Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7: Random BSOD. cant access safe mode


  • This topic is locked This topic is locked
2 replies to this topic

#1 bwhisnant

bwhisnant

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 15 August 2014 - 06:59 PM

My computer restarted while I was away and now I cannot get it to turn on at all. I cannot access safe mood. The windows repair option does not work. please let me know what information I can give to help. I ran FRST in command prompt and this is the results: 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-08-2014
Ran by SYSTEM on MININT-BIJQKUB on 15-08-2014 18:51:22
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => "F:\New folder\ZuneLauncher.exe"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [QuickTime Task] => "F:\QTTask.exe" -atboottime
HKLM-x32\...\Run: [iTunesHelper] => "F:\New folder\iTunesHelper.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-10] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Headset Software] => "F:\New folder\HeadsetControlPanel.exe" /minimized
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Kristopher\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\Kristopher\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe [851632 2014-07-08] (Adobe Systems Incorporated)
HKU\Kristopher\...\RunOnce: [Application Restart #0] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKU\Kristopher\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Kristopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk
ShortcutTarget: GameStop Now.lnk -> F:\GameStop App\Now\GameStopNow.exe (No File)
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-18] (Microsoft Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-03] ()
S2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute)
S3 DAUpdaterSvc; F:\New folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
S2 HPSLPSVC; F:\New folder\Digital Imaging\bin\HPSLPSVC64.DLL [X]
S3 WMZuneComm; "F:\New folder\WMZuneComm.exe" [X]
S3 ZuneNetworkSvc; "F:\New folder\ZuneNss.exe" [X]
S3 ZuneWlanCfgSvc; "F:\New folder\ZuneWlanCfgSvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [101376 2013-07-30] (Corsair)
S3 GPU-Z; C:\Users\Kristopher\AppData\Local\Temp\GPU-Z.sys [27008 2013-12-23] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-18] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-24] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-18] (Razer Inc)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)
S3 ALSysIO; \??\C:\Users\KRISTO~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-15 18:51 - 2014-08-15 18:51 - 00000000 ____D () C:\FRST
2014-08-15 10:04 - 2014-08-15 10:04 - 461978560 _____ () C:\Windows\MEMORY.DMP
2014-08-15 00:00 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
2014-08-15 00:00 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 00:00 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 00:00 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2014-08-15 00:00 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2014-08-15 00:00 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2014-08-15 00:00 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 00:00 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 08:56 - 2014-07-15 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-08-14 08:56 - 2014-07-15 18:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 08:56 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDYAK.DLL
2014-08-14 08:56 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDTAT.DLL
2014-08-14 08:56 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU1.DLL
2014-08-14 08:56 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2014-08-14 08:56 - 2014-07-08 18:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU.DLL
2014-08-14 08:56 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 08:56 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 08:56 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 08:56 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 08:56 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 08:56 - 2014-07-08 14:38 - 00419992 _____ () C:\Windows\System32\locale.nls
2014-08-14 08:56 - 2014-07-08 14:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 08:55 - 2014-08-06 18:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-08-14 08:55 - 2014-08-06 18:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-08-14 08:55 - 2014-07-31 15:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-08-14 08:55 - 2014-07-31 15:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 08:55 - 2014-07-25 06:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-08-14 08:55 - 2014-07-25 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-08-14 08:55 - 2014-07-25 06:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-08-14 08:55 - 2014-07-25 05:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 08:55 - 2014-07-25 05:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-08-14 08:55 - 2014-07-25 05:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-08-14 08:55 - 2014-07-25 05:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-08-14 08:55 - 2014-07-25 05:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-08-14 08:55 - 2014-07-25 05:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-08-14 08:55 - 2014-07-25 05:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-08-14 08:55 - 2014-07-25 05:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-08-14 08:55 - 2014-07-25 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 08:55 - 2014-07-25 05:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-08-14 08:55 - 2014-07-25 05:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-08-14 08:55 - 2014-07-25 05:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-08-14 08:55 - 2014-07-25 04:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-08-14 08:55 - 2014-07-25 04:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-14 08:55 - 2014-07-25 04:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-08-14 08:55 - 2014-07-25 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 08:55 - 2014-07-25 04:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 08:55 - 2014-07-25 04:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 08:55 - 2014-07-25 04:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 08:55 - 2014-07-25 04:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-08-14 08:55 - 2014-07-25 04:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-14 08:55 - 2014-07-25 04:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 08:55 - 2014-07-25 04:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-08-14 08:55 - 2014-07-25 04:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 08:55 - 2014-07-25 04:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-08-14 08:55 - 2014-07-25 04:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 08:55 - 2014-07-25 04:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 08:55 - 2014-07-25 04:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-08-14 08:55 - 2014-07-25 04:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 08:55 - 2014-07-25 04:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 08:55 - 2014-07-25 04:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 08:55 - 2014-07-25 03:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 08:55 - 2014-07-25 03:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-08-14 08:55 - 2014-07-25 03:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 08:55 - 2014-07-25 03:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-08-14 08:55 - 2014-07-25 03:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-08-14 08:55 - 2014-07-25 03:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-08-14 08:55 - 2014-07-25 03:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 08:55 - 2014-07-25 03:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 08:55 - 2014-07-25 03:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 08:55 - 2014-07-25 03:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-08-14 08:55 - 2014-07-25 03:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 08:55 - 2014-07-25 03:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 08:55 - 2014-07-25 03:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 08:55 - 2014-07-25 03:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 08:55 - 2014-07-25 02:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-08-14 08:55 - 2014-07-25 02:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-08-14 08:55 - 2014-07-25 02:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-08-14 08:55 - 2014-07-25 02:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 08:55 - 2014-07-25 02:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 08:55 - 2014-07-25 02:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 08:55 - 2014-07-15 19:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-14 08:55 - 2014-07-15 18:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 08:55 - 2014-07-15 18:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-14 08:55 - 2014-07-13 18:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-08-14 08:55 - 2014-07-13 17:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 08:55 - 2014-06-24 18:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-08-14 08:55 - 2014-06-24 17:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 08:55 - 2014-06-15 18:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-08-14 08:55 - 2014-06-03 02:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-08-14 08:55 - 2014-06-03 02:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-08-14 08:55 - 2014-06-03 02:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2014-08-14 08:55 - 2014-06-03 02:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-08-14 08:55 - 2014-06-03 01:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 08:55 - 2014-06-03 01:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 08:55 - 2014-06-03 01:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-10 18:03 - 2014-08-10 18:03 - 00000000 ____D () C:\Users\Kristopher\Documents\Larian Studios
2014-08-10 13:53 - 2014-08-10 13:53 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-08-06 09:36 - 2014-08-06 09:36 - 07189107 _____ () C:\Users\Kristopher\Downloads\CorsairHeadsetSetupRelease2016.zip
2014-08-06 09:23 - 2014-08-06 09:23 - 00001170 _____ () C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk
2014-08-06 09:18 - 2014-08-06 09:22 - 111970304 _____ (SQUARE ENIX CO., LTD.) C:\Users\Kristopher\Downloads\ffxivsetup (1).exe
2014-08-04 10:48 - 2014-08-04 10:48 - 07218589 _____ () C:\Users\Kristopher\Downloads\CorsairHeadsetSetupRelease2026.zip
2014-08-01 15:10 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-08-01 15:10 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-08-01 15:10 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 15:10 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-08-01 15:10 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-08-01 15:10 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-08-01 15:10 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 15:10 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-08-01 15:10 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-08-01 15:10 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 15:10 - 2014-05-14 06:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-08-01 15:10 - 2014-05-14 06:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 15:10 - 2014-05-14 06:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-08-01 15:10 - 2014-05-14 06:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 15:02 - 2014-08-01 15:02 - 00000000 ____D () C:\ProgramData\RzMaelstromVAD_1.1.58.1854
2014-07-29 06:41 - 2014-07-02 09:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-29 06:39 - 2014-07-02 12:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-07-29 06:39 - 2014-07-02 12:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6434052.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6434052.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-29 06:39 - 2014-07-02 12:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-24 17:10 - 2014-07-24 17:10 - 00000000 ____D () C:\Users\Kristopher\AppData\Local\Adobe
2014-07-18 19:01 - 2014-07-18 19:01 - 01322294 _____ () C:\Users\Kristopher\Downloads\33132-[AG3+][v1.50][English Translation][Hentaijin][Release 4.3] (1).rar
2014-07-18 19:01 - 2014-07-18 19:01 - 00000000 ____D () C:\Users\Kristopher\AppData\Roaming\WinRAR
2014-07-18 19:00 - 2014-07-18 19:00 - 01915800 _____ () C:\Users\Kristopher\Downloads\winrar-x64-510.exe
2014-07-18 18:59 - 2014-07-18 18:59 - 01322294 _____ () C:\Users\Kristopher\Downloads\33132-[AG3+][v1.50][English Translation][Hentaijin][Release 4.3].rar
2014-07-18 18:27 - 2014-07-18 18:27 - 00003142 _____ () C:\Windows\System32\Tasks\{8DFDB475-B2C7-4B8F-85D5-9E35482922BD}
2014-07-18 18:26 - 2014-07-18 18:26 - 00000000 ____D () C:\Program Files\005
2014-07-18 18:25 - 2014-07-18 18:30 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-18 18:25 - 2014-07-18 18:25 - 00000000 ____D () C:\Users\Kristopher\AppData\Local\globalUpdate
2014-07-18 18:24 - 2014-07-18 18:24 - 00370736 _____ () C:\Users\Kristopher\Downloads\(18)_[140613]_[ILLUSION]_2__________(3mdf_3mds_exe_rr3) (1).exe
2014-07-18 18:23 - 2014-07-18 18:23 - 00370736 _____ () C:\Users\Kristopher\Downloads\(18)_[140613]_[ILLUSION]_2__________(3mdf_3mds_exe_rr3).exe
2014-07-18 18:20 - 2014-07-18 18:20 - 00370736 _____ () C:\Users\Kristopher\Downloads\_18_[140613]_[ILLUSION]_2_3mdf_3mds_exe_rr3 (1).exe
2014-07-18 18:18 - 2014-07-18 18:18 - 00370736 _____ () C:\Users\Kristopher\Downloads\_18_[140613]_[ILLUSION]_2_3mdf_3mds_exe_rr3.exe
2014-07-18 15:31 - 2014-07-18 15:31 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-18 15:31 - 2014-07-11 00:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 15:31 - 2014-07-10 23:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 15:31 - 2014-07-10 23:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 15:31 - 2014-07-10 23:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-15 18:51 - 2014-08-15 18:51 - 00000000 ____D () C:\FRST
2014-08-15 10:04 - 2014-08-15 10:04 - 461978560 _____ () C:\Windows\MEMORY.DMP
2014-08-15 01:28 - 2013-01-26 15:27 - 01880817 _____ () C:\Windows\WindowsUpdate.log
2014-08-15 01:02 - 2013-08-13 16:41 - 00000000 ____D () C:\Windows\rescache
2014-08-15 00:54 - 2013-01-26 10:31 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-15 00:41 - 2013-01-26 01:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-15 00:31 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-08-15 00:31 - 2009-07-13 20:45 - 00021888 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-15 00:31 - 2009-07-13 20:45 - 00021888 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-15 00:25 - 2013-07-05 13:26 - 00061813 _____ () C:\Windows\setupact.log
2014-08-15 00:25 - 2013-02-04 16:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-15 00:25 - 2010-11-20 19:47 - 00236982 _____ () C:\Windows\PFRO.log
2014-08-15 00:25 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-15 00:25 - 2009-07-13 20:45 - 00481184 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-15 00:24 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 00:04 - 2013-07-11 16:24 - 00000000 ____D () C:\Windows\System32\MRT
2014-08-15 00:03 - 2013-01-26 10:03 - 99218768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-08-15 00:01 - 2013-01-26 10:31 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-15 00:00 - 2014-05-06 00:00 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-08-14 18:19 - 2013-01-26 10:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-10 18:03 - 2014-08-10 18:03 - 00000000 ____D () C:\Users\Kristopher\Documents\Larian Studios
2014-08-10 13:53 - 2014-08-10 13:53 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-08-10 13:37 - 2014-03-18 17:21 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-06 18:06 - 2014-08-14 08:55 - 00529920 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-08-06 18:01 - 2014-08-14 08:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-08-06 09:36 - 2014-08-06 09:36 - 07189107 _____ () C:\Users\Kristopher\Downloads\CorsairHeadsetSetupRelease2016.zip
2014-08-06 09:23 - 2014-08-06 09:23 - 00001170 _____ () C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk
2014-08-06 09:23 - 2013-01-26 15:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-06 09:22 - 2014-08-06 09:18 - 111970304 _____ (SQUARE ENIX CO., LTD.) C:\Users\Kristopher\Downloads\ffxivsetup (1).exe
2014-08-04 10:48 - 2014-08-04 10:48 - 07218589 _____ () C:\Users\Kristopher\Downloads\CorsairHeadsetSetupRelease2026.zip
2014-08-01 15:02 - 2014-08-01 15:02 - 00000000 ____D () C:\ProgramData\RzMaelstromVAD_1.1.58.1854
2014-07-31 15:41 - 2014-08-14 08:55 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-07-31 15:16 - 2014-08-14 08:55 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-29 06:41 - 2013-02-04 16:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-29 06:40 - 2013-02-04 16:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-29 06:37 - 2013-11-12 13:52 - 00000000 ____D () C:\Users\Kristopher\AppData\Local\NVIDIA Corporation
2014-07-28 12:40 - 2013-04-23 16:50 - 00000000 ____D () C:\Users\Kristopher\AppData\Roaming\Skype
2014-07-25 14:08 - 2013-05-01 12:31 - 00000000 ____D () C:\Users\Kristopher\AppData\Roaming\FEZ
2014-07-25 06:52 - 2014-08-14 08:55 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-07-25 06:02 - 2014-08-14 08:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-07-25 06:01 - 2014-08-14 08:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 05:51 - 2014-08-14 08:55 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 05:50 - 2014-06-20 16:12 - 01715224 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2014-07-25 05:50 - 2014-06-20 16:12 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 05:50 - 2013-10-28 18:41 - 01283136 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2014-07-25 05:50 - 2013-10-28 18:41 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-25 05:30 - 2014-08-14 08:55 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-07-25 05:28 - 2014-08-14 08:55 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-07-25 05:28 - 2014-08-14 08:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-07-25 05:25 - 2014-08-14 08:55 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-07-25 05:25 - 2014-08-14 08:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-07-25 05:11 - 2014-08-14 08:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-07-25 05:10 - 2014-08-14 08:55 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-07-25 05:04 - 2014-08-14 08:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 05:03 - 2014-08-14 08:55 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-07-25 05:00 - 2014-08-14 08:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-07-25 05:00 - 2014-08-14 08:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-07-25 04:59 - 2014-08-14 08:55 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-07-25 04:47 - 2014-08-14 08:55 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 04:40 - 2014-08-14 08:55 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-07-25 04:34 - 2014-08-14 08:55 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 04:34 - 2014-08-14 08:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 04:33 - 2014-08-14 08:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 04:30 - 2014-08-14 08:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 04:28 - 2014-08-14 08:55 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-07-25 04:28 - 2014-08-14 08:55 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 04:21 - 2014-08-14 08:55 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 04:19 - 2014-08-14 08:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-07-25 04:18 - 2014-08-14 08:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 04:17 - 2014-08-14 08:55 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-07-25 04:17 - 2014-08-14 08:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 04:12 - 2014-08-14 08:55 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 04:10 - 2014-08-14 08:55 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-07-25 04:10 - 2014-08-14 08:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 04:08 - 2014-08-14 08:55 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 04:06 - 2014-08-14 08:55 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 03:52 - 2014-08-14 08:55 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 03:47 - 2014-08-14 08:55 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-07-25 03:43 - 2014-08-14 08:55 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 03:42 - 2014-08-14 08:55 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-07-25 03:39 - 2014-08-14 08:55 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-07-25 03:39 - 2014-08-14 08:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-07-25 03:36 - 2014-08-14 08:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 03:34 - 2014-08-14 08:55 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 03:29 - 2014-08-14 08:55 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 03:23 - 2014-08-14 08:55 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-07-25 03:13 - 2014-08-14 08:55 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 03:07 - 2014-08-14 08:55 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 03:07 - 2014-08-14 08:55 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 03:03 - 2014-08-14 08:55 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 02:52 - 2014-08-14 08:55 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-07-25 02:26 - 2014-08-14 08:55 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-07-25 02:17 - 2014-08-14 08:55 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-07-25 02:09 - 2014-08-14 08:55 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 02:05 - 2014-08-14 08:55 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 02:00 - 2014-08-14 08:55 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 17:10 - 2014-07-24 17:10 - 00000000 ____D () C:\Users\Kristopher\AppData\Local\Adobe
2014-07-23 19:54 - 2013-03-12 20:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-23 19:54 - 2013-03-12 20:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-21 13:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-07-19 01:00 - 2013-05-12 17:41 - 00000000 ____D () C:\Users\Kristopher\AppData\Roaming\BitTorrent
2014-07-18 19:01 - 2014-07-18 19:01 - 01322294 _____ () C:\Users\Kristopher\Downloads\33132-[AG3+][v1.50][English Translation][Hentaijin][Release 4.3] (1).rar
2014-07-18 19:01 - 2014-07-18 19:01 - 00000000 ____D () C:\Users\Kristopher\AppData\Roaming\WinRAR
2014-07-18 19:00 - 2014-07-18 19:00 - 01915800 _____ () C:\Users\Kristopher\Downloads\winrar-x64-510.exe
2014-07-18 18:59 - 2014-07-18 18:59 - 01322294 _____ () C:\Users\Kristopher\Downloads\33132-[AG3+][v1.50][English Translation][Hentaijin][Release 4.3].rar
2014-07-18 18:30 - 2014-07-18 18:25 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-18 18:27 - 2014-07-18 18:27 - 00003142 _____ () C:\Windows\System32\Tasks\{8DFDB475-B2C7-4B8F-85D5-9E35482922BD}
2014-07-18 18:26 - 2014-07-18 18:26 - 00000000 ____D () C:\Program Files\005
2014-07-18 18:25 - 2014-07-18 18:25 - 00000000 ____D () C:\Users\Kristopher\AppData\Local\globalUpdate
2014-07-18 18:24 - 2014-07-18 18:24 - 00370736 _____ () C:\Users\Kristopher\Downloads\(18)_[140613]_[ILLUSION]_2__________(3mdf_3mds_exe_rr3) (1).exe
2014-07-18 18:23 - 2014-07-18 18:23 - 00370736 _____ () C:\Users\Kristopher\Downloads\(18)_[140613]_[ILLUSION]_2__________(3mdf_3mds_exe_rr3).exe
2014-07-18 18:20 - 2014-07-18 18:20 - 00370736 _____ () C:\Users\Kristopher\Downloads\_18_[140613]_[ILLUSION]_2_3mdf_3mds_exe_rr3 (1).exe
2014-07-18 18:18 - 2014-07-18 18:18 - 00370736 _____ () C:\Users\Kristopher\Downloads\_18_[140613]_[ILLUSION]_2_3mdf_3mds_exe_rr3.exe
2014-07-18 15:31 - 2014-07-18 15:31 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-18 15:31 - 2013-07-21 13:12 - 00000000 ____D () C:\Program Files (x86)\Java
 
Files to move or delete:
====================
C:\Users\Kristopher\jagex_cl_runescape_LIVE.dat
C:\Users\Kristopher\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Kristopher\AppData\Local\Temp\dlLogic.exe
C:\Users\Kristopher\AppData\Local\Temp\dltr.exe
C:\Users\Kristopher\AppData\Local\Temp\drm_dyndata_7310007.dll
C:\Users\Kristopher\AppData\Local\Temp\GCVerifier.dll
C:\Users\Kristopher\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Kristopher\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Kristopher\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Kristopher\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Kristopher\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kristopher\AppData\Local\Temp\nso8000.exe
C:\Users\Kristopher\AppData\Local\Temp\nsoCD69.exe
C:\Users\Kristopher\AppData\Local\Temp\nstC9DF.exe
C:\Users\Kristopher\AppData\Local\Temp\nsvD41.exe
C:\Users\Kristopher\AppData\Local\Temp\nsy82FD.exe
C:\Users\Kristopher\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Kristopher\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Kristopher\AppData\Local\Temp\nvStInst.exe
C:\Users\Kristopher\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Kristopher\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kristopher\AppData\Local\Temp\sonarinst.exe
C:\Users\Kristopher\AppData\Local\Temp\uttDDA3.tmp.exe
C:\Users\Kristopher\AppData\Local\Temp\verifier.exe
C:\Users\Kristopher\AppData\Local\Temp\{6DD5B5A0-72C0-4000-A21D-94AF0604310E}-31.0.1650.57_30.0.1599.101_chrome_updater.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 7%
Total physical RAM: 16266.73 MB
Available physical RAM: 15121.64 MB
Total Pagefile: 16264.93 MB
Available Pagefile: 15126.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.24 GB) (Free:21.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:931.41 GB) (Free:571.11 GB) NTFS
Drive g: (SPOWERSOFT) (Removable) (Total:14.83 GB) (Free:14.83 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: B793C38B)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0040EE26)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 3F273F26)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
 
 
LastRegBack: 2014-07-28 13:12
 
==================== End Of Log ============================

Edited by hamluis, 16 August 2014 - 08:02 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:50 AM

Posted 20 August 2014 - 07:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/544569 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:50 AM

Posted 25 August 2014 - 07:05 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users