Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Wont Start HELP


  • This topic is locked This topic is locked
50 replies to this topic

#1 Luke98

Luke98

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 06:47 AM

Windows 7 Wont Start i have a USB with Farbars recovery tool i tried system restore and safe mode with networking but i get this blue screen after it says starting Windows then blue screen it says STOP: c0000135 cant start because %hs is missing try reinstalling it.   i dont have any disk or nothing but if theres a way help me.  i got Windows 7 Professional its an ADVENT 5421. my processor Intel Celeron Dual Core T1500 please HELP i beg you


Edited by Luke98, 24 April 2014 - 06:59 AM.


BC AdBot (Login to Remove)

 


m

#2 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 07:00 AM

Windows 7 Professional



#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:17 AM

Posted 24 April 2014 - 07:25 AM


Hello Luke98

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe or e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • First Press the Scan button.
  • It will make a log (FRST.txt)
I want you to poste the FRST.txt report into your reply to me

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 07:33 AM

Hello Luke98

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  •  
  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
    •  
    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe or e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • First Press the Scan button.
  • It will make a log (FRST.txt)
I want you to poste the FRST.txt report into your reply to me

Gringo

 

ok  thanks i will get back to you



#5 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 07:43 AM

 

Hello Luke98

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  •  
  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
    •  
    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe or e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • First Press the Scan button.
  • It will make a log (FRST.txt)
I want you to poste the FRST.txt report into your reply to me

Gringo

 

ok  thanks i will get back to you

 

 Hello my family member is using my other Computer once hes off ill post FRST.txt



#6 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 08:09 AM

Hello Luke98

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  •  
  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
    •  
    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe or e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • First Press the Scan button.
  • It will make a log (FRST.txt)
I want you to poste the FRST.txt report into your reply to me

Gringo

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Here it is

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by SYSTEM on MININT-L6NTI9C on 24-04-2014 13:01:42
Running from E:\
Windows 7 Professional (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SiSTray] => C:\Program Files\SiS VGA Utilities\SiSTray.exe [557056 2012-12-08] (Silicon Integrated Systems Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-09-13] (CyberLink Corp.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [601928 2013-06-18] (BlueStack Systems, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\User\...\Run: [HKCU] => C:\Users\User\AppData\Roaming\microsoft_windows\notepad.exe [179712 2005-06-24] (Microsoft Corporation)
HKU\User\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\Windows Calculator\calc.exe <===== ATTENTION
HKU\User\...\Winlogon: [Shell] explorer.exe [2614272 2009-10-30] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: c:\progra~1\sk-ena~1\psupport.dll => c:\progra~1\sk-ena~1\psupport.dll File Not Found
 
========================== Services (Whitelisted) =================
 
S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-06-18] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-18] (BlueStack Systems, Inc.)
S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 O2 Broadband. RunOuc; C:\Program Files\O2\O2 Broadband USB Modem\O2 Broadband\UpdateDog\ouc.exe [218624 2013-01-11] ()
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S1 archlp; C:\Windows\System32\drivers\archlp.sys [127744 2009-02-19] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-29] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-03-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-03-29] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-29] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-03-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180760 2014-03-29] ()
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-06-18] (BlueStack Systems)
S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [157568 2010-06-23] (Hauppauge, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-26] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-30] (Realtek Semiconductor Corporation                           )
S0 uagp35; C:\Windows\System32\DRIVERS\sisagpx.sys [58400 2012-12-08] (Silicon Integrated Systems Corporation)
S3 usbaudio; system32\drivers\usbaudio.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\DRIVERS\1394ohci.sys 6D2ACA41739BFE8CB86EE8E85F29697D
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\drivers\Afc.sys A7B8A3A79D35215D798A300DF49ED23F
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsata.sys 2101A86C25C154F8314B24EF49D7FBC2
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys B81C2B5616F6420A9941EA093A92B150
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\drivers\archlp.sys D781CB30626FF2F391BC9EC6E20801B9
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys B347D2FEAE2D063943F16EC98634AB89
C:\Windows\system32\drivers\aswRdr2.sys 769C65057212FB5004679E02EF8145C0
C:\Windows\System32\Drivers\aswRvrt.sys 84B4C00AE8CDFC52CF68F322D821F34C
C:\Windows\system32\drivers\aswSnx.sys 3A50AD6AE8D8A0F78F03316F5B93FE45
C:\Windows\system32\drivers\aswSP.sys B6381B4DC603C558419641BA969930E0
C:\Windows\system32\drivers\aswStm.sys 9529E946B8496C1605A9188FFD49DED8
C:\Windows\System32\Drivers\aswVmm.sys 680448905E27BBC6587ADB28597640D6
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys 713F12D14ED3B5CE90C0DD5513CDE0F1
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys DB5E008B3744DD60C8498CBBF2A1CFA6
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys C94B6C3CC628179CB9B9061C19888B99
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbwwan.sys 026F6D48CC5293C7B8A696376618B9D2
C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 57C171EA22F0A7F068FCB0CAEDD1E8E7
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 500A9814FD9446A8126858A5A7F7D273
C:\Windows\System32\DRIVERS\fvevol.sys 5592F5DBA26282D24D2B080EB438A4D7
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hcwhdpvr.sys D9C5E547B2D610A61560A045353962DC
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ew_jubusenum.sys F44461E66F1B7DD267957FE9BAA63ED0
C:\Windows\System32\DRIVERS\ewusbmdm.sys F547F862B8907F1BCBD9B72A72A6449E
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iaStorV.sys 934AF4D7C5F457B9F0743F4299B77B67
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 52FC17C8589F11747D01D3CF592673D0
C:\Windows\System32\Drivers\ksecpkg.sys 3E5474B03568CFAB834DA3C38E8C9EFA
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\Windows\system32\drivers\mbamswissarmy.sys 0DB7527DB188C7D967A37BB51BBF3963
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A8F59428E9F361C7AC42A94AC1560BC9
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvraid.sys 3F3D04B1D08D43C16EA7963954EC768D
C:\Windows\system32\DRIVERS\nvstor.sys C99F251A5DE63C6F129CF71933ACED0F
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 66D3415C159741ADE7038A277EFFF99F
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys C858CB77C577780ECC456A892E7E7D0F
C:\Windows\System32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 835D7E81BF517A3B72384BDCC85E1CE6
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys 1E016846895B15A99F9A176A05029075
C:\Windows\System32\drivers\rdpdr.sys C5FF95883FFEF704D50C40D21CFB3AB5
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys C5B8D47A4688DE9D335204EA757C2240
C:\Windows\System32\drivers\rdyboost.sys 4EA225BF1CF05E158853F30A99CA29A7
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RTL8187B.sys 949F74CB383A1D5DA67AEA9CCD4A8B87
C:\Windows\system32\DRIVERS\vms3cap.sys 5423D8437051E89DD34749F242C98648
C:\Windows\system32\DRIVERS\sbp2port.sys 34EE0C44B724E3E4CE2EFF29126DE5B5
C:\Windows\System32\DRIVERS\scfilter.sys A95C54B2AC3CC9C73FCDF9E51A1D6B51
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys 4F1E5B0FE7C8050668DBFADE8999AEFB
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SISGRKMD.sys B5148ECEE558C58458A554B368F5FB69
C:\Windows\System32\DRIVERS\SiSGB6.sys 6F0C643C7F49F2091B01D014EAE72E1A
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys C4A027B8C0BD3FC0699F41FA5E9E0C87
C:\Windows\System32\DRIVERS\srv2.sys 414BB592CAD8A79649D01F9D94318FB3
C:\Windows\System32\DRIVERS\srvnet.sys FF207D67700AA18242AAF985D3E7D8F4
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmstorfl.sys 957E346CA948668F2496A6CCF6FF82CC
C:\Windows\system32\DRIVERS\storvsc.sys D5751969DC3E4B88BF482AC8EC9FE019
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\DRIVERS\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\drivers\tcpipreg.sys E64444523ADD154F86567C469BC0B17F
C:\Windows\System32\drivers\tdpipe.sys 1875C1490D99E70E449E3AFAE9FCBADF
C:\Windows\System32\drivers\tdtcp.sys 7156308896D34EA75A582F9A09E50C17
C:\Windows\System32\DRIVERS\tdx.sys CB39E896A2A83702D1737BFD402B3542
C:\Windows\System32\DRIVERS\termdd.sys C36F41EE20E6999DBF4B0425963268A5
C:\Windows\System32\DRIVERS\tssecsrv.sys 98AE6FA07D12CB4EC5CF4A9BFA5F4242
C:\Windows\System32\DRIVERS\tunnel.sys 3E461D890A97F9D4C168F5FDA36E1D00
C:\Windows\System32\DRIVERS\sisagpx.sys 546B935F005E9BB7FEC7B17D42547D0E
C:\Windows\System32\DRIVERS\udfs.sys 09CC3E16F8E5EE7168E01CF8FCBE061A
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys 049B3A50B3D646BAEEEE9EEC9B0668DC
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 8455C4ED038EFD09E99327F9D2D48FFA
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys 1C333BFD60F2FED2C7AD5DAF533CB742
C:\Windows\System32\DRIVERS\usbhub.sys EE6EF93CCFA94FAE8C6AB298273D8AE2
C:\Windows\System32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS D8889D56E0D27E57ED4591837FE71D27
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys F642A7E4BF78CFA359CCA0A3557C28D7
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys 3BE6E1F3A4F1AFEC8CEE0D7883F93583
C:\Windows\system32\DRIVERS\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vmbus.sys 379B349F65F453D2A6E75EA6B7448E49
C:\Windows\system32\DRIVERS\VMBusHID.sys EC2BBAB4B84D0738C6C83D2234DC36FE
C:\Windows\System32\DRIVERS\volmgr.sys 384E5A2AA49934295171E499F86BA6F3
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys 59F06B4968E58BC83DFC56CA4517960E
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 6F9B6C0C93232CFF47D0F72D6DB1D21E
C:\Windows\System32\DRIVERS\WUDFRd.sys F91FF1E51FCA30B3C3981DB7D5924252
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-24 12:54 - 2014-04-24 13:01 - 00000000 ____D () C:\FRST
2014-04-23 14:40 - 2014-04-23 14:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-04-23 14:26 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-04-23 14:26 - 2014-04-23 17:02 - 00000000 ____D () C:\ebf37e98ca3f4284d3bc2aef
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\ProgramData\Uniblue
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Sun
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-23 13:07 - 2014-04-23 13:07 - 00000000 ____D () C:\Program Files\Java
2014-04-23 11:23 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files\Opera
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Opera Software
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Local\Opera Software
2014-04-23 10:00 - 2014-02-03 18:04 - 01230336 ____N (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-04-23 08:50 - 2014-04-23 08:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-04-23 08:50 - 2014-04-23 08:50 - 00640512 ____N (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2014-04-23 08:49 - 2014-04-23 08:49 - 00231424 ____N (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2014-04-22 15:51 - 2014-04-22 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\Bushigan_Solovariente
2014-04-22 15:43 - 2014-04-22 15:46 - 13313621 _____ () C:\Users\User\Downloads\Project_Trinity_1.00.rar
2014-04-22 14:48 - 2012-01-22 15:19 - 00749951 _____ () C:\Users\User\Desktop\GTA-Logo-V-psd76236.psd
2014-04-22 14:47 - 2014-04-22 14:47 - 00361560 _____ () C:\Users\User\Downloads\GTA-Logo-V-psd76236.zip
2014-04-21 15:57 - 2014-04-21 15:57 - 02049536 ____N (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01766400 ____N (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01140736 ____N (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-21 15:44 - 2013-12-31 15:05 - 00420008 ____N () C:\Windows\System32\locale.nls
2014-04-21 15:44 - 2013-07-08 20:52 - 00175104 ____N (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-04-21 15:44 - 2012-10-03 08:42 - 00242176 ____N (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2014-04-21 15:44 - 2012-10-03 08:42 - 00156672 ____N (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2014-04-21 15:44 - 2012-10-03 08:42 - 00052224 ____N (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2014-04-21 15:44 - 2012-10-03 08:40 - 00499712 ____N (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-04-21 15:43 - 2013-10-05 11:57 - 01168384 ____N (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-04-21 15:43 - 2013-10-03 17:58 - 00152576 ____N (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2014-04-21 15:43 - 2013-10-03 17:56 - 01796096 ____N (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-04-21 15:43 - 2013-10-03 17:56 - 00168960 ____N (Microsoft Corporation) C:\Windows\System32\credui.dll
2014-04-21 15:43 - 2013-07-08 20:46 - 00103936 ____N (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2014-04-21 15:41 - 2012-10-09 09:40 - 00193536 ____N (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2014-04-21 15:41 - 2012-10-09 09:40 - 00044032 ____N (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2014-04-21 15:40 - 2013-10-11 18:01 - 00216576 ____N (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-04-21 15:40 - 2013-09-24 17:57 - 00247808 ____N (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-04-21 15:40 - 2013-09-24 17:57 - 00099840 ____N (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-04-21 15:40 - 2013-09-24 17:56 - 01038848 ____N (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-04-21 15:40 - 2013-09-24 17:56 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2014-04-21 15:40 - 2013-09-24 16:49 - 00022016 ____N (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-04-21 15:40 - 2013-07-25 17:55 - 12872704 ____N (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-04-21 15:40 - 2013-07-08 20:50 - 00652800 ____N (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-04-21 15:40 - 2013-07-04 03:50 - 00530432 ____N (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2014-04-21 15:40 - 2013-04-25 20:55 - 00492544 ____N (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2014-04-21 15:39 - 2014-01-28 18:06 - 00381440 ____N (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-04-21 15:39 - 2013-10-18 17:36 - 00159232 ____N (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-04-21 15:39 - 2013-10-02 17:58 - 00305152 ____N (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-04-21 15:39 - 2013-09-24 17:57 - 00022016 ____N (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-04-21 15:39 - 2013-09-24 16:49 - 00015872 ____N (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-04-21 15:39 - 2013-07-04 03:51 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2014-04-21 15:38 - 2014-03-04 01:17 - 00868352 ____N (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-21 15:38 - 2013-08-01 17:50 - 00169984 ____N (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2014-04-21 15:38 - 2013-08-01 17:49 - 00293376 ____N (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-04-21 15:10 - 2013-02-26 20:49 - 00047104 ____N (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2014-04-21 12:54 - 2014-04-21 13:21 - 08010576 _____ () C:\Users\User\Downloads\heist 1.1444 trollllllll.psd
2014-04-21 07:41 - 2014-04-24 02:46 - 00000000 ____D () C:\be1b80c05716a2e5aa5f378e65d790
2014-04-21 07:41 - 2014-04-21 07:41 - 00000000 ____D () C:\Windows\System32\EventProviders
2014-04-21 07:36 - 2012-07-25 19:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2014-04-21 07:36 - 2012-07-25 19:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2014-04-21 07:36 - 2012-07-25 19:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2014-04-21 07:36 - 2012-07-25 19:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2014-04-21 07:31 - 2013-08-03 09:37 - 00016288 _____ () C:\Users\User\Desktop\Xperia.ttf
2014-04-21 07:31 - 2012-05-09 08:36 - 00118032 _____ () C:\Users\User\Desktop\pricedown bl.ttf
2014-04-21 07:25 - 2014-04-24 02:46 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-04-21 07:19 - 2010-11-20 04:21 - 00458752 ____N (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 01128448 ____N (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00811520 ____N (Microsoft Corporation) C:\Windows\System32\user32.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00782336 ____N (Microsoft Corporation) C:\Windows\System32\webservices.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00750592 ____N (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00560128 ____N (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00505856 ____N (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00363008 ____N (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00351232 ____N (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00206848 ____N (Microsoft Corporation) C:\Windows\System32\ws2_32.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00206848 ____N (Microsoft Corporation) C:\Windows\System32\upnp.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00119808 ____N (Microsoft Corporation) C:\Windows\System32\umpo.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00085504 ____N (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00084480 ____N (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\userenv.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\umb.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00047104 ____N (Microsoft Corporation) C:\Windows\System32\wkscli.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00040448 ____N (Microsoft Corporation) C:\Windows\System32\wtsapi32.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00033280 ____N (Microsoft Corporation) C:\Windows\System32\wiarpc.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00027648 ____N (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-04-21 07:18 - 2010-11-20 04:20 - 00547840 ____N (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2014-04-21 07:18 - 2010-11-20 04:19 - 00566272 ____N (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2014-04-21 07:18 - 2010-11-20 04:17 - 00286720 ____N (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-04-21 07:17 - 2010-11-20 04:24 - 00271664 ____N (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 01667584 ____N (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00380416 ____N (Microsoft Corporation) C:\Windows\System32\sxs.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00350208 ____N (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00328192 ____N (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00307712 ____N (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00305152 ____N (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00189952 ____N (Microsoft Corporation) C:\Windows\System32\wdscore.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00175616 ____N (Microsoft Corporation) C:\Windows\System32\scecli.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00172544 ____N (Microsoft Corporation) C:\Windows\System32\spp.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00168960 ____N (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00156672 ____N (Microsoft Corporation) C:\Windows\System32\winsta.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00090112 ____N (Microsoft Corporation) C:\Windows\System32\srvcli.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00065024 ____N (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00051712 ____N (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00051712 ____N (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00009728 ____N (Microsoft Corporation) C:\Windows\System32\sscore.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 02504192 ____N (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2014-04-21 07:17 - 2010-11-20 04:20 - 02494464 ____N (Microsoft Corporation) C:\Windows\System32\netshell.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00988160 ____N (Microsoft Corporation) C:\Windows\System32\propsys.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00563712 ____N (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00406528 ____N (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00161792 ____N (Microsoft Corporation) C:\Windows\System32\netjoin.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00078848 ____N (Microsoft Corporation) C:\Windows\System32\nci.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\PrintIsolationProxy.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00022528 ____N (Microsoft Corporation) C:\Windows\System32\netutils.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00257024 ____N (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00213504 ____N (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00209920 ____N (Microsoft Corporation) C:\Windows\System32\mstask.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00158720 ____N (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00127488 ____N (Microsoft Corporation) C:\Windows\System32\logoncli.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00126464 ____N (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00103936 ____N (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2014-04-21 07:17 - 2010-11-20 04:19 - 00034304 ____N (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00546304 ____N (Microsoft Corporation) C:\Windows\System32\cscsvc.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00494592 ____N (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2014-04-21 07:17 - 2010-11-20 04:18 - 00139264 ____N (Microsoft Corporation) C:\Windows\System32\cscobj.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00034816 ____N (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00017408 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-04-21 07:17 - 2010-11-20 04:17 - 00267776 ____N (Microsoft Corporation) C:\Windows\System32\lsm.exe
2014-04-21 07:17 - 2010-11-20 04:16 - 00320000 ____N (Microsoft Corporation) C:\Windows\System32\winspool.drv
2014-04-21 07:16 - 2010-11-20 04:21 - 00551424 ____N (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\System32\untfs.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00269824 ____N (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00071168 ____N (Microsoft Corporation) C:\Windows\System32\resutils.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00051200 ____N (Microsoft Corporation) C:\Windows\System32\samcli.dll
2014-04-21 07:16 - 2010-11-20 04:20 - 00165376 ____N (Microsoft Corporation) C:\Windows\System32\provsvc.dll
2014-04-21 07:16 - 2010-11-20 04:20 - 00011776 ____N (Microsoft Corporation) C:\Windows\System32\nrpsrv.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00118272 ____N (Microsoft Corporation) C:\Windows\System32\imm32.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00039424 ____N (Microsoft Corporation) C:\Windows\System32\FXSMON.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 01003520 ____N (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00230912 ____N (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00222208 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\System32\dskquoui.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\dnscmmc.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\amstream.dll
2014-04-21 07:15 - 2010-11-20 04:21 - 00376832 ____N (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2014-04-21 07:15 - 2010-11-20 04:21 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\SndVolSSO.dll
2014-04-21 07:15 - 2010-11-20 04:21 - 00194048 ____N (Microsoft Corporation) C:\Windows\System32\winmm.dll
2014-04-21 07:15 - 2010-11-20 04:20 - 01414144 ____N (Microsoft Corporation) C:\Windows\System32\ole32.dll
2014-04-21 07:15 - 2010-11-20 04:20 - 00585728 ____N (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00485888 ____N (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00473600 ____N (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00309760 ____N (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00295936 ____N (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00195584 ____N (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00073216 ____N (Microsoft Corporation) C:\Windows\System32\cabinet.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00044032 ____N (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\bitsperf.dll
2014-04-21 07:15 - 2010-11-20 04:17 - 00010752 ____N (Microsoft Corporation) C:\Windows\System32\LogonUI.exe
2014-04-21 06:56 - 2012-05-04 23:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2014-04-21 06:30 - 2011-03-10 21:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2014-04-21 06:29 - 2011-06-15 20:33 - 00180224 ____N (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2014-04-21 06:28 - 2012-11-21 20:45 - 00626688 ____N (Microsoft Corporation) C:\Windows\System32\usp10.dll
2014-04-21 05:44 - 2014-04-21 05:44 - 00760080 _____ () C:\Users\User\Downloads\xperia.zip
2014-04-21 05:43 - 2014-04-21 05:44 - 00141284 _____ () C:\Users\User\Downloads\pricedown.zip
2014-04-21 02:40 - 2014-04-21 02:40 - 03998977 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.7.rar
2014-04-19 03:03 - 2014-04-19 03:04 - 03385780 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.5.rar
2014-04-15 06:56 - 2014-04-15 06:56 - 00002007 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-14 08:15 - 2014-04-14 08:17 - 03385657 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.0.rar
2014-04-14 04:37 - 2014-04-14 04:44 - 00000000 ____D () C:\Users\User\AppData\Local\PELock_Software
2014-04-14 04:35 - 2014-04-14 04:42 - 02848563 _____ () C:\Users\User\Downloads\GTA-V-Online-editor-1.11-Cracked-By-Alcatraz3222_protected.rar
2014-04-13 15:36 - 2014-04-13 15:51 - 00000028 _____ () C:\Users\User\Documents\NETFLIXACCCOUNTS CODESSd.txt
2014-04-13 15:34 - 2014-04-13 15:35 - 01483734 _____ () C:\Users\User\Downloads\Netflix Account Generator 2.0_1_0_0_2.rar
2014-04-13 11:34 - 2014-04-13 11:35 - 00000000 ____D () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1
2014-04-13 11:10 - 2012-11-20 21:41 - 00000000 ____D () C:\Users\User\Downloads\TwtDominator
2014-04-13 11:10 - 2012-11-18 20:17 - 00002645 _____ () C:\Users\User\Downloads\TwtDominator.lnk
2014-04-13 10:35 - 2014-04-13 10:39 - 05013612 _____ () C:\Users\User\Downloads\TwtDominator.rar
2014-04-13 09:31 - 2014-04-13 11:07 - 10758996 _____ () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1.rar
2014-04-13 07:07 - 2014-04-21 02:41 - 05744087 _____ () C:\Users\User\Downloads\NetCheat 4.37.zip
2014-04-13 07:07 - 2014-04-13 07:08 - 00185148 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.1.0.rar
2014-04-07 15:28 - 2014-04-07 15:28 - 00154283 ____H () C:\Users\User\AppData\Roaming\User-wchelper.dll
2014-04-07 13:40 - 2014-04-07 13:41 - 00993627 _____ () C:\Users\User\Downloads\Improved CID Generator.rar
2014-04-07 13:25 - 2014-04-07 13:27 - 01253888 _____ (MzNet) C:\Users\User\Downloads\Unpacked [SOURCE].exe
2014-04-07 10:49 - 2014-04-07 10:57 - 07334170 _____ () C:\Users\User\Downloads\GTA V Models v6.rar
2014-04-07 09:31 - 2014-04-07 09:32 - 01546680 _____ () C:\Windows\Minidump\040714-20203-01.dmp
2014-04-07 07:56 - 2014-04-07 07:58 - 00089510 _____ () C:\Users\User\Downloads\GTA Model Swapper.rar
2014-04-07 07:18 - 2014-04-07 07:18 - 01569608 _____ () C:\Windows\Minidump\040714-20843-01.dmp
2014-04-07 06:39 - 2014-04-07 09:31 - 110557619 _____ () C:\Windows\MEMORY.DMP
2014-04-07 06:39 - 2014-04-07 06:40 - 01569616 _____ () C:\Windows\Minidump\040714-25250-01.dmp
2014-04-07 04:18 - 2014-04-07 04:33 - 00000109 _____ () C:\Users\User\Documents\HOW TO SPOOF IDD.txt
2014-04-07 02:38 - 2014-04-07 02:38 - 00080960 _____ () C:\Users\User\Downloads\ginger333333
2014-04-07 02:37 - 2014-04-07 02:37 - 00081935 _____ () C:\Users\User\Downloads\ginger333
2014-04-06 15:07 - 2014-04-06 15:31 - 73095152 _____ () C:\Users\User\Downloads\SEN Enabler v5.2.3 [CEX] [4.50].rar
2014-04-06 14:46 - 2014-04-06 15:25 - 92324429 _____ () C:\Users\User\Downloads\SEN Enabler v5.4.1 [CEX] [4.55].rar
2014-04-06 14:40 - 2014-04-06 16:33 - 00000261 _____ () C:\Users\User\Documents\HOWtochangeMACPS333333333333333e.txt
2014-04-06 13:56 - 2014-04-06 14:00 - 04096839 _____ () C:\Users\User\Downloads\CcApi_2.00_package (1).rar
2014-04-06 12:58 - 2014-04-06 12:59 - 00699067 _____ () C:\Users\User\Downloads\PS Nnja v4.rar
2014-04-06 07:48 - 2014-04-06 07:49 - 01596665 _____ () C:\Users\User\Downloads\GTA V Model v3.rar
2014-04-06 07:43 - 2014-04-23 16:46 - 00000000 ____D () C:\Users\User\Desktop\Lukes Folder
2014-04-02 14:51 - 2014-04-02 14:51 - 00198412 _____ () C:\Users\User\Downloads\lizzieRIPPP
2014-04-02 14:49 - 2014-04-02 14:49 - 00196097 _____ () C:\Users\User\Downloads\lizzierip
2014-04-02 10:06 - 2014-04-02 10:06 - 00161103 _____ () C:\Users\User\Downloads\500
2014-04-02 05:48 - 2014-04-02 05:48 - 00168104 _____ () C:\Users\User\Downloads\karenRIP
2014-04-01 13:59 - 2014-04-01 13:59 - 00174978 _____ () C:\Users\User\Downloads\eugen222222
2014-04-01 13:58 - 2014-04-01 13:58 - 00158686 _____ () C:\Users\User\Downloads\eugene2
2014-04-01 13:23 - 2014-04-01 13:23 - 00237043 _____ () C:\Users\User\Downloads\LORIrippppHj
2014-04-01 13:00 - 2014-04-01 13:00 - 00237175 _____ () C:\Users\User\Downloads\loriBYE
2014-04-01 12:17 - 2014-04-01 12:17 - 00148884 _____ () C:\Users\User\Downloads\maggie333
2014-04-01 12:16 - 2014-04-01 12:16 - 00174125 _____ () C:\Users\User\Downloads\magie33333
2014-04-01 12:14 - 2014-04-01 12:14 - 00192157 _____ () C:\Users\User\Downloads\maggie33
2014-04-01 06:25 - 2014-04-01 06:25 - 00183218 _____ () C:\Users\User\Downloads\glen11
2014-04-01 06:25 - 2014-04-01 06:25 - 00142697 _____ () C:\Users\User\Downloads\glen22
2014-04-01 05:49 - 2014-04-01 05:49 - 00183312 _____ () C:\Users\User\Downloads\geln22
2014-04-01 05:15 - 2014-04-01 05:15 - 00145698 _____ () C:\Users\User\Downloads\HERSHEL11
2014-03-31 12:59 - 2014-03-31 12:59 - 00001934 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2014-03-31 12:59 - 2014-03-31 12:59 - 00001040 _____ () C:\Users\Public\Desktop\Prism Video File Converter.lnk
2014-03-31 12:49 - 2014-03-31 01:17 - 429715024 _____ () C:\Users\User\Desktop\the.walking.dead.s04e16.hdtv.x264-2hd.mp4
2014-03-29 02:14 - 2014-03-29 02:13 - 00067264 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-03-29 02:13 - 2014-03-29 02:13 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-26 12:57 - 2014-03-26 12:57 - 00171332 _____ () C:\Users\User\Downloads\THEBAD
2014-03-26 12:26 - 2014-03-26 12:26 - 00088090 _____ () C:\Users\User\Downloads\beth5
2014-03-26 12:02 - 2014-03-26 15:17 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2014-03-25 08:47 - 2014-04-21 04:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-25 06:25 - 2014-03-29 05:33 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-03-25 06:22 - 2014-03-25 06:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft FxCop
 
==================== One Month Modified Files and Folders =======
 
2014-04-24 13:01 - 2014-04-24 12:54 - 00000000 ____D () C:\FRST
2014-04-24 02:46 - 2014-04-21 07:41 - 00000000 ____D () C:\be1b80c05716a2e5aa5f378e65d790
2014-04-24 02:46 - 2014-04-21 07:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-04-24 02:46 - 2012-12-19 15:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\ArcSoft
2014-04-24 02:46 - 2009-07-13 23:50 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 __RSD () C:\Windows\Media
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\TAPI
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\wfp
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\spp
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\Speech
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\MUI
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\security
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\schemas
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-23 17:04 - 2009-07-13 23:50 - 00000000 ____D () C:\Windows\ShellNew
2014-04-23 17:02 - 2014-04-23 14:26 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-04-23 17:02 - 2014-04-23 14:26 - 00000000 ____D () C:\ebf37e98ca3f4284d3bc2aef
2014-04-23 17:02 - 2014-04-23 11:23 - 00000000 ____D () C:\Program Files\Opera
2014-04-23 17:02 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 16:58 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-04-23 16:48 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-23 16:46 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\User\Desktop\Lukes Folder
2014-04-23 16:45 - 2012-12-10 10:55 - 00000000 ____D () C:\Program Files\Common Files\Adobe.BackupByPhotoshopPortable
2014-04-23 16:42 - 2009-07-13 20:34 - 00014032 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 16:42 - 2009-07-13 20:34 - 00014032 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 15:44 - 2012-12-08 05:58 - 00008224 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 14:40 - 2014-04-23 14:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\ProgramData\Uniblue
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Sun
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-23 13:07 - 2014-04-23 13:07 - 00000000 ____D () C:\Program Files\Java
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Opera Software
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Local\Opera Software
2014-04-23 08:50 - 2014-04-23 08:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-04-23 08:50 - 2014-04-23 08:50 - 00640512 ____N (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2014-04-23 08:49 - 2014-04-23 08:49 - 00231424 ____N (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2014-04-22 15:51 - 2014-04-22 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\Bushigan_Solovariente
2014-04-22 15:46 - 2014-04-22 15:43 - 13313621 _____ () C:\Users\User\Downloads\Project_Trinity_1.00.rar
2014-04-22 14:47 - 2014-04-22 14:47 - 00361560 _____ () C:\Users\User\Downloads\GTA-Logo-V-psd76236.zip
2014-04-21 15:57 - 2014-04-21 15:57 - 02049536 ____N (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01766400 ____N (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01140736 ____N (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-21 13:21 - 2014-04-21 12:54 - 08010576 _____ () C:\Users\User\Downloads\heist 1.1444 trollllllll.psd
2014-04-21 07:41 - 2014-04-21 07:41 - 00000000 ____D () C:\Windows\System32\EventProviders
2014-04-21 07:41 - 2012-12-08 05:45 - 01956974 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 07:35 - 2013-12-15 07:36 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-21 06:12 - 2013-12-15 10:34 - 00007030 _____ () C:\Windows\setupact.log
2014-04-21 06:12 - 2009-07-13 20:33 - 00266808 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-04-21 05:44 - 2014-04-21 05:44 - 00760080 _____ () C:\Users\User\Downloads\xperia.zip
2014-04-21 05:44 - 2014-04-21 05:43 - 00141284 _____ () C:\Users\User\Downloads\pricedown.zip
2014-04-21 04:09 - 2014-03-25 08:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-21 02:41 - 2014-04-13 07:07 - 05744087 _____ () C:\Users\User\Downloads\NetCheat 4.37.zip
2014-04-21 02:40 - 2014-04-21 02:40 - 03998977 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.7.rar
2014-04-19 03:04 - 2014-04-19 03:03 - 03385780 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.5.rar
2014-04-19 02:44 - 2014-02-22 17:36 - 00201274 _____ () C:\Windows\PFRO.log
2014-04-15 06:56 - 2014-04-15 06:56 - 00002007 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-14 08:17 - 2014-04-14 08:15 - 03385657 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.0.rar
2014-04-14 04:44 - 2014-04-14 04:37 - 00000000 ____D () C:\Users\User\AppData\Local\PELock_Software
2014-04-14 04:42 - 2014-04-14 04:35 - 02848563 _____ () C:\Users\User\Downloads\GTA-V-Online-editor-1.11-Cracked-By-Alcatraz3222_protected.rar
2014-04-13 15:51 - 2014-04-13 15:36 - 00000028 _____ () C:\Users\User\Documents\NETFLIXACCCOUNTS CODESSd.txt
2014-04-13 15:35 - 2014-04-13 15:34 - 01483734 _____ () C:\Users\User\Downloads\Netflix Account Generator 2.0_1_0_0_2.rar
2014-04-13 11:35 - 2014-04-13 11:34 - 00000000 ____D () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1
2014-04-13 11:07 - 2014-04-13 09:31 - 10758996 _____ () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1.rar
2014-04-13 10:39 - 2014-04-13 10:35 - 05013612 _____ () C:\Users\User\Downloads\TwtDominator.rar
2014-04-13 07:08 - 2014-04-13 07:07 - 00185148 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.1.0.rar
2014-04-07 15:28 - 2014-04-07 15:28 - 00154283 ____H () C:\Users\User\AppData\Roaming\User-wchelper.dll
2014-04-07 13:41 - 2014-04-07 13:40 - 00993627 _____ () C:\Users\User\Downloads\Improved CID Generator.rar
2014-04-07 13:27 - 2014-04-07 13:25 - 01253888 _____ (MzNet) C:\Users\User\Downloads\Unpacked [SOURCE].exe
2014-04-07 13:00 - 2012-12-19 17:27 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-07 13:00 - 2012-12-19 17:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\NCH Software
2014-04-07 10:57 - 2014-04-07 10:49 - 07334170 _____ () C:\Users\User\Downloads\GTA V Models v6.rar
2014-04-07 09:32 - 2014-04-07 09:31 - 01546680 _____ () C:\Windows\Minidump\040714-20203-01.dmp
2014-04-07 09:31 - 2014-04-07 06:39 - 110557619 _____ () C:\Windows\MEMORY.DMP
2014-04-07 09:31 - 2012-12-30 09:38 - 00000000 ____D () C:\Windows\Minidump
2014-04-07 07:58 - 2014-04-07 07:56 - 00089510 _____ () C:\Users\User\Downloads\GTA Model Swapper.rar
2014-04-07 07:18 - 2014-04-07 07:18 - 01569608 _____ () C:\Windows\Minidump\040714-20843-01.dmp
2014-04-07 06:40 - 2014-04-07 06:39 - 01569616 _____ () C:\Windows\Minidump\040714-25250-01.dmp
2014-04-07 06:31 - 2014-01-20 12:26 - 00987839 ____N () C:\Windows\Minidump\040714-20656-01.dmp
2014-04-07 04:33 - 2014-04-07 04:18 - 00000109 _____ () C:\Users\User\Documents\HOW TO SPOOF IDD.txt
2014-04-07 02:38 - 2014-04-07 02:38 - 00080960 _____ () C:\Users\User\Downloads\ginger333333
2014-04-07 02:37 - 2014-04-07 02:37 - 00081935 _____ () C:\Users\User\Downloads\ginger333
2014-04-06 16:33 - 2014-04-06 14:40 - 00000261 _____ () C:\Users\User\Documents\HOWtochangeMACPS333333333333333e.txt
2014-04-06 15:31 - 2014-04-06 15:07 - 73095152 _____ () C:\Users\User\Downloads\SEN Enabler v5.2.3 [CEX] [4.50].rar
2014-04-06 15:25 - 2014-04-06 14:46 - 92324429 _____ () C:\Users\User\Downloads\SEN Enabler v5.4.1 [CEX] [4.55].rar
2014-04-06 14:00 - 2014-04-06 13:56 - 04096839 _____ () C:\Users\User\Downloads\CcApi_2.00_package (1).rar
2014-04-06 13:41 - 2012-12-08 05:56 - 00781298 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-06 12:59 - 2014-04-06 12:58 - 00699067 _____ () C:\Users\User\Downloads\PS Nnja v4.rar
2014-04-06 07:49 - 2014-04-06 07:48 - 01596665 _____ () C:\Users\User\Downloads\GTA V Model v3.rar
2014-04-02 14:51 - 2014-04-02 14:51 - 00198412 _____ () C:\Users\User\Downloads\lizzieRIPPP
2014-04-02 14:49 - 2014-04-02 14:49 - 00196097 _____ () C:\Users\User\Downloads\lizzierip
2014-04-02 10:06 - 2014-04-02 10:06 - 00161103 _____ () C:\Users\User\Downloads\500
2014-04-02 05:48 - 2014-04-02 05:48 - 00168104 _____ () C:\Users\User\Downloads\karenRIP
2014-04-02 05:06 - 2013-12-15 10:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-01 13:59 - 2014-04-01 13:59 - 00174978 _____ () C:\Users\User\Downloads\eugen222222
2014-04-01 13:58 - 2014-04-01 13:58 - 00158686 _____ () C:\Users\User\Downloads\eugene2
2014-04-01 13:23 - 2014-04-01 13:23 - 00237043 _____ () C:\Users\User\Downloads\LORIrippppHj
2014-04-01 13:00 - 2014-04-01 13:00 - 00237175 _____ () C:\Users\User\Downloads\loriBYE
2014-04-01 12:17 - 2014-04-01 12:17 - 00148884 _____ () C:\Users\User\Downloads\maggie333
2014-04-01 12:16 - 2014-04-01 12:16 - 00174125 _____ () C:\Users\User\Downloads\magie33333
2014-04-01 12:14 - 2014-04-01 12:14 - 00192157 _____ () C:\Users\User\Downloads\maggie33
2014-04-01 06:25 - 2014-04-01 06:25 - 00183218 _____ () C:\Users\User\Downloads\glen11
2014-04-01 06:25 - 2014-04-01 06:25 - 00142697 _____ () C:\Users\User\Downloads\glen22
2014-04-01 05:49 - 2014-04-01 05:49 - 00183312 _____ () C:\Users\User\Downloads\geln22
2014-04-01 05:15 - 2014-04-01 05:15 - 00145698 _____ () C:\Users\User\Downloads\HERSHEL11
2014-03-31 12:59 - 2014-03-31 12:59 - 00001934 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2014-03-31 12:59 - 2014-03-31 12:59 - 00001040 _____ () C:\Users\Public\Desktop\Prism Video File Converter.lnk
2014-03-31 12:59 - 2012-12-19 17:26 - 00000000 ____D () C:\Program Files\NCH Software
2014-03-31 01:17 - 2014-03-31 12:49 - 429715024 _____ () C:\Users\User\Desktop\the.walking.dead.s04e16.hdtv.x264-2hd.mp4
2014-03-30 18:51 - 2013-12-15 07:35 - 88028728 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-29 05:33 - 2014-03-25 06:25 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-03-29 02:13 - 2014-03-29 02:14 - 00067264 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-03-29 02:13 - 2014-03-29 02:13 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 02:13 - 2013-12-16 11:15 - 00776976 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00411552 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00271264 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-03-29 02:13 - 2013-12-16 11:15 - 00180760 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00081768 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00067824 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00049944 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-03-29 02:00 - 2012-12-10 10:55 - 00000000 ____D () C:\Program Files\Adobe
2014-03-26 15:17 - 2014-03-26 12:02 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2014-03-26 15:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\twain_32
2014-03-26 15:08 - 2014-02-28 16:49 - 00000000 ____D () C:\Program Files\Cain
2014-03-26 12:57 - 2014-03-26 12:57 - 00171332 _____ () C:\Users\User\Downloads\THEBAD
2014-03-26 12:26 - 2014-03-26 12:26 - 00088090 _____ () C:\Users\User\Downloads\beth5
2014-03-25 09:44 - 2013-12-15 08:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-25 06:22 - 2014-03-25 06:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft FxCop
 
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\calc.exe
C:\Users\User\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\User\AppData\Local\Temp\prismsetup.exe
C:\Users\User\AppData\Local\Temp\vbc.exe
 
 
==================== Known DLLs (Whitelisted) ============
 
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
Restore point made on: 2014-04-21 15:47:28
Restore point made on: 2014-04-23 08:46:10
Restore point made on: 2014-04-23 10:01:41
Restore point made on: 2014-04-23 13:06:35
Restore point made on: 2014-04-23 14:28:36
Restore point made on: 2014-04-23 15:14:18
 
==================== Memory info =========================== 
 
Percentage of memory in use: 41%
Total physical RAM: 893.17 MB
Available physical RAM: 524.67 MB
Total Pagefile: 893.17 MB
Available Pagefile: 545.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:134.36 GB) (Free:97.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.45 GB) (Free:0.43 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 6482D733)
Partition 1: (Active) - (Size=134 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
 
 
LastRegBack: 2014-04-01 09:05
 
==================== End Of Log ============================


#7 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 08:49 AM

hello here what i got now what

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by SYSTEM on MININT-L6NTI9C on 24-04-2014 13:01:42
Running from E:\
Windows 7 Professional (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SiSTray] => C:\Program Files\SiS VGA Utilities\SiSTray.exe [557056 2012-12-08] (Silicon Integrated Systems Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-09-13] (CyberLink Corp.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [601928 2013-06-18] (BlueStack Systems, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\User\...\Run: [HKCU] => C:\Users\User\AppData\Roaming\microsoft_windows\notepad.exe [179712 2005-06-24] (Microsoft Corporation)
HKU\User\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\Windows Calculator\calc.exe <===== ATTENTION
HKU\User\...\Winlogon: [Shell] explorer.exe [2614272 2009-10-30] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: c:\progra~1\sk-ena~1\psupport.dll => c:\progra~1\sk-ena~1\psupport.dll File Not Found
 
========================== Services (Whitelisted) =================
 
S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-06-18] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-18] (BlueStack Systems, Inc.)
S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 O2 Broadband. RunOuc; C:\Program Files\O2\O2 Broadband USB Modem\O2 Broadband\UpdateDog\ouc.exe [218624 2013-01-11] ()
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S1 archlp; C:\Windows\System32\drivers\archlp.sys [127744 2009-02-19] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-29] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-03-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-03-29] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-29] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-03-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180760 2014-03-29] ()
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-06-18] (BlueStack Systems)
S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [157568 2010-06-23] (Hauppauge, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-26] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-30] (Realtek Semiconductor Corporation                           )
S0 uagp35; C:\Windows\System32\DRIVERS\sisagpx.sys [58400 2012-12-08] (Silicon Integrated Systems Corporation)
S3 usbaudio; system32\drivers\usbaudio.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\DRIVERS\1394ohci.sys 6D2ACA41739BFE8CB86EE8E85F29697D
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\drivers\Afc.sys A7B8A3A79D35215D798A300DF49ED23F
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsata.sys 2101A86C25C154F8314B24EF49D7FBC2
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys B81C2B5616F6420A9941EA093A92B150
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\drivers\archlp.sys D781CB30626FF2F391BC9EC6E20801B9
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys B347D2FEAE2D063943F16EC98634AB89
C:\Windows\system32\drivers\aswRdr2.sys 769C65057212FB5004679E02EF8145C0
C:\Windows\System32\Drivers\aswRvrt.sys 84B4C00AE8CDFC52CF68F322D821F34C
C:\Windows\system32\drivers\aswSnx.sys 3A50AD6AE8D8A0F78F03316F5B93FE45
C:\Windows\system32\drivers\aswSP.sys B6381B4DC603C558419641BA969930E0
C:\Windows\system32\drivers\aswStm.sys 9529E946B8496C1605A9188FFD49DED8
C:\Windows\System32\Drivers\aswVmm.sys 680448905E27BBC6587ADB28597640D6
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys 713F12D14ED3B5CE90C0DD5513CDE0F1
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys DB5E008B3744DD60C8498CBBF2A1CFA6
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys C94B6C3CC628179CB9B9061C19888B99
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbwwan.sys 026F6D48CC5293C7B8A696376618B9D2
C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 57C171EA22F0A7F068FCB0CAEDD1E8E7
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 500A9814FD9446A8126858A5A7F7D273
C:\Windows\System32\DRIVERS\fvevol.sys 5592F5DBA26282D24D2B080EB438A4D7
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hcwhdpvr.sys D9C5E547B2D610A61560A045353962DC
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ew_jubusenum.sys F44461E66F1B7DD267957FE9BAA63ED0
C:\Windows\System32\DRIVERS\ewusbmdm.sys F547F862B8907F1BCBD9B72A72A6449E
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iaStorV.sys 934AF4D7C5F457B9F0743F4299B77B67
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 52FC17C8589F11747D01D3CF592673D0
C:\Windows\System32\Drivers\ksecpkg.sys 3E5474B03568CFAB834DA3C38E8C9EFA
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\Windows\system32\drivers\mbamswissarmy.sys 0DB7527DB188C7D967A37BB51BBF3963
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A8F59428E9F361C7AC42A94AC1560BC9
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvraid.sys 3F3D04B1D08D43C16EA7963954EC768D
C:\Windows\system32\DRIVERS\nvstor.sys C99F251A5DE63C6F129CF71933ACED0F
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 66D3415C159741ADE7038A277EFFF99F
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys C858CB77C577780ECC456A892E7E7D0F
C:\Windows\System32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 835D7E81BF517A3B72384BDCC85E1CE6
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys 1E016846895B15A99F9A176A05029075
C:\Windows\System32\drivers\rdpdr.sys C5FF95883FFEF704D50C40D21CFB3AB5
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys C5B8D47A4688DE9D335204EA757C2240
C:\Windows\System32\drivers\rdyboost.sys 4EA225BF1CF05E158853F30A99CA29A7
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RTL8187B.sys 949F74CB383A1D5DA67AEA9CCD4A8B87
C:\Windows\system32\DRIVERS\vms3cap.sys 5423D8437051E89DD34749F242C98648
C:\Windows\system32\DRIVERS\sbp2port.sys 34EE0C44B724E3E4CE2EFF29126DE5B5
C:\Windows\System32\DRIVERS\scfilter.sys A95C54B2AC3CC9C73FCDF9E51A1D6B51
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys 4F1E5B0FE7C8050668DBFADE8999AEFB
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SISGRKMD.sys B5148ECEE558C58458A554B368F5FB69
C:\Windows\System32\DRIVERS\SiSGB6.sys 6F0C643C7F49F2091B01D014EAE72E1A
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys C4A027B8C0BD3FC0699F41FA5E9E0C87
C:\Windows\System32\DRIVERS\srv2.sys 414BB592CAD8A79649D01F9D94318FB3
C:\Windows\System32\DRIVERS\srvnet.sys FF207D67700AA18242AAF985D3E7D8F4
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmstorfl.sys 957E346CA948668F2496A6CCF6FF82CC
C:\Windows\system32\DRIVERS\storvsc.sys D5751969DC3E4B88BF482AC8EC9FE019
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\DRIVERS\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\drivers\tcpipreg.sys E64444523ADD154F86567C469BC0B17F
C:\Windows\System32\drivers\tdpipe.sys 1875C1490D99E70E449E3AFAE9FCBADF
C:\Windows\System32\drivers\tdtcp.sys 7156308896D34EA75A582F9A09E50C17
C:\Windows\System32\DRIVERS\tdx.sys CB39E896A2A83702D1737BFD402B3542
C:\Windows\System32\DRIVERS\termdd.sys C36F41EE20E6999DBF4B0425963268A5
C:\Windows\System32\DRIVERS\tssecsrv.sys 98AE6FA07D12CB4EC5CF4A9BFA5F4242
C:\Windows\System32\DRIVERS\tunnel.sys 3E461D890A97F9D4C168F5FDA36E1D00
C:\Windows\System32\DRIVERS\sisagpx.sys 546B935F005E9BB7FEC7B17D42547D0E
C:\Windows\System32\DRIVERS\udfs.sys 09CC3E16F8E5EE7168E01CF8FCBE061A
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys 049B3A50B3D646BAEEEE9EEC9B0668DC
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 8455C4ED038EFD09E99327F9D2D48FFA
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys 1C333BFD60F2FED2C7AD5DAF533CB742
C:\Windows\System32\DRIVERS\usbhub.sys EE6EF93CCFA94FAE8C6AB298273D8AE2
C:\Windows\System32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS D8889D56E0D27E57ED4591837FE71D27
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys F642A7E4BF78CFA359CCA0A3557C28D7
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys 3BE6E1F3A4F1AFEC8CEE0D7883F93583
C:\Windows\system32\DRIVERS\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vmbus.sys 379B349F65F453D2A6E75EA6B7448E49
C:\Windows\system32\DRIVERS\VMBusHID.sys EC2BBAB4B84D0738C6C83D2234DC36FE
C:\Windows\System32\DRIVERS\volmgr.sys 384E5A2AA49934295171E499F86BA6F3
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys 59F06B4968E58BC83DFC56CA4517960E
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 6F9B6C0C93232CFF47D0F72D6DB1D21E
C:\Windows\System32\DRIVERS\WUDFRd.sys F91FF1E51FCA30B3C3981DB7D5924252
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-24 12:54 - 2014-04-24 13:01 - 00000000 ____D () C:\FRST
2014-04-23 14:40 - 2014-04-23 14:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-04-23 14:26 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-04-23 14:26 - 2014-04-23 17:02 - 00000000 ____D () C:\ebf37e98ca3f4284d3bc2aef
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\ProgramData\Uniblue
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Sun
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-23 13:07 - 2014-04-23 13:07 - 00000000 ____D () C:\Program Files\Java
2014-04-23 11:23 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files\Opera
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Opera Software
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Local\Opera Software
2014-04-23 10:00 - 2014-02-03 18:04 - 01230336 ____N (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-04-23 08:50 - 2014-04-23 08:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-04-23 08:50 - 2014-04-23 08:50 - 00640512 ____N (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2014-04-23 08:49 - 2014-04-23 08:49 - 00231424 ____N (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2014-04-22 15:51 - 2014-04-22 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\Bushigan_Solovariente
2014-04-22 15:43 - 2014-04-22 15:46 - 13313621 _____ () C:\Users\User\Downloads\Project_Trinity_1.00.rar
2014-04-22 14:48 - 2012-01-22 15:19 - 00749951 _____ () C:\Users\User\Desktop\GTA-Logo-V-psd76236.psd
2014-04-22 14:47 - 2014-04-22 14:47 - 00361560 _____ () C:\Users\User\Downloads\GTA-Logo-V-psd76236.zip
2014-04-21 15:57 - 2014-04-21 15:57 - 02049536 ____N (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01766400 ____N (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01140736 ____N (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-21 15:44 - 2013-12-31 15:05 - 00420008 ____N () C:\Windows\System32\locale.nls
2014-04-21 15:44 - 2013-07-08 20:52 - 00175104 ____N (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-04-21 15:44 - 2012-10-03 08:42 - 00242176 ____N (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2014-04-21 15:44 - 2012-10-03 08:42 - 00156672 ____N (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2014-04-21 15:44 - 2012-10-03 08:42 - 00052224 ____N (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2014-04-21 15:44 - 2012-10-03 08:40 - 00499712 ____N (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-04-21 15:43 - 2013-10-05 11:57 - 01168384 ____N (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-04-21 15:43 - 2013-10-03 17:58 - 00152576 ____N (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2014-04-21 15:43 - 2013-10-03 17:56 - 01796096 ____N (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-04-21 15:43 - 2013-10-03 17:56 - 00168960 ____N (Microsoft Corporation) C:\Windows\System32\credui.dll
2014-04-21 15:43 - 2013-07-08 20:46 - 00103936 ____N (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2014-04-21 15:41 - 2012-10-09 09:40 - 00193536 ____N (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2014-04-21 15:41 - 2012-10-09 09:40 - 00044032 ____N (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2014-04-21 15:40 - 2013-10-11 18:01 - 00216576 ____N (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-04-21 15:40 - 2013-09-24 17:57 - 00247808 ____N (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-04-21 15:40 - 2013-09-24 17:57 - 00099840 ____N (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-04-21 15:40 - 2013-09-24 17:56 - 01038848 ____N (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-04-21 15:40 - 2013-09-24 17:56 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2014-04-21 15:40 - 2013-09-24 16:49 - 00022016 ____N (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-04-21 15:40 - 2013-07-25 17:55 - 12872704 ____N (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-04-21 15:40 - 2013-07-08 20:50 - 00652800 ____N (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-04-21 15:40 - 2013-07-04 03:50 - 00530432 ____N (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2014-04-21 15:40 - 2013-04-25 20:55 - 00492544 ____N (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2014-04-21 15:39 - 2014-01-28 18:06 - 00381440 ____N (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-04-21 15:39 - 2013-10-18 17:36 - 00159232 ____N (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-04-21 15:39 - 2013-10-02 17:58 - 00305152 ____N (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-04-21 15:39 - 2013-09-24 17:57 - 00022016 ____N (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-04-21 15:39 - 2013-09-24 16:49 - 00015872 ____N (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-04-21 15:39 - 2013-07-04 03:51 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2014-04-21 15:38 - 2014-03-04 01:17 - 00868352 ____N (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-21 15:38 - 2013-08-01 17:50 - 00169984 ____N (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2014-04-21 15:38 - 2013-08-01 17:49 - 00293376 ____N (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-04-21 15:10 - 2013-02-26 20:49 - 00047104 ____N (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2014-04-21 12:54 - 2014-04-21 13:21 - 08010576 _____ () C:\Users\User\Downloads\heist 1.1444 trollllllll.psd
2014-04-21 07:41 - 2014-04-24 02:46 - 00000000 ____D () C:\be1b80c05716a2e5aa5f378e65d790
2014-04-21 07:41 - 2014-04-21 07:41 - 00000000 ____D () C:\Windows\System32\EventProviders
2014-04-21 07:36 - 2012-07-25 19:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2014-04-21 07:36 - 2012-07-25 19:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2014-04-21 07:36 - 2012-07-25 19:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2014-04-21 07:36 - 2012-07-25 19:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2014-04-21 07:31 - 2013-08-03 09:37 - 00016288 _____ () C:\Users\User\Desktop\Xperia.ttf
2014-04-21 07:31 - 2012-05-09 08:36 - 00118032 _____ () C:\Users\User\Desktop\pricedown bl.ttf
2014-04-21 07:25 - 2014-04-24 02:46 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-04-21 07:19 - 2010-11-20 04:21 - 00458752 ____N (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 01128448 ____N (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00811520 ____N (Microsoft Corporation) C:\Windows\System32\user32.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00782336 ____N (Microsoft Corporation) C:\Windows\System32\webservices.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00750592 ____N (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00560128 ____N (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00505856 ____N (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00363008 ____N (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00351232 ____N (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00206848 ____N (Microsoft Corporation) C:\Windows\System32\ws2_32.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00206848 ____N (Microsoft Corporation) C:\Windows\System32\upnp.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00119808 ____N (Microsoft Corporation) C:\Windows\System32\umpo.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00085504 ____N (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00084480 ____N (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\userenv.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\umb.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00047104 ____N (Microsoft Corporation) C:\Windows\System32\wkscli.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00040448 ____N (Microsoft Corporation) C:\Windows\System32\wtsapi32.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00033280 ____N (Microsoft Corporation) C:\Windows\System32\wiarpc.dll
2014-04-21 07:18 - 2010-11-20 04:21 - 00027648 ____N (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-04-21 07:18 - 2010-11-20 04:20 - 00547840 ____N (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2014-04-21 07:18 - 2010-11-20 04:19 - 00566272 ____N (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2014-04-21 07:18 - 2010-11-20 04:17 - 00286720 ____N (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-04-21 07:17 - 2010-11-20 04:24 - 00271664 ____N (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 01667584 ____N (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00380416 ____N (Microsoft Corporation) C:\Windows\System32\sxs.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00350208 ____N (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00328192 ____N (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00307712 ____N (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00305152 ____N (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00189952 ____N (Microsoft Corporation) C:\Windows\System32\wdscore.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00175616 ____N (Microsoft Corporation) C:\Windows\System32\scecli.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00172544 ____N (Microsoft Corporation) C:\Windows\System32\spp.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00168960 ____N (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00156672 ____N (Microsoft Corporation) C:\Windows\System32\winsta.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00090112 ____N (Microsoft Corporation) C:\Windows\System32\srvcli.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00065024 ____N (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00051712 ____N (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00051712 ____N (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2014-04-21 07:17 - 2010-11-20 04:21 - 00009728 ____N (Microsoft Corporation) C:\Windows\System32\sscore.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 02504192 ____N (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2014-04-21 07:17 - 2010-11-20 04:20 - 02494464 ____N (Microsoft Corporation) C:\Windows\System32\netshell.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00988160 ____N (Microsoft Corporation) C:\Windows\System32\propsys.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00563712 ____N (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00406528 ____N (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00161792 ____N (Microsoft Corporation) C:\Windows\System32\netjoin.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00078848 ____N (Microsoft Corporation) C:\Windows\System32\nci.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\PrintIsolationProxy.dll
2014-04-21 07:17 - 2010-11-20 04:20 - 00022528 ____N (Microsoft Corporation) C:\Windows\System32\netutils.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00257024 ____N (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00213504 ____N (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00209920 ____N (Microsoft Corporation) C:\Windows\System32\mstask.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00158720 ____N (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00127488 ____N (Microsoft Corporation) C:\Windows\System32\logoncli.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00126464 ____N (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2014-04-21 07:17 - 2010-11-20 04:19 - 00103936 ____N (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2014-04-21 07:17 - 2010-11-20 04:19 - 00034304 ____N (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00546304 ____N (Microsoft Corporation) C:\Windows\System32\cscsvc.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00494592 ____N (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2014-04-21 07:17 - 2010-11-20 04:18 - 00139264 ____N (Microsoft Corporation) C:\Windows\System32\cscobj.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00034816 ____N (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2014-04-21 07:17 - 2010-11-20 04:18 - 00017408 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-04-21 07:17 - 2010-11-20 04:17 - 00267776 ____N (Microsoft Corporation) C:\Windows\System32\lsm.exe
2014-04-21 07:17 - 2010-11-20 04:16 - 00320000 ____N (Microsoft Corporation) C:\Windows\System32\winspool.drv
2014-04-21 07:16 - 2010-11-20 04:21 - 00551424 ____N (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\System32\untfs.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00269824 ____N (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00071168 ____N (Microsoft Corporation) C:\Windows\System32\resutils.dll
2014-04-21 07:16 - 2010-11-20 04:21 - 00051200 ____N (Microsoft Corporation) C:\Windows\System32\samcli.dll
2014-04-21 07:16 - 2010-11-20 04:20 - 00165376 ____N (Microsoft Corporation) C:\Windows\System32\provsvc.dll
2014-04-21 07:16 - 2010-11-20 04:20 - 00011776 ____N (Microsoft Corporation) C:\Windows\System32\nrpsrv.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00118272 ____N (Microsoft Corporation) C:\Windows\System32\imm32.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2014-04-21 07:16 - 2010-11-20 04:19 - 00039424 ____N (Microsoft Corporation) C:\Windows\System32\FXSMON.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 01003520 ____N (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00230912 ____N (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00222208 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\System32\dskquoui.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\dnscmmc.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2014-04-21 07:16 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\amstream.dll
2014-04-21 07:15 - 2010-11-20 04:21 - 00376832 ____N (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2014-04-21 07:15 - 2010-11-20 04:21 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\SndVolSSO.dll
2014-04-21 07:15 - 2010-11-20 04:21 - 00194048 ____N (Microsoft Corporation) C:\Windows\System32\winmm.dll
2014-04-21 07:15 - 2010-11-20 04:20 - 01414144 ____N (Microsoft Corporation) C:\Windows\System32\ole32.dll
2014-04-21 07:15 - 2010-11-20 04:20 - 00585728 ____N (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00485888 ____N (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00473600 ____N (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00309760 ____N (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00295936 ____N (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00195584 ____N (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00073216 ____N (Microsoft Corporation) C:\Windows\System32\cabinet.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00044032 ____N (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2014-04-21 07:15 - 2010-11-20 04:18 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\bitsperf.dll
2014-04-21 07:15 - 2010-11-20 04:17 - 00010752 ____N (Microsoft Corporation) C:\Windows\System32\LogonUI.exe
2014-04-21 06:56 - 2012-05-04 23:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2014-04-21 06:30 - 2011-03-10 21:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2014-04-21 06:29 - 2011-06-15 20:33 - 00180224 ____N (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2014-04-21 06:28 - 2012-11-21 20:45 - 00626688 ____N (Microsoft Corporation) C:\Windows\System32\usp10.dll
2014-04-21 05:44 - 2014-04-21 05:44 - 00760080 _____ () C:\Users\User\Downloads\xperia.zip
2014-04-21 05:43 - 2014-04-21 05:44 - 00141284 _____ () C:\Users\User\Downloads\pricedown.zip
2014-04-21 02:40 - 2014-04-21 02:40 - 03998977 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.7.rar
2014-04-19 03:03 - 2014-04-19 03:04 - 03385780 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.5.rar
2014-04-15 06:56 - 2014-04-15 06:56 - 00002007 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-14 08:15 - 2014-04-14 08:17 - 03385657 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.0.rar
2014-04-14 04:37 - 2014-04-14 04:44 - 00000000 ____D () C:\Users\User\AppData\Local\PELock_Software
2014-04-14 04:35 - 2014-04-14 04:42 - 02848563 _____ () C:\Users\User\Downloads\GTA-V-Online-editor-1.11-Cracked-By-Alcatraz3222_protected.rar
2014-04-13 15:36 - 2014-04-13 15:51 - 00000028 _____ () C:\Users\User\Documents\NETFLIXACCCOUNTS CODESSd.txt
2014-04-13 15:34 - 2014-04-13 15:35 - 01483734 _____ () C:\Users\User\Downloads\Netflix Account Generator 2.0_1_0_0_2.rar
2014-04-13 11:34 - 2014-04-13 11:35 - 00000000 ____D () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1
2014-04-13 11:10 - 2012-11-20 21:41 - 00000000 ____D () C:\Users\User\Downloads\TwtDominator
2014-04-13 11:10 - 2012-11-18 20:17 - 00002645 _____ () C:\Users\User\Downloads\TwtDominator.lnk
2014-04-13 10:35 - 2014-04-13 10:39 - 05013612 _____ () C:\Users\User\Downloads\TwtDominator.rar
2014-04-13 09:31 - 2014-04-13 11:07 - 10758996 _____ () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1.rar
2014-04-13 07:07 - 2014-04-21 02:41 - 05744087 _____ () C:\Users\User\Downloads\NetCheat 4.37.zip
2014-04-13 07:07 - 2014-04-13 07:08 - 00185148 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.1.0.rar
2014-04-07 15:28 - 2014-04-07 15:28 - 00154283 ____H () C:\Users\User\AppData\Roaming\User-wchelper.dll
2014-04-07 13:40 - 2014-04-07 13:41 - 00993627 _____ () C:\Users\User\Downloads\Improved CID Generator.rar
2014-04-07 13:25 - 2014-04-07 13:27 - 01253888 _____ (MzNet) C:\Users\User\Downloads\Unpacked [SOURCE].exe
2014-04-07 10:49 - 2014-04-07 10:57 - 07334170 _____ () C:\Users\User\Downloads\GTA V Models v6.rar
2014-04-07 09:31 - 2014-04-07 09:32 - 01546680 _____ () C:\Windows\Minidump\040714-20203-01.dmp
2014-04-07 07:56 - 2014-04-07 07:58 - 00089510 _____ () C:\Users\User\Downloads\GTA Model Swapper.rar
2014-04-07 07:18 - 2014-04-07 07:18 - 01569608 _____ () C:\Windows\Minidump\040714-20843-01.dmp
2014-04-07 06:39 - 2014-04-07 09:31 - 110557619 _____ () C:\Windows\MEMORY.DMP
2014-04-07 06:39 - 2014-04-07 06:40 - 01569616 _____ () C:\Windows\Minidump\040714-25250-01.dmp
2014-04-07 04:18 - 2014-04-07 04:33 - 00000109 _____ () C:\Users\User\Documents\HOW TO SPOOF IDD.txt
2014-04-07 02:38 - 2014-04-07 02:38 - 00080960 _____ () C:\Users\User\Downloads\ginger333333
2014-04-07 02:37 - 2014-04-07 02:37 - 00081935 _____ () C:\Users\User\Downloads\ginger333
2014-04-06 15:07 - 2014-04-06 15:31 - 73095152 _____ () C:\Users\User\Downloads\SEN Enabler v5.2.3 [CEX] [4.50].rar
2014-04-06 14:46 - 2014-04-06 15:25 - 92324429 _____ () C:\Users\User\Downloads\SEN Enabler v5.4.1 [CEX] [4.55].rar
2014-04-06 14:40 - 2014-04-06 16:33 - 00000261 _____ () C:\Users\User\Documents\HOWtochangeMACPS333333333333333e.txt
2014-04-06 13:56 - 2014-04-06 14:00 - 04096839 _____ () C:\Users\User\Downloads\CcApi_2.00_package (1).rar
2014-04-06 12:58 - 2014-04-06 12:59 - 00699067 _____ () C:\Users\User\Downloads\PS Nnja v4.rar
2014-04-06 07:48 - 2014-04-06 07:49 - 01596665 _____ () C:\Users\User\Downloads\GTA V Model v3.rar
2014-04-06 07:43 - 2014-04-23 16:46 - 00000000 ____D () C:\Users\User\Desktop\Lukes Folder
2014-04-02 14:51 - 2014-04-02 14:51 - 00198412 _____ () C:\Users\User\Downloads\lizzieRIPPP
2014-04-02 14:49 - 2014-04-02 14:49 - 00196097 _____ () C:\Users\User\Downloads\lizzierip
2014-04-02 10:06 - 2014-04-02 10:06 - 00161103 _____ () C:\Users\User\Downloads\500
2014-04-02 05:48 - 2014-04-02 05:48 - 00168104 _____ () C:\Users\User\Downloads\karenRIP
2014-04-01 13:59 - 2014-04-01 13:59 - 00174978 _____ () C:\Users\User\Downloads\eugen222222
2014-04-01 13:58 - 2014-04-01 13:58 - 00158686 _____ () C:\Users\User\Downloads\eugene2
2014-04-01 13:23 - 2014-04-01 13:23 - 00237043 _____ () C:\Users\User\Downloads\LORIrippppHj
2014-04-01 13:00 - 2014-04-01 13:00 - 00237175 _____ () C:\Users\User\Downloads\loriBYE
2014-04-01 12:17 - 2014-04-01 12:17 - 00148884 _____ () C:\Users\User\Downloads\maggie333
2014-04-01 12:16 - 2014-04-01 12:16 - 00174125 _____ () C:\Users\User\Downloads\magie33333
2014-04-01 12:14 - 2014-04-01 12:14 - 00192157 _____ () C:\Users\User\Downloads\maggie33
2014-04-01 06:25 - 2014-04-01 06:25 - 00183218 _____ () C:\Users\User\Downloads\glen11
2014-04-01 06:25 - 2014-04-01 06:25 - 00142697 _____ () C:\Users\User\Downloads\glen22
2014-04-01 05:49 - 2014-04-01 05:49 - 00183312 _____ () C:\Users\User\Downloads\geln22
2014-04-01 05:15 - 2014-04-01 05:15 - 00145698 _____ () C:\Users\User\Downloads\HERSHEL11
2014-03-31 12:59 - 2014-03-31 12:59 - 00001934 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2014-03-31 12:59 - 2014-03-31 12:59 - 00001040 _____ () C:\Users\Public\Desktop\Prism Video File Converter.lnk
2014-03-31 12:49 - 2014-03-31 01:17 - 429715024 _____ () C:\Users\User\Desktop\the.walking.dead.s04e16.hdtv.x264-2hd.mp4
2014-03-29 02:14 - 2014-03-29 02:13 - 00067264 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-03-29 02:13 - 2014-03-29 02:13 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-26 12:57 - 2014-03-26 12:57 - 00171332 _____ () C:\Users\User\Downloads\THEBAD
2014-03-26 12:26 - 2014-03-26 12:26 - 00088090 _____ () C:\Users\User\Downloads\beth5
2014-03-26 12:02 - 2014-03-26 15:17 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2014-03-25 08:47 - 2014-04-21 04:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-25 06:25 - 2014-03-29 05:33 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-03-25 06:22 - 2014-03-25 06:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft FxCop
 
==================== One Month Modified Files and Folders =======
 
2014-04-24 13:01 - 2014-04-24 12:54 - 00000000 ____D () C:\FRST
2014-04-24 02:46 - 2014-04-21 07:41 - 00000000 ____D () C:\be1b80c05716a2e5aa5f378e65d790
2014-04-24 02:46 - 2014-04-21 07:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-04-24 02:46 - 2012-12-19 15:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\ArcSoft
2014-04-24 02:46 - 2009-07-13 23:50 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-24 02:46 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 __RSD () C:\Windows\Media
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\TAPI
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\wfp
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\spp
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\Speech
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\MUI
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\security
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\schemas
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-24 02:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-23 17:04 - 2009-07-13 23:50 - 00000000 ____D () C:\Windows\ShellNew
2014-04-23 17:02 - 2014-04-23 14:26 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-04-23 17:02 - 2014-04-23 14:26 - 00000000 ____D () C:\ebf37e98ca3f4284d3bc2aef
2014-04-23 17:02 - 2014-04-23 11:23 - 00000000 ____D () C:\Program Files\Opera
2014-04-23 17:02 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 16:58 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-04-23 16:48 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-23 16:46 - 2014-04-06 07:43 - 00000000 ____D () C:\Users\User\Desktop\Lukes Folder
2014-04-23 16:45 - 2012-12-10 10:55 - 00000000 ____D () C:\Program Files\Common Files\Adobe.BackupByPhotoshopPortable
2014-04-23 16:42 - 2009-07-13 20:34 - 00014032 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 16:42 - 2009-07-13 20:34 - 00014032 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 15:44 - 2012-12-08 05:58 - 00008224 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 14:40 - 2014-04-23 14:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\ProgramData\Uniblue
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Sun
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-23 13:10 - 2014-04-23 13:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-23 13:07 - 2014-04-23 13:07 - 00000000 ____D () C:\Program Files\Java
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Opera Software
2014-04-23 11:23 - 2014-04-23 11:23 - 00000000 ____D () C:\Users\User\AppData\Local\Opera Software
2014-04-23 08:50 - 2014-04-23 08:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-04-23 08:50 - 2014-04-23 08:50 - 00640512 ____N (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2014-04-23 08:49 - 2014-04-23 08:49 - 00231424 ____N (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2014-04-22 15:51 - 2014-04-22 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\Bushigan_Solovariente
2014-04-22 15:46 - 2014-04-22 15:43 - 13313621 _____ () C:\Users\User\Downloads\Project_Trinity_1.00.rar
2014-04-22 14:47 - 2014-04-22 14:47 - 00361560 _____ () C:\Users\User\Downloads\GTA-Logo-V-psd76236.zip
2014-04-21 15:57 - 2014-04-21 15:57 - 02049536 ____N (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01766400 ____N (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-21 15:57 - 2014-04-21 15:57 - 01140736 ____N (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-21 13:21 - 2014-04-21 12:54 - 08010576 _____ () C:\Users\User\Downloads\heist 1.1444 trollllllll.psd
2014-04-21 07:41 - 2014-04-21 07:41 - 00000000 ____D () C:\Windows\System32\EventProviders
2014-04-21 07:41 - 2012-12-08 05:45 - 01956974 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 07:35 - 2013-12-15 07:36 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-21 06:12 - 2013-12-15 10:34 - 00007030 _____ () C:\Windows\setupact.log
2014-04-21 06:12 - 2009-07-13 20:33 - 00266808 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-04-21 05:44 - 2014-04-21 05:44 - 00760080 _____ () C:\Users\User\Downloads\xperia.zip
2014-04-21 05:44 - 2014-04-21 05:43 - 00141284 _____ () C:\Users\User\Downloads\pricedown.zip
2014-04-21 04:09 - 2014-03-25 08:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-21 02:41 - 2014-04-13 07:07 - 05744087 _____ () C:\Users\User\Downloads\NetCheat 4.37.zip
2014-04-21 02:40 - 2014-04-21 02:40 - 03998977 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.7.rar
2014-04-19 03:04 - 2014-04-19 03:03 - 03385780 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.5.rar
2014-04-19 02:44 - 2014-02-22 17:36 - 00201274 _____ () C:\Windows\PFRO.log
2014-04-15 06:56 - 2014-04-15 06:56 - 00002007 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-14 08:17 - 2014-04-14 08:15 - 03385657 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.3.0.rar
2014-04-14 04:44 - 2014-04-14 04:37 - 00000000 ____D () C:\Users\User\AppData\Local\PELock_Software
2014-04-14 04:42 - 2014-04-14 04:35 - 02848563 _____ () C:\Users\User\Downloads\GTA-V-Online-editor-1.11-Cracked-By-Alcatraz3222_protected.rar
2014-04-13 15:51 - 2014-04-13 15:36 - 00000028 _____ () C:\Users\User\Documents\NETFLIXACCCOUNTS CODESSd.txt
2014-04-13 15:35 - 2014-04-13 15:34 - 01483734 _____ () C:\Users\User\Downloads\Netflix Account Generator 2.0_1_0_0_2.rar
2014-04-13 11:35 - 2014-04-13 11:34 - 00000000 ____D () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1
2014-04-13 11:07 - 2014-04-13 09:31 - 10758996 _____ () C:\Users\User\Downloads\GTA V RTM Tool V2.0.0.1.rar
2014-04-13 10:39 - 2014-04-13 10:35 - 05013612 _____ () C:\Users\User\Downloads\TwtDominator.rar
2014-04-13 07:08 - 2014-04-13 07:07 - 00185148 _____ () C:\Users\User\Downloads\GTA5 RTM Combo By KranK ModZ 3.1.0.rar
2014-04-07 15:28 - 2014-04-07 15:28 - 00154283 ____H () C:\Users\User\AppData\Roaming\User-wchelper.dll
2014-04-07 13:41 - 2014-04-07 13:40 - 00993627 _____ () C:\Users\User\Downloads\Improved CID Generator.rar
2014-04-07 13:27 - 2014-04-07 13:25 - 01253888 _____ (MzNet) C:\Users\User\Downloads\Unpacked [SOURCE].exe
2014-04-07 13:00 - 2012-12-19 17:27 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-07 13:00 - 2012-12-19 17:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\NCH Software
2014-04-07 10:57 - 2014-04-07 10:49 - 07334170 _____ () C:\Users\User\Downloads\GTA V Models v6.rar
2014-04-07 09:32 - 2014-04-07 09:31 - 01546680 _____ () C:\Windows\Minidump\040714-20203-01.dmp
2014-04-07 09:31 - 2014-04-07 06:39 - 110557619 _____ () C:\Windows\MEMORY.DMP
2014-04-07 09:31 - 2012-12-30 09:38 - 00000000 ____D () C:\Windows\Minidump
2014-04-07 07:58 - 2014-04-07 07:56 - 00089510 _____ () C:\Users\User\Downloads\GTA Model Swapper.rar
2014-04-07 07:18 - 2014-04-07 07:18 - 01569608 _____ () C:\Windows\Minidump\040714-20843-01.dmp
2014-04-07 06:40 - 2014-04-07 06:39 - 01569616 _____ () C:\Windows\Minidump\040714-25250-01.dmp
2014-04-07 06:31 - 2014-01-20 12:26 - 00987839 ____N () C:\Windows\Minidump\040714-20656-01.dmp
2014-04-07 04:33 - 2014-04-07 04:18 - 00000109 _____ () C:\Users\User\Documents\HOW TO SPOOF IDD.txt
2014-04-07 02:38 - 2014-04-07 02:38 - 00080960 _____ () C:\Users\User\Downloads\ginger333333
2014-04-07 02:37 - 2014-04-07 02:37 - 00081935 _____ () C:\Users\User\Downloads\ginger333
2014-04-06 16:33 - 2014-04-06 14:40 - 00000261 _____ () C:\Users\User\Documents\HOWtochangeMACPS333333333333333e.txt
2014-04-06 15:31 - 2014-04-06 15:07 - 73095152 _____ () C:\Users\User\Downloads\SEN Enabler v5.2.3 [CEX] [4.50].rar
2014-04-06 15:25 - 2014-04-06 14:46 - 92324429 _____ () C:\Users\User\Downloads\SEN Enabler v5.4.1 [CEX] [4.55].rar
2014-04-06 14:00 - 2014-04-06 13:56 - 04096839 _____ () C:\Users\User\Downloads\CcApi_2.00_package (1).rar
2014-04-06 13:41 - 2012-12-08 05:56 - 00781298 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-06 12:59 - 2014-04-06 12:58 - 00699067 _____ () C:\Users\User\Downloads\PS Nnja v4.rar
2014-04-06 07:49 - 2014-04-06 07:48 - 01596665 _____ () C:\Users\User\Downloads\GTA V Model v3.rar
2014-04-02 14:51 - 2014-04-02 14:51 - 00198412 _____ () C:\Users\User\Downloads\lizzieRIPPP
2014-04-02 14:49 - 2014-04-02 14:49 - 00196097 _____ () C:\Users\User\Downloads\lizzierip
2014-04-02 10:06 - 2014-04-02 10:06 - 00161103 _____ () C:\Users\User\Downloads\500
2014-04-02 05:48 - 2014-04-02 05:48 - 00168104 _____ () C:\Users\User\Downloads\karenRIP
2014-04-02 05:06 - 2013-12-15 10:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-01 13:59 - 2014-04-01 13:59 - 00174978 _____ () C:\Users\User\Downloads\eugen222222
2014-04-01 13:58 - 2014-04-01 13:58 - 00158686 _____ () C:\Users\User\Downloads\eugene2
2014-04-01 13:23 - 2014-04-01 13:23 - 00237043 _____ () C:\Users\User\Downloads\LORIrippppHj
2014-04-01 13:00 - 2014-04-01 13:00 - 00237175 _____ () C:\Users\User\Downloads\loriBYE
2014-04-01 12:17 - 2014-04-01 12:17 - 00148884 _____ () C:\Users\User\Downloads\maggie333
2014-04-01 12:16 - 2014-04-01 12:16 - 00174125 _____ () C:\Users\User\Downloads\magie33333
2014-04-01 12:14 - 2014-04-01 12:14 - 00192157 _____ () C:\Users\User\Downloads\maggie33
2014-04-01 06:25 - 2014-04-01 06:25 - 00183218 _____ () C:\Users\User\Downloads\glen11
2014-04-01 06:25 - 2014-04-01 06:25 - 00142697 _____ () C:\Users\User\Downloads\glen22
2014-04-01 05:49 - 2014-04-01 05:49 - 00183312 _____ () C:\Users\User\Downloads\geln22
2014-04-01 05:15 - 2014-04-01 05:15 - 00145698 _____ () C:\Users\User\Downloads\HERSHEL11
2014-03-31 12:59 - 2014-03-31 12:59 - 00001934 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2014-03-31 12:59 - 2014-03-31 12:59 - 00001040 _____ () C:\Users\Public\Desktop\Prism Video File Converter.lnk
2014-03-31 12:59 - 2012-12-19 17:26 - 00000000 ____D () C:\Program Files\NCH Software
2014-03-31 01:17 - 2014-03-31 12:49 - 429715024 _____ () C:\Users\User\Desktop\the.walking.dead.s04e16.hdtv.x264-2hd.mp4
2014-03-30 18:51 - 2013-12-15 07:35 - 88028728 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-29 05:33 - 2014-03-25 06:25 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-03-29 02:13 - 2014-03-29 02:14 - 00067264 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-03-29 02:13 - 2014-03-29 02:13 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 02:13 - 2013-12-16 11:15 - 00776976 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00411552 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00271264 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-03-29 02:13 - 2013-12-16 11:15 - 00180760 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00081768 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00067824 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-03-29 02:13 - 2013-12-16 11:15 - 00049944 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-03-29 02:00 - 2012-12-10 10:55 - 00000000 ____D () C:\Program Files\Adobe
2014-03-26 15:17 - 2014-03-26 12:02 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2014-03-26 15:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\twain_32
2014-03-26 15:08 - 2014-02-28 16:49 - 00000000 ____D () C:\Program Files\Cain
2014-03-26 12:57 - 2014-03-26 12:57 - 00171332 _____ () C:\Users\User\Downloads\THEBAD
2014-03-26 12:26 - 2014-03-26 12:26 - 00088090 _____ () C:\Users\User\Downloads\beth5
2014-03-25 09:44 - 2013-12-15 08:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-25 06:22 - 2014-03-25 06:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft FxCop
 
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\calc.exe
C:\Users\User\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\User\AppData\Local\Temp\prismsetup.exe
C:\Users\User\AppData\Local\Temp\vbc.exe
 
 
==================== Known DLLs (Whitelisted) ============
 
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
Restore point made on: 2014-04-21 15:47:28
Restore point made on: 2014-04-23 08:46:10
Restore point made on: 2014-04-23 10:01:41
Restore point made on: 2014-04-23 13:06:35
Restore point made on: 2014-04-23 14:28:36
Restore point made on: 2014-04-23 15:14:18
 
==================== Memory info =========================== 
 
Percentage of memory in use: 41%
Total physical RAM: 893.17 MB
Available physical RAM: 524.67 MB
Total Pagefile: 893.17 MB
Available Pagefile: 545.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:134.36 GB) (Free:97.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.45 GB) (Free:0.43 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 6482D733)
Partition 1: (Active) - (Size=134 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
 
 
LastRegBack: 2014-04-01 09:05
 
==================== End Of Log ============================


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:17 AM

Posted 24 April 2014 - 10:59 AM


Hello Luke98

Ok lets see if we can find a replacement for the infected file

Boot back into the recovery Environment and run FRST like you did before

Type the following in the edit box after "Search:".

LPK.dll

It then should look like:

Search: LPK.dll

Click Search button and post the log (Search.txt) it makes to your reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 12:04 PM

here 

 

Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by SYSTEM at 2014-04-24 17:56:00
Running from E:\
Boot Mode: Recovery
 
================== Search: "LPK.dll" ===================
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_abc2c1b1b8daa369\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21402_none_aa867320d4b9809b\lpk.dll
[2013-12-15 08:45] - [2012-12-16 08:29] - 0026112 ____A (Microsoft Corporation) 1953E31A9290333FEEB28A002D92F68A
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_aa517c7cd4e1092d\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_aa2b3c58d4fcfa7d\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17194_none_a99d83d1bbe314aa\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_a9d3afe7bbba66c9\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_a9fcef03bb9bc457\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll
[2014-04-21 15:38] - [2013-06-05 21:03] - 0026112 ____A (Microsoft Corporation) 6AD2C4AE940C3A73C7E5A50B8BBDBDE5
 
C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_ab9c8559b8f68f07\lpk.dll
[2014-04-21 15:38] - [2013-06-05 20:52] - 0026112 ____A (Microsoft Corporation) F632602316001D517F4EF3B53B9A6C33
 
X:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
X:\Windows\System32\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
=== End Of Search ===


#10 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 24 April 2014 - 04:36 PM

Hello Luke98

Ok lets see if we can find a replacement for the infected file

Boot back into the recovery Environment and run FRST like you did before

Type the following in the edit box after "Search:".

LPK.dll

It then should look like:

Search: LPK.dll

Click Search button and post the log (Search.txt) it makes to your reply.

Gringo

Hello i posted the Search.txt above now what



#11 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 25 April 2014 - 04:13 AM

heres the search.txt

 

 

 

Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by SYSTEM at 2014-04-24 17:56:00
Running from E:\
Boot Mode: Recovery
 
================== Search: "LPK.dll" ===================
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_abc2c1b1b8daa369\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21402_none_aa867320d4b9809b\lpk.dll
[2013-12-15 08:45] - [2012-12-16 08:29] - 0026112 ____A (Microsoft Corporation) 1953E31A9290333FEEB28A002D92F68A
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_aa517c7cd4e1092d\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_aa2b3c58d4fcfa7d\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17194_none_a99d83d1bbe314aa\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_a9d3afe7bbba66c9\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_a9fcef03bb9bc457\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll
[2014-04-21 15:38] - [2013-06-05 21:03] - 0026112 ____A (Microsoft Corporation) 6AD2C4AE940C3A73C7E5A50B8BBDBDE5
 
C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_ab9c8559b8f68f07\lpk.dll
[2014-04-21 15:38] - [2013-06-05 20:52] - 0026112 ____A (Microsoft Corporation) F632602316001D517F4EF3B53B9A6C33
 
X:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
X:\Windows\System32\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
=== End Of Search ===


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:17 AM

Posted 25 April 2014 - 07:41 AM


Hello Luke98



Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flash drive as fixlist.txt

 
HKU\User\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\Windows Calculator\calc.exe <===== ATTENTION
HKU\User\...\Winlogon: [Shell] explorer.exe [2614272 2009-10-30] (Microsoft Corporation) <==== ATTENTION
2014-04-23 14:26 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files\MyPC Backup
Replace: X:\Windows\System32\lpk.dll C:\Windows\System32\lpk.dll
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

Run FRST again like we did before but this time press the Fix button just once and wait.
The tool will make a log on the flash drive (Fixlog.txt) please post it to your reply.

Also boot the computer into normal mode and let me know how things are looking.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 25 April 2014 - 08:14 AM

ok i m going to try



#14 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 25 April 2014 - 08:43 AM

im on the desktop this popped up The program cant start because api-ms-win-downlevel-ole32-l1-0.dll is missing



#15 Luke98

Luke98
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 25 April 2014 - 08:47 AM

ok heres the fixlog  

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-04-2014
Ran by SYSTEM at 2014-04-25 14:19:38 Run:1
Running from E:\
Boot Mode: Recovery
 
==============================================
 
Content of fixlist:
*****************
HKU\User\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\Windows Calculator\calc.exe <===== ATTENTION
HKU\User\...\Winlogon: [Shell] explorer.exe [2614272 2009-10-30] (Microsoft Corporation) <==== ATTENTION
2014-04-23 14:26 - 2014-04-23 17:02 - 00000000 ____D () C:\Program Files\MyPC Backup
Replace: X:\Windows\System32\lpk.dll C:\Windows\System32\lpk.dll
*****************
 
HKU\User\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKU\User\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
C:\Program Files\MyPC Backup => Moved successfully.
Could not find C:\Windows\System32\lpk.dll
X:\Windows\System32\lpk.dll copied successfully to C:\Windows\System32\lpk.dll
 
==== End of Fixlog ====





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users