Andrew12

January 15, 2013

Just found out I can't right click LAN Connection. If I right click it nothing comes up, I'm logged in as admin.

January 14, 2013

ok

January 11, 2013

Here are the logs

mbar-log-2012-11-09 (13-59-49).txt

mbar-log-2012-11-09 (16-56-32).txt

system-log.txt

January 11, 2013

Sorry for the delay, I'm stilll here will upload the log today.

January 9, 2013

Yes it does.

January 9, 2013

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winmgmt deleted successfully.

C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll moved successfully.

winmgmt removed from NetSvcs value successfully!

File C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll not found.

C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad moved successfully.

C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.js moved successfully.

File C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll not found.

File C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.js not found.

File C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad not found.

OTLPE by OldTimer - Version 3.1.48.0 log created on 11092012_122516

January 9, 2013

OTL logfile created on: 11/9/2012 11:10:32 AM - Run

OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74.44 Gb Total Space | 52.45 Gb Free Space | 70.45% Space Free | Partition Type: NTFS

Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (HidServ)

SRV - [2012/12/17 05:55:03 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/12/11 05:55:21 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/11/24 12:49:14 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/11/09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/11/08 21:33:31 | 000,259,072 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll -- (winmgmt)

SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2012/09/05 10:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)

SRV - [2011/07/26 14:41:48 | 000,212,328 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe -- (Rockwell Tag Server)

SRV - [2011/07/26 14:40:52 | 000,106,344 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe -- (Rockwell HMI Diagnostics)

SRV - [2011/05/27 17:50:02 | 000,224,104 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Common Files\Rockwell\RsvcHost.exe -- (RsvcHost)

SRV - [2011/05/27 17:44:04 | 000,922,984 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Common Files\Rockwell\RnaDirServer.exe -- (RNADirectory)

SRV - [2011/05/27 17:43:36 | 001,049,448 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe -- (RNADirMultiplexor)

SRV - [2011/05/27 17:43:18 | 000,245,096 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe -- (RNADiagReceiver)

SRV - [2011/05/27 17:42:58 | 000,030,056 | ---- | M] (Rockwell Automation Inc.) [Auto] -- C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe -- (RNADiagnosticsService)

SRV - [2011/05/27 17:39:32 | 000,224,104 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Common Files\Rockwell\RdcyHost.exe -- (RdcyHost)

SRV - [2011/05/27 17:37:06 | 000,224,104 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Common Files\Rockwell\NmspHost.exe -- (NmspHost)

SRV - [2011/05/27 17:27:22 | 000,250,216 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Common Files\Rockwell\EventServer.exe -- (EventServer)

SRV - [2011/05/27 17:27:02 | 000,334,696 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe -- (EventClientMultiplexer)

SRV - [2011/05/05 15:03:50 | 000,202,088 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE -- (Harmony)

SRV - [2011/01/08 17:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe -- (FCSAM)

SRV - [2010/11/03 16:57:40 | 000,246,120 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe -- (RSLinxNG)

SRV - [2010/11/03 16:57:34 | 000,080,232 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Rockwell Software\RSLinx Enterprise\LogReceiver.exe -- (LogReceiver)

SRV - [2010/10/26 00:50:32 | 000,104,960 | ---- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\PcidsService.exe -- (1784-PCIDS DeviceNet)

SRV - [2010/10/26 00:47:40 | 000,085,504 | ---- | M] () [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe -- (SimModuleService)

SRV - [2010/09/24 18:19:10 | 001,996,408 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Rockwell Software\RSLinx\RSLINX.EXE -- (RSLinx)

SRV - [2010/08/26 10:09:38 | 000,387,432 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Rockwell Software\RSOPC Gateway\RSOPCGateway.exe -- (FactoryTalk Gateway)

SRV - [2010/08/11 20:07:08 | 000,116,072 | ---- | M] (Rockwell Automation, Inc.) [Auto] -- C:\Program Files\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe -- (FTActivationBoost)

SRV - [2010/05/17 23:07:14 | 001,122,568 | R--- | M] (Acresso Software Inc.) [Auto] -- C:\Program Files\Rockwell Software\FactoryTalk Activation\lmgrd.exe -- (FactoryTalk Activation Service)

SRV - [2008/06/04 14:04:32 | 000,099,728 | ---- | M] (Rockwell Automation, Inc.) [On_Demand] -- C:\Program Files\Rockwell Software\RSLinx\dnwhodisp.exe -- (dnWhoDisp)

SRV - [2007/04/06 04:12:48 | 000,073,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe -- (FcsSas)

SRV - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®

SRV - [2007/02/19 14:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto] -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)

SRV - [2005/11/25 10:11:02 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand] -- C:\WINDOWS\system32\OpcEnum.exe -- (OpcEnum)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot9)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot8)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot7)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot6)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot5)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot4)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot3)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot2)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot16)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot15)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot14)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot13)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot12)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot11)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot10)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot1)

SRV - [2005/07/08 08:21:46 | 001,425,408 | R--- | M] (Rockwell Automation) [On_Demand] -- C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe -- (EmuLogix 5868 Slot0)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)

DRV - File not found [Kernel | System] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand] -- -- (pcidnt)

DRV - File not found [Kernel | System] -- -- (lbrtfdc)

DRV - File not found [Kernel | System] -- -- (i2omgmt)

DRV - File not found [Kernel | System] -- -- (Changer)

DRV - [2010/10/26 00:45:14 | 000,063,512 | ---- | M] (Rockwell Automation) [Kernel | System] -- C:\WINDOWS\system32\drivers\VirtualBackplane.sys -- (VirtualBackplane)

DRV - [2010/09/24 16:38:42 | 000,155,440 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\RSSERIAL.SYS -- (RSSERIAL)

DRV - [2010/09/24 16:38:42 | 000,039,067 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\RSIKT.SYS -- (RsiKtControl)

DRV - [2010/08/10 15:26:58 | 000,064,840 | ---- | M] (Rockwell Software, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PcmkWdm.sys -- (PcmkWdm)

DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)

DRV - [2007/02/25 06:05:24 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®

DRV - [2007/02/21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)

DRV - [2007/02/19 14:27:34 | 001,228,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2007/02/16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2006/08/18 13:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)

DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)

DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)

DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)

DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)

DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)

DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)

DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)

DRV - [2006/08/11 10:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)

DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)

DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)

DRV - [2002/11/13 13:38:40 | 000,016,447 | ---- | M] (Rockwell Automation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\RSI-PKTX-A.SYS -- (RSI-PKTX-A)

DRV - [2002/04/23 18:02:26 | 000,038,999 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\RSIKTNG.SYS -- (RSLINXNGKtControl)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\admin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\tkitchen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\tkitchen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKU\tkitchen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EA FC 27 D0 B3 DE CD 01 [binary data]

IE - HKU\tkitchen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/11 05:55:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/11/02 19:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tkitchen\Application Data\Mozilla\Extensions

[2012/11/24 12:12:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tkitchen\Application Data\Mozilla\Firefox\Profiles\1omirmy1.default\extensions

[2012/11/02 19:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

File not found (No name found) --

() (No name found) -- C:\DOCUMENTS AND SETTINGS\TKITCHEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\1OMIRMY1.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI

[2012/12/11 05:55:25 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/10/24 12:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/10/24 12:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)

O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)

O4 - HKLM..\Run: [Microsoft Forefront Client Security Antimalware Service] C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)

O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)

O4 - HKLM..\Run: [usbCipHelper] C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe (Rockwell Automation, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Documents and Settings\tkitchen\Start Menu\Programs\Startup\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\rkadmin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\tkitchen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1306934861531 (MUWebControl Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/05/31 15:56:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: winmgmt - C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll (Корпорация Майкрософт)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/21 18:07:58 | 000,000,000 | R-SD | C] -- C:\assembly

[2012/12/14 17:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Application Data\Skype

[2012/12/14 17:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype

[2012/12/14 17:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2012/12/14 17:27:45 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2012/12/14 17:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype

[2012/12/14 17:23:54 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2012/12/14 17:23:41 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2012/12/14 17:23:36 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2012/12/14 17:23:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax

[2012/12/14 17:23:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2012/12/14 17:23:30 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2012/12/14 17:23:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2012/12/14 17:23:18 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2012/12/14 17:23:13 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2012/12/14 17:22:49 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys

[2012/12/14 17:22:34 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax

[2012/12/14 17:22:34 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2012/12/14 17:22:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll

[2012/12/14 17:22:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll

[2012/12/14 17:22:34 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax

[2012/12/14 17:22:34 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2012/12/14 17:22:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax

[2012/12/14 17:22:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2012/12/14 17:22:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax

[2012/12/14 17:22:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax

[2012/12/14 17:22:23 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys

[2012/12/10 20:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Application Data\Apple Computer

[2012/12/10 20:35:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun

[2012/11/28 21:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime

[2012/11/28 20:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2012/11/28 20:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2012/11/28 20:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2012/11/28 20:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Local Settings\Application Data\Apple

[2012/11/28 20:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2012/11/28 20:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple

[2012/11/28 20:55:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Local Settings\Application Data\Apple Computer

[2012/11/24 14:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Local Settings\Application Data\Sun

[2012/11/24 12:51:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun

[2012/11/24 12:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/11/24 12:50:20 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012/11/24 12:50:20 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/11/24 12:50:19 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/11/24 12:50:19 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/11/24 12:49:44 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/11/24 12:49:44 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/11/24 12:49:43 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/11/24 12:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012/11/24 12:45:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Application Data\Sun

[2012/11/24 11:52:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2012/11/21 11:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee

[2012/11/08 21:33:28 | 000,259,072 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll

[2012/11/08 20:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Application Data\Google

[2012/11/08 20:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2012/11/08 20:19:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Local Settings\Application Data\Google

[2012/11/03 23:14:23 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/11/03 18:17:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IETldCache

[2012/11/03 12:45:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus

[2012/11/03 09:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan

[2012/11/03 09:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

[2012/11/03 09:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2012/11/03 09:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\My Documents\Downloads

[2012/11/03 09:38:44 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll

[2012/11/02 19:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Local Settings\Application Data\Mozilla

[2012/11/02 19:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tkitchen\Application Data\Mozilla

[2012/11/02 19:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012/11/02 19:47:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla

[2012/11/02 19:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/11/01 21:02:42 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll

[2012/10/25 04:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx

[2012/10/25 04:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/03 20:06:35 | 000,009,298 | ---- | M] () -- C:\Document.rtf

[2013/01/02 23:39:29 | 000,507,452 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/02 23:39:28 | 000,096,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/12/21 18:07:34 | 000,287,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012/12/19 16:04:53 | 000,296,405 | -H-- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.ACD.Recovery

[2012/12/19 15:24:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.Wrk

[2012/12/19 15:24:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.Sem

[2012/12/19 14:34:36 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\NewSta.RSS

[2012/12/19 14:28:48 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\NEWSTA_BAK050.RSS

[2012/12/19 14:08:48 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\NEWSTA_BAK049.RSS

[2012/12/19 12:48:48 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\NEWSTA_BAK048.RSS

[2012/12/18 22:44:38 | 000,019,609 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\YSL.JPG

[2012/12/18 22:44:18 | 000,401,390 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\YSL.bmp

[2012/12/18 18:02:52 | 000,044,698 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\ferragamo.jpg

[2012/12/17 16:57:12 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk

[2012/12/17 05:55:02 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/12/17 05:55:01 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012/12/16 10:38:01 | 000,069,058 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\fitcolor.jpg

[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll

[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll

[2012/12/14 17:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype

[2012/12/14 17:22:44 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories

[2012/12/14 09:01:04 | 000,338,657 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchDawn.ACD

[2012/12/14 08:55:49 | 000,338,613 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchDawn_BAK001.acd

[2012/12/13 19:24:20 | 000,338,497 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchDawn_BAK000.acd

[2012/12/13 19:10:34 | 000,338,431 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates_BAK014.acd

[2012/12/13 19:10:34 | 000,338,431 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.ACD

[2012/12/13 19:09:10 | 000,338,379 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates_BAK013.acd

[2012/12/13 19:01:58 | 000,337,975 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates_BAK012.acd

[2012/12/13 16:34:43 | 000,293,063 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearch.ACD

[2012/12/13 09:13:16 | 000,154,668 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest.ACD

[2012/12/12 17:11:19 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012/12/12 13:32:13 | 000,153,071 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest_BAK002.acd

[2012/12/12 13:23:27 | 000,128,975 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest_BAK001.acd

[2012/12/12 13:21:58 | 000,128,033 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest_BAK000.acd

[2012/12/12 09:52:58 | 000,143,500 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\Fatboy.ACD

[2012/12/12 09:52:36 | 000,121,423 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\Fatboy_BAK000.acd

[2012/12/10 07:14:33 | 003,825,644 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\G35FKFyo.gif

[2012/12/10 07:06:17 | 002,770,719 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\0TXgMBPZ.gif

[2012/11/28 23:04:20 | 000,005,763 | ---- | M] () -- C:\Words of the day.rtf

[2012/11/28 21:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime

[2012/11/28 20:56:27 | 000,001,830 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk

[2012/11/24 14:45:48 | 001,937,466 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\WGR614v9-V1.1.2.30NA.chk

[2012/11/24 14:41:20 | 001,937,466 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\WGR614v9-V1.1.2.30NA(1).chk

[2012/11/24 12:49:18 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/11/24 12:49:11 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/11/24 12:49:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/11/24 12:49:10 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/11/24 12:49:10 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/11/24 12:49:08 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/11/24 12:49:08 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012/11/24 11:53:01 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup

[2012/11/12 20:25:12 | 001,866,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys

[2012/11/12 20:25:12 | 001,866,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys

[2012/11/12 14:57:03 | 006,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2012/11/09 11:33:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/11/09 11:32:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/11/09 11:15:01 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad

[2012/11/09 10:43:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/11/09 10:43:33 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Signature Update.job

[2012/11/09 10:43:32 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Quick Scan.job

[2012/11/09 10:43:29 | 000,000,406 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2012/11/09 10:43:21 | 000,055,886 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001

[2012/11/08 21:40:50 | 000,003,036 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.js

[2012/11/08 21:40:50 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\tkitchen\Start Menu\Programs\Startup\runctf.lnk

[2012/11/08 21:33:31 | 000,259,072 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\tkitchen\wgsdgsdgdsgsd.dll

[2012/11/08 20:54:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/11/07 23:14:41 | 000,055,886 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat

[2012/11/03 12:45:57 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk

[2012/11/03 12:45:57 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012/11/03 12:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus

[2012/11/03 09:50:01 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk

[2012/11/03 09:50:00 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk

[2012/11/02 19:47:56 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\tkitchen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2012/11/02 19:47:56 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2012/11/02 19:47:56 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2012/11/02 17:56:56 | 149,155,880 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\thisl_beautifulmonster.zip

[2012/11/01 21:02:42 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll

[2012/11/01 21:02:42 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll

[2012/11/01 07:17:54 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2012/11/01 07:17:54 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2012/11/01 07:17:54 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl

[2012/11/01 07:17:54 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2012/11/01 07:17:54 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll

[2012/11/01 07:17:54 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll

[2012/11/01 07:17:54 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll

[2012/11/01 07:17:54 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2012/11/01 07:17:54 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll

[2012/11/01 07:17:54 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2012/11/01 07:17:54 | 000,521,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll

[2012/11/01 07:17:54 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2012/11/01 07:17:54 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll

[2012/11/01 07:17:54 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll

[2012/11/01 07:17:54 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2012/11/01 07:17:54 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll

[2012/11/01 07:17:54 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2012/11/01 07:17:54 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll

[2012/11/01 07:17:54 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2012/11/01 07:17:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll

[2012/11/01 07:17:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2012/11/01 07:17:53 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[2012/11/01 07:17:53 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll

[2012/11/01 07:17:53 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2012/11/01 07:17:53 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll

[2012/11/01 07:17:53 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe

[2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2012/10/31 19:35:34 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec

[2012/10/25 04:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx

[2012/10/25 04:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

[2012/10/12 16:42:33 | 000,131,072 | ---- | M] () -- C:\TOMTRO.RSS

[2012/10/12 16:42:27 | 000,095,232 | ---- | M] () -- C:\TOMTRO_BAK049.RSS

[2012/10/12 16:40:27 | 000,131,072 | ---- | M] () -- C:\TOMTRO_BAK048.RSS

[2012/10/12 14:34:13 | 000,131,072 | ---- | M] () -- C:\TOMTRO_BAK047.RSS

[2012/10/12 11:22:14 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\SAM.RSS

[2012/10/12 10:27:22 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\SAM_BAK154.RSS

[2012/10/12 10:23:05 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\SAM_BAK153.RSS

[2012/10/12 10:21:07 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\tkitchen\My Documents\SAM_BAK152.RSS

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/03 20:06:34 | 000,009,298 | ---- | C] () -- C:\Document.rtf

[2012/12/19 16:04:53 | 000,296,405 | -H-- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.ACD.Recovery

[2012/12/19 15:25:19 | 000,338,431 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates_BAK014.acd

[2012/12/19 15:24:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.Wrk

[2012/12/19 15:24:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates.Sem

[2012/12/19 14:34:35 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\NEWSTA_BAK050.RSS

[2012/12/19 14:09:26 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\NEWSTA_BAK049.RSS

[2012/12/19 12:55:06 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\NEWSTA_BAK048.RSS

[2012/12/18 22:44:38 | 000,019,609 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\YSL.JPG

[2012/12/18 22:44:18 | 000,401,390 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\YSL.bmp

[2012/12/18 22:17:17 | 001,937,466 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\WGR614v9-V1.1.2.30NA(1).chk

[2012/12/18 22:14:36 | 003,825,644 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\G35FKFyo.gif

[2012/12/18 22:14:36 | 000,069,058 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\fitcolor.jpg

[2012/12/18 22:14:36 | 000,044,698 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\ferragamo.jpg

[2012/12/18 22:14:24 | 002,770,719 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\0TXgMBPZ.gif

[2012/12/17 14:30:10 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\NewSta.RSS

[2012/12/14 17:28:05 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk

[2012/12/14 09:01:01 | 000,338,613 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchDawn_BAK001.acd

[2012/12/14 08:55:46 | 000,338,497 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchDawn_BAK000.acd

[2012/12/13 19:24:20 | 000,338,657 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchDawn.ACD

[2012/12/13 19:10:32 | 000,338,379 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates_BAK013.acd

[2012/12/13 19:09:08 | 000,337,975 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearchGates_BAK012.acd

[2012/12/13 16:34:40 | 000,271,108 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\TroSearch_BAK001.acd

[2012/12/13 09:13:14 | 000,153,071 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest_BAK002.acd

[2012/12/12 13:32:05 | 000,128,975 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest_BAK001.acd

[2012/12/12 13:23:12 | 000,154,668 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest.ACD

[2012/12/12 13:22:33 | 000,128,033 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\Miketest_BAK000.acd

[2012/12/12 09:52:49 | 000,121,423 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\Fatboy_BAK000.acd

[2012/12/12 09:52:20 | 000,143,500 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\Fatboy.ACD

[2012/11/30 08:54:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/11/28 20:56:27 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk

[2012/11/28 20:21:38 | 000,005,763 | ---- | C] () -- C:\Words of the day.rtf

[2012/11/24 14:45:46 | 001,937,466 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\WGR614v9-V1.1.2.30NA.chk

[2012/11/08 21:40:30 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\tkitchen\Start Menu\Programs\Startup\runctf.lnk

[2012/11/08 21:34:05 | 000,003,036 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.js

[2012/11/08 21:33:46 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad

[2012/11/03 23:14:26 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/11/03 09:50:53 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk

[2012/11/03 09:50:53 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012/11/03 09:50:01 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk

[2012/11/03 09:50:00 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk

[2012/11/02 19:47:56 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\tkitchen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2012/11/02 19:47:56 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2012/11/02 19:47:56 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2012/11/02 17:59:57 | 012,050,965 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\14 Hold On feat. Fitzgerald.mp3

[2012/11/02 17:59:53 | 008,999,872 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\13 I'm So Gone feat. Kenny Deshields.mp3

[2012/11/02 17:59:47 | 011,457,455 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\12 Signed Up To Die.mp3

[2012/11/02 17:59:42 | 011,490,907 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\11 It's Not About Me feat. Pettidee.mp3

[2012/11/02 17:59:37 | 009,725,023 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\10 Hey Moma feat. Fitzgerald.mp3

[2012/11/02 17:59:33 | 012,481,456 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\09 Money, Money, Money.mp3

[2012/11/02 17:59:29 | 009,266,303 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\08 My Radio On Drugs.mp3

[2012/11/02 17:59:23 | 011,351,935 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\07 No Walls (Set It Off) feat. Alcam.mp3

[2012/11/02 17:59:17 | 010,758,419 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\06 Hope Road feat. Jai.mp3

[2012/11/02 17:59:13 | 010,917,255 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\05 Beautiful Mind feat. Pastor AD3.mp3

[2012/11/02 17:59:07 | 010,272,552 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\04 Beautiful Monster feat. Swoope.mp3

[2012/11/02 17:59:05 | 011,242,196 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\03 First 48.mp3

[2012/11/02 17:58:58 | 009,827,418 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\02 Let it Knock feat. Pro.mp3

[2012/11/02 17:58:55 | 009,958,023 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\01 Beautiful Music.mp3

[2012/11/02 17:58:49 | 010,449,145 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\15 I Need You feat. Michelle Bonilla.mp3

[2012/11/02 17:36:29 | 149,155,880 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\thisl_beautifulmonster.zip

[2012/10/12 16:42:33 | 000,095,232 | ---- | C] () -- C:\TOMTRO_BAK049.RSS

[2012/10/12 16:42:15 | 000,131,072 | ---- | C] () -- C:\TOMTRO_BAK048.RSS

[2012/10/12 14:40:04 | 000,131,072 | ---- | C] () -- C:\TOMTRO_BAK047.RSS

[2012/10/12 10:40:47 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\SAM_BAK154.RSS

[2012/10/12 10:27:22 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\SAM_BAK153.RSS

[2012/10/12 10:22:57 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\tkitchen\My Documents\SAM_BAK152.RSS

[2012/03/21 12:57:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/03/14 09:47:03 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2012/01/25 20:19:48 | 000,000,262 | ---- | C] () -- C:\WINDOWS\SlRegEDS.ini

[2012/01/25 17:48:27 | 000,000,261 | ---- | C] () -- C:\WINDOWS\RLEIcons.ini

[2012/01/25 15:41:16 | 000,001,985 | ---- | C] () -- C:\WINDOWS\EDS.ini

[2012/01/25 15:26:20 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\tkitchen\Local Settings\Application Data\fusioncache.dat

[2012/01/25 14:20:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\Rocksoft.ini

[2011/06/02 08:55:35 | 000,001,166 | RHS- | C] () -- C:\Documents and Settings\rkadmin\ntuser.pol

[2011/06/01 14:38:19 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL

[2011/06/01 14:38:19 | 000,000,166 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2011/05/31 16:25:41 | 000,055,886 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat

[2011/05/31 16:22:33 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2011/05/31 16:22:32 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2011/05/31 16:22:32 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2011/05/31 16:22:30 | 001,018,748 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin

[2011/05/31 16:22:30 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2011/05/31 16:22:28 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2011/05/31 16:22:27 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2011/05/31 16:22:22 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2011/05/31 16:22:19 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2011/05/31 16:20:25 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe

[2011/05/31 16:01:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/05/31 15:50:44 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2011/05/31 10:27:14 | 000,004,313 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/05/31 10:25:43 | 000,287,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/09/24 18:21:46 | 000,036,472 | ---- | C] () -- C:\WINDOWS\System32\LINXVDD.DLL

[2010/09/24 16:38:44 | 000,007,449 | ---- | C] () -- C:\WINDOWS\System32\drivers\SDDHP.BIN

[2010/09/24 16:38:44 | 000,006,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\slcnewkt.bin

[2010/09/24 16:38:44 | 000,005,433 | ---- | C] () -- C:\WINDOWS\System32\drivers\SDDH.BIN

[2010/09/24 16:38:42 | 000,001,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCMKST3.BIN

[2010/09/24 16:38:42 | 000,001,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCMKST1.BIN

[2010/09/24 16:38:42 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCMKST2.BIN

[2010/09/24 16:38:40 | 000,015,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCMK485.BIN

[2010/09/24 16:38:40 | 000,015,557 | ---- | C] () -- C:\WINDOWS\System32\drivers\KTX485.BIN

[2010/09/24 16:38:40 | 000,009,282 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCMKPCL.BIN

[2010/09/24 16:38:40 | 000,009,139 | ---- | C] () -- C:\WINDOWS\System32\drivers\KTXPCL.BIN

[2010/09/24 16:38:40 | 000,001,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\KTXST1.BIN

[2010/09/24 16:38:40 | 000,000,301 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCMKST0.BIN

[2010/09/24 16:38:40 | 000,000,301 | ---- | C] () -- C:\WINDOWS\System32\drivers\KTXST0.BIN

[2010/09/24 16:38:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\KTC.BIN

[2010/09/24 16:38:38 | 000,007,575 | ---- | C] () -- C:\WINDOWS\System32\drivers\KLPCL.BIN

[2010/09/24 16:38:38 | 000,001,825 | ---- | C] () -- C:\WINDOWS\System32\drivers\KT2ST2.BIN

[2010/09/24 16:38:38 | 000,001,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\KLST2.BIN

[2010/09/24 16:38:38 | 000,001,801 | ---- | C] () -- C:\WINDOWS\System32\drivers\KT2ST1.BIN

[2010/09/24 16:38:38 | 000,001,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\KLST1.BIN

[2010/09/24 16:38:38 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\KLST0.BIN

[2010/09/24 16:38:38 | 000,000,177 | ---- | C] () -- C:\WINDOWS\System32\drivers\KT2ST0.BIN

[2006/11/09 16:07:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll

[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll

[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/04 05:00:00 | 000,507,452 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/04 05:00:00 | 000,096,632 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[1997/02/27 06:04:24 | 000,198,680 | ---- | C] () -- C:\WINDOWS\System32\WL40ENT.DLL

[1997/02/27 06:04:10 | 000,023,064 | ---- | C] () -- C:\WINDOWS\System32\WTR40T.DLL

========== LOP Check ==========

[2012/02/06 10:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tkitchen\Application Data\Rockwell Software

[2012/01/25 14:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNP

[2012/03/14 09:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rockwell

[2012/01/25 15:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rockwell Automation

[2012/03/14 09:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WFCU

[2012/11/09 10:43:32 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job

[2012/11/09 10:43:29 | 000,000,406 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

[2012/11/09 10:43:33 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Signature Update.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2011/05/31 15:56:17 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/05/31 15:45:47 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2011/05/31 15:56:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2013/01/03 20:06:35 | 000,009,298 | ---- | M] () -- C:\Document.rtf

[2011/05/31 15:56:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2011/05/31 15:56:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2011/06/01 12:09:51 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2012/11/09 11:29:04 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

[2012/10/12 16:42:33 | 000,131,072 | ---- | M] () -- C:\TOMTRO.RSS

[2012/10/12 14:34:13 | 000,131,072 | ---- | M] () -- C:\TOMTRO_BAK047.RSS

[2012/10/12 16:40:27 | 000,131,072 | ---- | M] () -- C:\TOMTRO_BAK048.RSS

[2012/10/12 16:42:27 | 000,095,232 | ---- | M] () -- C:\TOMTRO_BAK049.RSS

[2012/11/28 23:04:20 | 000,005,763 | ---- | M] () -- C:\Words of the day.rtf

< MD5 for: EXPLORER.EXE >

[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe

[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES.EXE >

[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe

[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

[2009/02/06 05:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe

[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe

[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe

[2004/08/04 05:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: USERINIT.EXE >

[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >

[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< End of report >

January 9, 2013

Booting up my laptop with it now.

January 9, 2013

Yes I do I have two of these laptops the other is fine and can burn.

January 9, 2013

I got the FBI moneypak virus, it still comes up using safe mode. it comes up as soon as it starts not giving me time to do anything. Im running Windows XP.

Thanks for you help!

Sign In

Andrew12

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Posts posted by Andrew12

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

FBI moneypak virus Windows XP

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information