C:\Users\Priest\Downloads\Papers, Please [GOG] (+ v1.0.37 Update & Extras)
2014-06-11 03:29 - 2014-06-11 03:37 - 00000000 ____D () C:\Users\Priest\Downloads\Neal_Stephenson
2014-06-11 03:16 - 2014-06-11 03:17 - 03521326 _____ () C:\Users\Priest\Downloads\wizardsfirstrule.mobi
2014-06-11 02:18 - 2014-06-11 03:52 - 153446587 _____ () C:\Users\Priest\Downloads\WIZZYWIG.mobi
2014-06-11 02:16 - 2014-06-11 03:27 - 58979022 _____ () C:\Users\Priest\Downloads\TooCoolToBeForgotten.mobi
2014-06-11 02:15 - 2014-06-11 02:16 - 01859079 _____ () C:\Users\Priest\Downloads\SwordandSorceryAnthology.mobi
2014-06-11 02:14 - 2014-06-11 02:17 - 05153231 _____ () C:\Users\Priest\Downloads\Lovecrafts_Monsters.mobi
2014-06-11 02:11 - 2014-06-11 03:15 - 102048711 _____ () C:\Users\Priest\Downloads\FromHellCompanion.epub
2014-06-11 02:11 - 2014-06-11 02:12 - 02084065 _____ () C:\Users\Priest\Downloads\jam.mobi
2014-06-11 02:10 - 2014-06-11 05:07 - 433333397 _____ () C:\Users\Priest\Downloads\FromHell.mobi
2014-06-10 23:01 - 2014-06-10 23:02 - 07389724 _____ () C:\Users\Priest\Downloads\Wolfenstein.The.New.Order.FPS.Fix.Voksi.rar
2014-06-10 15:17 - 2014-06-10 15:17 - 00003066 _____ () C:\Windows\System32\Tasks\{AFDCA721-21EE-4977-B616-047F49A54F77}
2014-06-10 14:34 - 2014-06-10 14:34 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-10 14:34 - 2014-06-10 14:34 - 00000000 ____D () C:\Windows\system32\NV
2014-06-10 14:23 - 2014-06-10 14:23 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-10 14:22 - 2014-05-19 19:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-10 14:17 - 2014-05-19 22:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-10 14:17 - 2014-05-19 22:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00301512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-06-10 14:17 - 2014-05-19 22:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-10 13:37 - 2014-06-10 13:37 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-06-10 13:33 - 2014-06-10 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-10 13:33 - 2014-06-10 13:38 - 00000000 ____D () C:\Users\Priest\AppData\Local\NVIDIA
2014-06-10 13:33 - 2014-06-10 13:37 - 00000000 ____D () C:\Users\Priest\AppData\Local\NVIDIA Corporation
2014-06-10 13:33 - 2014-05-29 19:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-10 13:33 - 2014-05-29 19:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-10 13:33 - 2014-05-29 18:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-10 13:33 - 2014-05-29 18:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-10 13:32 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-10 13:32 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-10 13:32 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-10 13:27 - 2014-06-10 13:30 - 30000520 _____ (NVIDIA Corporation) C:\Users\Priest\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-10 12:19 - 2014-06-10 12:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-10 12:18 - 2014-06-10 12:19 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-10 04:41 - 2014-06-10 04:54 - 140910890 _____ () C:\Users\Priest\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US(2).exe
2014-06-09 21:10 - 2014-03-25 22:38 - 03040256 _____ () C:\Users\Priest\Desktop\STALKER COP Trainer.exe
2014-06-09 13:53 - 2014-06-23 04:01 - 00006400 _____ () C:\Windows\setupact.log
2014-06-09 13:53 - 2014-06-09 13:53 - 00000352 _____ () C:\Windows\PFRO.log
2014-06-09 13:53 - 2014-06-09 13:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-09 04:56 - 2014-06-09 04:56 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-09 04:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-09 04:00 - 2014-06-09 04:02 - 00000000 ____D () C:\Users\Priest\Desktop\band of brothers series
2014-06-09 03:59 - 2014-06-09 04:02 - 00000000 ____D () C:\Users\Priest\Desktop\New Vegas
2014-06-09 03:59 - 2014-06-09 03:59 - 00000000 ____D () C:\Users\Priest\Desktop\SKYRIM
2014-06-09 03:55 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140609-035505.backup
2014-06-09 03:49 - 2014-06-09 04:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 03:33 - 2014-06-09 03:51 - 00963823 _____ (Safer-Networking Ltd. ) C:\Users\Priest\Downloads\spybot-2.3.exe.part
2014-06-09 03:22 - 2014-06-09 04:10 - 00000000 ____D () C:\Users\Priest\Desktop\ArsenalOverhaul2_2Full
2014-06-08 18:47 - 2014-06-08 18:49 - 00651309 _____ () C:\Users\Priest\Downloads\STKCOP1602+14.rar.part
2014-06-08 18:46 - 2014-06-08 18:52 - 02902231 _____ () C:\Users\Priest\Downloads\STALKER COP Trainer-mgr.inz.Player(1).rar
2014-06-08 18:45 - 2014-06-08 18:56 - 06189817 _____ () C:\Users\Priest\Downloads\S.T.A.L.K.E.R.-.Call.Of.Pripyat.unlocker.by.icecold.7z
2014-06-07 15:49 - 2014-06-07 15:49 - 00000915 _____ () C:\Users\Priest\Desktop\JRT.txt
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivIdentity
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\Program Files\Common Files\ActivIdentity
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\Program Files (x86)\ActivIdentity
2014-06-07 12:45 - 2014-06-07 12:46 - 00814431 _____ () C:\Users\Priest\Downloads\InstallRoot_v3.16.1A.zip
2014-06-07 00:37 - 2014-06-07 00:37 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\XRay Engine
2014-06-06 21:56 - 2014-06-06 21:59 - 34539841 _____ () C:\Users\Priest\Downloads\Mayhem - Rider Super-1.zip
2014-06-06 21:46 - 2014-06-06 21:51 - 41163461 _____ () C:\Users\Priest\Downloads\Renard - SHOUNEN BASS.zip
2014-06-06 06:09 - 2014-06-06 08:52 - 1775875634 _____ () C:\Users\Priest\Desktop\MISERY_v2.1.7Z
2014-06-06 04:05 - 2014-06-12 20:19 - 00000000 ____D () C:\Users\Priest\Desktop\trainers
2014-06-05 19:26 - 2014-06-05 19:26 - 00000000 ____D () C:\Users\Priest\Documents\VideoPad Projects
2014-06-05 18:08 - 2014-06-05 19:35 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\NCH Software
2014-06-05 18:08 - 2014-06-05 18:10 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-06-05 18:08 - 2014-06-05 18:08 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\ProgramData\NCH Software
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-06-03 20:11 - 2014-06-03 20:11 - 00000000 ____D () C:\Users\Priest\Desktop\Wolfenstein - New order
2014-06-03 19:20 - 2014-06-03 19:49 - 00000000 ____D () C:\Users\Public\Documents\stalker-shoc
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\Program Files\iTunes
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-02 15:17 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-06-02 15:16 - 2014-06-02 15:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-01 02:38 - 2014-06-01 03:51 - 00000000 ____D () C:\Users\Priest\Downloads\S.T.A.L.K.E.R. ??? ??????? - Arsenal Overhaul 2.0
2014-06-01 02:32 - 2014-06-05 08:59 - 1712474598 _____ () C:\Users\Priest\Desktop\ArsenalOverhaul2_2Full.rar
2014-06-01 02:16 - 2014-06-01 02:16 - 00035172 _____ () C:\Users\Priest\Downloads\STALKER_CoP_Loot_Armor_1_0.zip
2014-06-01 02:16 - 2014-06-01 02:16 - 00003716 _____ () C:\Users\Priest\Downloads\gamedata.rar
2014-06-01 02:02 - 2014-06-01 02:09 - 23611918 _____ () C:\Users\Priest\Downloads\MISERY_wpn_appendix_vers1.zip
2014-05-31 13:42 - 2014-05-31 13:46 - 22604413 _____ () C:\Users\Priest\Downloads\Wolfenstein_New_order-OST.7z
2014-05-30 20:08 - 2014-05-30 20:08 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-26 16:26 - 2014-05-26 23:50 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Olxayzi

==================== One Month Modified Files and Folders =======

 



#10 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 24 June 2014 - 02:15 AM

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09F0C056-9EDF-486C-869B-33DDDE9A3E3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-15] (Google Inc.)
Task: {0D0B89B6-C14A-4B17-AD3F-7D6269216F8F} - System32\Tasks\{AFDCA721-21EE-4977-B616-047F49A54F77} => C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe [2014-06-03] (MachineGames)
Task: {A5B3538B-5C77-4BF9-9C3E-C2C74E89E513} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-15] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-11-02 14:29 - 2014-05-19 22:44 - 00014280 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-10 14:22 - 2014-05-19 21:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 04:47 - 2014-04-24 04:47 - 02967040 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll
2014-06-09 13:54 - 2014-06-09 13:54 - 02278912 ____N () C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll
2011-11-02 14:29 - 2011-05-03 22:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-29 22:39 - 2010-07-29 22:39 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-04-04 14:45 - 2010-04-04 14:45 - 00094536 _____ () C:\Windows\system32\FAIEExtension.DLL
2014-02-12 23:58 - 2014-02-12 23:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 23:58 - 2014-02-12 23:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00138320 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2011-11-02 14:29 - 2014-05-19 22:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-20 01:42 - 2014-06-20 01:42 - 00818688 _____ () C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll
2014-04-21 17:53 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\Priest\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-11 13:11 - 2014-06-18 18:54 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-21 21:26 - 2014-04-29 20:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-22 20:43 - 2014-04-29 20:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 21:26 - 2014-04-29 20:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-04-21 10:31 - 2014-04-29 20:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-21 10:31 - 2014-05-16 21:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 21:26 - 2014-05-29 13:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 21:26 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-04-21 10:31 - 2014-05-29 13:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-04-21 10:31 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-04-21 10:31 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-04-21 10:31 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-04-21 10:31 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2014 04:02:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2014 02:34:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 2.25.32.45, time stamp: 0x53875f23
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x02de0a66
Faulting process id: 0x2c0c
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3

Error: (06/23/2014 02:34:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 2.25.32.45, time stamp: 0x53875f23
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x02de0a66
Faulting process id: 0x2c0c
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3

Error: (06/22/2014 11:08:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Transistor.exe, version: 1.0.0.0, time stamp: 0x537abd4b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x17dc
Faulting application start time: 0xTransistor.exe0
Faulting application path: Transistor.exe1
Faulting module path: Transistor.exe2
Report Id: Transistor.exe3

Error: (06/22/2014 11:08:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Transistor.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DllNotFoundException
Stack:
   at GSGE.SteamWrapper.SteamWrapper_GetCurrentGameLanguage()
   at GSGE.Localization.Init()
   at GSGE.ExceptionGame.LoadContent()
   at Microsoft.Xna.Framework.Game.Initialize()
   at Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
   at Microsoft.Xna.Framework.Game.Run()
   at Game.Windows.Program.Run[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](GSGE.IBugReporter[])
   at Game.Windows.Program.Main(System.String[])

Error: (06/22/2014 10:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.0.0.0, time stamp: 0x4f3e9873
Faulting module name: libmkv_plugin.dll, version: 0.0.0.0, time stamp: 0x4f3e9870
Exception code: 0x40000015
Fault offset: 0x00079d11
Faulting process id: 0x2e44
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (06/22/2014 10:39:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Transistor.exe, version: 1.0.0.0, time stamp: 0x537abd60
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x2d18
Faulting application start time: 0xTransistor.exe0
Faulting application path: Transistor.exe1
Faulting module path: Transistor.exe2
Report Id: Transistor.exe3

Error: (06/22/2014 10:39:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Transistor.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DllNotFoundException
Stack:
   at GSGE.SteamWrapper.SteamWrapper_GetCurrentGameLanguage()
   at GSGE.Localization.Init()
   at GSGE.ExceptionGame.LoadContent()
   at Microsoft.Xna.Framework.Game.Initialize()
   at Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
   at Game.Windows.Program.Run[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](GSGE.IBugReporter[])
   at Game.Windows.Program.Main(System.String[])

Error: (06/22/2014 10:38:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Transistor.exe, version: 1.0.0.0, time stamp: 0x537abd4b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x2484
Faulting application start time: 0xTransistor.exe0
Faulting application path: Transistor.exe1
Faulting module path: Transistor.exe2
Report Id: Transistor.exe3

Error: (06/22/2014 10:38:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Transistor.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DllNotFoundException
Stack:
   at GSGE.SteamWrapper.SteamWrapper_GetCurrentGameLanguage()
   at GSGE.Localization.Init()
   at GSGE.ExceptionGame.LoadContent()
   at Microsoft.Xna.Framework.Game.Initialize()
   at Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
   at Microsoft.Xna.Framework.Game.Run()
   at Game.Windows.Program.Run[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](GSGE.IBugReporter[])
   at Game.Windows.Program.Main(System.String[])


System errors:
=============
Error: (06/23/2014 09:45:46 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/23/2014 04:01:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:51:45 AM on ?6/?23/?2014 was unexpected.

Error: (06/21/2014 04:08:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/20/2014 07:46:37 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/20/2014 01:43:18 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/16/2014 11:42:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AntiVirSchedulerService service.

Error: (06/16/2014 01:43:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Display - Intel® HD Graphics 3000.

Error: (06/16/2014 01:41:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Display - Intel® HD Graphics 3000.

Error: (06/16/2014 01:39:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Display - Intel® HD Graphics 3000.

Error: (06/16/2014 01:37:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Display - Intel® HD Graphics 3000.


Microsoft Office Sessions:
=========================
Error: (06/23/2014 04:02:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2014 02:34:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Steam.exe2.25.32.4553875f23unknown0.0.0.000000000c000041d02de0a662c0c01cf8e96a134a691C:\Program Files (x86)\Steam\Steam.exeunknown7299bfa5-faa0-11e3-9a7d-d0df9ab5d513

Error: (06/23/2014 02:34:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Steam.exe2.25.32.4553875f23unknown0.0.0.000000000c000000502de0a662c0c01cf8e96a134a691C:\Program Files (x86)\Steam\Steam.exeunknown7081862b-faa0-11e3-9a7d-d0df9ab5d513

Error: (06/22/2014 11:08:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Transistor.exe1.0.0.0537abd4bKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d17dc01cf8e907366e805C:\Program Files (x86)\Transistor\x86\Transistor.exeC:\Windows\syswow64\KERNELBASE.dllb3b779b3-fa83-11e3-9a7d-d0df9ab5d513

Error: (06/22/2014 11:08:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Transistor.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DllNotFoundException
Stack:
   at GSGE.SteamWrapper.SteamWrapper_GetCurrentGameLanguage()
   at GSGE.Localization.Init()
   at GSGE.ExceptionGame.LoadContent()
   at Microsoft.Xna.Framework.Game.Initialize()
   at Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
   at Microsoft.Xna.Framework.Game.Run()
   at Game.Windows.Program.Run[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](GSGE.IBugReporter[])
   at Game.Windows.Program.Main(System.String[])

Error: (06/22/2014 10:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.0.0.04f3e9873libmkv_plugin.dll0.0.0.04f3e98704000001500079d112e4401cf8e8d3923d80eC:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll8217b96d-fa80-11e3-9a7d-d0df9ab5d513

Error: (06/22/2014 10:39:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Transistor.exe1.0.0.0537abd60KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d2d1801cf8e8c46a4ff4dC:\Program Files (x86)\Transistor\x64\Transistor.exeC:\Windows\system32\KERNELBASE.dll88a92ccd-fa7f-11e3-9a7d-d0df9ab5d513

Error: (06/22/2014 10:39:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Transistor.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DllNotFoundException
Stack:
   at GSGE.SteamWrapper.SteamWrapper_GetCurrentGameLanguage()
   at GSGE.Localization.Init()
   at GSGE.ExceptionGame.LoadContent()
   at Microsoft.Xna.Framework.Game.Initialize()
   at Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
   at Game.Windows.Program.Run[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](GSGE.IBugReporter[])
   at Game.Windows.Program.Main(System.String[])

Error: (06/22/2014 10:38:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Transistor.exe1.0.0.0537abd4bKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d248401cf8e8c3a130b03C:\Program Files (x86)\Transistor\x86\Transistor.exeC:\Windows\syswow64\KERNELBASE.dll7a80f2c0-fa7f-11e3-9a7d-d0df9ab5d513

Error: (06/22/2014 10:38:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Transistor.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DllNotFoundException
Stack:
   at GSGE.SteamWrapper.SteamWrapper_GetCurrentGameLanguage()
   at GSGE.Localization.Init()
   at GSGE.ExceptionGame.LoadContent()
   at Microsoft.Xna.Framework.Game.Initialize()
   at Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
   at Microsoft.Xna.Framework.Game.Run()
   at Game.Windows.Program.Run[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](GSGE.IBugReporter[])
   at Game.Windows.Program.Main(System.String[])


CodeIntegrity Errors:
===================================
  Date: 2014-04-23 00:09:19.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\Downloads\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:19.515
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\Downloads\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:18.960
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:18.932
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:06.427
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\Downloads\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:06.399
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\Downloads\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:05.785
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:09:05.757
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:08:53.155
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\Downloads\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-23 00:08:53.125
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Priest\Downloads\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8139.82 MB
Available physical RAM: 5782.27 MB
Total Pagefile: 16277.83 MB
Available Pagefile: 13583.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:687.39 GB) (Free:112.48 GB) NTFS
Drive d: (Vault) (Fixed) (Total:232.88 GB) (Free:223.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 419C014A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: 5B6AC646)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================




seriously, my gratitude knows no bounds right now. you are not getting paid enough for this.



#11 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 24 June 2014 - 02:17 AM



==================== One Month Created Files and Folders ========

2014-06-23 12:09 - 2014-06-23 12:10 - 00016611 _____ () C:\Users\Priest\Downloads\FRST.txt
2014-06-23 12:09 - 2014-06-23 12:09 - 00000000 ____D () C:\FRST
2014-06-23 12:08 - 2014-06-23 12:08 - 02082816 _____ (Farbar) C:\Users\Priest\Downloads\FRST64.exe
2014-06-23 02:59 - 2014-06-23 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MidSpace
2014-06-23 02:58 - 2014-06-23 02:58 - 03313664 _____ () C:\Users\Priest\Downloads\SEToolboxSetup-01.035.005.2.msi
2014-06-23 02:58 - 2014-06-23 02:58 - 00000000 ____D () C:\Program Files (x86)\MidSpace
2014-06-23 02:01 - 2014-06-23 04:53 - 00000000 ____D () C:\Users\Priest\Downloads\Total Recall EXTENDED (2012)
2014-06-23 02:00 - 2014-06-23 05:20 - 00000000 ____D () C:\Users\Priest\Downloads\Mr. Rogers Neighborhood #1 (30 episodes) (640x480 x264, AAC or AC3)
2014-06-22 22:26 - 2014-06-22 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transistor
2014-06-22 21:30 - 2014-06-22 21:30 - 00006928 _____ () C:\Users\Priest\AppData\Local\recently-used.xbel
2014-06-22 20:09 - 2014-06-22 20:09 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-22 20:08 - 2014-06-22 20:08 - 00000000 ____D () C:\Users\Priest\Downloads\Chuzzle Deluxe
2014-06-22 19:23 - 2014-06-22 20:09 - 00000000 ____D () C:\Users\Priest\Downloads\Mr. Rogers Neighborhood #2 (20 episodes) (640x480 x264, AAC)
2014-06-22 19:13 - 2014-06-22 19:15 - 10419106 ____R () C:\Users\Priest\Downloads\Chuzzle Deluxe.zip
2014-06-22 16:40 - 2014-06-22 16:40 - 00003061 _____ () C:\Users\Priest\Desktop\attach.zip
2014-06-22 16:35 - 2014-06-22 16:40 - 00008192 _____ () C:\Users\Priest\Desktop\attach.txt
2014-06-22 16:35 - 2014-06-22 16:35 - 00024185 _____ () C:\Users\Priest\Desktop\dds.txt
2014-06-22 16:33 - 2014-06-22 16:33 - 00688992 ____R (Swearware) C:\Users\Priest\Downloads\dds.com
2014-06-19 20:45 - 2014-06-19 20:45 - 00000000 ____D () C:\Users\Priest\Documents\Facepalm Games
2014-06-19 20:42 - 2014-06-19 20:42 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\PowerISO
2014-06-18 19:39 - 2014-06-18 19:55 - 112616784 _____ (Apple Inc.) C:\Users\Priest\Downloads\iTunes64Setup.exe
2014-06-18 18:54 - 2014-06-18 18:54 - 01305274 _____ () C:\Users\Priest\Downloads\HoxHud P1.2 Manual install.7z
2014-06-18 17:43 - 2014-06-18 17:44 - 00000000 ____D () C:\Users\Priest\Downloads\Zedd
2014-06-18 17:00 - 2014-06-18 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Swapper
2014-06-18 16:51 - 2014-06-18 16:51 - 00000000 ____D () C:\Users\Priest\Downloads\Divergent (Audiobook)
2014-06-17 20:17 - 2014-06-17 20:18 - 00001450 _____ () C:\Users\Priest\Downloads\HotFixv15.2.rar
2014-06-17 05:28 - 2014-06-17 05:31 - 16392851 _____ () C:\Users\Priest\Downloads\PPv15R(1).rar
2014-06-17 04:34 - 2014-06-17 04:38 - 15412254 _____ () C:\Users\Priest\Downloads\PPv15R.rar
2014-06-16 19:21 - 2014-06-17 20:36 - 761751060 _____ () C:\Users\Priest\Downloads\BBC.Jeremy.Clarkson.War.Stories.2of2.The.Greatest.Raid.of.All.DVDrip.x264.AC3.MVGroup.org.mp4
2014-06-16 19:01 - 2014-06-16 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2014-06-16 19:01 - 2014-06-16 19:01 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
2014-06-16 17:30 - 2014-06-16 17:33 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\Priest\Downloads\cbSetup.exe
2014-06-16 16:37 - 2014-06-16 16:37 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\OpenOffice
2014-06-16 04:04 - 2014-06-16 04:04 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\3909
2014-06-16 04:03 - 2014-06-16 04:03 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-06-16 04:00 - 2014-06-16 04:00 - 00001680 _____ () C:\Users\Public\Desktop\Papers, Please.lnk
2014-06-16 04:00 - 2014-06-16 04:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-06-16 03:59 - 2014-06-16 03:59 - 00000000 ____D () C:\GOG Games
2014-06-16 03:33 - 2014-06-16 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exkee
2014-06-15 13:38 - 2014-06-15 13:38 - 882642960 _____ () C:\Windows\MEMORY.DMP
2014-06-15 13:38 - 2014-06-15 13:38 - 00262160 _____ () C:\Windows\Minidump\061514-43477-01.dmp
2014-06-15 13:38 - 2014-06-15 13:38 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 02:14 - 2014-06-15 02:23 - 15244718 _____ () C:\Users\Priest\Downloads\calibre-1.40.0(1).msi
2014-06-15 01:57 - 2014-06-15 01:57 - 00000000 ____D () C:\Users\Priest\AppData\Local\calibre-cache
2014-06-15 01:55 - 2014-06-18 18:10 - 00000000 ____D () C:\Users\Priest\Documents\Calibre Library
2014-06-15 01:50 - 2014-06-15 01:57 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\calibre
2014-06-13 01:39 - 2014-06-13 01:40 - 00018511 _____ () C:\Windows\DirectX.log
2014-06-11 22:52 - 2014-06-11 23:42 - 56019968 _____ () C:\Users\Priest\Downloads\calibre-1.39.0.msi
2014-06-11 04:13 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 04:13 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 04:13 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 04:13 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 04:13 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 04:13 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 04:13 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 04:13 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 04:13 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 04:13 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 04:13 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 04:13 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 04:12 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 04:12 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 04:12 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 04:12 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 04:12 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 04:12 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 04:12 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 04:12 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 04:12 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 04:12 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 04:12 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 04:12 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 04:12 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 04:12 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 04:12 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 04:12 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 04:12 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 04:12 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 04:12 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 04:12 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 04:12 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 04:12 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 04:12 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 04:12 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 04:12 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 04:12 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 04:12 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 04:12 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 04:12 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 04:12 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 04:12 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 04:12 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 04:12 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 04:12 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 04:12 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 04:12 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 04:12 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 04:12 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 04:12 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 04:12 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 04:12 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 04:12 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 04:08 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 04:08 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 04:08 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 04:08 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 04:08 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 04:08 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 04:08 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 04:08 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 04:08 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 04:08 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 04:08 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 04:08 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 03:38 - 2014-06-18 19:39 - 00000000 ____D () C:\Users\Priest\Downloads\Papers, Please [GOG] (+ v1.0.37 Update & Extras)
2014-06-11 03:29 - 2014-06-11 03:37 - 00000000 ____D () C:\Users\Priest\Downloads\Neal_Stephenson
2014-06-11 03:16 - 2014-06-11 03:17 - 03521326 _____ () C:\Users\Priest\Downloads\wizardsfirstrule.mobi
2014-06-11 02:18 - 2014-06-11 03:52 - 153446587 _____ () C:\Users\Priest\Downloads\WIZZYWIG.mobi
2014-06-11 02:16 - 2014-06-11 03:27 - 58979022 _____ () C:\Users\Priest\Downloads\TooCoolToBeForgotten.mobi
2014-06-11 02:15 - 2014-06-11 02:16 - 01859079 _____ () C:\Users\Priest\Downloads\SwordandSorceryAnthology.mobi
2014-06-11 02:14 - 2014-06-11 02:17 - 05153231 _____ () C:\Users\Priest\Downloads\Lovecrafts_Monsters.mobi
2014-06-11 02:11 - 2014-06-11 03:15 - 102048711 _____ () C:\Users\Priest\Downloads\FromHellCompanion.epub
2014-06-11 02:11 - 2014-06-11 02:12 - 02084065 _____ () C:\Users\Priest\Downloads\jam.mobi
2014-06-11 02:10 - 2014-06-11 05:07 - 433333397 _____ () C:\Users\Priest\Downloads\FromHell.mobi
2014-06-10 23:01 - 2014-06-10 23:02 - 07389724 _____ () C:\Users\Priest\Downloads\Wolfenstein.The.New.Order.FPS.Fix.Voksi.rar
2014-06-10 15:17 - 2014-06-10 15:17 - 00003066 _____ () C:\Windows\System32\Tasks\{AFDCA721-21EE-4977-B616-047F49A54F77}
2014-06-10 14:34 - 2014-06-10 14:34 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-10 14:34 - 2014-06-10 14:34 - 00000000 ____D () C:\Windows\system32\NV
2014-06-10 14:23 - 2014-06-10 14:23 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-10 14:22 - 2014-05-19 19:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-10 14:17 - 2014-05-19 22:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-10 14:17 - 2014-05-19 22:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-10 14:17 - 2014-05-19 22:44 - 00301512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-06-10 14:17 - 2014-05-19 22:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-10 13:37 - 2014-06-10 13:37 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-06-10 13:33 - 2014-06-10 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-10 13:33 - 2014-06-10 13:38 - 00000000 ____D () C:\Users\Priest\AppData\Local\NVIDIA
2014-06-10 13:33 - 2014-06-10 13:37 - 00000000 ____D () C:\Users\Priest\AppData\Local\NVIDIA Corporation
2014-06-10 13:33 - 2014-05-29 19:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-10 13:33 - 2014-05-29 19:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-10 13:33 - 2014-05-29 18:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-10 13:33 - 2014-05-29 18:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-10 13:32 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-10 13:32 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-10 13:32 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-10 13:27 - 2014-06-10 13:30 - 30000520 _____ (NVIDIA Corporation) C:\Users\Priest\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-10 12:19 - 2014-06-10 12:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-10 12:18 - 2014-06-10 12:19 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-10 04:41 - 2014-06-10 04:54 - 140910890 _____ () C:\Users\Priest\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US(2).exe
2014-06-09 21:10 - 2014-03-25 22:38 - 03040256 _____ () C:\Users\Priest\Desktop\STALKER COP Trainer.exe
2014-06-09 13:53 - 2014-06-23 04:01 - 00006400 _____ () C:\Windows\setupact.log
2014-06-09 13:53 - 2014-06-09 13:53 - 00000352 _____ () C:\Windows\PFRO.log
2014-06-09 13:53 - 2014-06-09 13:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-09 04:56 - 2014-06-09 04:56 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-09 04:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-09 04:00 - 2014-06-09 04:02 - 00000000 ____D () C:\Users\Priest\Desktop\band of brothers series
2014-06-09 03:59 - 2014-06-09 04:02 - 00000000 ____D () C:\Users\Priest\Desktop\New Vegas
2014-06-09 03:59 - 2014-06-09 03:59 - 00000000 ____D () C:\Users\Priest\Desktop\SKYRIM
2014-06-09 03:55 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140609-035505.backup
2014-06-09 03:49 - 2014-06-09 04:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 03:33 - 2014-06-09 03:51 - 00963823 _____ (Safer-Networking Ltd. ) C:\Users\Priest\Downloads\spybot-2.3.exe.part
2014-06-09 03:22 - 2014-06-09 04:10 - 00000000 ____D () C:\Users\Priest\Desktop\ArsenalOverhaul2_2Full
2014-06-08 18:47 - 2014-06-08 18:49 - 00651309 _____ () C:\Users\Priest\Downloads\STKCOP1602+14.rar.part
2014-06-08 18:46 - 2014-06-08 18:52 - 02902231 _____ () C:\Users\Priest\Downloads\STALKER COP Trainer-mgr.inz.Player(1).rar
2014-06-08 18:45 - 2014-06-08 18:56 - 06189817 _____ () C:\Users\Priest\Downloads\S.T.A.L.K.E.R.-.Call.Of.Pripyat.unlocker.by.icecold.7z
2014-06-07 15:49 - 2014-06-07 15:49 - 00000915 _____ () C:\Users\Priest\Desktop\JRT.txt
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivIdentity
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\Program Files\Common Files\ActivIdentity
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\Program Files (x86)\ActivIdentity
2014-06-07 12:45 - 2014-06-07 12:46 - 00814431 _____ () C:\Users\Priest\Downloads\InstallRoot_v3.16.1A.zip
2014-06-07 00:37 - 2014-06-07 00:37 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\XRay Engine
2014-06-06 21:56 - 2014-06-06 21:59 - 34539841 _____ () C:\Users\Priest\Downloads\Mayhem - Rider Super-1.zip
2014-06-06 21:46 - 2014-06-06 21:51 - 41163461 _____ () C:\Users\Priest\Downloads\Renard - SHOUNEN BASS.zip
2014-06-06 06:09 - 2014-06-06 08:52 - 1775875634 _____ () C:\Users\Priest\Desktop\MISERY_v2.1.7Z
2014-06-06 04:05 - 2014-06-12 20:19 - 00000000 ____D () C:\Users\Priest\Desktop\trainers
2014-06-05 19:26 - 2014-06-05 19:26 - 00000000 ____D () C:\Users\Priest\Documents\VideoPad Projects
2014-06-05 18:08 - 2014-06-05 19:35 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\NCH Software
2014-06-05 18:08 - 2014-06-05 18:10 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-06-05 18:08 - 2014-06-05 18:08 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\ProgramData\NCH Software
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-06-03 20:11 - 2014-06-03 20:11 - 00000000 ____D () C:\Users\Priest\Desktop\Wolfenstein - New order
2014-06-03 19:20 - 2014-06-03 19:49 - 00000000 ____D () C:\Users\Public\Documents\stalker-shoc
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\Program Files\iTunes
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-02 15:17 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-06-02 15:16 - 2014-06-02 15:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-01 02:38 - 2014-06-01 03:51 - 00000000 ____D () C:\Users\Priest\Downloads\S.T.A.L.K.E.R. ??? ??????? - Arsenal Overhaul 2.0
2014-06-01 02:32 - 2014-06-05 08:59 - 1712474598 _____ () C:\Users\Priest\Desktop\ArsenalOverhaul2_2Full.rar
2014-06-01 02:16 - 2014-06-01 02:16 - 00035172 _____ () C:\Users\Priest\Downloads\STALKER_CoP_Loot_Armor_1_0.zip
2014-06-01 02:16 - 2014-06-01 02:16 - 00003716 _____ () C:\Users\Priest\Downloads\gamedata.rar
2014-06-01 02:02 - 2014-06-01 02:09 - 23611918 _____ () C:\Users\Priest\Downloads\MISERY_wpn_appendix_vers1.zip
2014-05-31 13:42 - 2014-05-31 13:46 - 22604413 _____ () C:\Users\Priest\Downloads\Wolfenstein_New_order-OST.7z
2014-05-30 20:08 - 2014-05-30 20:08 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-26 16:26 - 2014-05-26 23:50 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Olxayzi

==================== One Month Modified Files and Folders =======

2014-06-23 12:10 - 2014-06-23 12:09 - 00016611 _____ () C:\Users\Priest\Downloads\FRST.txt
2014-06-23 12:09 - 2014-06-23 12:09 - 00000000 ____D () C:\FRST
2014-06-23 12:08 - 2014-06-23 12:08 - 02082816 _____ (Farbar) C:\Users\Priest\Downloads\FRST64.exe
2014-06-23 12:01 - 2014-04-21 10:12 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\uTorrent
2014-06-23 11:49 - 2014-04-21 10:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-23 11:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\vlc
2014-06-23 11:22 - 2014-05-15 22:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-23 09:29 - 2014-04-20 15:34 - 01365501 _____ () C:\Windows\WindowsUpdate.log
2014-06-23 05:20 - 2014-06-23 02:00 - 00000000 ____D () C:\Users\Priest\Downloads\Mr. Rogers Neighborhood #1 (30 episodes) (640x480 x264, AAC or AC3)
2014-06-23 04:10 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-23 04:10 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-23 04:08 - 2009-07-14 01:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 04:01 - 2014-06-09 13:53 - 00006400 _____ () C:\Windows\setupact.log
2014-06-23 04:01 - 2014-05-15 22:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-23 04:01 - 2014-04-21 09:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-23 04:01 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-23 02:59 - 2014-06-23 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MidSpace
2014-06-23 02:58 - 2014-06-23 02:58 - 03313664 _____ () C:\Users\Priest\Downloads\SEToolboxSetup-01.035.005.2.msi
2014-06-23 02:58 - 2014-06-23 02:58 - 00000000 ____D () C:\Program Files (x86)\MidSpace
2014-06-23 02:34 - 2014-05-15 21:29 - 00000000 ____D () C:\Users\Priest\AppData\Local\CrashDumps
2014-06-22 22:26 - 2014-06-22 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transistor
2014-06-22 21:49 - 2014-05-20 12:32 - 00000000 ____D () C:\Users\Priest\.gimp-2.8
2014-06-22 21:30 - 2014-06-22 21:30 - 00006928 _____ () C:\Users\Priest\AppData\Local\recently-used.xbel
2014-06-22 21:30 - 2014-05-20 12:42 - 00000000 ____D () C:\Users\Priest\AppData\Local\gtk-2.0
2014-06-22 20:09 - 2014-06-22 20:09 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-22 20:09 - 2014-06-22 19:23 - 00000000 ____D () C:\Users\Priest\Downloads\Mr. Rogers Neighborhood #2 (20 episodes) (640x480 x264, AAC)
2014-06-22 20:08 - 2014-06-22 20:08 - 00000000 ____D () C:\Users\Priest\Downloads\Chuzzle Deluxe
2014-06-22 19:15 - 2014-06-22 19:13 - 10419106 ____R () C:\Users\Priest\Downloads\Chuzzle Deluxe.zip
2014-06-22 16:40 - 2014-06-22 16:40 - 00003061 _____ () C:\Users\Priest\Desktop\attach.zip
2014-06-22 16:40 - 2014-06-22 16:35 - 00008192 _____ () C:\Users\Priest\Desktop\attach.txt
2014-06-22 16:35 - 2014-06-22 16:35 - 00024185 _____ () C:\Users\Priest\Desktop\dds.txt
2014-06-22 16:33 - 2014-06-22 16:33 - 00688992 ____R (Swearware) C:\Users\Priest\Downloads\dds.com
2014-06-22 11:55 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Adobe
2014-06-20 22:13 - 2014-05-26 21:37 - 2050162688 ____R () C:\Users\Priest\Downloads\Watch_Dogs.iso
2014-06-20 12:53 - 2014-04-22 00:42 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\SpaceEngineers
2014-06-20 11:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-20 01:42 - 2014-04-28 10:22 - 00000000 ____D () C:\Users\Priest\AppData\Local\Egtion
2014-06-19 20:59 - 2014-04-22 00:42 - 00000000 ____D () C:\Users\Priest\Desktop\New folder (2)
2014-06-19 20:45 - 2014-06-19 20:45 - 00000000 ____D () C:\Users\Priest\Documents\Facepalm Games
2014-06-19 20:42 - 2014-06-19 20:42 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\PowerISO
2014-06-19 17:31 - 2014-04-22 00:23 - 00000000 ____D () C:\Games
2014-06-19 17:30 - 2014-04-22 00:42 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Skype
2014-06-19 17:28 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-19 17:03 - 2014-04-21 09:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 19:55 - 2014-06-18 19:39 - 112616784 _____ (Apple Inc.) C:\Users\Priest\Downloads\iTunes64Setup.exe
2014-06-18 19:39 - 2014-06-11 03:38 - 00000000 ____D () C:\Users\Priest\Downloads\Papers, Please [GOG] (+ v1.0.37 Update & Extras)
2014-06-18 18:54 - 2014-06-18 18:54 - 01305274 _____ () C:\Users\Priest\Downloads\HoxHud P1.2 Manual install.7z
2014-06-18 18:54 - 2014-05-11 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 18:10 - 2014-06-15 01:55 - 00000000 ____D () C:\Users\Priest\Documents\Calibre Library
2014-06-18 17:44 - 2014-06-18 17:43 - 00000000 ____D () C:\Users\Priest\Downloads\Zedd
2014-06-18 17:00 - 2014-06-18 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Swapper
2014-06-18 16:51 - 2014-06-18 16:51 - 00000000 ____D () C:\Users\Priest\Downloads\Divergent (Audiobook)
2014-06-18 00:17 - 2014-05-15 22:01 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 00:17 - 2014-05-15 22:01 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 22:32 - 2014-04-22 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-06-17 22:32 - 2014-04-22 00:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-17 20:36 - 2014-06-16 19:21 - 761751060 _____ () C:\Users\Priest\Downloads\BBC.Jeremy.Clarkson.War.Stories.2of2.The.Greatest.Raid.of.All.DVDrip.x264.AC3.MVGroup.org.mp4
2014-06-17 20:18 - 2014-06-17 20:17 - 00001450 _____ () C:\Users\Priest\Downloads\HotFixv15.2.rar
2014-06-17 05:31 - 2014-06-17 05:28 - 16392851 _____ () C:\Users\Priest\Downloads\PPv15R(1).rar
2014-06-17 04:38 - 2014-06-17 04:34 - 15412254 _____ () C:\Users\Priest\Downloads\PPv15R.rar
2014-06-16 19:01 - 2014-06-16 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2014-06-16 19:01 - 2014-06-16 19:01 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
2014-06-16 17:33 - 2014-06-16 17:30 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\Priest\Downloads\cbSetup.exe
2014-06-16 16:37 - 2014-06-16 16:37 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\OpenOffice
2014-06-16 14:06 - 2014-06-16 01:58 - 460480528 _____ () C:\Users\Priest\Downloads\game.of.thrones.s04e10.hdtv.x264-killers.mp4
2014-06-16 04:04 - 2014-06-16 04:04 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\3909
2014-06-16 04:03 - 2014-06-16 04:03 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-06-16 04:00 - 2014-06-16 04:00 - 00001680 _____ () C:\Users\Public\Desktop\Papers, Please.lnk
2014-06-16 04:00 - 2014-06-16 04:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-06-16 04:00 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-16 03:59 - 2014-06-16 03:59 - 00000000 ____D () C:\GOG Games
2014-06-16 03:44 - 2014-06-16 03:44 - 00000000 ____D () C:\Users\Priest\AppData\Local\SKIDROW
2014-06-16 03:33 - 2014-06-16 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exkee
2014-06-16 01:49 - 2014-04-23 00:29 - 00019404 _____ () C:\Windows\system32\results.xml
2014-06-15 13:38 - 2014-06-15 13:38 - 882642960 _____ () C:\Windows\MEMORY.DMP
2014-06-15 13:38 - 2014-06-15 13:38 - 00262160 _____ () C:\Windows\Minidump\061514-43477-01.dmp
2014-06-15 13:38 - 2014-06-15 13:38 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 02:23 - 2014-06-15 02:14 - 15244718 _____ () C:\Users\Priest\Downloads\calibre-1.40.0(1).msi
2014-06-15 01:57 - 2014-06-15 01:57 - 00000000 ____D () C:\Users\Priest\AppData\Local\calibre-cache
2014-06-15 01:57 - 2014-06-15 01:50 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\calibre
2014-06-15 01:49 - 2014-04-22 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-06-15 01:49 - 2014-04-22 00:23 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-06-13 01:40 - 2014-06-13 01:39 - 00018511 _____ () C:\Windows\DirectX.log
2014-06-12 20:19 - 2014-06-06 04:05 - 00000000 ____D () C:\Users\Priest\Desktop\trainers
2014-06-12 10:53 - 2014-04-22 03:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 03:02 - 2014-04-22 03:09 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 23:42 - 2014-06-11 22:52 - 56019968 _____ () C:\Users\Priest\Downloads\calibre-1.39.0.msi
2014-06-11 05:07 - 2014-06-11 02:10 - 433333397 _____ () C:\Users\Priest\Downloads\FromHell.mobi
2014-06-11 03:52 - 2014-06-11 02:18 - 153446587 _____ () C:\Users\Priest\Downloads\WIZZYWIG.mobi
2014-06-11 03:37 - 2014-06-11 03:29 - 00000000 ____D () C:\Users\Priest\Downloads\Neal_Stephenson
2014-06-11 03:27 - 2014-06-11 02:16 - 58979022 _____ () C:\Users\Priest\Downloads\TooCoolToBeForgotten.mobi
2014-06-11 03:17 - 2014-06-11 03:16 - 03521326 _____ () C:\Users\Priest\Downloads\wizardsfirstrule.mobi
2014-06-11 03:15 - 2014-06-11 02:11 - 102048711 _____ () C:\Users\Priest\Downloads\FromHellCompanion.epub
2014-06-11 02:17 - 2014-06-11 02:14 - 05153231 _____ () C:\Users\Priest\Downloads\Lovecrafts_Monsters.mobi
2014-06-11 02:16 - 2014-06-11 02:15 - 01859079 _____ () C:\Users\Priest\Downloads\SwordandSorceryAnthology.mobi
2014-06-11 02:12 - 2014-06-11 02:11 - 02084065 _____ () C:\Users\Priest\Downloads\jam.mobi
2014-06-10 23:02 - 2014-06-10 23:01 - 07389724 _____ () C:\Users\Priest\Downloads\Wolfenstein.The.New.Order.FPS.Fix.Voksi.rar
2014-06-10 15:17 - 2014-06-10 15:17 - 00003066 _____ () C:\Windows\System32\Tasks\{AFDCA721-21EE-4977-B616-047F49A54F77}
2014-06-10 14:35 - 2014-06-10 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-10 14:34 - 2014-06-10 14:34 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-10 14:34 - 2014-06-10 14:34 - 00000000 ____D () C:\Windows\system32\NV
2014-06-10 14:33 - 2009-07-14 00:45 - 00298960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-10 14:27 - 2014-04-23 21:54 - 00000000 ____D () C:\Users\Priest\AppData\Local\FirestormOS_x64
2014-06-10 14:23 - 2014-06-10 14:23 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-10 14:23 - 2014-04-21 10:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-10 14:22 - 2011-11-02 13:25 - 00000000 ____D () C:\Temp
2014-06-10 14:20 - 2014-04-21 10:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-10 13:38 - 2014-06-10 13:33 - 00000000 ____D () C:\Users\Priest\AppData\Local\NVIDIA
2014-06-10 13:37 - 2014-06-10 13:37 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-06-10 13:37 - 2014-06-10 13:33 - 00000000 ____D () C:\Users\Priest\AppData\Local\NVIDIA Corporation
2014-06-10 13:37 - 2014-04-21 10:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-10 13:30 - 2014-06-10 13:27 - 30000520 _____ (NVIDIA Corporation) C:\Users\Priest\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-10 13:18 - 2014-04-20 23:42 - 00064416 _____ () C:\Users\Priest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-10 12:19 - 2014-06-10 12:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-10 12:19 - 2014-06-10 12:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-10 04:54 - 2014-06-10 04:41 - 140910890 _____ () C:\Users\Priest\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US(2).exe
2014-06-09 13:53 - 2014-06-09 13:53 - 00000352 _____ () C:\Windows\PFRO.log
2014-06-09 13:53 - 2014-06-09 13:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-09 04:56 - 2014-06-09 04:56 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-09 04:56 - 2014-04-22 00:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-09 04:56 - 2014-04-21 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-06-09 04:28 - 2014-05-15 22:38 - 00000000 ____D () C:\Users\Priest\Desktop\antivirus tools
2014-06-09 04:16 - 2014-06-09 03:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 04:10 - 2014-06-09 03:22 - 00000000 ____D () C:\Users\Priest\Desktop\ArsenalOverhaul2_2Full
2014-06-09 04:02 - 2014-06-09 04:00 - 00000000 ____D () C:\Users\Priest\Desktop\band of brothers series
2014-06-09 04:02 - 2014-06-09 03:59 - 00000000 ____D () C:\Users\Priest\Desktop\New Vegas
2014-06-09 03:59 - 2014-06-09 03:59 - 00000000 ____D () C:\Users\Priest\Desktop\SKYRIM
2014-06-09 03:57 - 2014-04-20 16:30 - 00000000 ____D () C:\Windows\Panther
2014-06-09 03:51 - 2014-06-09 03:33 - 00963823 _____ (Safer-Networking Ltd. ) C:\Users\Priest\Downloads\spybot-2.3.exe.part
2014-06-08 18:56 - 2014-06-08 18:45 - 06189817 _____ () C:\Users\Priest\Downloads\S.T.A.L.K.E.R.-.Call.Of.Pripyat.unlocker.by.icecold.7z
2014-06-08 18:52 - 2014-06-08 18:46 - 02902231 _____ () C:\Users\Priest\Downloads\STALKER COP Trainer-mgr.inz.Player(1).rar
2014-06-08 18:49 - 2014-06-08 18:47 - 00651309 _____ () C:\Users\Priest\Downloads\STKCOP1602+14.rar.part
2014-06-07 15:51 - 2014-05-21 16:16 - 00000000 ____D () C:\Users\Priest\Desktop\860OKMZO
2014-06-07 15:49 - 2014-06-07 15:49 - 00000915 _____ () C:\Users\Priest\Desktop\JRT.txt
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivIdentity
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\Program Files\Common Files\ActivIdentity
2014-06-07 15:25 - 2014-06-07 15:25 - 00000000 ____D () C:\Program Files (x86)\ActivIdentity
2014-06-07 12:46 - 2014-06-07 12:45 - 00814431 _____ () C:\Users\Priest\Downloads\InstallRoot_v3.16.1A.zip
2014-06-07 00:37 - 2014-06-07 00:37 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\XRay Engine
2014-06-06 21:59 - 2014-06-06 21:56 - 34539841 _____ () C:\Users\Priest\Downloads\Mayhem - Rider Super-1.zip
2014-06-06 21:51 - 2014-06-06 21:46 - 41163461 _____ () C:\Users\Priest\Downloads\Renard - SHOUNEN BASS.zip
2014-06-06 08:52 - 2014-06-06 06:09 - 1775875634 _____ () C:\Users\Priest\Desktop\MISERY_v2.1.7Z
2014-06-05 19:35 - 2014-06-05 18:08 - 00000000 ____D () C:\Users\Priest\AppData\Roaming\NCH Software
2014-06-05 19:26 - 2014-06-05 19:26 - 00000000 ____D () C:\Users\Priest\Documents\VideoPad Projects
2014-06-05 18:10 - 2014-06-05 18:08 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-06-05 18:08 - 2014-06-05 18:08 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\ProgramData\NCH Software
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-06-05 18:08 - 2014-06-05 18:08 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-06-05 08:59 - 2014-06-01 02:32 - 1712474598 _____ () C:\Users\Priest\Desktop\ArsenalOverhaul2_2Full.rar
2014-06-05 02:38 - 2014-04-20 22:48 - 00000000 ____D () C:\Users\Priest\AppData\Local\VirtualStore
2014-06-03 20:11 - 2014-06-03 20:11 - 00000000 ____D () C:\Users\Priest\Desktop\Wolfenstein - New order
2014-06-03 19:49 - 2014-06-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\stalker-shoc
2014-06-03 19:13 - 2014-05-22 20:42 - 00000000 ____D () C:\Users\Priest\Downloads\new vegas
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\Program Files\iTunes
2014-06-02 15:17 - 2014-06-02 15:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-02 15:17 - 2014-04-22 00:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-02 15:17 - 2014-04-22 00:41 - 00000000 ____D () C:\Program Files\iPod
2014-06-02 15:16 - 2014-06-02 15:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-02 15:16 - 2014-04-22 00:23 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-01 03:51 - 2014-06-01 02:38 - 00000000 ____D () C:\Users\Priest\Downloads\S.T.A.L.K.E.R. ??? ??????? - Arsenal Overhaul 2.0
2014-06-01 02:16 - 2014-06-01 02:16 - 00035172 _____ () C:\Users\Priest\Downloads\STALKER_CoP_Loot_Armor_1_0.zip
2014-06-01 02:16 - 2014-06-01 02:16 - 00003716 _____ () C:\Users\Priest\Downloads\gamedata.rar
2014-06-01 02:09 - 2014-06-01 02:02 - 23611918 _____ () C:\Users\Priest\Downloads\MISERY_wpn_appendix_vers1.zip
2014-05-31 13:46 - 2014-05-31 13:42 - 22604413 _____ () C:\Users\Priest\Downloads\Wolfenstein_New_order-OST.7z
2014-05-30 20:08 - 2014-05-30 20:08 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-30 20:03 - 2014-05-15 21:17 - 00000000 ____D () C:\Users\Priest\Desktop\RK_Quarantine
2014-05-30 06:21 - 2014-06-11 04:12 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-11 04:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-11 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-11 04:12 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-11 04:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-11 04:12 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-11 04:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-11 04:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-11 04:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-11 04:12 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-11 04:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-11 04:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-11 04:12 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-11 04:13 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-11 04:12 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-11 04:12 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-11 04:12 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-11 04:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-11 04:13 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-11 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-11 04:12 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-11 04:12 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-11 04:12 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-11 04:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-11 04:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-11 04:12 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-11 04:12 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-11 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-11 04:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-11 04:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-11 04:12 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-11 04:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-11 04:13 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-11 04:12 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-11 04:12 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-11 04:13 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-11 04:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-11 04:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-11 04:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-11 04:12 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-11 04:12 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-11 04:12 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-11 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-11 04:12 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-11 04:12 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-11 04:12 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-11 04:12 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-11 04:12 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-11 04:12 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-11 04:13 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-11 04:12 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-11 04:12 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 19:00 - 2014-06-10 13:33 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-29 19:00 - 2014-06-10 13:33 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-29 18:59 - 2014-06-10 13:33 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-29 18:59 - 2014-06-10 13:33 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
 


Some content of TEMP:
====================
C:\Users\Priest\AppData\Local\Temp\avgnt.exe
C:\Users\Priest\AppData\Local\Temp\CH.dll
C:\Users\Priest\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Priest\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Priest\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Priest\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 06:17

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Priest at 2014-06-23 12:10:57
Running from C:\Users\Priest\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ActivClient CAC x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{70a79d1f-686d-4d5c-962b-07aa1294eae0}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
calibre (HKLM-x32\...\{39509A2F-C63C-404E-A4DC-7E6D4FCB6D66}) (Version: 1.39.0 - Kovid Goyal)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Firestorm SecondLife and OpenSim viewer (Version: 4.6.40478 - Phoenix Viewer Project) Hidden
Firestorm x64 (HKLM-x32\...\{e1f4463c-065d-4a91-bcc8-3ec7f47f7498}) (Version: 4.6.40478 - Phoenix Firestorm Project Inc)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Kill The Bad Guy (HKLM-x32\...\Kill The Bad Guy_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
ShadowCopy (HKLM-x32\...\{117CE366-3EED-48C5-BF6A-E0F47A0E68A4}) (Version: 2.02.000 - Runtime Software)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Space Engineers Toolbox (HKLM-x32\...\{343BF585-5FE4-43C7-B0B5-28ED07D38A50}) (Version: 01.035.005.2 - Mid-Space Productions)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.19.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{0941583C-A10F-4FBB-9B1C-9178CE3BFDAF}) (Version: 4.5.23.0 - Husdawg, LLC)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Swapper (HKLM-x32\...\The Swapper_is1) (Version:  - Facepalm Games)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\Steam App 212630) (Version:  - Ubisoft Paris)
Transistor (HKLM-x32\...\Transistor_is1) (Version:  - )
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.24 - NCH Software)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Warhammer 40,000: Dawn of War – Dark Crusade (HKLM-x32\...\Steam App 4580) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM-x32\...\Steam App 4570) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Winter Assault (HKLM-x32\...\Steam App 9310) (Version:  - Relic Entertainment)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version:  - Machine Games)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Restore Points  =========================



#12 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 24 June 2014 - 02:18 AM

I broke it up into chunks to see if I still got the whole "you do not have permission" error, and I didn't. Still not sure why that happened.



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,133 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:32 PM

Posted 24 June 2014 - 08:18 AM

Thanks for going through the extra effort to get me the information as well as your kind comments. Hold those until we fix your computer! :)

Please consider and do the following for me.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Please download and run Microsoft Fix it 50688 to fix a non-malware related technical issue with Windows.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM-x32\...\Run: [FAStartup] => [X]
HKU\S-1-5-21-1986783134-1514256620-860527245-1000\...\Run: [Egtion] => regsvr32.exe C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll <===== ATTENTION
SearchScopes: HKLM-x32 - DefaultScope value is missing.
C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll
Folder: C:\Users\Priest\AppData\Roaming\Olxayzi
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Security Check log
  • Fixlog
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 24 June 2014 - 07:39 PM

No utorrent? gah...I use it for Humble Bundle games. my bandwidth where I live is bad. normal downloads generally fail early, and utorrents are the only way to get them reliably. I dont use keygens or cracks, but I do use trainers, but if you think those are the problem, I will ditch them. I never thought P2P software was bad....I thought the Steam downloader was a P2P system?

 

Microsoft Fix It ran normally.

# AdwCleaner v3.213 - Report created 24/06/2014 at 18:49:02

# Updated 23/06/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Priest - PRIEST-TERMINAL

# Running from : C:\Users\Priest\Downloads\AdwCleaner(1).exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17126

 

 

-\\ Mozilla Firefox v30.0 (en-US)

 

[ File : C:\Users\Priest\AppData\Roaming\Mozilla\Firefox\Profiles\1yb0odhb.default\prefs.js ]

 

 

-\\ Google Chrome v35.0.1916.153

 

[ File : C:\Users\Priest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [1256 octets] - [22/04/2014 00:59:02]

AdwCleaner[R1].txt - [1977 octets] - [15/05/2014 13:09:31]

AdwCleaner[R2].txt - [1148 octets] - [15/05/2014 20:16:29]

AdwCleaner[R3].txt - [1234 octets] - [15/05/2014 20:27:52]

AdwCleaner[R4].txt - [1262 octets] - [21/05/2014 07:51:05]

AdwCleaner[R5].txt - [1323 octets] - [21/05/2014 08:01:50]

AdwCleaner[R6].txt - [1594 octets] - [24/06/2014 18:47:26]

AdwCleaner[S0].txt - [1337 octets] - [22/04/2014 01:06:04]

AdwCleaner[S1].txt - [1947 octets] - [15/05/2014 13:11:33]

AdwCleaner[S2].txt - [1298 octets] - [15/05/2014 20:28:28]

AdwCleaner[S3].txt - [1384 octets] - [21/05/2014 08:02:45]

AdwCleaner[S4].txt - [1517 octets] - [24/06/2014 18:49:02]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1577 octets] ##########

 

OHMYGOSHIDONTWANNATURNOFFMYAVJRT IS DONE ok I can turn it back on now.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Priest on Tue 06/24/2014 at 19:01:26.73

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ FireFox

 

Emptied folder: C:\Users\Priest\AppData\Roaming\mozilla\firefox\profiles\1yb0odhb.default\minidumps [4 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 06/24/2014 at 19:15:39.38

End of JRT log

 

screen317s security check failed. “incompatable operating system”.

Attempted safe mode. Safe mode froze on loading modules, for approximately 35 minutes.

Hard reset, attempted to restart. Black screen, but keyboard lit up. (I have alienware lighted keyboard thing)

Panicked.

unplugged battery and charger, replugged battery and charger. Started normally.

 

Ran FRST according to the prophecy.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014

Ran by Priest at 2014-06-24 20:27:02 Run:1

Running from C:\Users\Priest\Desktop

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

HKLM-x32\...\Run: [FAStartup] => [X]

HKU\S-1-5-21-1986783134-1514256620-860527245-1000\...\Run: [Egtion] => regsvr32.exe C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll <===== ATTENTION

SearchScopes: HKLM-x32 - DefaultScope value is missing.

C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll

Folder: C:\Users\Priest\AppData\Roaming\Olxayzi

*****************

 

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => value deleted successfully.

HKU\S-1-5-21-1986783134-1514256620-860527245-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Egtion => value deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

C:\Users\Priest\AppData\Local\Egtion\CNHLX300.dll => Moved successfully.

 

========================= Folder: C:\Users\Priest\AppData\Roaming\Olxayzi ========================

 

 

====== End of Folder: ======

 

 

==== End of Fixlog ====

 

Computer does not start up in safe mode.

Computer has difficulty connecting to the internet. Webpages must be refreshed several times before they open. Steam reports that it cannot connect to the internet, but can still send chat messages to my friends, and download games. Xpack 72104 was blocked by avira about seven hours ago.

 

 

 



#15 priestfoxley

priestfoxley
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 24 June 2014 - 07:52 PM

oh, and right clicking still causes Explorer.exe to crash.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users