bostonhatcher
Members-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by bostonhatcher
-
FBI MoneyPak Virus White Screen Safe Mode
bostonhatcher replied to bostonhatcher's topic in Resolved Malware Removal Logs
Results of screen317's Security Check version 0.99.68 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials (On Access scanning disabled!) Error obtaining update status for antivirus! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 37 Java 7 Update 25 Java SE Runtime Environment 6 Update 1 Adobe Reader XI Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.116 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 8% ````````````````````End of Log`````````````````````` -
FBI MoneyPak Virus White Screen Safe Mode
bostonhatcher replied to bostonhatcher's topic in Resolved Malware Removal Logs
Seems like there was quite a bit of spyware AdwCleanerR1.txt AdwCleanerS1.txt -
FBI MoneyPak Virus White Screen Safe Mode
bostonhatcher replied to bostonhatcher's topic in Resolved Malware Removal Logs
Here's the combofix log ComboFix.txt -
FBI MoneyPak Virus White Screen Safe Mode
bostonhatcher replied to bostonhatcher's topic in Resolved Malware Removal Logs
Thanks. TDSSKiller ran just fine and only found one suspicious file. The log is attached. TDSSKiller.2.8.18.0_21.06.2013_07.51.26_log.txt TDSSKiller.2.8.18.0_21.06.2013_07.52.59_log.txt TDSSKiller.2.8.18.0_21.06.2013_07.54.11_log.txt -
FBI MoneyPak Virus White Screen Safe Mode
bostonhatcher replied to bostonhatcher's topic in Resolved Malware Removal Logs
Thanks a bunch I'm back in Windows. I can't run the anti-rootkit because it says the volume is corrupted. Any ideas? Here's the logs... Fixlog.txt system-log.txt -
I can't get into safe mode it just displays a white screen. Can someone take a look at my log and make a fixlist? Thanks in advance! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2013Ran by Boston (administrator) on 20-06-2013 19:48:18Running from E:\Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Safe Mode (minimal) ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\cmd.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)HKLM\...\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe [741800 2012-06-14] (Apple Inc.)HKLM\...\Run: [Daemon for Mouse Suite] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE 60 [x]HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [717696 2010-01-16] (Microsoft Corporation)HKCU\...\Run: [HP Photosmart 7510 series (NET)] "C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AJ2504W05PX:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1 [2573416 2012-10-17] (Hewlett-Packard Co.)HKCU\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4272640 2012-09-12] (Microsoft Corporation)HKCU\...\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)HKCU\...\Run: [Adobe CSS5.1 Manager] C:\Users\Boston\AppData\Local\496b3014-dc7e-46b7-a44a-8b9579a45103ad\bdcebaabaad.exe [266240 2013-06-18] () <===== ATTENTIONHKCU\...\Run: [Google] rundll32 "C:\Users\Boston\AppData\Local\Apps\Google\locmcdfppa.dll",DllRegisterServer [1856000 2013-06-20] () <===== ATTENTIONHKCU\...\Run: [installCore] Rundll32.exe C:\Users\Boston\AppData\Local\InstallCore\ttskaxzs.dll,dZLmujMkXyVNxQylVwgUnmflOnr [593408 2013-06-20] (?????????? ??????????) <===== ATTENTIONHKCU\...\Winlogon: [shell] C:\Users\Boston\AppData\Roaming\dbu32.ocx,explorer.exe <==== ATTENTION HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [52392 2009-01-29] (Elaborate Bytes AG)HKLM-x32\...\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291096 2012-06-13] (Intel Corporation)HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM-x32\...\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [856064 2011-03-09] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [495616 2011-03-09] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [979328 2010-10-12] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)Startup: C:\ProgramData\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnkShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.)Startup: C:\ProgramData\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnkShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault SystËmes SolidWorks Corp.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCU SearchScopes: DefaultScope {9F83833B-397F-4768-B750-B134813E45B0} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}SearchScopes: HKCU - {50DF24ED-5624-4CFF-A646-5C8830103D3D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826&CUI=UN28946629612001920&UM=2SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browser/howfytdl/{B199E4E6-6A5C-448F-9003-79C94E88A8B9}?q={searchTerms}SearchScopes: HKCU - {9F83833B-397F-4768-B750-B134813E45B0} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabTcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: =======CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No FileCHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) ==================== Services (Whitelisted) ================= S2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224680 2012-06-14] ()S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)S2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [218248 2013-02-22] (Mentor Graphics Corporation) ==================== Drivers (Whitelisted) ==================== R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2010-12-22] (Apple Inc.)R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [38912 2010-12-22] (Apple Inc.)S3 B57ports; C:\Windows\System32\DRIVERS\b57ports.sys [44544 2012-06-13] (Broadcom Corporation)S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()S3 Svk2pl; C:\Windows\System32\DRIVERS\Svk2pl64.sys [97280 2010-04-01] (Gigaware)S3 SVK9PL; C:\Windows\System32\DRIVERS\SVK9PL64.sys [158720 2012-12-17] (Gigaware)S2 npf; \??\C:\Windows\system32\drivers\npf.sys [x]S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-20 19:48 - 2013-06-20 19:48 - 00000000 ____D C:\FRST2013-06-20 18:59 - 2013-06-20 18:59 - 00000000 ____D C:\ProgramData\srej2013-06-20 09:04 - 2013-06-20 14:24 - 01538048 ____A C:\Users\Boston\Documents\wheel.SLDPRT2013-06-19 08:39 - 2013-06-20 08:58 - 00000000 ____D C:\Users\Boston\AppData\Local\Apps\Google2013-06-18 15:24 - 2013-06-18 15:24 - 00909824 ____A C:\Users\Boston\Downloads\RogueKiller.exe2013-06-18 14:44 - 2013-06-18 15:16 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Qyduog2013-06-18 14:44 - 2013-06-18 15:16 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ebura2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Veefuk2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Tuez2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Geim2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ahdeit2013-06-18 14:43 - 2013-06-18 14:43 - 00266240 ____A C:\Users\Boston\chrome.exe2013-06-18 14:43 - 2013-06-18 14:43 - 00000000 ____A C:\Users\Boston\jqs.exe2013-06-18 14:24 - 2013-06-18 15:16 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ocacod2013-06-18 14:24 - 2013-06-18 15:16 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Iltas2013-06-18 14:24 - 2013-06-18 14:47 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ixaqab2013-06-18 14:24 - 2013-06-18 14:24 - 00266240 ____A C:\Users\Boston\vlcplayer.exe2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Oguxg2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ixqaok2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Aqve2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Local\496b3014-dc7e-46b7-a44a-8b9579a45103ad2013-06-18 14:22 - 2013-06-18 14:22 - 00000964 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-06-18 14:22 - 2013-06-18 14:22 - 00000000 ____D C:\Users\Boston\Downloads\mbam-chameleon-1.62.1.10002013-06-18 14:21 - 2013-06-18 14:21 - 01440846 ____A C:\Users\Boston\Downloads\mbam-chameleon-1.62.1.1000.zip2013-06-18 14:20 - 2013-06-18 14:20 - 00000087 ____A C:\Users\Boston\AppData\Roaming\avbase.dat2013-06-18 12:46 - 2013-06-18 12:46 - 00000000 ____A C:\Users\Boston\windowsupdate.exe2013-06-18 11:23 - 2013-06-18 11:23 - 00000000 ____D C:\Users\Boston\AppData\Roaming\wabEventSupport162013-06-17 14:03 - 2013-06-17 14:19 - 00525824 ____A C:\Users\Boston\Documents\compressorwheel.SLDPRT2013-06-17 11:22 - 2013-06-20 19:14 - 00000000 ____D C:\Users\Boston\AppData\Local\InstallCore2013-06-16 03:00 - 2013-06-08 09:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-06-16 03:00 - 2013-06-08 09:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-06-16 03:00 - 2013-06-08 09:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-06-16 03:00 - 2013-06-08 09:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-06-16 03:00 - 2013-06-08 09:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-06-16 03:00 - 2013-06-08 07:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-06-16 03:00 - 2013-06-08 06:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-06-16 03:00 - 2013-06-08 06:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-06-16 03:00 - 2013-06-08 06:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-06-16 03:00 - 2013-06-08 06:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-06-16 03:00 - 2013-06-08 06:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-06-16 03:00 - 2013-06-08 06:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-06-13 07:41 - 2013-05-16 20:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-06-13 07:41 - 2013-05-16 20:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-06-13 07:41 - 2013-05-16 20:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-06-13 07:41 - 2013-05-16 20:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-06-13 07:41 - 2013-05-16 20:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-06-13 07:41 - 2013-05-16 20:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-06-13 07:41 - 2013-05-16 20:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-06-13 07:41 - 2013-05-16 20:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-06-13 07:41 - 2013-05-16 19:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-06-13 07:41 - 2013-05-16 19:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-06-13 07:41 - 2013-05-16 19:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-06-13 07:41 - 2013-05-16 19:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-06-13 07:41 - 2013-05-16 19:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-06-13 07:41 - 2013-05-16 19:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-06-13 07:41 - 2013-05-16 19:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-06-13 07:41 - 2013-05-16 19:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-06-13 07:41 - 2013-05-16 19:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-06-13 07:41 - 2013-05-14 07:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-06-13 07:41 - 2013-05-14 03:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-06-12 09:49 - 2013-05-08 01:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys2013-06-12 09:48 - 2013-05-13 00:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll2013-06-12 09:48 - 2013-05-13 00:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll2013-06-12 09:48 - 2013-05-13 00:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll2013-06-12 09:48 - 2013-05-13 00:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll2013-06-12 09:48 - 2013-05-12 23:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2013-06-12 09:48 - 2013-05-12 23:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2013-06-12 09:48 - 2013-05-12 23:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2013-06-12 09:48 - 2013-05-12 22:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe2013-06-12 09:48 - 2013-05-12 22:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe2013-06-12 09:48 - 2013-05-12 22:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll2013-06-12 09:48 - 2013-05-10 00:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll2013-06-12 09:48 - 2013-05-09 22:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll2013-06-12 09:48 - 2013-04-26 00:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll2013-06-12 09:48 - 2013-04-25 23:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll2013-06-12 09:48 - 2013-04-25 18:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll2013-06-12 09:48 - 2013-04-17 02:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2013-06-12 09:48 - 2013-04-17 01:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll2013-06-12 09:48 - 2013-03-31 17:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll2013-06-10 07:44 - 2013-06-10 07:44 - 00001791 ____A C:\Users\Public\Desktop\iTunes.lnk2013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\Program Files\iTunes2013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\Program Files\iPod2013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\Program Files (x86)\iTunes2013-06-07 16:42 - 2013-06-07 16:42 - 00000000 ____D C:\Users\Boston\AppData\Roaming\CircuitWorks2013-06-04 10:25 - 2013-06-04 10:25 - 00000000 ____D C:\Users\Boston\AppData\Roaming\aHisoft2013-06-04 10:24 - 2013-06-04 10:25 - 27609739 ____A (aHisoft ) C:\Users\Boston\Downloads\Video-Download-Studio.exe2013-06-02 17:58 - 2013-06-02 17:58 - 00000000 ____D C:\Users\Boston\Documents\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00001896 ____A C:\Users\Public\Desktop\Garmin Express.lnk2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\Users\Boston\AppData\Local\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\ProgramData\Package Cache2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\ProgramData\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\Program Files (x86)\Garmin2013-06-01 20:28 - 2013-06-01 20:29 - 00000000 ____D C:\Users\Boston\Downloads\Family Guy S11E22 HDTV x264-LOL[ettv]2013-05-31 13:39 - 2013-05-31 13:39 - 00000000 ____D C:\Users\Boston\AppData\Roaming\CADClick2013-05-28 17:13 - 2013-05-28 17:13 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2013-05-28 17:13 - 2013-05-28 17:13 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-05-28 17:13 - 2013-05-28 17:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-05-28 17:13 - 2013-05-28 17:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat2013-05-28 17:13 - 2013-05-28 17:13 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec2013-05-28 17:13 - 2013-05-28 17:13 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-05-28 17:13 - 2013-05-28 17:13 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx2013-05-28 17:13 - 2013-05-28 17:13 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-05-28 17:13 - 2013-05-28 17:13 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-05-28 17:12 - 2013-05-28 17:14 - 00006895 ____A C:\Windows\IE10_main.log2013-05-28 16:59 - 2013-06-04 10:45 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Slick Savings2013-05-28 16:59 - 2013-05-28 16:59 - 00000000 ____D C:\Users\Boston\AppData\Local\Slick Savings2013-05-28 09:32 - 2013-06-18 14:03 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe2013-05-27 21:41 - 2013-05-27 21:42 - 20977845 ____A C:\Users\Boston\Downloads\Week 2 Lab 1 nikon seeing red NEW (1).pptx2013-05-27 21:38 - 2013-05-27 21:39 - 20977845 ____A C:\Users\Boston\Downloads\Week 2 Lab 1 nikon seeing red NEW.pptx2013-05-27 21:34 - 2013-05-27 21:34 - 12053372 ____A C:\Users\Boston\Desktop\seeing red_Pennington.zip2013-05-27 21:26 - 2013-05-27 21:33 - 00000000 ____D C:\Users\Boston\Desktop\seeing red_Pennington2013-05-24 11:35 - 2013-05-24 11:35 - 00001853 ____A C:\Users\Public\Desktop\QuickTime Player.lnk2013-05-24 11:35 - 2013-05-24 11:35 - 00000000 ____D C:\Program Files (x86)\QuickTime2013-05-21 09:48 - 2013-05-21 09:48 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Kits ==================== One Month Modified Files and Folders ======= 2013-06-20 19:48 - 2013-06-20 19:48 - 00000000 ____D C:\FRST2013-06-20 19:48 - 2009-07-14 00:13 - 00779130 ____A C:\Windows\System32\PerfStringBackup.INI2013-06-20 19:46 - 2012-11-13 01:51 - 01467264 ____A C:\Windows\WindowsUpdate.log2013-06-20 19:18 - 2009-07-13 23:51 - 00097491 ____A C:\Windows\setupact.log2013-06-20 19:17 - 2013-03-22 20:47 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-06-20 19:17 - 2013-03-06 17:35 - 00000000 ____D C:\Users\Boston\Tracing2013-06-20 19:17 - 2012-11-13 01:52 - 00000000 ____D C:\ProgramData\NVIDIA2013-06-20 19:17 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT2013-06-20 19:14 - 2013-06-17 11:22 - 00000000 ____D C:\Users\Boston\AppData\Local\InstallCore2013-06-20 19:14 - 2013-03-06 17:33 - 00000000 ____D C:\Users\Boston\AppData\Local\Windows Live2013-06-20 18:59 - 2013-06-20 18:59 - 00000000 ____D C:\ProgramData\srej2013-06-20 18:59 - 2013-02-28 17:39 - 00000000 ____D C:\Users\Boston\AppData\Local\VirtualStore2013-06-20 18:58 - 2013-03-22 20:47 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-06-20 18:57 - 2013-05-16 08:47 - 00000000 ____D C:\Users\Boston\Documents\Outlook Files2013-06-20 18:44 - 2013-04-23 23:05 - 00002191 ____A C:\Users\Public\Desktop\Google Chrome.lnk2013-06-20 18:43 - 2009-07-13 23:45 - 00022928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-06-20 18:43 - 2009-07-13 23:45 - 00022928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-06-20 14:28 - 2013-05-09 14:21 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Luxology2013-06-20 14:24 - 2013-06-20 09:04 - 01538048 ____A C:\Users\Boston\Documents\wheel.SLDPRT2013-06-20 08:58 - 2013-06-19 08:39 - 00000000 ____D C:\Users\Boston\AppData\Local\Apps\Google2013-06-20 08:18 - 2013-02-05 20:33 - 00000000 ____D C:\Users\Boston\AppData\Local\TempSWBackupDirectory2013-06-20 08:08 - 2012-11-13 20:30 - 00000000 ____D C:\Users\Boston\AppData\Roaming\SolidWorks2013-06-19 13:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NDF2013-06-19 09:10 - 2013-05-09 07:50 - 00000000 ____D C:\Users\Public\Documents\Operational Solutions2013-06-18 15:48 - 2010-11-20 22:47 - 00080516 ____A C:\Windows\PFRO.log2013-06-18 15:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources2013-06-18 15:24 - 2013-06-18 15:24 - 00909824 ____A C:\Users\Boston\Downloads\RogueKiller.exe2013-06-18 15:16 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Qyduog2013-06-18 15:16 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ebura2013-06-18 15:16 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ocacod2013-06-18 15:16 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Iltas2013-06-18 15:16 - 2012-11-13 01:49 - 00000000 ____D C:\users\Boston2013-06-18 14:47 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ixaqab2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Veefuk2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Tuez2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Geim2013-06-18 14:44 - 2013-06-18 14:44 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ahdeit2013-06-18 14:43 - 2013-06-18 14:43 - 00266240 ____A C:\Users\Boston\chrome.exe2013-06-18 14:43 - 2013-06-18 14:43 - 00000000 ____A C:\Users\Boston\jqs.exe2013-06-18 14:24 - 2013-06-18 14:24 - 00266240 ____A C:\Users\Boston\vlcplayer.exe2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Oguxg2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Ixqaok2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Aqve2013-06-18 14:24 - 2013-06-18 14:24 - 00000000 ____D C:\Users\Boston\AppData\Local\496b3014-dc7e-46b7-a44a-8b9579a45103ad2013-06-18 14:22 - 2013-06-18 14:22 - 00000964 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-06-18 14:22 - 2013-06-18 14:22 - 00000000 ____D C:\Users\Boston\Downloads\mbam-chameleon-1.62.1.10002013-06-18 14:22 - 2013-02-11 01:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-06-18 14:21 - 2013-06-18 14:21 - 01440846 ____A C:\Users\Boston\Downloads\mbam-chameleon-1.62.1.1000.zip2013-06-18 14:20 - 2013-06-18 14:20 - 00000087 ____A C:\Users\Boston\AppData\Roaming\avbase.dat2013-06-18 14:03 - 2013-05-28 09:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe2013-06-18 14:03 - 2012-11-12 20:11 - 00000000 ____D C:\Users\Boston\AppData\Roaming\BitTorrent2013-06-18 14:03 - 2012-11-12 19:59 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Adobe2013-06-18 14:00 - 2012-11-12 22:22 - 00000000 ____D C:\Program Files (x86)\Adobe2013-06-18 14:00 - 2012-11-12 22:21 - 00000000 ____D C:\ProgramData\Adobe2013-06-18 12:46 - 2013-06-18 12:46 - 00000000 ____A C:\Users\Boston\windowsupdate.exe2013-06-18 11:23 - 2013-06-18 11:23 - 00000000 ____D C:\Users\Boston\AppData\Roaming\wabEventSupport162013-06-17 14:19 - 2013-06-17 14:03 - 00525824 ____A C:\Users\Boston\Documents\compressorwheel.SLDPRT2013-06-17 11:22 - 2013-02-05 20:32 - 00000000 ____D C:\Users\Boston\AppData\Local\SolidWorks2013-06-15 13:04 - 2013-05-14 19:14 - 00008956 ____A C:\Users\Public\Documents\Jeff's Bill.xlsx2013-06-13 16:35 - 2013-02-27 18:58 - 00000000 ____D C:\Windows\rescache2013-06-13 07:41 - 2012-11-13 01:49 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-06-13 07:40 - 2012-11-27 13:19 - 00773346 ____A C:\Windows\SysWOW64\PerfStringBackup.INI2013-06-10 07:44 - 2013-06-10 07:44 - 00001791 ____A C:\Users\Public\Desktop\iTunes.lnk2013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\Program Files\iTunes2013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\Program Files\iPod2013-06-10 07:44 - 2013-06-10 07:44 - 00000000 ____D C:\Program Files (x86)\iTunes2013-06-08 09:08 - 2013-06-16 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-06-08 09:07 - 2013-06-16 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-06-08 09:06 - 2013-06-16 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-06-08 09:06 - 2013-06-16 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-06-08 09:06 - 2013-06-16 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-06-08 07:28 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-06-08 06:42 - 2013-06-16 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-06-08 06:40 - 2013-06-16 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-06-08 06:40 - 2013-06-16 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-06-08 06:40 - 2013-06-16 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-06-08 06:40 - 2013-06-16 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-06-08 06:13 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-06-07 16:42 - 2013-06-07 16:42 - 00000000 ____D C:\Users\Boston\AppData\Roaming\CircuitWorks2013-06-04 10:45 - 2013-05-28 16:59 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Slick Savings2013-06-04 10:45 - 2013-05-14 10:18 - 00000000 ____D C:\Users\Boston\AppData\Local\Conduit2013-06-04 10:25 - 2013-06-04 10:25 - 00000000 ____D C:\Users\Boston\AppData\Roaming\aHisoft2013-06-04 10:25 - 2013-06-04 10:24 - 27609739 ____A (aHisoft ) C:\Users\Boston\Downloads\Video-Download-Studio.exe2013-06-02 17:58 - 2013-06-02 17:58 - 00000000 ____D C:\Users\Boston\Documents\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00001896 ____A C:\Users\Public\Desktop\Garmin Express.lnk2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\Users\Boston\AppData\Local\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\ProgramData\Package Cache2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\ProgramData\Garmin2013-06-02 17:57 - 2013-06-02 17:57 - 00000000 ____D C:\Program Files (x86)\Garmin2013-06-01 20:51 - 2012-11-12 20:11 - 00000000 ____D C:\Program Files\PeerBlock2013-06-01 20:29 - 2013-06-01 20:28 - 00000000 ____D C:\Users\Boston\Downloads\Family Guy S11E22 HDTV x264-LOL[ettv]2013-05-31 13:39 - 2013-05-31 13:39 - 00000000 ____D C:\Users\Boston\AppData\Roaming\CADClick2013-05-28 17:27 - 2012-11-13 18:31 - 00000000 ____D C:\Users\Boston\AppData\Local\Adobe2013-05-28 17:26 - 2009-07-13 23:45 - 05057872 ____A C:\Windows\System32\FNTCACHE.DAT2013-05-28 17:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-05-28 17:14 - 2013-05-28 17:12 - 00006895 ____A C:\Windows\IE10_main.log2013-05-28 17:13 - 2013-05-28 17:13 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2013-05-28 17:13 - 2013-05-28 17:13 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-05-28 17:13 - 2013-05-28 17:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-05-28 17:13 - 2013-05-28 17:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat2013-05-28 17:13 - 2013-05-28 17:13 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec2013-05-28 17:13 - 2013-05-28 17:13 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-05-28 17:13 - 2013-05-28 17:13 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx2013-05-28 17:13 - 2013-05-28 17:13 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-05-28 17:13 - 2013-05-28 17:13 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-05-28 17:13 - 2013-05-28 17:13 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe2013-05-28 17:13 - 2013-05-28 17:13 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-05-28 16:59 - 2013-05-28 16:59 - 00000000 ____D C:\Users\Boston\AppData\Local\Slick Savings2013-05-28 16:59 - 2013-03-06 17:40 - 00000000 ____D C:\ProgramData\YTD Video Downloader2013-05-28 16:59 - 2013-03-06 17:39 - 00001293 ____A C:\Users\Public\Desktop\YTD Video Downloader.lnk2013-05-28 09:36 - 2013-02-28 17:32 - 00121784 ____A C:\Users\Boston\AppData\Local\GDIPFONTCACHEV1.DAT2013-05-28 09:36 - 2013-02-05 20:33 - 00000000 ____D C:\Users\Boston\AppData\Roaming\NVIDIA2013-05-27 21:42 - 2013-05-27 21:41 - 20977845 ____A C:\Users\Boston\Downloads\Week 2 Lab 1 nikon seeing red NEW (1).pptx2013-05-27 21:39 - 2013-05-27 21:38 - 20977845 ____A C:\Users\Boston\Downloads\Week 2 Lab 1 nikon seeing red NEW.pptx2013-05-27 21:34 - 2013-05-27 21:34 - 12053372 ____A C:\Users\Boston\Desktop\seeing red_Pennington.zip2013-05-27 21:33 - 2013-05-27 21:26 - 00000000 ____D C:\Users\Boston\Desktop\seeing red_Pennington2013-05-24 11:35 - 2013-05-24 11:35 - 00001853 ____A C:\Users\Public\Desktop\QuickTime Player.lnk2013-05-24 11:35 - 2013-05-24 11:35 - 00000000 ____D C:\Program Files (x86)\QuickTime2013-05-21 09:48 - 2013-05-21 09:48 - 00000000 ____D C:\Users\Boston\AppData\Roaming\Kits Files to move or delete:====================C:\Users\Boston\chrome.exeC:\Users\Boston\jqs.exeC:\Users\Boston\vlcplayer.exeC:\Users\Boston\windowsupdate.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-13 12:37 ==================== End Of Log ============================