FBI MoneyPak virus. Hitman Pro could not remove it.

N

nobodysktr

New Member
Thread author
May 13, 2013
1
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-05-2013
Ran by SYSTEM on 01-01-2010 20:27:38
Running from F:\
Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r [2138224 2010-12-27] (VIA)
HKLM\...\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave [828944 2011-08-03] (GlavSoft LLC.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] [x]
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [63048 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [DisplaySwitch] "C:\ProgramData\DisplaySwitch.exe" [91648 2013-05-12] (Hilgraeve, Inc.)
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]
HKLM\...\Winlogon: [Shell] C:\ProgramData\DisplaySwitch.exe [x ] ()
HKU\User\...\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c [ 2012-03-19] (Google Inc.)
HKU\User\...\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [ 2013-03-12] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\NETGEAR WNDA4100 Genie.lnk
ShortcutTarget: NETGEAR WNDA4100 Genie.lnk -> C:\Program Files\NETGEAR\WNDA4100\WNDA4100.EXE (NETGEAR)

========================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
S2 RalinkRegistryWriter; C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe [377088 2011-11-21] (Ralink Technology, Corp.)
S2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2010-12-22] (VIA Technologies, Inc.)
S3 HitmanPro37Crusader; "E:\HitmanPro.exe" /crusader [x]
S2 TeamViewer4; "C:\Users\User\temp\TeamViewer\Version4\TeamViewer_Service.exe" -service [x]

==================== Drivers (Whitelisted) ====================

S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
S3 gdrv; C:\Windows\gdrv.sys [17488 2010-01-01] (Windows (R) 2000 DDK provider)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30464 2010-01-01] ()
S2 LMIInfo; C:\Program Files\LogMeIn\x86\RaInfo.sys [12856 2012-11-29] (LogMeIn, Inc.)
S2 LMIRfsDriver; C:\Windows\system32\drivers\LMIRfsDriver.sys [47640 2012-11-29] (LogMeIn, Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S1 MpKsl1ffc4c9b; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl1ffc4c9b.sys [29904 2010-01-01] (Microsoft Corporation)
S1 MpKsl2ffa45ed; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl2ffa45ed.sys [29904 2013-05-12] ()
S1 MpKsl3cc9e573; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl3cc9e573.sys [29904 2010-01-01] (Microsoft Corporation)
S1 MpKsl4b1c8f98; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl4b1c8f98.sys [29904 2013-05-12] ()
S1 MpKsl7aca297a; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl7aca297a.sys [29904 2013-05-12] ()
S1 MpKsl7ae1de50; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl7ae1de50.sys [29904 2013-05-12] ()
S1 MpKsl9d7ba9d0; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsl9d7ba9d0.sys [29904 2009-12-31] (Microsoft Corporation)
S1 MpKsla24a5e19; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsla24a5e19.sys [29904 2013-05-12] ()
S1 MpKsla52b6afa; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DCE72E66-1698-4605-A82D-AE27E2BA0680}\MpKsla52b6afa.sys [29904 2010-01-01] (Microsoft Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1277504 2012-01-13] (Ralink Technology Corp.)
S3 Svk2pl; C:\Windows\System32\DRIVERS\Svk2pl.sys [81408 2010-04-01] (Gigaware)
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1804912 2010-12-22] (VIA Technologies, Inc.)
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [25984 2011-04-12] (Google Inc)
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag.sys [23296 2011-04-12] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm.sys [28160 2011-04-12] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis.sys [72704 2011-04-12] (LG Electronics Inc.)
S4 LMIRfsClientNP; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-12 09:32 - 2013-05-12 09:33 - 00145544 ____A C:\Windows\Minidump\051213-18470-01.dmp
2013-05-12 09:22 - 2013-05-12 09:22 - 00145544 ____A C:\Windows\Minidump\051213-17737-01.dmp
2013-05-12 09:16 - 2013-05-12 09:16 - 00145544 ____A C:\Windows\Minidump\051213-17596-01.dmp
2013-05-12 08:59 - 2013-05-12 08:59 - 00000000 ____A C:\Windows\Minidump\051213-12651-01.dmp
2013-05-12 08:18 - 2013-05-12 08:18 - 00145544 ____A C:\Windows\Minidump\051213-14102-01.dmp
2013-05-12 08:13 - 2013-05-12 08:13 - 00145544 ____A C:\Windows\Minidump\051213-14804-01.dmp
2013-05-12 08:13 - 2010-01-01 18:21 - 297126844 ____A C:\Windows\MEMORY.DMP
2013-05-12 08:13 - 2010-01-01 18:21 - 00000000 ____D C:\Windows\Minidump
2013-05-12 08:09 - 2013-05-12 08:09 - 02250054 ____A C:\ProgramData\1.bmp
2013-05-12 07:58 - 2013-05-12 07:58 - 00091648 ____A (Hilgraeve, Inc.) C:\ProgramData\DisplaySwitch.exe
2013-05-10 07:27 - 2013-05-10 07:27 - 00005290 ____A C:\Users\User\Desktop\5-9-13 LONNIE T LOGS MGI 2100 & JACKSON EADES - Shortcut.lnk
2013-05-09 04:34 - 2013-05-09 04:34 - 00005290 ____A C:\Users\User\Desktop\5-8-13 LONNIE T LOGS MGI 2100 & JACKSON EADES - Shortcut.lnk
2013-05-08 06:16 - 2013-05-08 06:16 - 00004897 ____A C:\Users\User\Desktop\5-6-13 LONNIE T LOGS MGI 2100 & JACKSON EADES - Shortcut.lnk
2013-05-08 06:09 - 2013-05-08 06:09 - 00005290 ____A C:\Users\User\Desktop\5-7-13 LONNIE T LOGS MGI 2100 & JACKSON EADES - Shortcut.lnk
2013-04-28 03:29 - 2013-04-28 03:29 - 00000000 ____D C:\Users\User\Documents\Fax
2013-04-23 16:11 - 2013-04-12 05:45 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-20 06:49 - 2013-04-20 06:58 - 00000000 ____D C:\Users\User\Desktop\SIGN ON & SIGN OFF SHEETS
2013-04-13 04:15 - 2013-04-13 05:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-04-10 00:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-10 00:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-10 00:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-10 00:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-10 00:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-10 00:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-10 00:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-10 00:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-10 00:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-10 00:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-10 00:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-10 00:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-10 00:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-10 00:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-10 00:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-10 00:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-09 23:57 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-04-09 23:57 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-09 23:57 - 2013-03-18 20:48 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-09 23:57 - 2013-03-18 18:49 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-09 23:57 - 2013-02-28 19:09 - 02347008 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-04-09 23:57 - 2013-01-23 20:47 - 00196328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-03-27 06:10 - 2013-03-27 06:10 - 00000020 ___SH C:\Users\LogMeInRemoteUser\ntuser.ini
2013-03-27 06:10 - 2011-12-15 07:00 - 00000000 ____D C:\Users\LogMeInRemoteUser\AppData\Roaming\Macromedia
2013-03-18 07:08 - 2013-03-18 07:08 - 00000000 ____D C:\Users\User\Documents\la tax form
2013-03-18 07:05 - 2013-03-18 11:46 - 00000000 ____D C:\Users\User\Documents\VESSEL VOYAGE PLANS
2013-03-13 09:35 - 2013-05-12 07:39 - 00032768 ____A C:\Users\User\Desktop\LONNIE T PAYROLL 3-29TO 4-13.xls
2013-03-13 09:34 - 2013-04-27 03:36 - 00013064 ____A C:\Users\User\Desktop\LONNIE T PAYROLL 3-14TO 3-28.xlsx
2013-03-12 22:42 - 2013-02-11 19:32 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-02-28 11:31 - 2013-02-28 11:31 - 00001024 ____A C:\.rnd
2013-02-28 11:31 - 2013-02-28 11:31 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn
2013-02-28 11:31 - 2013-02-28 11:31 - 00000000 ____D C:\Program Files\LogMeIn
2013-02-28 11:31 - 2013-01-25 14:37 - 00092520 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll
2013-02-28 11:31 - 2013-01-25 14:37 - 00084352 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll
2013-02-28 11:31 - 2013-01-25 14:37 - 00031592 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll
2013-02-28 11:31 - 2012-11-29 09:56 - 00047640 ____A (LogMeIn, Inc.) C:\Windows\System32\Drivers\LMIRfsDriver.sys
2013-02-28 11:31 - 2009-12-31 22:23 - 00000000 ____D C:\ProgramData\LogMeIn
2013-02-28 11:29 - 2013-02-28 11:30 - 20647424 ____A C:\Users\User\Downloads\LogMeIn.msi
2013-02-28 11:17 - 2013-04-10 21:21 - 00002129 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-02-28 11:16 - 2013-05-12 08:21 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-02-28 11:16 - 2013-02-28 11:17 - 00000000 ____D C:\Program Files\Google
2013-02-28 11:16 - 2010-01-01 18:11 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-02-27 01:00 - 2013-01-13 13:17 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:17 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:16 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:11 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 13:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 01:00 - 2013-01-13 12:31 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-02-27 01:00 - 2013-01-13 12:30 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-02-27 01:00 - 2013-01-13 12:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-02-27 01:00 - 2013-01-13 12:20 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-02-27 01:00 - 2013-01-13 12:09 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-02-27 01:00 - 2013-01-13 12:08 - 01504768 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-02-27 01:00 - 2013-01-13 12:08 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-02-27 01:00 - 2013-01-13 11:54 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-02-27 01:00 - 2013-01-13 11:53 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-02-27 01:00 - 2013-01-13 11:53 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-02-27 01:00 - 2013-01-13 11:48 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-02-27 01:00 - 2013-01-13 11:46 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-02-27 01:00 - 2013-01-13 11:43 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-02-27 01:00 - 2013-01-13 11:37 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-02-27 01:00 - 2013-01-13 11:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-02-27 01:00 - 2013-01-13 10:34 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-02-27 01:00 - 2013-01-13 09:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-02-27 01:00 - 2013-01-03 22:11 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-02-18 16:03 - 2013-02-18 16:03 - 02563217 ____A C:\Users\User\Downloads\Attachments_2013_02_18.zip
2013-02-18 13:56 - 2013-02-18 13:56 - 03873512 ____A (TeamViewer) C:\Users\User\Desktop\Remote Help.exe
2013-02-18 12:37 - 2013-02-18 12:38 - 03873512 ____A (TeamViewer) C:\Users\User\Downloads\TeamViewerQS_en.exe
2013-02-15 17:55 - 2013-03-16 10:45 - 00000000 ____D C:\Users\User\Documents\LOADS GAUGES TEMPS
2013-02-15 17:55 - 2013-02-15 17:55 - 00000000 ____D C:\Users\User\Documents\FUEL
2013-02-15 17:53 - 2013-03-13 09:35 - 00000000 ____D C:\Users\User\Documents\PAYROLL
2013-02-13 16:49 - 2013-01-02 21:05 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-02-13 16:49 - 2013-01-02 21:04 - 00187752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-02-13 16:46 - 2013-01-03 20:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-29 13:46 - 2013-02-10 08:09 - 00002004 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-01-25 09:15 - 2013-01-25 09:15 - 00000248 ____A C:\Users\User\Desktop\Job Paperwork Upload.url
2013-01-20 13:59 - 2013-01-20 13:59 - 00195296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2013-01-10 11:59 - 2013-01-29 05:08 - 00000000 ____D C:\Users\User\Documents\LAST YEARS STUFF
2013-01-09 10:06 - 2012-12-07 04:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-01-09 10:06 - 2012-12-07 04:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-01-09 10:06 - 2012-12-07 02:46 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-01-09 10:06 - 2012-12-07 02:46 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-01-09 10:06 - 2012-11-29 20:47 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-01-09 10:06 - 2012-11-29 20:47 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 18:55 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-01-09 10:06 - 2012-11-29 18:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 18:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 18:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 18:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 10:06 - 2012-11-29 15:17 - 00420064 ____A C:\Windows\System32\locale.nls
2013-01-09 10:06 - 2012-11-22 18:48 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-09 10:06 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-01-09 10:06 - 2012-11-19 20:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-09 10:06 - 2012-11-08 20:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-01-09 10:06 - 2012-10-31 20:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-06 08:42 - 2013-01-06 08:42 - 00000000 ____D C:\Users\User\Documents\My Downloaded Charts
2013-01-03 17:29 - 2013-03-28 04:49 - 00000000 ____D C:\Users\User\Documents\2013 bunker jobs
2012-12-21 01:00 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-21 01:00 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-12 18:31 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-12 18:31 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-11-29 09:56 - 2012-11-29 09:56 - 00025248 ____A (LogMeIn, Inc.) C:\Windows\System32\lmimirr.dll
2012-11-29 09:56 - 2012-11-29 09:56 - 00011552 ____A (LogMeIn, Inc.) C:\Windows\System32\lmimirr2.dll
2012-11-29 09:56 - 2012-11-29 09:56 - 00010144 ____A (LogMeIn, Inc.) C:\Windows\System32\Drivers\lmimirr.sys
2012-11-19 07:29 - 2013-03-28 07:26 - 00157696 ____A C:\Users\User\Desktop\Blank grocery Order.xls
2012-11-17 17:55 - 2012-11-17 17:55 - 00000000 ____D C:\Users\User\Downloads\NETGEAR
2012-11-17 17:53 - 2012-11-17 17:53 - 00002054 ____A C:\Windows\System32\RaCoInst.log
2012-11-17 17:53 - 2012-11-17 17:53 - 00000000 ____D C:\ProgramData\Ralink
2012-11-17 17:52 - 2012-11-17 17:52 - 00000000 ____D C:\ProgramData\NETGEAR
2012-11-17 17:52 - 2012-11-17 17:52 - 00000000 ____D C:\Program Files\NETGEAR
2012-11-17 17:52 - 2012-11-17 17:52 - 00000000 ____D C:\Program Files\Cisco
2012-11-17 17:52 - 2012-04-30 15:17 - 01608768 ____A (Ralink Technology, Corp.) C:\Windows\System32\RaCertMgr.dll
2012-11-17 17:52 - 2012-04-30 15:17 - 00119648 ____A (Ralink Technology, Corp.) C:\Windows\System32\RaExtUI.dll
2012-11-17 17:52 - 2011-11-28 18:21 - 00008192 ____A C:\Windows\System32\Drivers\rt2870.bin
2012-11-17 17:52 - 2011-05-04 11:54 - 00802880 ____A (Ralink Technology, Corp.) C:\Windows\System32\RaIHV.dll
2012-11-17 17:51 - 2012-11-17 17:51 - 00000000 ____D C:\Windows\Downloaded Installations
2012-11-15 23:27 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2012-11-15 23:27 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2012-11-15 23:27 - 2012-10-03 08:42 - 00242176 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-11-15 23:27 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2012-11-15 23:27 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-11-15 23:27 - 2012-10-03 08:42 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-11-15 23:27 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2012-11-15 23:27 - 2012-10-03 08:40 - 00499712 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-11-15 23:27 - 2012-10-03 07:21 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-11-15 23:27 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-11-14 23:37 - 2012-07-25 19:39 - 00526952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-11-14 23:37 - 2012-07-25 19:39 - 00047720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-11-14 23:37 - 2012-07-25 19:21 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-11-14 23:37 - 2012-07-25 19:20 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-11-14 23:37 - 2012-07-25 19:20 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-11-14 23:37 - 2012-07-25 19:20 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-11-14 23:37 - 2012-07-25 19:20 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-11-14 23:37 - 2012-07-25 18:46 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-11-14 23:37 - 2012-07-25 18:33 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-14 23:37 - 2012-07-25 18:32 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-11-14 23:37 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-14 23:37 - 2012-06-02 06:34 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-11-09 12:52 - 2012-11-09 12:52 - 00000000 ____D C:\Windows\Hewlett-Packard
2012-11-09 12:52 - 2012-11-09 12:52 - 00000000 ____D C:\ProgramData\Visan
2012-11-09 12:52 - 2012-11-09 12:52 - 00000000 ____D C:\ProgramData\HP Photo Creations
2012-11-09 12:52 - 2012-11-09 12:52 - 00000000 ____D C:\Program Files\HP Photo Creations
2012-11-06 17:10 - 2012-11-12 07:33 - 00015415 ____A C:\Users\User\Desktop\LONNIE T SUPPLY AND REPAIR.xlsx
2012-11-03 12:31 - 2012-11-08 10:54 - 00000000 ____D C:\Users\User\AppData\Roaming\System
2012-10-12 10:47 - 2012-10-12 10:47 - 00000000 ____D C:\Program Files\Hewlett-Packard
2012-10-12 10:44 - 2013-02-22 21:47 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2012-10-12 10:44 - 2012-10-12 10:44 - 00001143 ____A C:\Users\User\Desktop\HP Scan.lnk
2012-10-12 10:44 - 2011-09-09 12:53 - 00544616 ____N (Hewlett-Packard Co.) C:\Windows\System32\HPDiscoPM5C12.dll
2012-10-12 10:43 - 2012-10-12 10:43 - 00000000 ____D C:\ProgramData\HP
2012-10-12 10:42 - 2012-11-09 12:52 - 00000000 ____D C:\Program Files\HP
2012-10-12 10:42 - 2012-10-12 10:42 - 00000057 ____A C:\ProgramData\Ament.ini
2012-10-12 10:41 - 2012-10-12 11:03 - 00000000 ____D C:\Users\User\AppData\Local\HP
2012-10-09 10:47 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-09 10:47 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-09 10:47 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-09 10:47 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-09 10:47 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-09-29 02:04 - 2012-09-29 02:04 - 00000000 ____D C:\Users\User\AppData\Local\Xenocode
2012-09-29 02:04 - 2012-09-29 02:04 - 00000000 ____D C:\Program Files\Xenocode
2012-09-28 11:59 - 2012-09-28 11:59 - 00000000 ____D C:\Program Files\PDFArea
2012-09-28 11:59 - 2011-12-09 05:56 - 01931256 ____A (Codejock Software) C:\Windows\System32\Codejock.Controls.Unicode.v15.2.1.ocx
2012-09-28 11:59 - 2011-12-09 05:56 - 00587768 ____A (Codejock Software) C:\Windows\System32\Codejock.SkinFramework.Unicode.v15.2.1.ocx
2012-09-28 11:59 - 2011-12-09 05:55 - 02775032 ____A (Codejock Software) C:\Windows\System32\Codejock.CommandBars.Unicode.v15.2.1.ocx
2012-09-28 11:59 - 2009-12-29 08:35 - 02536072 ____A (gdpicture.com) C:\Windows\System32\gdpicturepro5.ocx
2012-09-28 11:59 - 2009-12-29 08:35 - 02524808 ____A (gdpicture.com) C:\Windows\System32\gdimgplug.dll
2012-09-28 11:57 - 2012-09-28 11:58 - 06887746 ____A (PDFArea Software ) C:\Users\User\Downloads\image-to-pdf-converter-free.exe
2012-09-25 13:27 - 2012-08-21 12:12 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-09-11 19:23 - 2012-10-15 09:51 - 00000000 ____D C:\Users\User\AppData\Local\Geckofx
2012-09-11 19:23 - 2012-09-11 19:23 - 00000000 ____D C:\Users\User\AppData\Local\Graboid_Inc
2012-09-11 19:23 - 2012-09-11 19:23 - 00000000 ____D C:\Users\User\AppData\Local\Graboid Inc
2012-09-11 19:23 - 2012-09-11 19:23 - 00000000 ____D C:\Users\User\AppData\Local\Graboid
2012-09-11 19:23 - 2012-09-11 19:23 - 00000000 ____D C:\ProgramData\Graboid Inc
2012-09-11 19:22 - 2012-09-11 19:23 - 00000000 ____D C:\Program Files\Graboid
2012-09-11 18:33 - 2012-08-22 09:16 - 00712048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-09-11 18:33 - 2012-08-22 09:16 - 00240496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-09-11 18:33 - 2012-07-04 11:45 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2012-08-14 20:57 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-14 20:57 - 2012-07-04 13:14 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-14 20:57 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-14 20:57 - 2012-05-13 20:33 - 00769024 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-14 20:57 - 2012-05-04 23:46 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-14 20:57 - 2012-02-10 21:37 - 00317440 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-07-10 18:25 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-10 18:25 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-10 18:25 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-10 18:25 - 2012-06-01 20:45 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-10 18:25 - 2012-06-01 20:45 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-10 18:25 - 2012-06-01 20:40 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-10 18:25 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-10 18:25 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-10 07:16 - 2012-07-10 07:16 - 00000000 ____D C:\Users\User\Desktop\boat
2012-07-07 15:54 - 2012-07-07 15:54 - 00079287 ____A C:\Users\User\Downloads\attachments_2012_07_07 (3).zip
2012-07-07 15:45 - 2012-07-07 15:45 - 00079287 ____A C:\Users\User\Downloads\attachments_2012_07_07 (2).zip
2012-07-07 15:44 - 2012-07-07 15:44 - 00155729 ____A C:\Users\User\Downloads\attachments_2012_07_07 (1).zip
2012-07-07 15:43 - 2012-07-07 15:43 - 00079287 ____A C:\Users\User\Downloads\attachments_2012_07_07.zip
2012-07-06 10:02 - 2012-07-06 10:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2012-07-06 10:01 - 2012-07-06 10:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2012-07-06 10:01 - 2012-07-06 10:01 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-07-06 10:01 - 2012-04-04 12:56 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-06 09:07 - 2012-07-06 09:07 - 00002082 ____A C:\Windows\System32\.crusader
2012-07-06 08:57 - 2012-07-06 08:56 - 00000134 ____A C:\Users\User\Desktop\hosts-perm.bat
2012-07-06 08:51 - 2012-07-06 09:32 - 00000424 ____A C:\rkill.log
2012-07-06 08:41 - 2012-07-06 08:39 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\User\Documents\iexplorer.exe
2012-07-06 08:41 - 2010-01-01 18:11 - 00000000 ____D C:\ProgramData\HitmanPro
2012-07-06 08:40 - 2012-07-06 08:40 - 07718272 ____A (SurfRight B.V.) C:\Users\User\Documents\lala.exe
2012-07-05 14:48 - 2012-07-05 14:48 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-23 17:57 - 2012-06-23 17:57 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia
2012-06-18 20:09 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-18 20:09 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-18 20:09 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-18 20:09 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-18 20:09 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-18 20:09 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-18 20:09 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-18 20:09 - 2012-06-02 12:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-18 20:09 - 2012-06-02 12:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-13 16:18 - 2012-04-27 19:17 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 16:13 - 2012-04-30 20:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-13 16:13 - 2012-04-25 20:45 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-13 16:13 - 2012-04-25 20:45 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-13 16:13 - 2012-04-25 20:41 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-13 16:13 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-11 11:17 - 2012-06-11 11:17 - 00000000 ____D C:\Program Files\Belkin
2012-05-17 11:59 - 2012-05-17 11:59 - 00000422 ____A C:\Users\User\Desktop\BOLV RDS CURRENT.url
2012-05-16 06:23 - 2013-04-14 10:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2012-05-16 06:23 - 2012-05-16 06:23 - 00000000 ____D C:\ProgramData\Mozilla
2012-05-10 11:14 - 2012-07-02 19:36 - 13687542 ____A C:\Users\User\Downloads\attachments_2012_05_10.zip
2012-05-08 19:54 - 2012-03-16 23:27 - 00056176 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-05-02 09:17 - 2012-05-02 09:17 - 01070152 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCTL.OCX
2012-04-13 00:29 - 2012-04-13 00:29 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_lgvzandnetadb_01005.Wdf
2012-04-12 07:20 - 2012-04-13 04:40 - 00000000 ____D C:\Program Files\LG Electronics
2012-04-11 22:07 - 2012-04-11 22:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-04-11 00:01 - 2012-02-29 21:46 - 00019824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-04-11 00:01 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-04-11 00:01 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-04-06 06:02 - 2013-03-13 00:37 - 00693976 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-04-06 06:02 - 2013-02-10 08:09 - 00000000 ____D C:\Program Files\McAfee Security Scan
2012-04-06 06:02 - 2012-06-11 09:08 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2012-04-06 06:02 - 2012-04-06 06:02 - 00000000 ____D C:\ProgramData\McAfee
2012-04-06 06:02 - 2010-01-01 17:37 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-03-29 08:55 - 2012-03-29 08:55 - 00002135 ____A C:\Users\User\Desktop\LOCAL NOTICE TO MARINER - Shortcut.lnk
2012-03-19 06:54 - 2013-05-12 08:22 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3326981020-2771636885-3120950565-1000UA.job
2012-03-19 06:54 - 2013-05-10 16:22 - 00000874 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3326981020-2771636885-3120950565-1000Core.job
2012-03-19 06:54 - 2013-02-28 11:17 - 00000000 ____D C:\Users\User\AppData\Local\Google
2012-03-19 06:53 - 2012-03-19 06:54 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2012-03-19 06:53 - 2012-03-19 06:53 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0
2012-03-13 14:25 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-03-13 14:25 - 2012-02-16 20:13 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-03-10 15:32 - 2012-03-10 15:32 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-03-02 04:44 - 2012-03-02 04:48 - 36678184 ____A C:\Users\User\Downloads\LA_ENCs.zip
2012-02-14 20:12 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-02-14 20:12 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-02-14 20:12 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-13 13:23 - 2012-03-16 03:54 - 00001129 ____A C:\Users\Public\Desktop\GOM Player.lnk
2012-02-11 14:15 - 2013-02-14 09:52 - 00000534 ____A C:\Users\User\Desktop\BOAT CHANNELS.txt
2012-01-28 21:54 - 2012-01-28 21:54 - 00000000 _RASH C:\MSDOS.SYS
2012-01-28 21:54 - 2012-01-28 21:54 - 00000000 _RASH C:\IO.SYS
2012-01-25 15:03 - 2013-03-13 00:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-01-22 16:03 - 2012-01-22 16:03 - 00000000 ____D C:\Program Files\QuickTime
2012-01-20 12:30 - 2012-01-20 12:30 - 00776320 ____A (Adobe Systems Incorporated) C:\Users\User\Downloads\install_flashplayer11x32_mssa_aih.exe
2012-01-14 22:11 - 2012-01-14 22:11 - 00000000 ____D C:\Program Files\PartyGaming
2012-01-14 22:02 - 2012-01-14 22:02 - 00000000 ____D C:\Users\User\PARTYPokerDir
2012-01-13 13:40 - 2012-01-13 13:40 - 01277504 ____A (Ralink Technology Corp.) C:\Windows\System32\Drivers\netr28u.sys
2012-01-13 13:40 - 2012-01-13 13:40 - 00238944 ____A (Ralink Technology, Inc.) C:\Windows\System32\RaCoInst.dll
2012-01-13 13:40 - 2012-01-13 13:40 - 00014119 ____A C:\Windows\System32\RaCoInst.dat
2012-01-12 08:37 - 2011-11-16 21:35 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-01-12 08:37 - 2011-11-16 21:34 - 00100352 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-01-12 08:37 - 2011-11-16 21:34 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-01-12 08:37 - 2011-11-16 21:34 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-01-12 08:37 - 2011-11-16 21:32 - 01038848 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-01-12 08:37 - 2011-11-16 21:29 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-01-11 10:34 - 2011-11-19 06:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-01-11 10:34 - 2011-11-16 21:38 - 01288472 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-01-11 10:34 - 2011-10-25 20:32 - 01328128 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-01-11 10:34 - 2011-10-25 20:32 - 00514560 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-01-08 20:43 - 2012-01-08 20:43 - 00019641 ____A C:\Users\User\Downloads\ATT00001
2012-01-03 23:26 - 2013-05-11 04:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2012-01-03 23:26 - 2012-01-03 23:26 - 00001100 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-01-03 23:26 - 2012-01-03 23:26 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2011-12-30 07:39 - 2011-12-30 07:39 - 01707944 ____A C:\Users\User\Downloads\Network-Outfitters.exe
2011-12-30 07:39 - 2011-12-30 07:39 - 01707944 ____A C:\Users\User\Desktop\Network-Outfitters.exe
2011-12-19 18:34 - 2011-12-19 18:37 - 00000000 ____D C:\Capn_Exported_Marks
2011-12-19 17:59 - 2011-12-20 16:24 - 00000040 ____A C:\Windows\Tides.INI
2011-12-19 15:52 - 2011-12-19 15:53 - 00000000 ____D C:\Bsbchart
2011-12-19 11:55 - 2004-08-04 03:00 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\temp.021
2011-12-19 11:55 - 2004-08-04 00:56 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\temp.022
2011-12-19 11:55 - 2001-03-13 12:53 - 00326656 ____A (Microsoft Corporation) C:\Windows\System32\temp.020
2011-12-19 11:55 - 2001-03-13 12:47 - 00598288 ____A (Microsoft Corporation) C:\Windows\System32\temp.01B
2011-12-19 11:55 - 2001-03-13 12:47 - 00164112 ____A (Microsoft Corporation) C:\Windows\System32\temp.01C
2011-12-19 11:55 - 2001-03-13 12:47 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\temp.01E
2011-12-19 11:55 - 2001-03-13 12:45 - 00147728 ____A (Microsoft Corporation) C:\Windows\System32\temp.01D
2011-12-19 11:55 - 2000-08-20 19:00 - 01388544 ____A (Microsoft Corporation) C:\Windows\System32\temp.01F
2011-12-19 11:42 - 2011-12-19 11:42 - 00000681 ____A C:\Users\Public\Desktop\Capn Version 8.lnk
2011-12-19 11:42 - 2010-01-01 18:19 - 00000000 ____D C:\Capn Voyager
2011-12-19 11:42 - 2006-11-07 20:03 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\temp.017
2011-12-19 11:42 - 2005-07-22 10:00 - 00094208 ____A (Viscom Software ) C:\Windows\System32\ImageViewer2.OCX
2011-12-19 11:42 - 2005-04-15 14:58 - 01351392 ____A (Microsoft Corporation) C:\Windows\System32\Comctl32.ocx
2011-12-19 11:42 - 2004-10-05 10:40 - 00000611 ____A C:\Windows\System32\imageviewer.lpk
2011-12-19 11:42 - 2004-09-02 19:00 - 00212240 ____A (Microsoft Corporation) C:\Windows\System32\Richtx32.ocx
2011-12-19 11:42 - 2004-08-04 01:56 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\temp.01A
2011-12-19 11:42 - 2004-03-08 19:00 - 00662288 ____A (Microsoft Corporation) C:\Windows\System32\Mscomct2.ocx
2011-12-19 11:42 - 2002-08-29 03:00 - 01703936 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll
2011-12-19 11:42 - 2002-03-22 10:40 - 00444064 ____A (ComponentOne) C:\Windows\System32\Vsflex7l.ocx
2011-12-19 11:42 - 2001-03-13 13:53 - 00326656 ____A (Microsoft Corporation) C:\Windows\System32\temp.016
2011-12-19 11:42 - 2001-03-13 13:47 - 00598288 ____A (Microsoft Corporation) C:\Windows\System32\temp.011
2011-12-19 11:42 - 2001-03-13 13:47 - 00164112 ____A (Microsoft Corporation) C:\Windows\System32\temp.012
2011-12-19 11:42 - 2001-03-13 13:47 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\temp.014
2011-12-19 11:42 - 2001-03-13 13:45 - 00147728 ____A (Microsoft Corporation) C:\Windows\System32\temp.013
2011-12-19 11:42 - 2000-08-20 20:00 - 01388544 ____A (Microsoft Corporation) C:\Windows\System32\temp.015
2011-12-19 11:42 - 2000-03-30 01:26 - 00247192 ____A (VideoSoft) C:\Windows\System32\Vsocx6.ocx
2011-12-19 11:42 - 1999-11-23 07:51 - 00358088 ____A (VideoSoft) C:\Windows\System32\VsVIEW6.ocx
2011-12-19 11:42 - 1999-04-13 04:56 - 00131584 ____A (SuccessWare 90 Inc) C:\Windows\System32\Sde32.dll
2011-12-19 11:42 - 1999-02-09 09:46 - 00137728 ____A (Intel Corporation) C:\Windows\System32\ijl10.dll
2011-12-19 11:42 - 1999-02-01 18:19 - 00302088 ____A (Global Majic Software, Inc.) C:\Windows\System32\Strip.ocx
2011-12-19 11:42 - 1999-01-21 10:32 - 00222224 ____A (Global Majic Software, Inc.) C:\Windows\System32\AGauge.ocx
2011-12-19 11:42 - 1998-10-23 16:28 - 00099840 ____A (Global Majic Software, Inc.) C:\Windows\System32\Odometer.ocx
2011-12-19 11:42 - 1998-06-23 20:00 - 00103744 ____A (Microsoft Corporation) C:\Windows\System32\Mscomm32.ocx
2011-12-19 11:42 - 1998-06-23 19:00 - 00067376 ____A (Microsoft Corporation) C:\Windows\System32\Sysinfo.ocx
2011-12-19 11:42 - 1998-05-05 23:03 - 00266752 ____A (SuccessWare 90 Inc) C:\Windows\System32\SdeCDX32.dll
2011-12-19 11:42 - 1998-04-30 04:15 - 00167424 ____A (VideoSoft) C:\Windows\System32\VsData.ocx
2011-12-19 11:42 - 1996-11-13 16:53 - 00095104 ____A (VideoSoft) C:\Windows\System32\VSVBX.VBX
2011-12-19 11:42 - 1996-09-27 00:12 - 00216448 ____A (SuccessWare 90 Inc) C:\Windows\System32\Scdx2016.dll
2011-12-19 11:42 - 1996-09-27 00:12 - 00100448 ____A (SuccessWare 90 Inc) C:\Windows\System32\Sdebrow.vbx
2011-12-19 11:42 - 1996-09-27 00:12 - 00094720 ____A (SuccessWare 90 Inc) C:\Windows\System32\Sde2016.dll
2011-12-19 11:42 - 1996-09-26 08:20 - 00027937 ____A C:\Windows\System32\Pegraphs.hlp
2011-12-19 11:42 - 1996-06-17 13:44 - 00266240 ____A (Microsoft Corporation) C:\Windows\System32\temp.018
2011-12-19 11:42 - 1996-02-28 04:53 - 00921872 ____A (Microsoft Corporation) C:\Windows\System32\temp.019
2011-12-19 11:42 - 1995-03-31 09:38 - 00080088 ____A C:\Windows\System32\FOXPRINT.TTF
2011-12-19 11:42 - 1995-03-31 09:38 - 00001312 ____A C:\Windows\System32\FOXPRINT.FOT
2011-12-19 11:42 - 1995-01-10 22:00 - 00466944 ____A (Gigasoft) C:\Windows\System32\PEGRAPHS.DLL
2011-12-19 11:42 - 1995-01-09 22:00 - 00039120 ____A (Gigasoft, Inc.) C:\Windows\System32\PEGRPH.VBX
2011-12-19 11:42 - 1994-07-17 22:00 - 00071792 ____A (Gigasoft) C:\Windows\System32\PEGRPSVR.EXE
2011-12-19 11:42 - 1993-05-11 22:00 - 00398416 ____A (Microsoft Corporation) C:\Windows\System32\VBRUN300.DLL
2011-12-19 11:42 - 1993-04-28 05:00 - 00018688 ____A C:\Windows\System32\CMDIALOG.VBX
2011-12-19 11:42 - 1993-04-27 22:00 - 00030288 ____A (Microsoft Corporation) C:\Windows\System32\MSMASKED.VBX
2011-12-19 11:41 - 2011-12-19 11:41 - 00000000 ____D C:\Temp_Capn_Install
2011-12-19 11:41 - 2006-10-19 07:56 - 00713216 ____A (Microsoft Corporation) C:\Windows\System32\temp.007
2011-12-19 11:41 - 2005-07-25 22:39 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\temp.00A
2011-12-19 11:41 - 2005-05-04 12:45 - 02890240 ____A (Microsoft Corporation) C:\Windows\System32\temp.00E
2011-12-19 11:41 - 2004-08-04 06:00 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\temp.008
2011-12-19 11:41 - 2004-08-04 05:00 - 01028096 ____A (Microsoft Corporation) C:\Windows\System32\temp.010
2011-12-19 11:41 - 2004-08-04 05:00 - 00792064 ____A (Microsoft Corporation) C:\Windows\System32\temp.00B
2011-12-19 11:41 - 2004-08-04 05:00 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\temp.00D
2011-12-19 11:41 - 2004-08-04 05:00 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\temp.006
2011-12-19 11:41 - 2004-08-04 05:00 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\temp.00C
2011-12-19 11:41 - 2004-08-04 05:00 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\temp.009
2011-12-19 11:41 - 2004-08-04 05:00 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\MSLBUI.DLL
2011-12-19 11:41 - 2004-08-04 01:56 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\temp.00F
2011-12-19 11:41 - 2001-03-13 13:53 - 00326656 ____A (Microsoft Corporation) C:\Windows\System32\temp.005
2011-12-19 11:41 - 2001-03-13 13:49 - 00140288 ____N (Microsoft Corporation) C:\Windows\System32\COMDLG32.OCX
2011-12-19 11:41 - 2001-03-13 13:47 - 00598288 ____A (Microsoft Corporation) C:\Windows\System32\temp.000
2011-12-19 11:41 - 2001-03-13 13:47 - 00164112 ____A (Microsoft Corporation) C:\Windows\System32\temp.001
2011-12-19 11:41 - 2001-03-13 13:47 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\temp.003
2011-12-19 11:41 - 2001-03-13 13:45 - 00147728 ____A (Microsoft Corporation) C:\Windows\System32\temp.002
2011-12-19 11:41 - 2000-08-20 20:00 - 01388544 ____A (Microsoft Corporation) C:\Windows\System32\temp.004
2011-12-19 11:41 - 1998-06-24 11:56 - 00386872 ____A (Microsoft Corporation) C:\Windows\System32\MSWLESS.OCX
2011-12-19 11:41 - 1998-04-23 22:00 - 00368912 ____A (Microsoft Corporation) C:\Windows\System32\vbar332.dll
2011-12-18 22:00 - 2011-12-18 22:00 - 01269638 ____A C:\Users\User\Downloads\NewCarForWoman.wmv
2011-12-17 20:17 - 2011-12-17 20:17 - 00000000 ____D C:\Windows\Sun
2011-12-16 13:29 - 2013-02-19 04:23 - 00000000 ____D C:\Users\User\AppData\Roaming\dvdcss
2011-12-16 13:29 - 2011-12-16 13:29 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2011-12-16 13:28 - 2011-12-16 13:28 - 00000000 ____D C:\Program Files\VideoLAN
2011-12-16 13:08 - 2011-12-16 13:28 - 21073936 ____A C:\Users\User\Downloads\vlc-1.1.11-win32.exe
2011-12-16 13:01 - 2011-12-16 13:01 - 00000000 ____D C:\Users\User\AppData\Roaming\GRETECH
2011-12-16 12:59 - 2011-12-16 12:59 - 00000000 ____D C:\Program Files\GRETECH
2011-12-16 12:55 - 2011-12-16 12:58 - 07881576 ____A (Gretech Corporation) C:\Users\User\Downloads\GOMPLAYERENSETUP.EXE
2011-12-16 09:19 - 2013-05-12 06:24 - 00039750 ____A C:\Users\User\Desktop\HMG-MGI Daily Report (Cheryl K).xlsx
2011-12-16 07:53 - 2011-12-16 08:01 - 38808920 ____A (Microsoft Corporation) C:\Users\User\Downloads\FileFormatConverters.exe
2011-12-16 07:52 - 2011-12-16 07:52 - 00000000 ____D C:\Program Files\MSECache
2011-12-16 07:39 - 2013-02-18 12:38 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
2011-12-15 22:21 - 2011-12-15 22:23 - 00001355 ____A C:\Windows\TSSysprep.log
2011-12-15 22:20 - 2011-12-15 06:34 - 00000000 ____D C:\Windows\Panther
2011-12-15 16:38 - 2013-04-21 14:46 - 13212992 ____A C:\Users\User\Documents\1.nob
2011-12-15 16:28 - 2013-05-05 07:32 - 00000000 ____D C:\Users\User\Documents\MASTER COPY AND PASTE
2011-12-15 16:28 - 2013-03-18 07:03 - 00000000 ____D C:\Users\User\Documents\SAFETY MEETINGS
2011-12-15 16:28 - 2013-02-15 22:23 - 00000000 ____D C:\Users\User\Documents\LOCAL NOTICE TO MARINER
2011-12-15 15:51 - 2013-05-02 02:29 - 00000000 ____D C:\Users\User\AppData\Local\Rose Point Navigation Systems
2011-12-15 14:48 - 2013-05-12 06:26 - 00000000 ____D C:\ProgramData\Rose Point Navigation Systems
2011-12-15 14:48 - 2011-12-15 14:48 - 00001034 ____A C:\Users\Public\Desktop\Coastal Explorer.lnk
2011-12-15 14:44 - 2011-12-15 14:47 - 00000000 ____D C:\Charts
2011-12-15 14:39 - 2011-12-15 14:39 - 00001897 ____A C:\Users\User\Desktop\Microsoft Security Essentials.lnk
2011-12-15 14:37 - 2011-12-15 14:37 - 00001417 ____A C:\Users\User\Desktop\Internet Explorer.lnk
2011-12-15 14:36 - 2011-12-17 01:03 - 00002675 ____A C:\Users\User\Desktop\Microsoft Office Outlook 2003.lnk
2011-12-15 14:31 - 2011-12-15 14:33 - 00000000 ____D C:\Program Files\Coastal Explorer
2011-12-15 14:29 - 2013-02-20 04:26 - 00000000 ___RD C:\Users\User\Desktop\Lonnie T Data
2011-12-15 14:23 - 2011-12-15 14:23 - 00000376 ____A C:\Windows\ODBC.INI
2011-12-15 14:23 - 2007-04-09 11:23 - 00028040 ____A (Microsoft Corporation) C:\Windows\System32\mdimon.dll
2011-12-15 14:22 - 2012-01-21 08:50 - 00000000 ____D C:\Program Files\Microsoft Office
2011-12-15 14:22 - 2011-12-15 14:22 - 00000000 ____D C:\Windows\PCHEALTH
2011-12-15 14:22 - 2011-12-15 14:22 - 00000000 ____D C:\Program Files\Microsoft ActiveSync
2011-12-15 14:22 - 2011-12-15 14:22 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2011-12-15 14:21 - 2011-12-15 14:21 - 00000000 __RHD C:\MSOCache
2011-12-15 14:03 - 2011-12-15 14:03 - 00000000 ____D C:\Windows\{26F3D17D-4FF9-46D5-9255-A1F9FF6BD7E4}
2011-12-15 14:02 - 2011-12-15 14:02 - 00000000 ____D C:\Windows\{4626E3EA-85B3-464E-B296-F3F5488D8B08}
2011-12-15 07:31 - 2011-12-15 07:32 - 00000000 ____D C:\office2k7pre-install
2011-12-15 07:23 - 2011-11-10 03:54 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2011-12-15 07:23 - 2011-11-10 03:54 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2011-12-15 07:23 - 2011-11-10 03:54 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2011-12-15 07:22 - 2011-12-15 07:23 - 00004153 ____A C:\Windows\System32\jupdate-1.6.0_30-b12.log
2011-12-15 07:16 - 2011-12-15 14:22 - 00000000 ____D C:\Program Files\Microsoft.NET
2011-12-15 07:15 - 2011-12-15 07:18 - 00000000 ____D C:\Users\User\AppData\Roaming\JAM Software
2011-12-15 07:15 - 2011-12-15 07:15 - 00000000 ____D C:\Program Files\JAM Software
2011-12-15 07:12 - 2011-12-15 07:12 - 00000000 ____D C:\ProgramData\Sun
2011-12-15 07:12 - 2011-12-15 07:12 - 00000000 ____D C:\Program Files\Common Files\Java
2011-12-15 07:11 - 2011-12-15 07:23 - 00000000 ____D C:\Program Files\Java
2011-12-15 07:11 - 2011-11-10 03:54 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2011-12-15 07:10 - 2011-12-15 07:10 - 00000000 ____D C:\Program Files\TightVNC
2011-12-15 07:10 - 2011-03-24 18:58 - 00284672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2011-12-15 07:10 - 2011-03-24 18:58 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2011-12-15 07:10 - 2011-03-24 18:58 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2011-12-15 07:10 - 2011-03-24 18:57 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2011-12-15 07:10 - 2011-03-24 18:57 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2011-12-15 07:10 - 2011-03-24 18:57 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2011-12-15 07:10 - 2011-03-24 18:57 - 00005888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2011-12-15 07:10 - 2011-03-10 21:39 - 00148864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2011-12-15 07:10 - 2011-03-10 21:39 - 00143744 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2011-12-15 07:10 - 2011-03-10 21:39 - 00117120 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2011-12-15 07:10 - 2011-03-10 21:38 - 00332160 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2011-12-15 07:10 - 2011-03-10 21:38 - 00080256 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2011-12-15 07:10 - 2011-03-10 21:38 - 00022400 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2011-12-15 07:10 - 2011-03-10 21:33 - 01699328 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2011-12-15 07:10 - 2011-03-10 21:31 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2011-12-15 07:10 - 2011-03-10 20:01 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2011-12-15 07:10 - 2011-02-17 21:39 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-12-15 07:02 - 2011-12-15 07:02 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-12-15 07:02 - 2011-12-15 07:02 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-12-15 07:02 - 2011-12-15 07:02 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-12-15 07:02 - 2011-12-15 07:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-12-15 07:02 - 2011-12-15 07:02 - 00003449 ____A C:\Windows\IE9_main.log
2011-12-15 07:01 - 2013-05-02 07:28 - 00238872 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2011-12-15 07:00 - 2011-12-15 16:31 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2011-12-15 07:00 - 2011-12-15 07:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2011-12-15 07:00 - 2011-12-15 07:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2011-12-15 07:00 - 2011-12-15 07:00 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2011-12-15 06:59 - 2013-01-11 13:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2011-12-15 06:59 - 2011-12-15 07:00 - 00000000 ____D C:\Program Files\Adobe
2011-12-15 06:58 - 2013-03-13 00:37 - 00073432 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2011-12-15 06:58 - 2011-12-18 09:28 - 00000000 ____D C:\ProgramData\Adobe
2011-12-15 06:58 - 2011-12-15 16:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2011-12-15 06:58 - 2011-12-15 06:58 - 00000000 ____D C:\Windows\System32\Macromed
2011-12-15 06:58 - 2011-12-15 06:58 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2011-12-15 06:58 - 2011-12-15 06:58 - 00000000 ____D C:\Users\User\AppData\Local\Solid State Networks
2011-12-15 06:57 - 2013-04-10 00:01 - 70490256 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-12-15 06:57 - 2013-02-25 01:01 - 00001945 ____A C:\Windows\epplauncher.mif
2011-12-15 06:57 - 2012-11-16 09:33 - 00063544 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2011-12-15 06:56 - 2013-02-25 01:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2011-12-15 06:56 - 2011-05-03 20:34 - 01549312 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-12-15 06:56 - 2011-05-03 20:32 - 01401344 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-12-15 06:56 - 2011-05-03 20:32 - 00666624 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-12-15 06:56 - 2011-05-03 20:32 - 00337408 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-12-15 06:56 - 2011-05-03 20:32 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-12-15 06:56 - 2011-05-03 20:32 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-12-15 06:56 - 2011-05-03 20:28 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-12-15 06:56 - 2011-05-03 20:28 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-12-15 06:56 - 2011-05-03 20:28 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-12-15 06:56 - 2011-04-28 18:46 - 00311808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-12-15 06:56 - 2011-04-28 18:46 - 00310272 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-12-15 06:56 - 2011-04-28 18:46 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-12-15 06:56 - 2011-04-24 18:18 - 00338944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-15 06:56 - 2011-02-22 20:47 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-12-15 06:55 - 2011-10-14 21:38 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2011-12-15 06:55 - 2011-08-26 20:26 - 00571904 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-12-15 06:55 - 2011-08-26 20:26 - 00233472 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-12-15 06:55 - 2011-08-16 20:24 - 00465408 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-12-15 06:55 - 2011-08-16 20:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-12-15 06:55 - 2011-07-08 18:30 - 00223744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-12-15 06:55 - 2011-06-15 20:33 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-12-15 06:55 - 2011-06-15 00:55 - 00319488 ____A (Microsoft Corporation) C:\Windows\System32\odbcjt32.dll
2011-12-15 06:55 - 2011-06-15 00:55 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-12-15 06:55 - 2011-06-15 00:55 - 00122880 ____A (Microsoft Cor
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Hi nobodysktr and welcome to MalwareTips! :)

I'm Fiery and I would gladly assist you in removing the malware on your computer.

PLEASE NOTE: The first 3 posts of ALL new members require approval by mods/admins. Please be patient if you don't see your post immediately after submitting it.

Before we start:
  • Note that the removal process is not immediate. Depending on the severity of your infection, it could take a long time.
  • Malware removal can be dangerous. I cannot guarantee the safety of your system as malware can be unpredictable. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system. Therefore, I would advise you to backup all your important files before we start.
  • Please be patient and stay with me until I give you the green lights and inform you that your PC is clean.
  • Some tools may be flagged by your antivirus as harmful. Rest assure that ALL the tools we use are safe, the detections are false positives.
  • The absence of symptoms does not mean your PC is fully disinfected.
  • If you are unclear about the instructions, please stop and ask. Following the steps in the order that I post them in is vital.
  • Lastly, if you have requested help on other sites, that will delay and hinder the removal process. Please only stick to one site.

<hr>
Open notepad and copy & paste the following:

HKLM\...\Winlogon: [Shell] C:\ProgramData\DisplaySwitch.exe [x ] ()
2013-05-12 07:58 - 2013-05-12 07:58 - 00091648 ____A (Hilgraeve, Inc.) C:\ProgramData\DisplaySwitch.exe
HKLM\...\Run: [DisplaySwitch] "C:\ProgramData\DisplaySwitch.exe" [91648 2013-05-12] (Hilgraeve, Inc.)
Click to expand...

and save it as fixlist.txt onto your flash drive.

Then, boot to system recovery, plug in your flash drive, open FRST and click fix. Post the generated log.

Attempt to boot normally. If successful,

Download Malwarebytes Anti-Rootkit from here to your Desktop
  • Unzip the contents to a folder on your Desktop.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Make sure there is a check next to Create Restore Point and click the Cleanup button to remove any threats. Reboot if prompted to do so.
  • After the reboot, perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If there are threats, click Cleanup once more and reboot.
  • When done, please post the two logs in the MBAR folder(mbar-log.txt and system-log.txt)

Download TDSSkiller from here
  • Double-Click on TDSSKiller.exe to run the application
  • When TDSSkiller opens, click change parameters , check the box next to Loaded modules . A reboot will be required.
  • After reboot, TDSSKiller will run again. Click Change parameters again and make sure everything is checked.
    clip.jpg
  • click Start scan .
  • If a suspicious object is detected, the default action will be Skip, click on Continue. (If it saids TDL4/TDSS file system, select delete)
  • If malicious objects are found, ensure Cure (default) is selected, then click Continue and Reboot now to finish the cleaning process.

Post the log after (usually C:\ folder in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt
 

Similar threads

K
  • Locked
PowerShell/MaleficAms Powershell Infection Please Help
Replies
2
Views
2,501
Windows Malware Removal Help & Support
nasdaq
nasdaq
vtqhtr413
    • Like
    • Applause
Technology Windows 13 is everything Windows 11 should be
Replies
2
Views
539
Technology News
brambedkar59
brambedkar59
F
    • Like
  • Locked
Service Host: Network List Service...Virus?
Replies
11
Views
2,355
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top