[Yossie]

Hi,
As other forum members, I had google tracking virus on my system, and the antivirus (nod32) also notified that my explorer.exe and winlogon.exe are infected. I've run hitman pro 3 and since its reboot, the system just keep rebooting. I can see the windows start screen, but when the login box suppose to appear, the computer just restarts itself.

I've been reading in your forum about similiar problems but understood the solution are specific for every operated system and didn't won't to try it on my own without your advice.

I've allready got OTPLE recovering disc running from USB flash disk (my CDROM is not working),
So I guess I suppose to wait for your further instructions.

I would really appreciate any advice you can provide me.

Thanks a lot,
Yossi.

[Advertisements]

Attached MY OTL Log after applying scan.txt custom Scan:

OTL logfile created on: 11/23/2010 7:38:10 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102.78 Gb Total Space | 18.43 Gb Free Space | 17.93% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 222.18 Gb Free Space | 23.85% Space Free | Partition Type: NTFS
Drive E: | 195.30 Gb Total Space | 3.73 Gb Free Space | 1.91% Space Free | Partition Type: NTFS
Drive F: | 4.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 14.83 Gb Total Space | 5.10 Gb Free Space | 34.39% Space Free | Partition Type: FAT32
Drive X: | 957.56 Mb Total Space | 640.56 Mb Free Space | 66.90% Space Free | Partition Type: FAT

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/11/22 18:30:58 | 006,387,008 | ---- | M] (SurfRight B.V.) [Auto] -- C:\Documents and Settings\Zikit\My Documents\Downloads\HitmanPro35.exe -- (HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot)
SRV - [2010/10/15 19:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/18 11:09:37 | 000,030,192 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/05/04 18:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto] -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/03/29 12:16:36 | 000,033,560 | ---- | M] (ESET) [On_Demand] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010/03/29 12:12:18 | 000,810,120 | ---- | M] (ESET) [Auto] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/11/17 02:43:57 | 000,130,560 | ---- | M] (Unison Play) [Auto] -- C:\Program Files\UnisonPlay\UniFSService.exe -- (UniFS)
SRV - [2009/10/06 22:31:18 | 000,035,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\aspnet_state.exe -- (aspnet_state)
SRV - [2009/10/06 19:44:58 | 000,752,984 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2009/10/06 19:44:58 | 000,129,856 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe -- (clr_optimization_v4.0.21006_32)
SRV - [2009/03/04 03:25:12 | 000,621,056 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/02/01 11:23:25 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2004/03/18 09:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\yufbvpxj.sys -- (yufbvpxj)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (upperdev)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\uiegguww.sys -- (uiegguww)
DRV - File not found [Kernel | Boot] -- -- (ruteix)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\rbukhjub.sys -- (rbukhjub)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\ketounsb.sys -- (ketounsb)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\jnwcptay.sys -- (jnwcptay)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (hwusbfake)
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\gmmfbllz.sys -- (gmmfbllz)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\dbifuocj.sys -- (dbifuocj)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/10/16 13:55:00 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/03/29 12:13:44 | 000,095,872 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010/03/29 12:12:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/03/29 12:07:30 | 000,140,216 | ---- | M] (ESET) [File_System | Auto] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/12/23 06:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/10/30 08:39:44 | 000,384,576 | ---- | M] (BEHRINGER) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BUSB2902.sys -- (BEHRINGER_2902)
DRV - [2009/10/30 08:39:44 | 000,039,488 | ---- | M] (BEHRINGER) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\busbwdm.sys -- (BUSB_AUDIO_WDM)
DRV - [2009/10/20 13:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/10/20 10:47:18 | 000,056,832 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\AvidXPSerial.sys -- (Serial)
DRV - [2009/05/27 04:31:44 | 000,584,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008/11/21 04:42:21 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/08/26 02:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/28 10:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/13 15:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 15:46:08 | 000,049,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mstape.sys -- (MSTAPE)
DRV - [2008/04/13 15:46:08 | 000,013,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/27 02:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2007/04/23 08:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/23 08:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007/04/23 08:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007/04/23 08:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007/04/23 08:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2007/04/16 07:16:26 | 005,760,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/04/03 06:57:54 | 000,099,080 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007/04/03 06:57:52 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007/04/03 06:57:52 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007/04/03 06:57:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/03 06:57:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007/04/03 06:57:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007/04/03 06:57:42 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2006/08/14 14:09:48 | 000,083,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2005/05/09 12:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2002/11/08 10:56:28 | 000,238,080 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpp106.sys -- (SNPP106) PC Camera (6029 CIF)
DRV - [2002/10/15 15:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 01:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)
DRV - [2002/07/17 01:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (ASPI)
DRV - [2001/11/06 19:00:00 | 000,166,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\webc3vid.sys -- (CTL511Plus) Video Blaster WebCam 3/WebCam Plus (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A D9 C6 74 FE 78 CB 01 [binary data]
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Zikit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Zikit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/30 17:35:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/15 11:05:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/09 15:38:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/11/22 17:51:46 | 000,000,000 | ---D | M]

[2010/11/22 17:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/12 09:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/12/05 15:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2010/10/27 09:50:31 | 000,001,960 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\morfix-dic.xml
[2010/10/27 09:50:31 | 000,001,008 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-he.xml

O1 HOSTS File: ([2010/11/21 16:47:01 | 000,332,195 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 0.0.0.0 ar.atwola.com
O1 - Hosts: 0.0.0.0 atdmt.com
O1 - Hosts: 0.0.0.0 awaps.net
O1 - Hosts: 0.0.0.0 click.atdmt.com
O1 - Hosts: 0.0.0.0 clicks.atdmt.com
O1 - Hosts: 0.0.0.0 engine.awaps.net
O1 - Hosts: 0.0.0.0 spd.atdmt.com
O1 - Hosts: 0.0.0.0 www.awaps.net
O1 - Hosts: 0.0.0.0 www.norton.com
O1 - Hosts: 11339 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Zikit_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [Hebrew] C:\Program Files\הפוך על הפוך\hebrew.exe (freeware.co.i l עודד יחזקאל )
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\Zikit_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Zikit_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.ims.tau....Inc/ScriptX.cab (MeadCo ScriptX)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...4/uploader2.cab (UploadListView Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1187892702656 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebo...Uploader4_5.cab (Facebook Photo Uploader 4)
O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} http://www.tapuz.co....in/launcher.cab (LauncherV1 Class)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://sslvpn.boein...perSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} http://irc.nana10.co.../launcher39.cab (LauncherV1 Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/23 12:39:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/07/16 12:03:18 | 000,000,206 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/11/23 19:36:46 | 000,000,377 | ---- | M] () - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

========== Files/Folders - Created Within 30 Days ==========

[2010/11/23 19:37:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/11/23 19:37:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/11/22 18:37:36 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/11/22 17:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Local Settings\Application Data\ESET
[2010/11/22 17:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\ESET
[2010/11/22 17:38:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010/11/22 14:03:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/11/22 14:03:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\PrivacIE
[2010/11/22 11:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Trend Micro
[2010/11/22 10:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/21 14:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\AVG
[2010/11/21 14:36:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\AVG10
[2010/11/21 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/11/21 13:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\Malwarebytes
[2010/11/21 13:15:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\Favorites
[2010/11/17 04:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2010/11/15 18:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\My Documents\Avid Projects
[2010/11/15 18:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\Avid
[2010/11/15 17:52:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MEDIA
[2010/11/15 17:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE
[2010/11/15 17:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SafeNet Sentinel
[2010/11/15 17:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Digidesign
[2010/11/15 17:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Avid
[2010/11/15 17:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Licenses
[2010/11/15 17:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Avid
[2010/11/15 11:46:35 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2010/11/15 11:46:35 | 000,308,224 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2010/11/15 11:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\WMR14
[2010/11/15 11:38:31 | 000,000,000 | ---D | C] -- C:\hidownload
[2010/11/15 11:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010/11/15 11:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\StreamingStar
[2010/11/15 11:16:09 | 000,440,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSHFLXGD.OCX
[2010/11/15 11:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Videophile II
[2010/11/15 06:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/15 06:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/15 06:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/13 11:06:56 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstape.sys
[2010/11/13 11:06:56 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/11/13 11:06:56 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\avcstrm.sys
[2010/11/13 11:06:56 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/11/12 11:13:54 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010/11/12 11:13:54 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2010/11/12 11:13:54 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2010/11/12 11:13:54 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/11/12 11:13:53 | 013,012,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010/11/12 11:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/11/12 11:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\vlc
[2010/11/12 11:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\SystemRequirementsLab
[2010/11/07 09:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010/11/03 05:09:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/02 08:32:59 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr90.dll
[2010/11/01 14:19:41 | 000,584,832 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTL8192su.sys
[2010/10/31 07:56:01 | 000,039,488 | ---- | C] (BEHRINGER) -- C:\WINDOWS\System32\drivers\busbwdm.sys
[2010/10/26 14:56:52 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/26 14:56:52 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/26 14:56:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/26 08:39:05 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2008/01/16 16:39:39 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Zikit\Application Data\pcouffin.sys
[2004/11/24 13:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/23 07:34:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/22 18:37:36 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/11/22 18:37:36 | 000,001,568 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2010/11/22 18:31:57 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/11/22 18:28:00 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/22 18:15:21 | 000,000,870 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/22 18:15:10 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\FABVN.job
[2010/11/22 17:56:01 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-484763869-725345543-1003UA.job
[2010/11/22 16:51:30 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/22 11:34:59 | 000,505,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/22 11:34:59 | 000,088,504 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/22 11:14:52 | 000,329,423 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\tmsshf.bin
[2010/11/22 08:17:00 | 000,185,856 | ---- | M] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/22 07:56:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-484763869-725345543-1003Core.job
[2010/11/22 07:41:51 | 058,806,511 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Dkira Pride.wmv
[2010/11/22 07:33:53 | 000,015,264 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Dkira Pride.veg
[2010/11/22 05:51:28 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/11/21 16:58:44 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Zikit\PUTTY.RND
[2010/11/21 16:55:08 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/11/21 16:55:08 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/11/21 16:55:06 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/11/21 16:47:01 | 000,332,195 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/21 14:44:50 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/11/21 13:31:02 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\rkill.com
[2010/11/21 13:07:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/21 13:01:12 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Zikit\Application Data\install
[2010/11/21 13:00:25 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/11/20 03:53:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/18 12:35:29 | 000,002,417 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Microsoft Office Word 2003.lnk
[2010/11/18 02:56:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/17 04:30:35 | 000,076,120 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/15 18:05:57 | 002,410,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/15 11:45:44 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1
[2010/11/15 11:44:47 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\WM Converter 14.lnk
[2010/11/15 07:53:57 | 000,130,784 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\578380794.pdf
[2010/11/15 05:11:58 | 000,497,629 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Generator-The Holloways.m4r
[2010/11/12 11:14:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/11/11 16:25:06 | 000,206,065 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/09 16:03:01 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/09 15:52:06 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\RemoveWGA.exe
[2010/11/07 09:56:42 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\SopCast.lnk
[2010/11/07 09:56:03 | 005,279,114 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\SopCast-3.2.9.zip
[2010/11/06 18:56:52 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Google Chrome.lnk
[2010/11/06 18:56:52 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/04 16:52:17 | 000,037,316 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Prodev-tickets.pdf
[2010/11/04 07:42:45 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager Yossi Erdman.doc
[2010/11/04 07:40:38 | 000,014,641 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager.docx
[2010/11/03 19:14:06 | 118,011,586 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0666.MOV
[2010/11/03 18:44:18 | 135,583,966 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0658.MOV
[2010/11/03 05:08:46 | 002,458,937 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\TweetDeck_0_35.3.air
[2010/11/02 08:32:05 | 000,319,404 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\msvcr90.dll.zip
[2010/11/02 08:00:31 | 039,905,944 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Hamekaplot.m4v
[2010/10/31 08:00:22 | 000,000,159 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat
[2010/10/31 07:55:09 | 000,732,987 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\BEHRINGER_2902_WIN32_2.8.40.zip
[2010/10/26 20:06:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/26 15:03:33 | 002,005,148 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2010/10/26 15:01:04 | 000,020,236 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Lie To Me_3x04_HDTV.LOL.en.zip
[2010/10/25 13:48:56 | 000,045,627 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Boardwalk.zip
[2010/10/25 13:42:05 | 000,021,390 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\desperate.zip
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/22 18:37:36 | 000,001,568 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/11/22 18:31:57 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/11/22 17:02:24 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\rkill.com
[2010/11/22 14:02:53 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\Zikit\TmInstall.log
[2010/11/22 07:34:42 | 058,806,511 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\Dkira Pride.wmv
[2010/11/22 07:33:53 | 000,015,264 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Dkira Pride.veg
[2010/11/21 14:44:50 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/11/21 13:01:12 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\install
[2010/11/21 13:01:07 | 000,000,302 | -HS- | C] () -- C:\WINDOWS\tasks\FABVN.job
[2010/11/15 17:57:12 | 000,048,108 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\AfterEffectsEMP_install.log
[2010/11/15 11:45:44 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\-1
[2010/11/15 11:44:47 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\WM Converter 14.lnk
[2010/11/15 07:53:56 | 000,130,784 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\578380794.pdf
[2010/11/15 05:11:52 | 000,497,629 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\Generator-The Holloways.m4r
[2010/11/12 11:14:17 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/11/12 11:14:15 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/11/12 11:14:15 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/11/12 11:14:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/11/12 11:13:54 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/11/12 11:13:54 | 000,003,739 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/11/09 16:03:01 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/09 15:52:05 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\RemoveWGA.exe
[2010/11/07 09:56:42 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\SopCast.lnk
[2010/11/07 09:55:54 | 005,279,114 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\SopCast-3.2.9.zip
[2010/11/04 16:52:16 | 000,037,316 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Prodev-tickets.pdf
[2010/11/04 07:40:58 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager Yossi Erdman.doc
[2010/11/04 06:55:30 | 000,014,641 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager.docx
[2010/11/03 19:14:06 | 118,011,586 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0666.MOV
[2010/11/03 18:44:18 | 135,583,966 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0658.MOV
[2010/11/03 05:08:31 | 002,458,937 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\TweetDeck_0_35.3.air
[2010/11/02 08:32:04 | 000,319,404 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\msvcr90.dll.zip
[2010/11/02 07:59:26 | 039,905,944 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Hamekaplot.m4v
[2010/10/31 08:00:22 | 000,000,159 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat
[2010/10/31 07:55:06 | 000,732,987 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\BEHRINGER_2902_WIN32_2.8.40.zip
[2010/10/26 15:01:04 | 000,020,236 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\Lie To Me_3x04_HDTV.LOL.en.zip
[2010/10/25 13:48:55 | 000,045,627 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Boardwalk.zip
[2010/10/25 13:42:05 | 000,021,390 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\desperate.zip
[2010/07/10 12:21:42 | 000,000,011 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2010/05/02 03:03:41 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/12/27 11:37:06 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/20 13:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/10/20 10:47:18 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AvidXPSerial.sys
[2009/10/05 10:09:42 | 001,658,973 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2009/10/05 10:09:42 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\PtSSE2.dll
[2009/10/05 10:09:42 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2009/09/20 09:04:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/07/10 03:27:13 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\vso_ts_preview.xml
[2009/04/24 04:32:56 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2009/04/21 16:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/01/05 04:50:32 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/12/12 08:23:20 | 000,000,445 | ---- | C] () -- C:\Documents and Settings\Zikit\WinKawaks.rom
[2008/12/12 08:22:55 | 000,005,647 | ---- | C] () -- C:\Documents and Settings\Zikit\WinKawaks.ini
[2008/12/04 16:51:47 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaiheop.ini
[2008/12/04 16:48:20 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihebi.ini
[2008/12/04 16:48:07 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihelo.ini
[2008/12/04 16:47:01 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihedd.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihemd.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaiheki.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihejc.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihefp.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaiheej.ini
[2008/11/15 20:07:47 | 000,000,584 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008/09/11 16:15:03 | 000,000,529 | ---- | C] () -- C:\WINDOWS\dvdtoaviconverter2.ini
[2008/08/18 23:06:44 | 000,000,720 | ---- | C] () -- C:\WINDOWS\avscan.ini
[2008/06/11 14:54:29 | 000,001,236 | RHS- | C] () -- C:\Documents and Settings\Zikit\ntuser.pol
[2008/05/16 13:31:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/05/08 06:09:37 | 000,000,237 | ---- | C] () -- C:\WINDOWS\sripper.ini
[2008/05/08 06:09:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\StreamRipper32.INI
[2008/04/27 09:53:55 | 000,000,209 | ---- | C] () -- C:\WINDOWS\wldtlk4.ini
[2008/04/12 17:10:59 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2008/04/12 17:10:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008/04/12 17:10:58 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2008/03/18 08:18:30 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Zikit\PUTTY.RND
[2008/01/16 16:39:45 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\pcouffin.log
[2008/01/16 16:39:39 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\inst.exe
[2008/01/16 16:39:39 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\pcouffin.cat
[2008/01/16 16:39:39 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\pcouffin.inf
[2008/01/01 15:48:57 | 000,015,494 | ---- | C] () -- C:\WINDOWS\snpp106.ini
[2008/01/01 15:48:56 | 000,238,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpp106.sys
[2008/01/01 15:48:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dsnpp106.dll
[2008/01/01 15:48:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\vsnpp106.dll
[2007/12/24 05:40:26 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/12/22 14:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/12/04 13:34:01 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2007/12/04 13:32:17 | 000,001,601 | ---- | C] () -- C:\WINDOWS\Graffiti4.0.ini
[2007/12/03 17:50:15 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/12/03 17:50:15 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007/12/03 17:50:15 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007/12/03 17:50:15 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/12/03 17:50:15 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007/12/03 08:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/12/01 05:43:30 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/11/25 10:48:23 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/10/24 03:39:32 | 002,715,366 | ---- | C] () -- C:\Program Files\wax20e.zip
[2007/10/24 03:27:34 | 001,339,608 | ---- | C] () -- C:\Program Files\VirtualDub-1.7.6.zip
[2007/10/06 18:26:26 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Zikit\default.pls
[2007/09/09 12:33:11 | 000,007,307 | ---- | C] () -- C:\Documents and Settings\Zikit\intlname.ols
[2007/09/09 06:01:06 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/08 04:04:32 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\fusioncache.dat
[2007/09/07 18:00:37 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\systemCurUses
[2007/09/07 18:00:37 | 000,000,006 | -HS- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\systemHdID
[2007/08/28 15:38:50 | 000,014,211 | ---- | C] () -- C:\WINDOWS\twacker.ini
[2007/08/25 05:56:51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2007/08/23 19:28:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/08/23 19:00:01 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ideq32.ini
[2007/08/23 18:09:02 | 000,185,856 | ---- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/23 13:24:53 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/08/23 13:01:10 | 000,000,576 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/08/06 04:07:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2006/02/28 13:17:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/12/30 12:10:30 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/10/03 11:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003/01/07 08:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/05/02 18:48:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Softland
[2010/05/02 05:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2009/05/16 13:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\ACD Systems
[2007/12/06 14:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Atari
[2010/11/21 16:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\AVG
[2010/11/21 14:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\AVG10
[2010/11/15 18:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Avid
[2010/11/21 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Azwi
[2010/01/14 16:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\BSplayer PRO
[2008/04/12 17:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\concept design
[2008/11/21 04:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\DAEMON Tools
[2009/04/16 18:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2010/11/22 11:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Dropbox
[2010/11/22 17:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\ESET
[2007/09/28 15:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\GetRightToGo
[2007/09/14 11:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Juniper Networks
[2007/11/30 05:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\MCMPEGEnc
[2009/10/16 06:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\NCH Swift Sound
[2009/06/12 08:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Nokia
[2010/11/21 16:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\nView_Wallpaper
[2010/11/20 13:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Ovhove
[2010/11/15 18:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\PACE Anti-Piracy
[2009/06/12 08:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\PC Suite
[2010/05/02 04:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\PrimoPDF
[2009/10/30 07:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Publish Providers
[2010/11/21 14:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Qyatyh
[2010/02/23 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\RayV
[2010/05/02 05:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Softland
[2010/03/05 08:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Sony
[2010/03/05 07:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Sony Creative Software
[2007/11/30 16:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\SorensonMedia
[2010/10/22 05:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Steinberg
[2010/11/12 11:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\SystemRequirementsLab
[2010/10/23 16:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Teleca
[2009/04/13 15:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2010/11/03 05:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/21 13:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Tyydse
[2010/11/22 17:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\uTorrent
[2010/05/06 02:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Vso
[2008/04/08 03:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Waves Audio
[2010/11/15 18:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Waves Preferences
[2010/11/22 18:15:10 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\FABVN.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE >
[2009/12/28 15:30:11 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=5F381155DC979809B422432F86003581 -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2009/04/09 07:22:09 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/06/06 05:27:49 | 001,830,912 | ---- | M] () -- C:\27711187.aac
[2010/06/06 05:27:49 | 086,011,904 | ---- | M] () -- C:\27711187.m4v
[2010/11/15 18:04:33 | 000,016,692 | ---- | M] () -- C:\aaw7boot.log
[2010/06/06 03:27:39 | 2710,580,452 | ---- | M] () -- C:\Assaf Mitzva_Final.avi
[2010/06/06 08:47:56 | 001,071,904 | ---- | M] () -- C:\Assaf Mitzva_Final.avi.sfk
[2007/08/23 12:39:52 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/07 14:51:00 | 078,280,110 | ---- | M] () -- C:\BlackEyedPeas.wav
[2007/08/23 12:35:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2007/08/23 12:39:52 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/28 17:14:49 | 000,777,532 | ---- | M] () -- C:\Crocker Portrait NEW.mp3
[2009/04/24 04:29:19 | 000,002,464 | ---- | M] () -- C:\Cucu_Video_log.txt
[2007/08/23 12:39:52 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/08/23 12:39:52 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/12 20:15:10 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/23 13:00:09 | 000,196,982 | ---- | M] () -- C:\OTL.Txt
[2009/10/11 14:39:39 | 028,656,442 | ---- | M] () -- C:\output.wav
[2009/05/08 20:45:37 | 006,630,323 | ---- | M] () -- C:\outside the box patih.mp3
[2010/11/23 07:34:50 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/04/28 16:55:45 | 009,453,399 | ---- | M] () -- C:\Portrait - Hakol Mevina.MP3
[2010/11/22 18:03:29 | 000,000,505 | ---- | M] () -- C:\rkill.log
[2010/06/05 18:38:08 | 002,029,725 | ---- | M] () -- C:\ScreenCapture.mov
[2008/01/01 15:51:02 | 000,230,408 | ---- | M] () -- C:\SNPP106.RAW
[2007/09/07 15:19:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/01/14 05:15:32 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/03/27 07:14:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2007/09/07 15:19:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/01/14 05:15:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/03/27 07:14:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2007/12/03 10:21:25 | 000,003,905 | ---- | M] () -- C:\statistics.xml
[2008/04/06 23:04:28 | 000,000,003 | ---- | M] () -- C:\TCPCheckResult.txt
[2009/10/14 12:18:28 | 023,625,626 | ---- | M] () -- C:\Tijuana SOng.wav
[2007/10/05 02:41:00 | 000,033,792 | ---- | M] () -- C:\[.doc
[2007/11/10 04:51:05 | 000,001,167 | ---- | M] () -- C:\_Sid.txt

< %systemroot%\*. /mp /s >

< CREATERESTOREPOINT >

< %systemroot%\System32\config\*.sav >
[2007/08/23 19:26:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/08/23 19:26:37 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/08/23 19:26:37 | 000,921,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
"NoAutoRebootWithLoggedOnUsers" = 1

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-09 21:04:03

========== Files - Unicode (All) ==========
[2010/11/22 14:52:48 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$וליק טיאר פרומו.doc
[2010/11/22 14:52:48 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$וליק טיאר פרומו.doc
[2010/11/22 14:38:24 | 000,020,480 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שמוליק טיאר פרומו.doc
[2010/11/22 14:38:23 | 000,020,480 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שמוליק טיאר פרומו.doc
[2010/11/22 11:45:27 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????) -- C:\Documents and Settings\Zikit\My Documents\הקבצים שלי שהתקבלו
[2010/11/16 18:09:44 | 000,000,108 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?????.txt) -- C:\Documents and Settings\Zikit\My Documents\שאלות לרואה חשבון.txt
[2010/11/16 18:09:44 | 000,000,108 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?????.txt) -- C:\Documents and Settings\Zikit\My Documents\שאלות לרואה חשבון.txt
[2010/11/06 08:03:37 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\Desktop\???) -- C:\Documents and Settings\Zikit\Desktop\ארי
[2010/11/03 04:58:18 | 000,038,912 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום אוקטובר 10.doc
[2010/11/02 06:04:38 | 000,065,024 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????????? ???? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינויות יוסי ארדמן אוקטובר 10.doc
[2010/11/02 05:54:41 | 000,031,744 | ---- | M] ()(C:\Documents and Settings\Zikit\Desktop\????????? ?????????? ????? ??????? 2010.xls) -- C:\Documents and Settings\Zikit\Desktop\קריינויות ופרוייקטים לרדיו אוקטובר 2010.xls
[2010/11/02 05:47:42 | 000,038,912 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום אוקטובר 10.doc
[2010/11/02 05:38:22 | 000,065,024 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????????? ???? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינויות יוסי ארדמן אוקטובר 10.doc
[2010/10/24 08:05:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\Desktop\?????? ?????) -- C:\Documents and Settings\Zikit\Desktop\תמונות למצגת
[2010/10/24 06:44:28 | 000,031,744 | ---- | C] ()(C:\Documents and Settings\Zikit\Desktop\????????? ?????????? ????? ??????? 2010.xls) -- C:\Documents and Settings\Zikit\Desktop\קריינויות ופרוייקטים לרדיו אוקטובר 2010.xls
[2010/08/28 08:40:59 | 001,556,480 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.pps) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.pps
[2010/08/28 08:40:58 | 001,556,480 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.pps) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.pps
[2010/08/28 08:40:36 | 002,466,304 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.ppt
[2010/08/28 04:59:47 | 000,072,192 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שרים עם המלכה.doc
[2010/08/28 03:55:06 | 002,466,304 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.ppt
[2010/08/28 01:51:47 | 000,072,192 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שרים עם המלכה.doc
[2010/08/22 03:26:24 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\Desktop\?????? ?????) -- C:\Documents and Settings\Zikit\Desktop\תמונות למצגת
[2010/06/21 04:20:43 | 000,032,768 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\הביטלס עובדות ועניינים.doc
[2010/06/21 03:56:53 | 000,032,768 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\הביטלס עובדות ועניינים.doc
[2010/05/12 16:24:50 | 000,016,896 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\זמני ריקודים להקה.xls
[2010/05/12 16:24:50 | 000,016,896 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\זמני ריקודים להקה.xls
[2010/05/03 03:10:34 | 000,164,796 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר מעודכנת חסויות לובינסקי זרמון.pdf
[2010/05/03 03:10:33 | 000,164,796 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר מעודכנת חסויות לובינסקי זרמון.pdf
[2010/05/03 03:09:46 | 000,034,816 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.doc
[2010/05/02 05:52:48 | 000,162,342 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.pdf
[2010/05/02 05:51:39 | 000,162,342 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.pdf
[2010/05/02 05:38:50 | 000,034,816 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.doc
[2010/05/02 04:49:06 | 000,037,376 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:27:02 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:27:02 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:27:01 | 000,037,376 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:05:52 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת תשלום ון אמדן.doc
[2010/05/02 03:05:52 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת תשלום ון אמדן.doc
[2010/04/20 03:09:04 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עורי בית.doc
[2010/04/20 03:09:04 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עורי בית.doc
[2010/04/20 03:08:54 | 000,102,912 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעורי בית.doc
[2010/04/20 03:08:53 | 000,102,912 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעורי בית.doc
[2010/03/14 12:38:22 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$?? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עת מחיר סלקום.doc
[2010/03/14 12:38:22 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$?? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עת מחיר סלקום.doc
[2010/01/10 07:25:58 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2010/01/10 07:25:58 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2010/01/10 07:25:53 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2010/01/10 07:25:52 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2009/12/18 13:49:11 | 002,109,952 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ???? ????? ?????? ????'? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תכירו את יוסי ארדמן בוואלה ברנז'ה תיעוד.doc
[2009/12/18 13:49:11 | 002,109,952 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ???? ????? ?????? ????'? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תכירו את יוסי ארדמן בוואלה ברנז'ה תיעוד.doc
[2009/12/17 06:18:26 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ללת סלע לשידור 151209.doc
[2009/12/17 06:18:26 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ללת סלע לשידור 151209.doc
[2009/12/17 06:18:17 | 000,055,808 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\מכללת סלע לשידור 151209.doc
[2009/12/17 06:18:17 | 000,055,808 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\מכללת סלע לשידור 151209.doc
[2009/11/29 11:28:58 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\Desktop\~$???_?????1??_?????.doc) -- C:\Documents and Settings\Zikit\Desktop\~$גום_קוננב1רג_קוהוט.doc
[2009/11/29 11:28:58 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\Desktop\~$???_?????1??_?????.doc) -- C:\Documents and Settings\Zikit\Desktop\~$גום_קוננב1רג_קוהוט.doc
[2009/11/10 18:00:56 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ????? ?????? ????? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן חדשות בידור אודישן בידור הוט בידור ישראלי.doc
[2009/11/10 17:29:34 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ????? ?????? ????? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן חדשות בידור אודישן בידור הוט בידור ישראלי.doc
[2009/11/10 17:09:57 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ???? ????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן מבזק חדשות בידור.doc
[2009/11/10 15:12:25 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ???? ????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן מבזק חדשות בידור.doc
[2009/11/03 14:18:43 | 000,060,231 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.mp3) -- C:\Documents and Settings\Zikit\My Documents\מונית הכסף.mp3
[2009/11/03 14:17:48 | 000,060,231 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.mp3) -- C:\Documents and Settings\Zikit\My Documents\מונית הכסף.mp3
[2009/11/02 16:29:56 | 000,066,048 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? - ????? ??????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\עלוב העלובים - שאלון לתוכנית הבוקר.xls
[2009/11/02 16:00:58 | 000,066,048 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? - ????? ??????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\עלוב העלובים - שאלון לתוכנית הבוקר.xls
[2009/10/30 10:11:36 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?? ????? ?????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אז בשנות השבעים בשיאו של הסתו.doc
[2009/10/30 10:11:36 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?? ????? ?????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אז בשנות השבעים בשיאו של הסתו.doc
[2009/10/19 13:43:34 | 000,000,792 | ---- | M] ()(C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\???? ?? Microsoft Office Outlook.lnk) -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\הפעל את Microsoft Office Outlook.lnk
[2009/10/15 17:45:29 | 003,142,149 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ???? ?????.mp3) -- C:\Documents and Settings\Zikit\My Documents\השיר של יוסי ושירן.mp3
[2009/10/15 17:45:29 | 003,142,149 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ???? ?????.mp3) -- C:\Documents and Settings\Zikit\My Documents\השיר של יוסי ושירן.mp3
[2009/10/13 01:44:54 | 000,030,208 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ????? ???? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\התחלה של שאלות טוטו משפחתי.doc
[2009/10/13 01:44:53 | 000,030,208 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ????? ???? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\התחלה של שאלות טוטו משפחתי.doc
[2009/09/22 16:01:07 | 000,014,336 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????? ????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\סהכ הוצאות אשראי יוסי.xls
[2009/09/22 15:59:03 | 000,014,336 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????? ????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\סהכ הוצאות אשראי יוסי.xls
[2009/06/20 19:04:42 | 000,005,194 | ---- | M] ()(C:\???? ?????.txt) -- C:\מסמך שהוצל.txt
[2009/06/20 19:04:42 | 000,005,194 | ---- | C] ()(C:\???? ?????.txt) -- C:\מסמך שהוצל.txt
[2009/06/17 13:18:49 | 000,013,824 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????' ??????.xls) -- C:\Documents and Settings\Zikit\My Documents\הומפייג' ליינאפ.xls
[2009/06/17 13:18:49 | 000,013,824 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????' ??????.xls) -- C:\Documents and Settings\Zikit\My Documents\הומפייג' ליינאפ.xls
[2009/06/10 18:41:41 | 000,062,464 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???????' ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ליינאפ הומפייג' תוכנית ראשונה.doc
[2009/06/10 14:28:19 | 000,062,464 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???????' ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ליינאפ הומפייג' תוכנית ראשונה.doc
[2009/06/03 17:37:29 | 000,030,720 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????????.doc) -- C:\Documents and Settings\Zikit\My Documents\יובל פיילוט אסוציאציות.doc
[2009/06/02 17:16:13 | 000,030,720 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????????.doc) -- C:\Documents and Settings\Zikit\My Documents\יובל פיילוט אסוציאציות.doc
[2009/05/25 13:01:58 | 000,036,864 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום מאי 09.doc
[2009/05/25 12:59:30 | 000,036,864 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום מאי 09.doc
[2009/05/18 12:00:18 | 000,344,064 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מבצע חץ שחור.ppt
[2009/05/18 11:05:53 | 000,344,064 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מבצע חץ שחור.ppt
[2009/05/16 12:48:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\Desktop\????? ?? ???) -- C:\Documents and Settings\Zikit\Desktop\הזמנה של דני
[2009/05/11 17:04:56 | 000,017,079 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\דודי הערות על הפיילוט.rtf
[2009/05/11 17:04:56 | 000,017,079 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\דודי הערות על הפיילוט.rtf
[2009/05/04 12:54:48 | 000,072,192 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??? ???? ??? ????? ???? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\טופס לפתיחת ספק בארץ ללא נתוני קנין (2).doc
[2009/05/04 12:49:15 | 000,072,192 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??? ???? ??? ????? ???? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\טופס לפתיחת ספק בארץ ללא נתוני קנין (2).doc
[2009/04/30 02:18:23 | 000,045,419 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ??? ????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר פרזנטור סרט הדרכה סלקום.pdf
[2009/04/30 02:18:23 | 000,045,419 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ??? ????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר פרזנטור סרט הדרכה סלקום.pdf
[2009/04/30 02:03:04 | 000,032,768 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר סלקום.doc
[2009/04/30 01:54:30 | 000,032,768 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר סלקום.doc
[2009/04/26 16:33:03 | 000,036,352 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ???? - ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעה לתוכנית חדשה - מוסיקה חברתית.doc
[2009/04/26 16:08:25 | 000,036,352 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ???? - ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעה לתוכנית חדשה - מוסיקה חברתית.doc
[2009/04/13 15:13:39 | 000,000,899 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ???.lnk) -- C:\Documents and Settings\Zikit\My Documents\תיקיות השיתוף שלי.lnk
[2009/03/25 12:02:06 | 000,475,648 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה וויסבנק.doc
[2009/03/25 12:02:00 | 000,475,648 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה וויסבנק.doc
[2009/03/23 18:13:47 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? - ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אור פרג - קורות חיים.doc
[2009/03/23 17:58:36 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? - ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אור פרג - קורות חיים.doc
[2009/03/08 04:49:19 | 000,043,520 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????_????_?????_2009.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה_יוסי_ארדמן_2009.doc
[2009/03/08 04:49:18 | 000,043,520 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????_????_?????_2009.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה_יוסי_ארדמן_2009.doc
[2009/02/21 15:20:23 | 000,030,720 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\פורמט מסמך יוניקום.doc
[2009/02/21 15:19:42 | 000,030,720 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\פורמט מסמך יוניקום.doc
[2009/02/15 16:34:09 | 000,027,648 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\פרומו ספורט פבר 09.doc
[2009/02/15 16:31:22 | 000,027,648 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\פרומו ספורט פבר 09.doc
[2009/02/04 02:37:39 | 000,039,825 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.pdf) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.pdf
[2009/02/04 02:37:39 | 000,039,825 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.pdf) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.pdf
[2009/02/04 02:37:02 | 000,039,936 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.doc
[2009/02/04 02:35:06 | 000,039,936 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.doc
[2008/12/30 16:07:46 | 000,029,696 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\גדעון סער רש.doc
[2008/12/30 16:07:46 | 000,029,696 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\גדעון סער רש.doc
[2008/12/30 01:26:52 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\Desktop\????? ?? ???) -- C:\Documents and Settings\Zikit\Desktop\הזמנה של דני
[2008/12/27 05:25:52 | 003,876,864 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\פוסטר_פליציה.doc
[2008/12/27 05:25:52 | 003,876,864 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\פוסטר_פליציה.doc
[2008/12/25 16:46:01 | 000,031,744 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.doc
[2008/12/25 16:46:01 | 000,031,744 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.doc
[2008/12/25 16:46:01 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ג'ופי.doc
[2008/12/25 16:46:01 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ג'ופי.doc
[2008/12/25 16:06:46 | 000,001,034 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?'???.txt) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.txt
[2008/12/25 16:06:43 | 000,001,034 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?'???.txt) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.txt
[2008/12/22 18:46:26 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אפר ואבק.doc
[2008/12/22 18:39:47 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אפר ואבק.doc
[2008/11/15 10:42:15 | 000,025,600 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????? ???????? ????? ?? ???? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הרעיונות המרכזיים בטקסט של אנרי פירן.doc
[2008/11/12 15:21:24 | 000,025,600 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????? ???????? ????? ?? ???? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הרעיונות המרכזיים בטקסט של אנרי פירן.doc
[2008/10/21 17:11:01 | 000,030,720 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבוא והגדרת שאלת המחקר.doc
[2008/10/21 16:06:55 | 000,030,720 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבוא והגדרת שאלת המחקר.doc
[2008/09/07 02:56:06 | 000,028,160 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\בקשת דחייה סמינר ועדת הוראה.doc
[2008/09/07 02:44:48 | 000,028,160 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\בקשת דחייה סמינר ועדת הוראה.doc
[2008/09/06 01:53:31 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\My Documents\??????) -- C:\Documents and Settings\Zikit\My Documents\הורדות
[2008/09/04 15:34:23 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\My Documents\??????) -- C:\Documents and Settings\Zikit\My Documents\הורדות
[2008/08/07 02:43:31 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תשלום שכל באמצעות אשראי.doc
[2008/08/07 02:43:30 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תשלום שכל באמצעות אשראי.doc
[2008/06/13 03:49:54 | 000,033,280 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??????.doc) -- C:\Documents and Settings\Zikit\My Documents\אלאניס.doc
[2008/06/13 03:24:19 | 000,033,280 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??????.doc) -- C:\Documents and Settings\Zikit\My Documents\אלאניס.doc
[2008/06/08 15:50:20 | 000,084,992 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????? ??? 13 ???? 2007.xls) -- C:\Documents and Settings\Zikit\My Documents\ספר הטלפונים שלי 13 יוני 2007.xls
[2008/06/02 10:44:35 | 000,027,136 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\ללירון וירון.doc
[2008/06/02 10:41:03 | 000,027,136 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\ללירון וירון.doc
[2008/05/20 13:46:32 | 000,033,008 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?? ????? ???? ??????.rtf) -- C:\Documents and Settings\Zikit\My Documents\רועי מספר את סיפור חייו המשעשע.rtf
[2008/05/20 13:42:38 | 000,033,008 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?? ????? ???? ??????.rtf) -- C:\Documents and Settings\Zikit\My Documents\רועי מספר את סיפור חייו המשעשע.rtf
[2008/05/16 06:11:22 | 000,054,784 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל ארבע המופלאות.doc
[2008/05/16 04:21:42 | 000,054,784 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל ארבע המופלאות.doc
[2008/05/13 14:30:12 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים נקי.doc
[2008/05/13 14:04:11 | 000,047,616 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים.doc
[2008/05/13 14:04:01 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים נקי.doc
[2008/05/13 13:22:37 | 000,047,616 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים.doc
[2008/05/07 12:32:28 | 000,037,888 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל יום העצמאות.doc
[2008/05/07 10:31:12 | 000,037,888 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל יום העצמאות.doc
[2008/05/04 18:05:43 | 000,018,944 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\שעות עבודה אפריל.xls
[2008/05/04 17:49:31 | 000,018,944 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\שעות עבודה אפריל.xls
[2008/05/03 04:22:11 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\My Documents\????? ?????) -- C:\Documents and Settings\Zikit\My Documents\סידור עבודה
[2008/05/03 04:20:37 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\My Documents\????? ?????) -- C:\Documents and Settings\Zikit\My Documents\סידור עבודה
[2008/04/27 16:07:50 | 000,075,822 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\יום העצמאות.rtf
[2008/04/27 16:07:50 | 000,075,822 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\יום העצמאות.rtf
[2008/04/17 08:51:46 | 000,000,011 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\חג שמח.txt
[2008/04/17 08:51:46 | 000,000,011 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\חג שמח.txt
[2008/04/09 05:52:00 | 000,072,704 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???? 20.doc) -- C:\Documents and Settings\Zikit\My Documents\תשדיר באזז בנמל 20.doc
[2008/04/09 05:52:00 | 000,072,704 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???? 20.doc) -- C:\Documents and Settings\Zikit\My Documents\תשדיר באזז בנמל 20.doc
[2008/04/09 03:18:49 | 000,058,880 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעור טכנאות אולפן.doc
[2008/04/09 03:18:49 | 000,058,880 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעור טכנאות אולפן.doc
[2008/04/09 03:18:46 | 000,028,160 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\איך אני מקליט באולפן.doc
[2008/04/09 03:18:46 | 000,028,160 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\איך אני מקליט באולפן.doc
[2008/03/16 12:25:29 | 000,000,041 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\רועי דקה.txt
[2008/03/16 12:25:29 | 000,000,041 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\רועי דקה.txt
[2008/03/15 16:16:41 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\נעמה.doc
[2008/03/15 16:12:26 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\נעמה.doc
[2008/03/12 01:58:55 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספידרווי.doc
[2008/03/12 01:58:55 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספידרווי.doc
[2008/03/07 20:56:01 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\היי סבתא.doc
[2008/03/07 02:22:43 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\היי סבתא.doc
[2008/03/04 16:19:09 | 000,025,600 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\היום.doc
[2008/03/04 16:13:08 | 000,025,600 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\היום.doc
[2008/03/03 03:55:05 | 000,033,280 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_????.doc) -- C:\Documents and Settings\Zikit\My Documents\דברים_לשלי.doc
[2008/03/03 03:10:00 | 000,033,280 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_????.doc) -- C:\Documents and Settings\Zikit\My Documents\דברים_לשלי.doc
[2008/02/27 06:37:54 | 000,173,999 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\אישור רכישה.JPG
[2008/02/27 06:37:54 | 000,173,999 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\אישור רכישה.JPG
[2008/02/25 10:57:15 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\Web 2 ???.doc) -- C:\Documents and Settings\Zikit\My Documents\Web 2 לאן.doc
[2008/02/25 10:57:15 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\Web 2 ???.doc) -- C:\Documents and Settings\Zikit\My Documents\Web 2 לאן.doc
[2008/02/24 08:25:23 | 002,752,738 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.bmp) -- C:\Documents and Settings\Zikit\My Documents\תמונה חדשה.bmp
[2008/02/24 08:25:23 | 002,752,738 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.bmp) -- C:\Documents and Settings\Zikit\My Documents\תמונה חדשה.bmp
[2008/02/11 05:11:29 | 000,019,968 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?? ?.doc) -- C:\Documents and Settings\Zikit\My Documents\אם ת.doc
[2008/02/11 05:11:28 | 000,019,968 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?? ?.doc) -- C:\Documents and Settings\Zikit\My Documents\אם ת.doc
[2008/02/02 12:52:22 | 000,520,192 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?_?????_2008_??????_-_??????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ט_שירות_2008_מאורית_-_ורסיית_תמונות.doc
[2008/02/02 12:52:16 | 000,520,192 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?_?????_2008_??????_-_??????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ט_שירות_2008_מאורית_-_ורסיית_תמונות.doc
[2008/01/08 11:27:21 | 000,046,080 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבחן_מקוצר.doc
[2008/01/08 11:27:20 | 000,046,080 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבחן_מקוצר.doc
[2007/12/31 03:38:49 | 000,017,920 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????????.xls) -- C:\Documents and Settings\Zikit\My Documents\קריינויות.xls
[2007/12/31 03:34:40 | 000,017,920 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????????.xls) -- C:\Documents and Settings\Zikit\My Documents\קריינויות.xls
[2007/12/29 15:31:17 | 000,026,112 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\מנהלי רשת.doc
[2007/12/26 08:47:57 | 000,077,824 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????.doc) -- C:\Documents and Settings\Zikit\My Documents\זיקית.doc
[2007/12/26 08:47:57 | 000,077,824 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????.doc) -- C:\Documents and Settings\Zikit\My Documents\זיקית.doc
[2007/12/25 16:26:40 | 000,041,472 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינות_מגמות.doc
[2007/12/25 16:26:30 | 000,041,472 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינות_מגמות.doc
[2007/12/25 14:25:39 | 000,026,112 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\מנהלי רשת.doc
[2007/12/08 08:27:14 | 000,020,480 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\אמא יש.doc
[2007/12/07 07:04:57 | 000,020,480 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\אמא יש.doc
[2007/12/04 13:21:55 | 000,031,232 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קרדיטים_להקות.doc
[2007/12/04 12:38:57 | 000,000,754 | ---- | M] ()(C:\Documents and Settings\Zikit\Desktop\???? ?? ???? 4.0.LNK) -- C:\Documents and Settings\Zikit\Desktop\הפוך על הפוך 4.0.LNK
[2007/12/04 12:38:57 | 000,000,754 | ---- | C] ()(C:\Documents and Settings\Zikit\Desktop\???? ?? ???? 4.0.LNK) -- C:\Documents and Settings\Zikit\Desktop\הפוך על הפוך 4.0.LNK
[2007/12/04 12:38:56 | 000,000,000 | ---D | M](C:\Program Files\???? ?? ????) -- C:\Program Files\הפוך על הפוך
[2007/12/04 12:38:56 | 000,000,000 | ---D | M](C:\Program Files\???? ?? ????) -- C:\Program Files\הפוך על הפוך
[2007/12/04 11:51:34 | 000,119,054 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\לוגו_להקות.JPG
[2007/12/04 11:51:33 | 000,119,054 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\לוגו_להקות.JPG
[2007/12/04 11:51:30 | 000,031,232 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קרדיטים_להקות.doc
[2007/11/27 07:00:25 | 000,240,128 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? 20 ?-8.doc) -- C:\Documents and Settings\Zikit\My Documents\אנוש 20 ל-8.doc
[2007/11/27 05:14:17 | 000,240,128 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? 20 ?-8.doc) -- C:\Documents and Settings\Zikit\My Documents\אנוש 20 ל-8.doc
[2007/11/25 02:35:22 | 000,054,784 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\שער לתקציב.doc
[2007/11/25 02:35:22 | 000,054,784 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\שער לתקציב.doc
[2007/10/31 06:47:27 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\Desktop\???) -- C:\Documents and Settings\Zikit\Desktop\ארי
[2007/10/13 11:55:22 | 000,219,648 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\טסט ראשון.doc
[2007/10/13 08:00:01 | 000,219,648 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\טסט ראשון.doc
[2007/10/10 15:31:21 | 000,016,384 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\מערכת תשסח.xls
[2007/10/10 14:28:19 | 000,016,384 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\מערכת תשסח.xls
[2007/10/06 05:01:32 | 000,033,792 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק אזכרה.doc
[2007/10/06 05:01:32 | 000,033,792 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק אזכרה.doc
[2007/10/04 11:03:54 | 000,087,040 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? - ????? 4 10 07 ??? ??? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית השכל - רעננה 4 10 07 סדר נקי (2).doc
[2007/10/04 05:47:04 | 000,070,656 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית עותק ליניב.doc
[2007/10/04 05:46:50 | 000,070,656 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית עותק ליניב.doc
[2007/10/02 06:16:55 | 000,087,040 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? - ????? 4 10 07 ??? ??? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית השכל - רעננה 4 10 07 סדר נקי (2).doc
[2007/09/27 10:45:46 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??????? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\רעיונות לפיילוט.doc
[2007/09/27 10:45:46 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??????? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\רעיונות לפיילוט.doc
[2007/09/08 04:25:32 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\משפטים לילדים.doc
[2007/09/08 04:25:32 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\משפטים לילדים.doc
[2007/09/06 10:57:16 | 000,000,447 | ---- | C] ()(C:\Documents and Settings\Zikit\Desktop\Shortcut to ?????????.lnk) -- C:\Documents and Settings\Zikit\Desktop\Shortcut to אקספורטים.lnk
[2007/09/06 10:57:14 | 000,000,447 | ---- | M] ()(C:\Documents and Settings\Zikit\Desktop\Shortcut to ?????????.lnk) -- C:\Documents and Settings\Zikit\Desktop\Shortcut to אקספורטים.lnk
[2007/09/03 11:13:36 | 000,000,792 | ---- | C] ()(C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\???? ?? Microsoft Office Outlook.lnk) -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\הפעל את Microsoft Office Outlook.lnk
[2007/09/01 06:34:14 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ??? ??????? ???? ????? ????? ?????? ???? ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הסיפור שלנו כמו סיפורים רבים אחרים מתחיל בנקודת חוסר שיווי משקל.doc
[2007/09/01 06:34:13 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ??? ??????? ???? ????? ????? ?????? ???? ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הסיפור שלנו כמו סיפורים רבים אחרים מתחיל בנקודת חוסר שיווי משקל.doc
[2007/08/30 02:56:50 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק.doc
[2007/08/29 10:45:44 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק.doc
[2007/08/23 18:13:14 | 000,000,899 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ???.lnk) -- C:\Documents and Settings\Zikit\My Documents\תיקיות השיתוף שלי.lnk
[2007/08/23 18:12:21 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????) -- C:\Documents and Settings\Zikit\My Documents\הקבצים שלי שהתקבלו
[2007/06/13 02:38:37 | 000,084,992 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????? ??? 13 ???? 2007.xls) -- C:\Documents and Settings\Zikit\My Documents\ספר הטלפונים שלי 13 יוני 2007.xls
(C:\Program Files\???? ?? ????) -- C:\Program Files\הפוך על הפוך

========== Alternate Data Streams ==========

@Alternate Data Stream - 582 bytes -> C:\WINDOWS\Temp:temp
< End of report >

[Yossie]

Attached MY OTL Log after applying scan.txt custom Scan:

OTL logfile created on: 11/23/2010 7:38:10 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102.78 Gb Total Space | 18.43 Gb Free Space | 17.93% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 222.18 Gb Free Space | 23.85% Space Free | Partition Type: NTFS
Drive E: | 195.30 Gb Total Space | 3.73 Gb Free Space | 1.91% Space Free | Partition Type: NTFS
Drive F: | 4.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 14.83 Gb Total Space | 5.10 Gb Free Space | 34.39% Space Free | Partition Type: FAT32
Drive X: | 957.56 Mb Total Space | 640.56 Mb Free Space | 66.90% Space Free | Partition Type: FAT

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/11/22 18:30:58 | 006,387,008 | ---- | M] (SurfRight B.V.) [Auto] -- C:\Documents and Settings\Zikit\My Documents\Downloads\HitmanPro35.exe -- (HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot)
SRV - [2010/10/15 19:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/18 11:09:37 | 000,030,192 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/05/04 18:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto] -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/03/29 12:16:36 | 000,033,560 | ---- | M] (ESET) [On_Demand] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010/03/29 12:12:18 | 000,810,120 | ---- | M] (ESET) [Auto] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/11/17 02:43:57 | 000,130,560 | ---- | M] (Unison Play) [Auto] -- C:\Program Files\UnisonPlay\UniFSService.exe -- (UniFS)
SRV - [2009/10/06 22:31:18 | 000,035,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\aspnet_state.exe -- (aspnet_state)
SRV - [2009/10/06 19:44:58 | 000,752,984 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2009/10/06 19:44:58 | 000,129,856 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe -- (clr_optimization_v4.0.21006_32)
SRV - [2009/03/04 03:25:12 | 000,621,056 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/02/01 11:23:25 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2004/03/18 09:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\yufbvpxj.sys -- (yufbvpxj)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (upperdev)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\uiegguww.sys -- (uiegguww)
DRV - File not found [Kernel | Boot] -- -- (ruteix)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\rbukhjub.sys -- (rbukhjub)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\ketounsb.sys -- (ketounsb)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\jnwcptay.sys -- (jnwcptay)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (hwusbfake)
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\gmmfbllz.sys -- (gmmfbllz)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\dbifuocj.sys -- (dbifuocj)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/10/16 13:55:00 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/03/29 12:13:44 | 000,095,872 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010/03/29 12:12:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/03/29 12:07:30 | 000,140,216 | ---- | M] (ESET) [File_System | Auto] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/12/23 06:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/10/30 08:39:44 | 000,384,576 | ---- | M] (BEHRINGER) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BUSB2902.sys -- (BEHRINGER_2902)
DRV - [2009/10/30 08:39:44 | 000,039,488 | ---- | M] (BEHRINGER) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\busbwdm.sys -- (BUSB_AUDIO_WDM)
DRV - [2009/10/20 13:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/10/20 10:47:18 | 000,056,832 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\AvidXPSerial.sys -- (Serial)
DRV - [2009/05/27 04:31:44 | 000,584,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008/11/21 04:42:21 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/08/26 02:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/28 10:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/13 15:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 15:46:08 | 000,049,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mstape.sys -- (MSTAPE)
DRV - [2008/04/13 15:46:08 | 000,013,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/27 02:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2007/04/23 08:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/23 08:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007/04/23 08:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007/04/23 08:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007/04/23 08:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2007/04/16 07:16:26 | 005,760,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/04/03 06:57:54 | 000,099,080 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007/04/03 06:57:52 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007/04/03 06:57:52 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007/04/03 06:57:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/03 06:57:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007/04/03 06:57:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007/04/03 06:57:42 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2006/08/14 14:09:48 | 000,083,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2005/05/09 12:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2002/11/08 10:56:28 | 000,238,080 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpp106.sys -- (SNPP106) PC Camera (6029 CIF)
DRV - [2002/10/15 15:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 01:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)
DRV - [2002/07/17 01:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (ASPI)
DRV - [2001/11/06 19:00:00 | 000,166,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\webc3vid.sys -- (CTL511Plus) Video Blaster WebCam 3/WebCam Plus (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A D9 C6 74 FE 78 CB 01 [binary data]
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\Zikit_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Zikit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Zikit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/30 17:35:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/15 11:05:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/09 15:38:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/11/22 17:51:46 | 000,000,000 | ---D | M]

[2010/11/22 17:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/12 09:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/12/05 15:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2010/10/27 09:50:31 | 000,001,960 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\morfix-dic.xml
[2010/10/27 09:50:31 | 000,001,008 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-he.xml

O1 HOSTS File: ([2010/11/21 16:47:01 | 000,332,195 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 0.0.0.0 ar.atwola.com
O1 - Hosts: 0.0.0.0 atdmt.com
O1 - Hosts: 0.0.0.0 awaps.net
O1 - Hosts: 0.0.0.0 click.atdmt.com
O1 - Hosts: 0.0.0.0 clicks.atdmt.com
O1 - Hosts: 0.0.0.0 engine.awaps.net
O1 - Hosts: 0.0.0.0 spd.atdmt.com
O1 - Hosts: 0.0.0.0 www.awaps.net
O1 - Hosts: 0.0.0.0 www.norton.com
O1 - Hosts: 11339 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Zikit_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [Hebrew] C:\Program Files\הפוך על הפוך\hebrew.exe (freeware.co.i l עודד יחזקאל )
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\Zikit_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Zikit_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.ims.tau....Inc/ScriptX.cab (MeadCo ScriptX)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...4/uploader2.cab (UploadListView Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1187892702656 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebo...Uploader4_5.cab (Facebook Photo Uploader 4)
O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} http://www.tapuz.co....in/launcher.cab (LauncherV1 Class)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://sslvpn.boein...perSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} http://irc.nana10.co.../launcher39.cab (LauncherV1 Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/23 12:39:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/07/16 12:03:18 | 000,000,206 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/11/23 19:36:46 | 000,000,377 | ---- | M] () - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

========== Files/Folders - Created Within 30 Days ==========

[2010/11/23 19:37:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/11/23 19:37:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/11/22 18:37:36 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/11/22 17:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Local Settings\Application Data\ESET
[2010/11/22 17:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\ESET
[2010/11/22 17:38:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010/11/22 14:03:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/11/22 14:03:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\PrivacIE
[2010/11/22 11:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Trend Micro
[2010/11/22 10:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/21 14:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\AVG
[2010/11/21 14:36:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\AVG10
[2010/11/21 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/11/21 13:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\Malwarebytes
[2010/11/21 13:15:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\Favorites
[2010/11/17 04:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2010/11/15 18:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\My Documents\Avid Projects
[2010/11/15 18:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\Avid
[2010/11/15 17:52:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MEDIA
[2010/11/15 17:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE
[2010/11/15 17:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SafeNet Sentinel
[2010/11/15 17:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Digidesign
[2010/11/15 17:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Avid
[2010/11/15 17:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Licenses
[2010/11/15 17:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Avid
[2010/11/15 11:46:35 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2010/11/15 11:46:35 | 000,308,224 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2010/11/15 11:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\WMR14
[2010/11/15 11:38:31 | 000,000,000 | ---D | C] -- C:\hidownload
[2010/11/15 11:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010/11/15 11:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\StreamingStar
[2010/11/15 11:16:09 | 000,440,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSHFLXGD.OCX
[2010/11/15 11:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Videophile II
[2010/11/15 06:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/15 06:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/15 06:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/13 11:06:56 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstape.sys
[2010/11/13 11:06:56 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/11/13 11:06:56 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\avcstrm.sys
[2010/11/13 11:06:56 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/11/12 11:13:54 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010/11/12 11:13:54 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2010/11/12 11:13:54 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2010/11/12 11:13:54 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/11/12 11:13:53 | 013,012,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010/11/12 11:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/11/12 11:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\vlc
[2010/11/12 11:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\SystemRequirementsLab
[2010/11/07 09:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010/11/03 05:09:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zikit\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/02 08:32:59 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr90.dll
[2010/11/01 14:19:41 | 000,584,832 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTL8192su.sys
[2010/10/31 07:56:01 | 000,039,488 | ---- | C] (BEHRINGER) -- C:\WINDOWS\System32\drivers\busbwdm.sys
[2010/10/26 14:56:52 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/26 14:56:52 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/26 14:56:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/26 08:39:05 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2008/01/16 16:39:39 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Zikit\Application Data\pcouffin.sys
[2004/11/24 13:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/23 07:34:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/22 18:37:36 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/11/22 18:37:36 | 000,001,568 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2010/11/22 18:31:57 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/11/22 18:28:00 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/22 18:15:21 | 000,000,870 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/22 18:15:10 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\FABVN.job
[2010/11/22 17:56:01 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-484763869-725345543-1003UA.job
[2010/11/22 16:51:30 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/22 11:34:59 | 000,505,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/22 11:34:59 | 000,088,504 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/22 11:14:52 | 000,329,423 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\tmsshf.bin
[2010/11/22 08:17:00 | 000,185,856 | ---- | M] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/22 07:56:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-484763869-725345543-1003Core.job
[2010/11/22 07:41:51 | 058,806,511 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Dkira Pride.wmv
[2010/11/22 07:33:53 | 000,015,264 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Dkira Pride.veg
[2010/11/22 05:51:28 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/11/21 16:58:44 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Zikit\PUTTY.RND
[2010/11/21 16:55:08 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/11/21 16:55:08 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/11/21 16:55:06 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/11/21 16:47:01 | 000,332,195 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/21 14:44:50 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/11/21 13:31:02 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\rkill.com
[2010/11/21 13:07:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/21 13:01:12 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Zikit\Application Data\install
[2010/11/21 13:00:25 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/11/20 03:53:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/18 12:35:29 | 000,002,417 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Microsoft Office Word 2003.lnk
[2010/11/18 02:56:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/17 04:30:35 | 000,076,120 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/15 18:05:57 | 002,410,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/15 11:45:44 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1
[2010/11/15 11:44:47 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\WM Converter 14.lnk
[2010/11/15 07:53:57 | 000,130,784 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\578380794.pdf
[2010/11/15 05:11:58 | 000,497,629 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Generator-The Holloways.m4r
[2010/11/12 11:14:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/11/11 16:25:06 | 000,206,065 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/09 16:03:01 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/09 15:52:06 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\RemoveWGA.exe
[2010/11/07 09:56:42 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\SopCast.lnk
[2010/11/07 09:56:03 | 005,279,114 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\SopCast-3.2.9.zip
[2010/11/06 18:56:52 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Google Chrome.lnk
[2010/11/06 18:56:52 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/04 16:52:17 | 000,037,316 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Prodev-tickets.pdf
[2010/11/04 07:42:45 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager Yossi Erdman.doc
[2010/11/04 07:40:38 | 000,014,641 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager.docx
[2010/11/03 19:14:06 | 118,011,586 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0666.MOV
[2010/11/03 18:44:18 | 135,583,966 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0658.MOV
[2010/11/03 05:08:46 | 002,458,937 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\TweetDeck_0_35.3.air
[2010/11/02 08:32:05 | 000,319,404 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\msvcr90.dll.zip
[2010/11/02 08:00:31 | 039,905,944 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Hamekaplot.m4v
[2010/10/31 08:00:22 | 000,000,159 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat
[2010/10/31 07:55:09 | 000,732,987 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\BEHRINGER_2902_WIN32_2.8.40.zip
[2010/10/26 20:06:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/26 15:03:33 | 002,005,148 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2010/10/26 15:01:04 | 000,020,236 | ---- | M] () -- C:\Documents and Settings\Zikit\Desktop\Lie To Me_3x04_HDTV.LOL.en.zip
[2010/10/25 13:48:56 | 000,045,627 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\Boardwalk.zip
[2010/10/25 13:42:05 | 000,021,390 | ---- | M] () -- C:\Documents and Settings\Zikit\My Documents\desperate.zip
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/22 18:37:36 | 000,001,568 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/11/22 18:31:57 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/11/22 17:02:24 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\rkill.com
[2010/11/22 14:02:53 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\Zikit\TmInstall.log
[2010/11/22 07:34:42 | 058,806,511 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\Dkira Pride.wmv
[2010/11/22 07:33:53 | 000,015,264 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Dkira Pride.veg
[2010/11/21 14:44:50 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/11/21 13:01:12 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\install
[2010/11/21 13:01:07 | 000,000,302 | -HS- | C] () -- C:\WINDOWS\tasks\FABVN.job
[2010/11/15 17:57:12 | 000,048,108 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\AfterEffectsEMP_install.log
[2010/11/15 11:45:44 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\-1
[2010/11/15 11:44:47 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\WM Converter 14.lnk
[2010/11/15 07:53:56 | 000,130,784 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\578380794.pdf
[2010/11/15 05:11:52 | 000,497,629 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\Generator-The Holloways.m4r
[2010/11/12 11:14:17 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/11/12 11:14:15 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/11/12 11:14:15 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/11/12 11:14:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/11/12 11:13:54 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/11/12 11:13:54 | 000,003,739 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/11/09 16:03:01 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/09 15:52:05 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\RemoveWGA.exe
[2010/11/07 09:56:42 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\SopCast.lnk
[2010/11/07 09:55:54 | 005,279,114 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\SopCast-3.2.9.zip
[2010/11/04 16:52:16 | 000,037,316 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Prodev-tickets.pdf
[2010/11/04 07:40:58 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager Yossi Erdman.doc
[2010/11/04 06:55:30 | 000,014,641 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\BDB Production Manager.docx
[2010/11/03 19:14:06 | 118,011,586 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0666.MOV
[2010/11/03 18:44:18 | 135,583,966 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\IMG_0658.MOV
[2010/11/03 05:08:31 | 002,458,937 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\TweetDeck_0_35.3.air
[2010/11/02 08:32:04 | 000,319,404 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\msvcr90.dll.zip
[2010/11/02 07:59:26 | 039,905,944 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Hamekaplot.m4v
[2010/10/31 08:00:22 | 000,000,159 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat
[2010/10/31 07:55:06 | 000,732,987 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\BEHRINGER_2902_WIN32_2.8.40.zip
[2010/10/26 15:01:04 | 000,020,236 | ---- | C] () -- C:\Documents and Settings\Zikit\Desktop\Lie To Me_3x04_HDTV.LOL.en.zip
[2010/10/25 13:48:55 | 000,045,627 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\Boardwalk.zip
[2010/10/25 13:42:05 | 000,021,390 | ---- | C] () -- C:\Documents and Settings\Zikit\My Documents\desperate.zip
[2010/07/10 12:21:42 | 000,000,011 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2010/05/02 03:03:41 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/12/27 11:37:06 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/20 13:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/10/20 10:47:18 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AvidXPSerial.sys
[2009/10/05 10:09:42 | 001,658,973 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2009/10/05 10:09:42 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\PtSSE2.dll
[2009/10/05 10:09:42 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2009/09/20 09:04:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/07/10 03:27:13 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\vso_ts_preview.xml
[2009/04/24 04:32:56 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2009/04/21 16:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/01/05 04:50:32 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/12/12 08:23:20 | 000,000,445 | ---- | C] () -- C:\Documents and Settings\Zikit\WinKawaks.rom
[2008/12/12 08:22:55 | 000,005,647 | ---- | C] () -- C:\Documents and Settings\Zikit\WinKawaks.ini
[2008/12/04 16:51:47 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaiheop.ini
[2008/12/04 16:48:20 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihebi.ini
[2008/12/04 16:48:07 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihelo.ini
[2008/12/04 16:47:01 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihedd.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihemd.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaiheki.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihejc.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaihefp.ini
[2008/12/04 16:44:48 | 000,000,005 | ---- | C] () -- C:\WINDOWS\obaiheej.ini
[2008/11/15 20:07:47 | 000,000,584 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008/09/11 16:15:03 | 000,000,529 | ---- | C] () -- C:\WINDOWS\dvdtoaviconverter2.ini
[2008/08/18 23:06:44 | 000,000,720 | ---- | C] () -- C:\WINDOWS\avscan.ini
[2008/06/11 14:54:29 | 000,001,236 | RHS- | C] () -- C:\Documents and Settings\Zikit\ntuser.pol
[2008/05/16 13:31:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/05/08 06:09:37 | 000,000,237 | ---- | C] () -- C:\WINDOWS\sripper.ini
[2008/05/08 06:09:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\StreamRipper32.INI
[2008/04/27 09:53:55 | 000,000,209 | ---- | C] () -- C:\WINDOWS\wldtlk4.ini
[2008/04/12 17:10:59 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2008/04/12 17:10:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008/04/12 17:10:58 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2008/03/18 08:18:30 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Zikit\PUTTY.RND
[2008/01/16 16:39:45 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\pcouffin.log
[2008/01/16 16:39:39 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\inst.exe
[2008/01/16 16:39:39 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\pcouffin.cat
[2008/01/16 16:39:39 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Zikit\Application Data\pcouffin.inf
[2008/01/01 15:48:57 | 000,015,494 | ---- | C] () -- C:\WINDOWS\snpp106.ini
[2008/01/01 15:48:56 | 000,238,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpp106.sys
[2008/01/01 15:48:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dsnpp106.dll
[2008/01/01 15:48:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\vsnpp106.dll
[2007/12/24 05:40:26 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/12/22 14:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/12/04 13:34:01 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2007/12/04 13:32:17 | 000,001,601 | ---- | C] () -- C:\WINDOWS\Graffiti4.0.ini
[2007/12/03 17:50:15 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/12/03 17:50:15 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007/12/03 17:50:15 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007/12/03 17:50:15 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/12/03 17:50:15 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007/12/03 08:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/12/01 05:43:30 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/11/25 10:48:23 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/10/24 03:39:32 | 002,715,366 | ---- | C] () -- C:\Program Files\wax20e.zip
[2007/10/24 03:27:34 | 001,339,608 | ---- | C] () -- C:\Program Files\VirtualDub-1.7.6.zip
[2007/10/06 18:26:26 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Zikit\default.pls
[2007/09/09 12:33:11 | 000,007,307 | ---- | C] () -- C:\Documents and Settings\Zikit\intlname.ols
[2007/09/09 06:01:06 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/08 04:04:32 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\fusioncache.dat
[2007/09/07 18:00:37 | 000,000,008 | -HS- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\systemCurUses
[2007/09/07 18:00:37 | 000,000,006 | -HS- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\systemHdID
[2007/08/28 15:38:50 | 000,014,211 | ---- | C] () -- C:\WINDOWS\twacker.ini
[2007/08/25 05:56:51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2007/08/23 19:28:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/08/23 19:00:01 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ideq32.ini
[2007/08/23 18:09:02 | 000,185,856 | ---- | C] () -- C:\Documents and Settings\Zikit\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/23 13:24:53 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/08/23 13:01:10 | 000,000,576 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/08/06 04:07:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2006/02/28 13:17:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/12/30 12:10:30 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/10/03 11:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003/01/07 08:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/05/02 18:48:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Softland
[2010/05/02 05:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2009/05/16 13:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\ACD Systems
[2007/12/06 14:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Atari
[2010/11/21 16:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\AVG
[2010/11/21 14:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\AVG10
[2010/11/15 18:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Avid
[2010/11/21 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Azwi
[2010/01/14 16:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\BSplayer PRO
[2008/04/12 17:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\concept design
[2008/11/21 04:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\DAEMON Tools
[2009/04/16 18:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2010/11/22 11:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Dropbox
[2010/11/22 17:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\ESET
[2007/09/28 15:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\GetRightToGo
[2007/09/14 11:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Juniper Networks
[2007/11/30 05:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\MCMPEGEnc
[2009/10/16 06:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\NCH Swift Sound
[2009/06/12 08:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Nokia
[2010/11/21 16:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\nView_Wallpaper
[2010/11/20 13:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Ovhove
[2010/11/15 18:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\PACE Anti-Piracy
[2009/06/12 08:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\PC Suite
[2010/05/02 04:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\PrimoPDF
[2009/10/30 07:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Publish Providers
[2010/11/21 14:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Qyatyh
[2010/02/23 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\RayV
[2010/05/02 05:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Softland
[2010/03/05 08:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Sony
[2010/03/05 07:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Sony Creative Software
[2007/11/30 16:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\SorensonMedia
[2010/10/22 05:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Steinberg
[2010/11/12 11:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\SystemRequirementsLab
[2010/10/23 16:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Teleca
[2009/04/13 15:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2010/11/03 05:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/21 13:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Tyydse
[2010/11/22 17:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\uTorrent
[2010/05/06 02:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Vso
[2008/04/08 03:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Waves Audio
[2010/11/15 18:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zikit\Application Data\Waves Preferences
[2010/11/22 18:15:10 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\FABVN.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE >
[2009/12/28 15:30:11 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=5F381155DC979809B422432F86003581 -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2009/04/09 07:22:09 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/06/06 05:27:49 | 001,830,912 | ---- | M] () -- C:\27711187.aac
[2010/06/06 05:27:49 | 086,011,904 | ---- | M] () -- C:\27711187.m4v
[2010/11/15 18:04:33 | 000,016,692 | ---- | M] () -- C:\aaw7boot.log
[2010/06/06 03:27:39 | 2710,580,452 | ---- | M] () -- C:\Assaf Mitzva_Final.avi
[2010/06/06 08:47:56 | 001,071,904 | ---- | M] () -- C:\Assaf Mitzva_Final.avi.sfk
[2007/08/23 12:39:52 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/07 14:51:00 | 078,280,110 | ---- | M] () -- C:\BlackEyedPeas.wav
[2007/08/23 12:35:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2007/08/23 12:39:52 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/28 17:14:49 | 000,777,532 | ---- | M] () -- C:\Crocker Portrait NEW.mp3
[2009/04/24 04:29:19 | 000,002,464 | ---- | M] () -- C:\Cucu_Video_log.txt
[2007/08/23 12:39:52 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/08/23 12:39:52 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/12 20:15:10 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/23 13:00:09 | 000,196,982 | ---- | M] () -- C:\OTL.Txt
[2009/10/11 14:39:39 | 028,656,442 | ---- | M] () -- C:\output.wav
[2009/05/08 20:45:37 | 006,630,323 | ---- | M] () -- C:\outside the box patih.mp3
[2010/11/23 07:34:50 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/04/28 16:55:45 | 009,453,399 | ---- | M] () -- C:\Portrait - Hakol Mevina.MP3
[2010/11/22 18:03:29 | 000,000,505 | ---- | M] () -- C:\rkill.log
[2010/06/05 18:38:08 | 002,029,725 | ---- | M] () -- C:\ScreenCapture.mov
[2008/01/01 15:51:02 | 000,230,408 | ---- | M] () -- C:\SNPP106.RAW
[2007/09/07 15:19:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/01/14 05:15:32 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/03/27 07:14:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2007/09/07 15:19:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/01/14 05:15:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/03/27 07:14:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2007/12/03 10:21:25 | 000,003,905 | ---- | M] () -- C:\statistics.xml
[2008/04/06 23:04:28 | 000,000,003 | ---- | M] () -- C:\TCPCheckResult.txt
[2009/10/14 12:18:28 | 023,625,626 | ---- | M] () -- C:\Tijuana SOng.wav
[2007/10/05 02:41:00 | 000,033,792 | ---- | M] () -- C:\[.doc
[2007/11/10 04:51:05 | 000,001,167 | ---- | M] () -- C:\_Sid.txt

< %systemroot%\*. /mp /s >

< CREATERESTOREPOINT >

< %systemroot%\System32\config\*.sav >
[2007/08/23 19:26:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/08/23 19:26:37 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/08/23 19:26:37 | 000,921,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
"NoAutoRebootWithLoggedOnUsers" = 1

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-09 21:04:03

========== Files - Unicode (All) ==========
[2010/11/22 14:52:48 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$וליק טיאר פרומו.doc
[2010/11/22 14:52:48 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$וליק טיאר פרומו.doc
[2010/11/22 14:38:24 | 000,020,480 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שמוליק טיאר פרומו.doc
[2010/11/22 14:38:23 | 000,020,480 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שמוליק טיאר פרומו.doc
[2010/11/22 11:45:27 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????) -- C:\Documents and Settings\Zikit\My Documents\הקבצים שלי שהתקבלו
[2010/11/16 18:09:44 | 000,000,108 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?????.txt) -- C:\Documents and Settings\Zikit\My Documents\שאלות לרואה חשבון.txt
[2010/11/16 18:09:44 | 000,000,108 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?????.txt) -- C:\Documents and Settings\Zikit\My Documents\שאלות לרואה חשבון.txt
[2010/11/06 08:03:37 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\Desktop\???) -- C:\Documents and Settings\Zikit\Desktop\ארי
[2010/11/03 04:58:18 | 000,038,912 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום אוקטובר 10.doc
[2010/11/02 06:04:38 | 000,065,024 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????????? ???? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינויות יוסי ארדמן אוקטובר 10.doc
[2010/11/02 05:54:41 | 000,031,744 | ---- | M] ()(C:\Documents and Settings\Zikit\Desktop\????????? ?????????? ????? ??????? 2010.xls) -- C:\Documents and Settings\Zikit\Desktop\קריינויות ופרוייקטים לרדיו אוקטובר 2010.xls
[2010/11/02 05:47:42 | 000,038,912 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום אוקטובר 10.doc
[2010/11/02 05:38:22 | 000,065,024 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????????? ???? ????? ??????? 10.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינויות יוסי ארדמן אוקטובר 10.doc
[2010/10/24 08:05:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\Desktop\?????? ?????) -- C:\Documents and Settings\Zikit\Desktop\תמונות למצגת
[2010/10/24 06:44:28 | 000,031,744 | ---- | C] ()(C:\Documents and Settings\Zikit\Desktop\????????? ?????????? ????? ??????? 2010.xls) -- C:\Documents and Settings\Zikit\Desktop\קריינויות ופרוייקטים לרדיו אוקטובר 2010.xls
[2010/08/28 08:40:59 | 001,556,480 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.pps) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.pps
[2010/08/28 08:40:58 | 001,556,480 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.pps) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.pps
[2010/08/28 08:40:36 | 002,466,304 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.ppt
[2010/08/28 04:59:47 | 000,072,192 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שרים עם המלכה.doc
[2010/08/28 03:55:06 | 002,466,304 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מצגת תמונות אנגליה.ppt
[2010/08/28 01:51:47 | 000,072,192 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שרים עם המלכה.doc
[2010/08/22 03:26:24 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\Desktop\?????? ?????) -- C:\Documents and Settings\Zikit\Desktop\תמונות למצגת
[2010/06/21 04:20:43 | 000,032,768 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\הביטלס עובדות ועניינים.doc
[2010/06/21 03:56:53 | 000,032,768 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\הביטלס עובדות ועניינים.doc
[2010/05/12 16:24:50 | 000,016,896 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\זמני ריקודים להקה.xls
[2010/05/12 16:24:50 | 000,016,896 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\זמני ריקודים להקה.xls
[2010/05/03 03:10:34 | 000,164,796 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר מעודכנת חסויות לובינסקי זרמון.pdf
[2010/05/03 03:10:33 | 000,164,796 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר מעודכנת חסויות לובינסקי זרמון.pdf
[2010/05/03 03:09:46 | 000,034,816 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.doc
[2010/05/02 05:52:48 | 000,162,342 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.pdf
[2010/05/02 05:51:39 | 000,162,342 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.pdf
[2010/05/02 05:38:50 | 000,034,816 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????? ???????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר חסויות לובינסקי זרמון.doc
[2010/05/02 04:49:06 | 000,037,376 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:27:02 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:27:02 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:27:01 | 000,037,376 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????__????_?????_2010.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום__גיתם_אפריל_2010.doc
[2010/05/02 03:05:52 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת תשלום ון אמדן.doc
[2010/05/02 03:05:52 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת תשלום ון אמדן.doc
[2010/04/20 03:09:04 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עורי בית.doc
[2010/04/20 03:09:04 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עורי בית.doc
[2010/04/20 03:08:54 | 000,102,912 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעורי בית.doc
[2010/04/20 03:08:53 | 000,102,912 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעורי בית.doc
[2010/03/14 12:38:22 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$?? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עת מחיר סלקום.doc
[2010/03/14 12:38:22 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$?? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\~$עת מחיר סלקום.doc
[2010/01/10 07:25:58 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2010/01/10 07:25:58 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$???_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2010/01/10 07:25:53 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2010/01/10 07:25:52 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_?????_?????? ?? ?????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת_תשלום_רוקדים עם כוכבים דצמ.doc
[2009/12/18 13:49:11 | 002,109,952 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ???? ????? ?????? ????'? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תכירו את יוסי ארדמן בוואלה ברנז'ה תיעוד.doc
[2009/12/18 13:49:11 | 002,109,952 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ???? ????? ?????? ????'? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תכירו את יוסי ארדמן בוואלה ברנז'ה תיעוד.doc
[2009/12/17 06:18:26 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ללת סלע לשידור 151209.doc
[2009/12/17 06:18:26 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$??? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ללת סלע לשידור 151209.doc
[2009/12/17 06:18:17 | 000,055,808 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\מכללת סלע לשידור 151209.doc
[2009/12/17 06:18:17 | 000,055,808 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ?????? 151209.doc) -- C:\Documents and Settings\Zikit\My Documents\מכללת סלע לשידור 151209.doc
[2009/11/29 11:28:58 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\Desktop\~$???_?????1??_?????.doc) -- C:\Documents and Settings\Zikit\Desktop\~$גום_קוננב1רג_קוהוט.doc
[2009/11/29 11:28:58 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\Desktop\~$???_?????1??_?????.doc) -- C:\Documents and Settings\Zikit\Desktop\~$גום_קוננב1רג_קוהוט.doc
[2009/11/10 18:00:56 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ????? ?????? ????? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן חדשות בידור אודישן בידור הוט בידור ישראלי.doc
[2009/11/10 17:29:34 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ????? ?????? ????? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן חדשות בידור אודישן בידור הוט בידור ישראלי.doc
[2009/11/10 17:09:57 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ???? ????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן מבזק חדשות בידור.doc
[2009/11/10 15:12:25 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ???? ????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\יוסי ארדמן מבזק חדשות בידור.doc
[2009/11/03 14:18:43 | 000,060,231 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.mp3) -- C:\Documents and Settings\Zikit\My Documents\מונית הכסף.mp3
[2009/11/03 14:17:48 | 000,060,231 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.mp3) -- C:\Documents and Settings\Zikit\My Documents\מונית הכסף.mp3
[2009/11/02 16:29:56 | 000,066,048 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? - ????? ??????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\עלוב העלובים - שאלון לתוכנית הבוקר.xls
[2009/11/02 16:00:58 | 000,066,048 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? - ????? ??????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\עלוב העלובים - שאלון לתוכנית הבוקר.xls
[2009/10/30 10:11:36 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?? ????? ?????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אז בשנות השבעים בשיאו של הסתו.doc
[2009/10/30 10:11:36 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?? ????? ?????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אז בשנות השבעים בשיאו של הסתו.doc
[2009/10/19 13:43:34 | 000,000,792 | ---- | M] ()(C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\???? ?? Microsoft Office Outlook.lnk) -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\הפעל את Microsoft Office Outlook.lnk
[2009/10/15 17:45:29 | 003,142,149 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ???? ?????.mp3) -- C:\Documents and Settings\Zikit\My Documents\השיר של יוסי ושירן.mp3
[2009/10/15 17:45:29 | 003,142,149 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ???? ?????.mp3) -- C:\Documents and Settings\Zikit\My Documents\השיר של יוסי ושירן.mp3
[2009/10/13 01:44:54 | 000,030,208 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ????? ???? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\התחלה של שאלות טוטו משפחתי.doc
[2009/10/13 01:44:53 | 000,030,208 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?? ????? ???? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\התחלה של שאלות טוטו משפחתי.doc
[2009/09/22 16:01:07 | 000,014,336 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????? ????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\סהכ הוצאות אשראי יוסי.xls
[2009/09/22 15:59:03 | 000,014,336 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????? ????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\סהכ הוצאות אשראי יוסי.xls
[2009/06/20 19:04:42 | 000,005,194 | ---- | M] ()(C:\???? ?????.txt) -- C:\מסמך שהוצל.txt
[2009/06/20 19:04:42 | 000,005,194 | ---- | C] ()(C:\???? ?????.txt) -- C:\מסמך שהוצל.txt
[2009/06/17 13:18:49 | 000,013,824 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????' ??????.xls) -- C:\Documents and Settings\Zikit\My Documents\הומפייג' ליינאפ.xls
[2009/06/17 13:18:49 | 000,013,824 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????' ??????.xls) -- C:\Documents and Settings\Zikit\My Documents\הומפייג' ליינאפ.xls
[2009/06/10 18:41:41 | 000,062,464 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???????' ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ליינאפ הומפייג' תוכנית ראשונה.doc
[2009/06/10 14:28:19 | 000,062,464 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???????' ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ליינאפ הומפייג' תוכנית ראשונה.doc
[2009/06/03 17:37:29 | 000,030,720 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????????.doc) -- C:\Documents and Settings\Zikit\My Documents\יובל פיילוט אסוציאציות.doc
[2009/06/02 17:16:13 | 000,030,720 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??????????.doc) -- C:\Documents and Settings\Zikit\My Documents\יובל פיילוט אסוציאציות.doc
[2009/05/25 13:01:58 | 000,036,864 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום מאי 09.doc
[2009/05/25 12:59:30 | 000,036,864 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום סלקום מאי 09.doc
[2009/05/18 12:00:18 | 000,344,064 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מבצע חץ שחור.ppt
[2009/05/18 11:05:53 | 000,344,064 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?? ????.ppt) -- C:\Documents and Settings\Zikit\My Documents\מבצע חץ שחור.ppt
[2009/05/16 12:48:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\Desktop\????? ?? ???) -- C:\Documents and Settings\Zikit\Desktop\הזמנה של דני
[2009/05/11 17:04:56 | 000,017,079 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\דודי הערות על הפיילוט.rtf
[2009/05/11 17:04:56 | 000,017,079 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\דודי הערות על הפיילוט.rtf
[2009/05/04 12:54:48 | 000,072,192 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??? ???? ??? ????? ???? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\טופס לפתיחת ספק בארץ ללא נתוני קנין (2).doc
[2009/05/04 12:49:15 | 000,072,192 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ??? ???? ??? ????? ???? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\טופס לפתיחת ספק בארץ ללא נתוני קנין (2).doc
[2009/04/30 02:18:23 | 000,045,419 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ??? ????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר פרזנטור סרט הדרכה סלקום.pdf
[2009/04/30 02:18:23 | 000,045,419 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ??????? ??? ????? ?????.pdf) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר פרזנטור סרט הדרכה סלקום.pdf
[2009/04/30 02:03:04 | 000,032,768 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר סלקום.doc
[2009/04/30 01:54:30 | 000,032,768 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעת מחיר סלקום.doc
[2009/04/26 16:33:03 | 000,036,352 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ???? - ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעה לתוכנית חדשה - מוסיקה חברתית.doc
[2009/04/26 16:08:25 | 000,036,352 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ??????? ???? - ?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\הצעה לתוכנית חדשה - מוסיקה חברתית.doc
[2009/04/13 15:13:39 | 000,000,899 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ???.lnk) -- C:\Documents and Settings\Zikit\My Documents\תיקיות השיתוף שלי.lnk
[2009/03/25 12:02:06 | 000,475,648 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה וויסבנק.doc
[2009/03/25 12:02:00 | 000,475,648 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה וויסבנק.doc
[2009/03/23 18:13:47 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? - ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אור פרג - קורות חיים.doc
[2009/03/23 17:58:36 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? - ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אור פרג - קורות חיים.doc
[2009/03/08 04:49:19 | 000,043,520 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????_????_?????_2009.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה_יוסי_ארדמן_2009.doc
[2009/03/08 04:49:18 | 000,043,520 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????_????_?????_2009.doc) -- C:\Documents and Settings\Zikit\My Documents\חוזה_יוסי_ארדמן_2009.doc
[2009/02/21 15:20:23 | 000,030,720 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\פורמט מסמך יוניקום.doc
[2009/02/21 15:19:42 | 000,030,720 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\פורמט מסמך יוניקום.doc
[2009/02/15 16:34:09 | 000,027,648 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\פרומו ספורט פבר 09.doc
[2009/02/15 16:31:22 | 000,027,648 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ??? 09.doc) -- C:\Documents and Settings\Zikit\My Documents\פרומו ספורט פבר 09.doc
[2009/02/04 02:37:39 | 000,039,825 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.pdf) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.pdf
[2009/02/04 02:37:39 | 000,039,825 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.pdf) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.pdf
[2009/02/04 02:37:02 | 000,039,936 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.doc
[2009/02/04 02:35:06 | 000,039,936 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????? ?? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\דרישת תשלום ון אמדן.doc
[2008/12/30 16:07:46 | 000,029,696 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\גדעון סער רש.doc
[2008/12/30 16:07:46 | 000,029,696 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\גדעון סער רש.doc
[2008/12/30 01:26:52 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\Desktop\????? ?? ???) -- C:\Documents and Settings\Zikit\Desktop\הזמנה של דני
[2008/12/27 05:25:52 | 003,876,864 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\פוסטר_פליציה.doc
[2008/12/27 05:25:52 | 003,876,864 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\פוסטר_פליציה.doc
[2008/12/25 16:46:01 | 000,031,744 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.doc
[2008/12/25 16:46:01 | 000,031,744 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.doc
[2008/12/25 16:46:01 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Zikit\My Documents\~$?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ג'ופי.doc
[2008/12/25 16:46:01 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Zikit\My Documents\~$?'???.doc) -- C:\Documents and Settings\Zikit\My Documents\~$ג'ופי.doc
[2008/12/25 16:06:46 | 000,001,034 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?'???.txt) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.txt
[2008/12/25 16:06:43 | 000,001,034 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?'???.txt) -- C:\Documents and Settings\Zikit\My Documents\ג'ופי.txt
[2008/12/22 18:46:26 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אפר ואבק.doc
[2008/12/22 18:39:47 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\אפר ואבק.doc
[2008/11/15 10:42:15 | 000,025,600 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????? ???????? ????? ?? ???? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הרעיונות המרכזיים בטקסט של אנרי פירן.doc
[2008/11/12 15:21:24 | 000,025,600 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????? ???????? ????? ?? ???? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הרעיונות המרכזיים בטקסט של אנרי פירן.doc
[2008/10/21 17:11:01 | 000,030,720 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבוא והגדרת שאלת המחקר.doc
[2008/10/21 16:06:55 | 000,030,720 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבוא והגדרת שאלת המחקר.doc
[2008/09/07 02:56:06 | 000,028,160 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\בקשת דחייה סמינר ועדת הוראה.doc
[2008/09/07 02:44:48 | 000,028,160 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\בקשת דחייה סמינר ועדת הוראה.doc
[2008/09/06 01:53:31 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\My Documents\??????) -- C:\Documents and Settings\Zikit\My Documents\הורדות
[2008/09/04 15:34:23 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\My Documents\??????) -- C:\Documents and Settings\Zikit\My Documents\הורדות
[2008/08/07 02:43:31 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תשלום שכל באמצעות אשראי.doc
[2008/08/07 02:43:30 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ??? ??????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\תשלום שכל באמצעות אשראי.doc
[2008/06/13 03:49:54 | 000,033,280 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??????.doc) -- C:\Documents and Settings\Zikit\My Documents\אלאניס.doc
[2008/06/13 03:24:19 | 000,033,280 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??????.doc) -- C:\Documents and Settings\Zikit\My Documents\אלאניס.doc
[2008/06/08 15:50:20 | 000,084,992 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????? ??? 13 ???? 2007.xls) -- C:\Documents and Settings\Zikit\My Documents\ספר הטלפונים שלי 13 יוני 2007.xls
[2008/06/02 10:44:35 | 000,027,136 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\ללירון וירון.doc
[2008/06/02 10:41:03 | 000,027,136 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\ללירון וירון.doc
[2008/05/20 13:46:32 | 000,033,008 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?? ????? ???? ??????.rtf) -- C:\Documents and Settings\Zikit\My Documents\רועי מספר את סיפור חייו המשעשע.rtf
[2008/05/20 13:42:38 | 000,033,008 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???? ?? ????? ???? ??????.rtf) -- C:\Documents and Settings\Zikit\My Documents\רועי מספר את סיפור חייו המשעשע.rtf
[2008/05/16 06:11:22 | 000,054,784 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל ארבע המופלאות.doc
[2008/05/16 04:21:42 | 000,054,784 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל ארבע המופלאות.doc
[2008/05/13 14:30:12 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים נקי.doc
[2008/05/13 14:04:11 | 000,047,616 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים.doc
[2008/05/13 14:04:01 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים נקי.doc
[2008/05/13 13:22:37 | 000,047,616 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???_?????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\חוק_סינון_אתרים.doc
[2008/05/07 12:32:28 | 000,037,888 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל יום העצמאות.doc
[2008/05/07 10:31:12 | 000,037,888 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספיישל יום העצמאות.doc
[2008/05/04 18:05:43 | 000,018,944 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\שעות עבודה אפריל.xls
[2008/05/04 17:49:31 | 000,018,944 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ????? ?????.xls) -- C:\Documents and Settings\Zikit\My Documents\שעות עבודה אפריל.xls
[2008/05/03 04:22:11 | 000,000,000 | ---D | M](C:\Documents and Settings\Zikit\My Documents\????? ?????) -- C:\Documents and Settings\Zikit\My Documents\סידור עבודה
[2008/05/03 04:20:37 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\My Documents\????? ?????) -- C:\Documents and Settings\Zikit\My Documents\סידור עבודה
[2008/04/27 16:07:50 | 000,075,822 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\יום העצמאות.rtf
[2008/04/27 16:07:50 | 000,075,822 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????.rtf) -- C:\Documents and Settings\Zikit\My Documents\יום העצמאות.rtf
[2008/04/17 08:51:46 | 000,000,011 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\חג שמח.txt
[2008/04/17 08:51:46 | 000,000,011 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\חג שמח.txt
[2008/04/09 05:52:00 | 000,072,704 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???? 20.doc) -- C:\Documents and Settings\Zikit\My Documents\תשדיר באזז בנמל 20.doc
[2008/04/09 05:52:00 | 000,072,704 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ???? ???? 20.doc) -- C:\Documents and Settings\Zikit\My Documents\תשדיר באזז בנמל 20.doc
[2008/04/09 03:18:49 | 000,058,880 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעור טכנאות אולפן.doc
[2008/04/09 03:18:49 | 000,058,880 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\שיעור טכנאות אולפן.doc
[2008/04/09 03:18:46 | 000,028,160 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\איך אני מקליט באולפן.doc
[2008/04/09 03:18:46 | 000,028,160 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??? ????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\איך אני מקליט באולפן.doc
[2008/03/16 12:25:29 | 000,000,041 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\רועי דקה.txt
[2008/03/16 12:25:29 | 000,000,041 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? ???.txt) -- C:\Documents and Settings\Zikit\My Documents\רועי דקה.txt
[2008/03/15 16:16:41 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\נעמה.doc
[2008/03/15 16:12:26 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\נעמה.doc
[2008/03/12 01:58:55 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספידרווי.doc
[2008/03/12 01:58:55 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????????.doc) -- C:\Documents and Settings\Zikit\My Documents\ספידרווי.doc
[2008/03/07 20:56:01 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\היי סבתא.doc
[2008/03/07 02:22:43 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\היי סבתא.doc
[2008/03/04 16:19:09 | 000,025,600 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\היום.doc
[2008/03/04 16:13:08 | 000,025,600 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????.doc) -- C:\Documents and Settings\Zikit\My Documents\היום.doc
[2008/03/03 03:55:05 | 000,033,280 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????_????.doc) -- C:\Documents and Settings\Zikit\My Documents\דברים_לשלי.doc
[2008/03/03 03:10:00 | 000,033,280 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????_????.doc) -- C:\Documents and Settings\Zikit\My Documents\דברים_לשלי.doc
[2008/02/27 06:37:54 | 000,173,999 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\אישור רכישה.JPG
[2008/02/27 06:37:54 | 000,173,999 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\אישור רכישה.JPG
[2008/02/25 10:57:15 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\Web 2 ???.doc) -- C:\Documents and Settings\Zikit\My Documents\Web 2 לאן.doc
[2008/02/25 10:57:15 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\Web 2 ???.doc) -- C:\Documents and Settings\Zikit\My Documents\Web 2 לאן.doc
[2008/02/24 08:25:23 | 002,752,738 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.bmp) -- C:\Documents and Settings\Zikit\My Documents\תמונה חדשה.bmp
[2008/02/24 08:25:23 | 002,752,738 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.bmp) -- C:\Documents and Settings\Zikit\My Documents\תמונה חדשה.bmp
[2008/02/11 05:11:29 | 000,019,968 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?? ?.doc) -- C:\Documents and Settings\Zikit\My Documents\אם ת.doc
[2008/02/11 05:11:28 | 000,019,968 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?? ?.doc) -- C:\Documents and Settings\Zikit\My Documents\אם ת.doc
[2008/02/02 12:52:22 | 000,520,192 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?_?????_2008_??????_-_??????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ט_שירות_2008_מאורית_-_ורסיית_תמונות.doc
[2008/02/02 12:52:16 | 000,520,192 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?_?????_2008_??????_-_??????_??????.doc) -- C:\Documents and Settings\Zikit\My Documents\ט_שירות_2008_מאורית_-_ורסיית_תמונות.doc
[2008/01/08 11:27:21 | 000,046,080 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבחן_מקוצר.doc
[2008/01/08 11:27:20 | 000,046,080 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\מבחן_מקוצר.doc
[2007/12/31 03:38:49 | 000,017,920 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????????.xls) -- C:\Documents and Settings\Zikit\My Documents\קריינויות.xls
[2007/12/31 03:34:40 | 000,017,920 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????????.xls) -- C:\Documents and Settings\Zikit\My Documents\קריינויות.xls
[2007/12/29 15:31:17 | 000,026,112 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\מנהלי רשת.doc
[2007/12/26 08:47:57 | 000,077,824 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????.doc) -- C:\Documents and Settings\Zikit\My Documents\זיקית.doc
[2007/12/26 08:47:57 | 000,077,824 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????.doc) -- C:\Documents and Settings\Zikit\My Documents\זיקית.doc
[2007/12/25 16:26:40 | 000,041,472 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינות_מגמות.doc
[2007/12/25 16:26:30 | 000,041,472 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קריינות_מגמות.doc
[2007/12/25 14:25:39 | 000,026,112 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ???.doc) -- C:\Documents and Settings\Zikit\My Documents\מנהלי רשת.doc
[2007/12/08 08:27:14 | 000,020,480 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\אמא יש.doc
[2007/12/07 07:04:57 | 000,020,480 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??.doc) -- C:\Documents and Settings\Zikit\My Documents\אמא יש.doc
[2007/12/04 13:21:55 | 000,031,232 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קרדיטים_להקות.doc
[2007/12/04 12:38:57 | 000,000,754 | ---- | M] ()(C:\Documents and Settings\Zikit\Desktop\???? ?? ???? 4.0.LNK) -- C:\Documents and Settings\Zikit\Desktop\הפוך על הפוך 4.0.LNK
[2007/12/04 12:38:57 | 000,000,754 | ---- | C] ()(C:\Documents and Settings\Zikit\Desktop\???? ?? ???? 4.0.LNK) -- C:\Documents and Settings\Zikit\Desktop\הפוך על הפוך 4.0.LNK
[2007/12/04 12:38:56 | 000,000,000 | ---D | M](C:\Program Files\???? ?? ????) -- C:\Program Files\הפוך על הפוך
[2007/12/04 12:38:56 | 000,000,000 | ---D | M](C:\Program Files\???? ?? ????) -- C:\Program Files\הפוך על הפוך
[2007/12/04 11:51:34 | 000,119,054 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\לוגו_להקות.JPG
[2007/12/04 11:51:33 | 000,119,054 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????_?????.JPG) -- C:\Documents and Settings\Zikit\My Documents\לוגו_להקות.JPG
[2007/12/04 11:51:30 | 000,031,232 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???????_?????.doc) -- C:\Documents and Settings\Zikit\My Documents\קרדיטים_להקות.doc
[2007/11/27 07:00:25 | 000,240,128 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\???? 20 ?-8.doc) -- C:\Documents and Settings\Zikit\My Documents\אנוש 20 ל-8.doc
[2007/11/27 05:14:17 | 000,240,128 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\???? 20 ?-8.doc) -- C:\Documents and Settings\Zikit\My Documents\אנוש 20 ל-8.doc
[2007/11/25 02:35:22 | 000,054,784 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\שער לתקציב.doc
[2007/11/25 02:35:22 | 000,054,784 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\שער לתקציב.doc
[2007/10/31 06:47:27 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\Desktop\???) -- C:\Documents and Settings\Zikit\Desktop\ארי
[2007/10/13 11:55:22 | 000,219,648 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\טסט ראשון.doc
[2007/10/13 08:00:01 | 000,219,648 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\טסט ראשון.doc
[2007/10/10 15:31:21 | 000,016,384 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\מערכת תשסח.xls
[2007/10/10 14:28:19 | 000,016,384 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\????? ????.xls) -- C:\Documents and Settings\Zikit\My Documents\מערכת תשסח.xls
[2007/10/06 05:01:32 | 000,033,792 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק אזכרה.doc
[2007/10/06 05:01:32 | 000,033,792 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק אזכרה.doc
[2007/10/04 11:03:54 | 000,087,040 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? - ????? 4 10 07 ??? ??? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית השכל - רעננה 4 10 07 סדר נקי (2).doc
[2007/10/04 05:47:04 | 000,070,656 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית עותק ליניב.doc
[2007/10/04 05:46:50 | 000,070,656 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ?????.doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית עותק ליניב.doc
[2007/10/02 06:16:55 | 000,087,040 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? - ????? 4 10 07 ??? ??? (2).doc) -- C:\Documents and Settings\Zikit\My Documents\כנסיית השכל - רעננה 4 10 07 סדר נקי (2).doc
[2007/09/27 10:45:46 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??????? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\רעיונות לפיילוט.doc
[2007/09/27 10:45:46 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??????? ???????.doc) -- C:\Documents and Settings\Zikit\My Documents\רעיונות לפיילוט.doc
[2007/09/08 04:25:32 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\משפטים לילדים.doc
[2007/09/08 04:25:32 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ??????.doc) -- C:\Documents and Settings\Zikit\My Documents\משפטים לילדים.doc
[2007/09/06 10:57:16 | 000,000,447 | ---- | C] ()(C:\Documents and Settings\Zikit\Desktop\Shortcut to ?????????.lnk) -- C:\Documents and Settings\Zikit\Desktop\Shortcut to אקספורטים.lnk
[2007/09/06 10:57:14 | 000,000,447 | ---- | M] ()(C:\Documents and Settings\Zikit\Desktop\Shortcut to ?????????.lnk) -- C:\Documents and Settings\Zikit\Desktop\Shortcut to אקספורטים.lnk
[2007/09/03 11:13:36 | 000,000,792 | ---- | C] ()(C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\???? ?? Microsoft Office Outlook.lnk) -- C:\Documents and Settings\Zikit\Application Data\Microsoft\Internet Explorer\Quick Launch\הפעל את Microsoft Office Outlook.lnk
[2007/09/01 06:34:14 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ??? ??????? ???? ????? ????? ?????? ???? ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הסיפור שלנו כמו סיפורים רבים אחרים מתחיל בנקודת חוסר שיווי משקל.doc
[2007/09/01 06:34:13 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ???? ??? ??????? ???? ????? ????? ?????? ???? ????? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\הסיפור שלנו כמו סיפורים רבים אחרים מתחיל בנקודת חוסר שיווי משקל.doc
[2007/08/30 02:56:50 | 000,035,840 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק.doc
[2007/08/29 10:45:44 | 000,035,840 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\??? ????.doc) -- C:\Documents and Settings\Zikit\My Documents\סבא יצחק.doc
[2007/08/23 18:13:14 | 000,000,899 | ---- | C] ()(C:\Documents and Settings\Zikit\My Documents\?????? ?????? ???.lnk) -- C:\Documents and Settings\Zikit\My Documents\תיקיות השיתוף שלי.lnk
[2007/08/23 18:12:21 | 000,000,000 | ---D | C](C:\Documents and Settings\Zikit\My Documents\?????? ??? ???????) -- C:\Documents and Settings\Zikit\My Documents\הקבצים שלי שהתקבלו
[2007/06/13 02:38:37 | 000,084,992 | ---- | M] ()(C:\Documents and Settings\Zikit\My Documents\??? ???????? ??? 13 ???? 2007.xls) -- C:\Documents and Settings\Zikit\My Documents\ספר הטלפונים שלי 13 יוני 2007.xls
(C:\Program Files\???? ?? ????) -- C:\Program Files\הפוך על הפוך

========== Alternate Data Streams ==========

@Alternate Data Stream - 582 bytes -> C:\WINDOWS\Temp:temp
< End of report >

[JSntgRvr]

Hi and :elcome:

Seems the Winlogon.exe is infected.

• Boot to the OTLPE CD
• Please double-click OTLPE.exe to run it as you did before.
• Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :files
  C:\WINDOWS\system32\winlogon.exe|C:\WINDOWS\ServicePackFiles\i386\winlogon.exe /replace

• Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
• Click the red Run Fix button.
• A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

If successfully replaced, boot in Normal mode. Let me know the outcome.

[Yossie]

Thanks a lot,
it worked like a magic.
I cant believe how much time you've just saved me.

here is the log:

========== FILES ==========
File C:\WINDOWS\system32\winlogon.exe successfully replaced with C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

OTLPE by OldTimer - Version 3.1.43.0 log created on 11242010_094720

is there anything I do to make sure my computer is not infected anymore?

Thanks again,
Cheers!

Yossi.