everytime i reboot, there's a loud BEEP just before I hit the desktop, which i'm pretty sure is indicating a virus
this virus randomly closes my browser whenever it feels like it.
when i try to open a program after it does this, everything freezes.
i can't find it, so i can't get rid of it! please help!!
thank you,
Lee
ps - i see that the google redirect virus just hit me as well! i tried following the removal instructions but when i enter the code into OTM and hit MoveIt! my computer stops and tells me that a problem has been detected and windows has been shut down. then i have to reboot.
OTL logfile created on: 6/16/2011 11:32:00 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Aliza\Desktop\VIRUS REMOVAL PROGRAMS
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 62.43% Memory free
3.84 Gb Paging File | 3.14 Gb Available in Paging File | 81.86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.96 Gb Total Space | 43.04 Gb Free Space | 28.89% Space Free | Partition Type: NTFS
Computer Name: FAMILY | User Name: Aliza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/16 10:20:29 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\Aliza\Local Settings\Temp\csrss.exe
PRC - [2011/06/16 10:20:01 | 000,186,880 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\dwm.exe
PRC - [2011/06/16 10:19:37 | 000,173,568 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\conhost.exe
PRC - [2011/06/12 15:44:28 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2011/06/08 20:52:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aliza\desktop\VIRUS REMOVAL PROGRAMS\OTL.exe
PRC - [2011/06/01 14:10:00 | 000,821,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/12 09:34:34 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011/04/27 14:20:43 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/19 02:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/04/19 02:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/04/19 02:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/04/14 12:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/10 17:29:14 | 001,646,936 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/03/16 17:29:26 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/05/14 13:59:44 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/08 23:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/11/10 14:03:52 | 000,241,775 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
PRC - [2005/11/10 14:03:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2003/04/06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003/04/06 00:37:38 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
PRC - [2003/03/09 16:30:52 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
========== Modules (SafeList) ==========
MOD - [2011/06/12 15:44:50 | 000,043,520 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll
MOD - [2011/06/08 23:13:16 | 000,062,976 | ---- | M] () -- C:\WINDOWS\system32\atnw12.dll
MOD - [2011/06/08 20:52:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aliza\desktop\VIRUS REMOVAL PROGRAMS\OTL.exe
MOD - [2011/04/18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2011/04/18 22:51:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/06/01 14:10:00 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/04/27 14:20:43 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/19 02:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 02:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/03/16 17:29:26 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/05/14 13:59:44 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/03 16:52:26 | 000,120,168 | ---- | M] (stumbleupon.com) [On_Demand | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2009/04/26 20:05:00 | 002,870,429 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/09 21:00:13 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/15 10:28:20 | 000,204,800 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2007/10/11 10:49:46 | 000,076,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService)
SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2003/03/09 16:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2011/03/16 17:29:27 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/12/13 09:40:21 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/09/01 04:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/11/08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/05/19 16:01:56 | 000,053,888 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\evserial.sys -- (evserial) Virtual Serial Ports Driver (Eltima Softwate)
DRV - [2008/05/19 16:01:50 | 000,027,904 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\evsbc.sys -- (VSBC) Virtual Serial Bus Enumerator (Eltima Software)
DRV - [2008/02/20 13:47:34 | 000,027,936 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2007/08/23 19:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\datunidr.sys -- (datunidr)
DRV - [2007/06/13 21:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct)
DRV - [2006/08/18 14:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 14:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 14:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 14:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 14:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 14:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 14:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 14:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 11:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 11:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/03/26 11:55:12 | 000,091,241 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P1131Vid.sys -- (P1131VID) Creative WebCam NX Pro (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080415
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080415
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...?channel=us-smb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56283
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://uncyclopedia....ow_to_be_funny"
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.5
FF - prefs.js..extensions.enabledItems: [email protected]:0.4.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.0
FF - prefs.js..extensions.enabledItems: {21b88860-5e00-44dd-bdac-fca1f791837e}:0.2.0.7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:1.6.1
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.31
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 56283
FF - prefs.js..network.proxy.type: 1
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/12 15:44:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/12 15:44:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/12 15:45:12 | 000,000,000 | ---D | M]
[2008/08/28 10:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Extensions
[2011/06/16 09:59:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Firefox\Profiles\rgsvn09w.default\extensions
[2009/09/02 13:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Firefox\Profiles\rgsvn09w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/16 09:59:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Firefox\Profiles\rgsvn09w.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/26 14:23:15 | 000,000,000 | ---D | M] (InstantAction.com Game Launcher) -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Firefox\Profiles\rgsvn09w.default\extensions\[email protected]
[2008/08/06 20:34:18 | 000,000,000 | ---D | M] (RealArcade V3 Plugin) -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Firefox\Profiles\rgsvn09w.default\extensions\[email protected]
[2008/05/04 14:32:35 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\Mozilla\Firefox\Profiles\rgsvn09w.default\searchplugins\search.xml
[2011/06/12 15:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2009/12/02 19:56:47 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\ALIZA\APPLICATION DATA\MOVE NETWORKS
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ALIZA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RGSVN09W.DEFAULT\EXTENSIONS\{21B88860-5E00-44DD-BDAC-FCA1F791837E}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ALIZA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RGSVN09W.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ALIZA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RGSVN09W.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ALIZA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RGSVN09W.DEFAULT\EXTENSIONS\[email protected]
[2011/06/12 15:44:51 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2008/05/04 14:32:39 | 000,000,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\search.xml
O1 HOSTS File: ([2011/06/08 21:55:21 | 000,000,021 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\Aliza\Application Data\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
F3 - HKCU WinNT: Load - (C:\DOCUME~1\Aliza\LOCALS~1\Temp\csrss.exe) - C:\Documents and Settings\Aliza\Local Settings\Temp\csrss.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - File not found
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} http://www.blackberr...re/AxLoader.cab (AxLoaderPassword Class)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1266631313843 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://ll.g.gametap....pWebUpdater.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Aliza\Application Data\dwm.exe) - C:\Documents and Settings\Aliza\Application Data\dwm.exe ()
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/12 14:04:00 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6b7a0b51-756b-11dd-8a8d-001d09944c17}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: cisvfmon - (C:\WINDOWS\system32\atnw12.dll) - C:\WINDOWS\system32\atnw12.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/16 03:04:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/15 19:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 5
[2011/06/15 19:06:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Security 360
[2011/06/13 19:20:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2011/06/12 16:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Local Settings\Application Data\SlimWare Utilities Inc
[2011/06/12 16:47:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SlimCleaner
[2011/06/12 16:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\SlimCleaner
[2011/06/12 16:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2011/06/12 16:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/06/12 16:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/06/12 16:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6
[2011/06/12 15:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
[2011/06/12 15:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/06/12 15:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/06/12 15:24:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Local Settings\Application Data\Secunia PSI
[2011/06/12 15:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/06/12 11:32:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/12 10:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/06/12 00:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Desktop\RK_Quarantine
[2011/06/12 00:13:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aliza\Recent
[2011/06/11 17:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\STOPzilla
[2011/06/11 00:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 4
[2011/06/11 00:30:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/06/11 00:29:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Application Data\IObit
[2011/06/11 00:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 2
[2011/06/11 00:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/06/11 00:14:21 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Aliza\Desktop\mbam-setup.exe
[2011/06/10 19:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Local Settings\Application Data\Wuala
[2011/06/10 19:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Application Data\Wuala
[2011/06/10 11:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Start Menu\Programs\Google Chrome
[2011/06/09 20:09:28 | 000,000,000 | ---D | C] -- C:\MGtools
[2011/06/08 23:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Application Data\bkbxxenlt
[2011/06/08 23:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Desktop\Gali Girls
[2011/06/08 21:03:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/08 20:14:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Application Data\Google Talk
[2011/06/08 19:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Start Menu\Programs\Windows XP Restore
[2011/06/05 00:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Desktop\CLEAN
[2011/06/04 13:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aliza\Desktop\WEDDING BIZ
[2011/05/29 11:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2011/05/29 11:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/05/26 23:32:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/05/26 23:28:30 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/05/26 23:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/05/26 23:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/05/26 23:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/05/26 01:13:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/05/26 01:13:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/05/25 21:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2011/05/25 20:22:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/05/25 20:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/05/21 21:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/05/21 21:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[25 C:\Documents and Settings\Aliza\My Documents\*.tmp files -> C:\Documents and Settings\Aliza\My Documents\*.tmp -> ]
[2 C:\Documents and Settings\Aliza\Desktop\*.tmp files -> C:\Documents and Settings\Aliza\Desktop\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/16 23:29:07 | 000,031,786 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\EAFE.1FF
[2011/06/16 23:16:03 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3534371746-1935322057-1064774181-1006.job
[2011/06/16 23:16:03 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3534371746-1935322057-1064774181-1006.job
[2011/06/16 23:11:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3534371746-1935322057-1064774181-1006UA.job
[2011/06/16 23:09:23 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2011/06/16 23:08:38 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011/06/16 23:08:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/16 23:08:29 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3534371746-1935322057-1064774181-1007.job
[2011/06/16 23:08:29 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/06/16 23:08:29 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011/06/16 23:08:22 | 000,000,314 | --S- | M] () -- C:\WINDOWS\tasks\fuui.job
[2011/06/16 23:08:22 | 000,000,308 | --S- | M] () -- C:\WINDOWS\tasks\kozmz.job
[2011/06/16 23:08:22 | 000,000,306 | --S- | M] () -- C:\WINDOWS\tasks\PBBQDQYJFZ.job
[2011/06/16 23:08:22 | 000,000,304 | --S- | M] () -- C:\WINDOWS\tasks\ksjurhc.job
[2011/06/16 23:08:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/16 23:08:10 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/16 22:50:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/16 20:11:01 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3534371746-1935322057-1064774181-1006Core.job
[2011/06/16 10:20:01 | 000,186,880 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\dwm.exe
[2011/06/16 03:17:01 | 000,476,836 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/16 03:17:01 | 000,085,726 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/16 03:09:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/15 10:44:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/14 18:51:51 | 000,000,494 | ---- | M] () -- C:\hpfr5550.xml
[2011/06/13 23:10:09 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/06/13 20:59:53 | 000,000,083 | ---- | M] () -- C:\WINDOWS\wwp.INI
[2011/06/13 19:24:12 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011/06/13 19:20:00 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2011/06/12 16:47:31 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/12 16:32:06 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/06/12 16:01:06 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2011/06/12 15:45:47 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
[2011/06/12 15:45:07 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/06/12 15:44:29 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/06/12 15:15:33 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/06/11 23:58:55 | 000,000,128 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~24829732r
[2011/06/11 23:58:55 | 000,000,112 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~24829732
[2011/06/11 23:58:50 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24829732
[2011/06/11 00:15:22 | 000,709,456 | ---- | M] () -- C:\WINDOWS\is-B5FH3.exe
[2011/06/11 00:15:22 | 000,010,562 | ---- | M] () -- C:\WINDOWS\is-B5FH3.msg
[2011/06/11 00:15:22 | 000,000,346 | ---- | M] () -- C:\WINDOWS\is-B5FH3.lst
[2011/06/11 00:14:28 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Aliza\Desktop\mbam-setup.exe
[2011/06/11 00:03:53 | 001,007,120 | ---- | M] () -- C:\Documents and Settings\Aliza\Desktop\iExplore.exe
[2011/06/10 23:18:47 | 001,305,136 | ---- | M] () -- C:\Documents and Settings\Aliza\Desktop\tdsskiller.zip
[2011/06/10 08:59:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3534371746-1935322057-1064774181-1007.job
[2011/06/09 23:38:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
[2011/06/09 20:08:09 | 002,419,100 | ---- | M] () -- C:\MGtools.exe
[2011/06/09 20:00:25 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2011/06/09 19:04:55 | 000,001,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/06/09 17:13:51 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/09 17:13:51 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/08 23:46:42 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/08 23:34:16 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malware Protection.lnk
[2011/06/08 23:13:16 | 000,062,976 | ---- | M] () -- C:\WINDOWS\System32\atnw12.dll
[2011/06/08 23:13:16 | 000,000,069 | ---- | M] () -- C:\WINDOWS\System32\4749859.bat
[2011/06/08 23:02:33 | 000,232,448 | -H-- | M] () -- C:\Documents and Settings\Aliza\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/08 21:55:21 | 000,000,021 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/08 19:49:30 | 000,000,144 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~17489700
[2011/06/08 19:49:29 | 000,000,160 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~17489700r
[2011/06/08 19:48:55 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\17489700
[2011/06/08 13:14:02 | 000,072,080 | ---- | M] () -- C:\Documents and Settings\Aliza\g2mdlhlpx.exe
[2011/06/05 22:12:48 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/26 23:28:30 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/05/26 23:18:45 | 000,017,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[25 C:\Documents and Settings\Aliza\My Documents\*.tmp files -> C:\Documents and Settings\Aliza\My Documents\*.tmp -> ]
[2 C:\Documents and Settings\Aliza\Desktop\*.tmp files -> C:\Documents and Settings\Aliza\Desktop\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/16 10:20:01 | 000,186,880 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\dwm.exe
[2011/06/15 19:06:32 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk
[2011/06/15 19:06:32 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2011/06/14 19:46:27 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3534371746-1935322057-1064774181-1006.job
[2011/06/13 19:20:00 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2011/06/13 19:16:42 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011/06/13 19:16:42 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011/06/12 16:47:31 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/12 16:32:06 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/06/12 16:01:06 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2011/06/12 15:45:07 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/06/12 15:15:33 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/06/12 15:15:33 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/06/12 11:32:03 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malware Protection.lnk
[2011/06/11 23:58:55 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~24829732r
[2011/06/11 23:58:55 | 000,000,112 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~24829732
[2011/06/11 23:58:50 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\24829732
[2011/06/11 17:42:18 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/06/11 00:30:10 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/06/11 00:29:15 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/06/11 00:29:15 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/06/11 00:22:26 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/11 00:22:22 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/11 00:22:18 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/11 00:15:22 | 000,709,456 | ---- | C] () -- C:\WINDOWS\is-B5FH3.exe
[2011/06/11 00:15:22 | 000,010,562 | ---- | C] () -- C:\WINDOWS\is-B5FH3.msg
[2011/06/11 00:15:22 | 000,000,346 | ---- | C] () -- C:\WINDOWS\is-B5FH3.lst
[2011/06/11 00:03:52 | 001,007,120 | ---- | C] () -- C:\Documents and Settings\Aliza\Desktop\iExplore.exe
[2011/06/10 23:24:55 | 2136,129,536 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/10 23:18:34 | 001,305,136 | ---- | C] () -- C:\Documents and Settings\Aliza\Desktop\tdsskiller.zip
[2011/06/09 20:08:06 | 002,419,100 | ---- | C] () -- C:\MGtools.exe
[2011/06/09 20:00:25 | 000,019,286 | ---- | C] () -- C:\cleanup.exe
[2011/06/09 19:03:15 | 000,001,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/06/09 11:47:24 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/06/09 11:47:24 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/06/08 23:13:16 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\atnw12.dll
[2011/06/08 23:13:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\System32\4749859.bat
[2011/06/08 21:38:47 | 000,002,695 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Music Rescue.lnk
[2011/06/08 21:38:47 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/06/08 21:38:47 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/08 21:38:47 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPER ©.lnk
[2011/06/08 21:38:47 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/06/08 21:38:47 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
[2011/06/08 21:38:47 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photo & Imaging.lnk
[2011/06/08 21:38:47 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2011/06/08 21:38:47 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2011/06/08 21:38:47 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/06/08 21:38:47 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/06/08 21:38:47 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Directory Submitter.lnk
[2011/06/08 21:38:47 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Box Shot 3D.lnk
[2011/06/08 21:38:47 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk
[2011/06/08 21:38:47 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/08 21:38:47 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2011/06/08 21:38:47 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Worms World Party.lnk
[2011/06/08 21:38:46 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\RealArcade My Games.lnk
[2011/06/08 21:38:46 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2011/06/08 21:38:46 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Video Converter.lnk
[2011/06/08 21:38:46 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/08 21:38:46 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/08 21:38:46 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/06/08 21:38:46 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Traffic Travis.lnk
[2011/06/08 21:38:46 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/06/08 21:38:45 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/06/08 21:38:45 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/06/08 21:38:43 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPER © Uninstall.lnk
[2011/06/08 21:38:43 | 000,001,671 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPER ©.lnk
[2011/06/08 21:38:43 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/06/08 21:38:43 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Switch Sound File Converter.lnk
[2011/06/08 21:38:43 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\officejet 6100.lnk
[2011/06/08 21:38:43 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
[2011/06/08 21:38:41 | 000,001,890 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/06/08 21:38:41 | 000,001,717 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerDVD DX.lnk
[2011/06/08 21:38:41 | 000,000,841 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\PhotoStage Slideshow Producer.lnk
[2011/06/08 21:38:36 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\FlipShare.lnk
[2011/06/08 21:38:32 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/06/08 21:38:32 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/08 21:38:32 | 000,001,100 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2011/06/08 21:38:32 | 000,000,976 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Flash CS3 Video Encoder.lnk
[2011/06/08 21:38:32 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Device Central CS3.lnk
[2011/06/08 21:38:32 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ImageReady 7.0.lnk
[2011/06/08 21:38:32 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge CS3.lnk
[2011/06/08 21:38:32 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Flash CS3 Professional.lnk
[2011/06/08 21:38:31 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat.com.lnk
[2011/06/08 19:49:29 | 000,000,160 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~17489700r
[2011/06/08 19:49:29 | 000,000,144 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~17489700
[2011/06/08 19:48:55 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\17489700
[2011/06/08 19:39:25 | 000,000,306 | --S- | C] () -- C:\WINDOWS\tasks\PBBQDQYJFZ.job
[2011/06/08 19:39:23 | 000,000,314 | --S- | C] () -- C:\WINDOWS\tasks\fuui.job
[2011/06/08 19:39:23 | 000,000,308 | --S- | C] () -- C:\WINDOWS\tasks\kozmz.job
[2011/06/08 19:39:23 | 000,000,304 | --S- | C] () -- C:\WINDOWS\tasks\ksjurhc.job
[2011/05/26 23:18:45 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/05/24 10:13:14 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2011/03/24 15:18:42 | 000,104,552 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/25 19:19:58 | 000,020,454 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2011/02/25 19:19:58 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2011/01/20 18:45:34 | 000,031,786 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\EAFE.1FF
[2010/08/10 11:57:55 | 000,335,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/24 10:28:28 | 000,005,097 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ojobkspa.ako
[2010/04/18 09:44:35 | 001,592,106 | ---- | C] () -- C:\WINDOWS\WANEUninstaller.exe
[2010/04/04 14:17:03 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2010/03/29 23:02:52 | 000,020,454 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2010/03/29 23:02:52 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2010/03/29 16:05:33 | 000,017,888 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\5lRk1
[2010/03/29 16:05:33 | 000,017,888 | --S- | C] () -- C:\Documents and Settings\Aliza\Local Settings\Application Data\5lRk1
[2010/02/28 18:54:12 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/08/28 10:22:22 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/08/28 10:12:36 | 000,006,940 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\PrimoPDFSet.xml
[2009/08/28 10:11:01 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/06/07 22:23:31 | 001,820,358 | ---- | C] () -- C:\WINDOWS\XSitePro2 Resource Pack 1 Uninstaller.exe
[2009/06/07 22:15:21 | 000,831,422 | ---- | C] () -- C:\WINDOWS\XSitePro2 Uninstaller.exe
[2009/06/03 17:18:33 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/05/24 16:30:23 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2009/04/27 00:13:36 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\primopdf.ini
[2009/04/07 22:09:31 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/07 22:09:31 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/02/14 11:53:20 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/11/22 18:53:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\mf.dll
[2008/11/06 22:41:12 | 000,000,228 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/10/17 12:35:32 | 000,018,790 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2008/10/09 21:09:12 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/10/07 17:42:31 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/08/15 10:05:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/08/14 18:52:33 | 001,003,520 | ---- | C] () -- C:\WINDOWS\System32\ltmm_n.dll
[2008/08/06 18:25:23 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/08/06 16:05:34 | 000,265,833 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\com.kennettnet.MusicRescue4.Profiles.plist
[2008/08/06 16:05:34 | 000,090,164 | ---- | C] () -- C:\Documents and Settings\Aliza\Application Data\com.kennettnet.MusicRescue4.plist
[2008/07/09 22:44:52 | 000,000,108 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2008/07/09 22:44:52 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2008/07/09 22:44:52 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2008/06/11 15:18:45 | 000,232,448 | -H-- | C] () -- C:\Documents and Settings\Aliza\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/06 20:29:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2008/06/06 17:58:40 | 001,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2008/05/28 22:30:14 | 000,001,292 | ---- | C] () -- C:\Documents and Settings\Aliza\Local Settings\Application Data\FASTWiz.html
[2008/05/28 21:51:26 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Aliza\Local Settings\Application Data\fusioncache.dat
[2008/05/25 14:00:34 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\atid.ini
[2008/05/18 18:51:31 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/14 18:22:49 | 000,001,507 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/04/30 14:02:45 | 000,561,152 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2008/04/28 20:00:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/04/15 01:34:01 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2008/04/15 01:31:10 | 000,000,859 | -H-- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2008/04/15 01:29:41 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/04/15 01:29:41 | 000,000,120 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2008/04/15 01:09:57 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/04/15 01:09:49 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008/04/15 01:08:26 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/02/19 02:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/10/18 17:36:54 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\deskMenu2.dll
[2007/08/06 11:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/03/09 03:12:32 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2006/11/07 05:25:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 14:12:05 | 000,000,780 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,482,720 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,476,836 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,085,726 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/09 15:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ddcvt.exe
[2003/09/23 08:14:42 | 001,099,264 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2003/08/10 10:59:20 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2003/08/08 20:28:16 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
========== LOP Check ==========
[2009/08/30 00:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\215711
[2009/05/22 20:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Affilorama
[2011/06/11 17:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\bkbxxenlt
[2009/02/06 16:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\DAEMON Tools
[2009/06/03 16:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\DAEMON Tools Lite
[2009/02/06 16:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\DAEMON Tools Pro
[2008/10/17 12:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\deskPDF
[2009/08/13 03:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\DNA
[2009/10/08 15:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\eBookPro6
[2008/06/20 01:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Eltima Software
[2010/03/31 20:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Facebook
[2011/05/19 22:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\FileZilla
[2011/02/22 19:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\FreeVideoConverter
[2009/04/26 14:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\GarageGames
[2010/07/18 12:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\GeoVid
[2008/06/06 17:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\GetRightToGo
[2008/05/04 18:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\GlarySoft
[2009/05/24 16:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\ijjigame
[2010/06/06 21:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\ImgBurn
[2011/06/13 19:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\IObit
[2008/07/23 21:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Linksys
[2010/06/24 10:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\MOVAVI
[2010/04/27 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\NCH Swift Sound
[2010/07/18 13:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Publish Providers
[2008/05/25 14:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\QQ Games Plugin
[2011/05/29 12:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Research In Motion
[2011/04/12 22:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Rovio
[2010/01/18 19:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\SmartDraw
[2010/07/18 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Sony
[2009/07/11 15:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\StumbleUpon
[2010/05/13 16:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\SystemRequirementsLab
[2010/02/22 16:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\TeamViewer
[2008/06/06 20:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Tunebite
[2011/06/16 23:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\uTorrent
[2008/05/25 14:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Viewpoint
[2010/07/18 12:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\VisiFly
[2011/06/10 19:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aliza\Application Data\Wuala
[2008/11/07 01:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVSVideoBurner
[2009/08/19 22:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bryxen Software
[2009/02/06 16:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/06/12 14:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2008/08/06 18:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameTap
[2011/05/26 23:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2009/07/26 17:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ijjigame
[2011/06/11 00:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2008/07/23 21:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2010/05/04 15:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/10/15 18:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/06/06 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2008/04/15 01:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2010/07/18 14:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2011/06/09 19:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2008/04/15 01:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/01/21 22:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/13 21:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/09/14 21:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/05/06 21:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/06/29 23:21:35 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp officejet 6100 series#1269919112.job
[2011/06/16 23:08:22 | 000,000,314 | --S- | M] () -- C:\WINDOWS\Tasks\fuui.job
[2011/06/16 23:08:38 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2011/06/16 23:08:22 | 000,000,308 | --S- | M] () -- C:\WINDOWS\Tasks\kozmz.job
[2011/06/16 23:08:22 | 000,000,304 | --S- | M] () -- C:\WINDOWS\Tasks\ksjurhc.job
[2011/06/16 23:08:22 | 000,000,306 | --S- | M] () -- C:\WINDOWS\Tasks\PBBQDQYJFZ.job
[2010/05/07 15:26:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\photostageShakeIcon.job
[2011/06/16 23:09:23 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
[2011/06/16 23:08:29 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
[2011/02/02 19:17:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\switchDowngrade.job
[2010/12/14 16:32:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2010/06/02 19:13:28 | 000,010,225 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\???.kolachai.hebrewname.docx) -- C:\Documents and Settings\Aliza\My Documents\קול.kolachai.hebrewname.docx
[2010/06/02 19:13:28 | 000,010,225 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\???.kolachai.hebrewname.docx) -- C:\Documents and Settings\Aliza\My Documents\קול.kolachai.hebrewname.docx
[2007/06/19 22:56:49 | 000,139,776 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\??? ?????2.doc) -- C:\Documents and Settings\Aliza\My Documents\מתי היגיע2.doc
[2007/06/19 22:56:49 | 000,131,072 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\??? ??????.doc) -- C:\Documents and Settings\Aliza\My Documents\מתי היגיעו.doc
[2007/06/19 22:56:49 | 000,024,064 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\???? 1.doc) -- C:\Documents and Settings\Aliza\My Documents\עמוד 1.doc
[2007/06/19 22:54:11 | 000,090,624 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\4??? ?????1.doc) -- C:\Documents and Settings\Aliza\My Documents\4מתי היגיע1.doc
[2007/06/19 22:54:11 | 000,052,224 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\3??? ?????1.doc) -- C:\Documents and Settings\Aliza\My Documents\3מתי היגיע1.doc
[2007/06/19 22:54:11 | 000,028,672 | -H-- | C] ()(C:\Documents and Settings\Aliza\My Documents\5??? ?????1.doc) -- C:\Documents and Settings\Aliza\My Documents\5מתי היגיע1.doc
[2007/06/11 20:33:54 | 000,024,064 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\???? 1.doc) -- C:\Documents and Settings\Aliza\My Documents\עמוד 1.doc
[2007/06/11 20:26:51 | 000,028,672 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\5??? ?????1.doc) -- C:\Documents and Settings\Aliza\My Documents\5מתי היגיע1.doc
[2007/06/11 20:17:29 | 000,090,624 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\4??? ?????1.doc) -- C:\Documents and Settings\Aliza\My Documents\4מתי היגיע1.doc
[2007/06/11 19:13:24 | 000,052,224 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\3??? ?????1.doc) -- C:\Documents and Settings\Aliza\My Documents\3מתי היגיע1.doc
[2007/06/11 18:46:22 | 000,139,776 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\??? ?????2.doc) -- C:\Documents and Settings\Aliza\My Documents\מתי היגיע2.doc
[2007/06/11 18:33:36 | 000,131,072 | -H-- | M] ()(C:\Documents and Settings\Aliza\My Documents\??? ??????.doc) -- C:\Documents and Settings\Aliza\My Documents\מתי היגיעו.doc
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A11F741D
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E2D794
< End of report >
Edited by Lee07666, 16 June 2011 - 09:56 PM.