Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Brand New Sony Vaio Laptop - Possible Virus?

Started by barrage , Mar 04 2011 03:33 PM

  • This topic is locked This topic is locked

#1
barrage
Posted 04 March 2011 - 03:33 PM

barrage

    Member

  • Member
  • PipPip
  • 59 posts
Hello, I ordered a new Sony Vaio laptop, it arrived Tuesday and since then I have had two BSOD crashes, one on Wednesday and one on Thursday. Other than those two crashes the laptop ran smoothly. I am hesitant to ship it back because it could just be a fluke as the laptop is still updating and such and shipping it back means I lose the computer for a few weeks at least. But now it appears that the computer is noticeably slower which makes me think it could be a virus? I've scanned with Avira, Malwarebytes and spybot S&D. Spybot was the only program to find anything and it found some adware, it removed most of it but it couldn't remove something called CouponBar and it had 11 entries. Other than that I've connected my external HD (which holds all my music) and I noticed avira would block something called F:/autorun.inf or D:/autorun.inf or something of that sort. These are all the things I can think of that could have these issues. Let me know if you need any other information from me, thanks for the help as always, it's much appreciated.

------------------------------------------------------------------

OTL logfile created on: 3/4/2011 1:18:36 PM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Gilad\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.03 Gb Total Space | 418.08 Gb Free Space | 91.68% Space Free | Partition Type: NTFS

Computer Name: GILADS-VAIO | User Name: Gilad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/04 13:18:04 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Gilad\Downloads\OTL.exe
PRC - [2011/02/19 17:41:46 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/02/18 17:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2011/02/18 17:28:38 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/05 09:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/07/15 10:07:40 | 000,184,816 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2010/07/15 10:07:40 | 000,040,952 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2010/07/15 10:07:40 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2010/07/15 10:07:40 | 000,022,504 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2010/06/30 12:31:05 | 000,492,384 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
PRC - [2010/06/23 04:39:54 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
PRC - [2010/05/26 09:08:08 | 000,055,152 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCSpt.exe
PRC - [2010/05/18 12:38:46 | 000,075,776 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010/04/27 16:39:38 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/03/18 07:56:06 | 000,852,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2010/03/02 15:22:44 | 000,217,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010/03/02 15:22:44 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010/02/19 18:19:26 | 000,386,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
PRC - [2010/02/19 18:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2010/01/21 19:31:32 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (SafeList) ==========

MOD - [2011/03/04 13:18:04 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Gilad\Downloads\OTL.exe
MOD - [2011/02/15 07:25:56 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
MOD - [2011/01/04 17:38:44 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/20 21:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/12/28 22:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009/06/10 13:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009/06/10 13:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/15 07:26:18 | 000,822,264 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2010/07/06 19:09:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/09 13:00:34 | 001,223,024 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010/05/25 04:23:52 | 000,252,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010/03/25 13:10:10 | 000,574,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010/02/19 18:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/02/19 18:19:26 | 000,386,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010/02/19 18:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010/02/08 09:46:46 | 000,302,448 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe -- (SpfService)
SRV:64bit: - [2009/09/04 12:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/02/18 17:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/24 11:07:58 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/08/18 21:28:54 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/06/23 04:39:54 | 000,046,080 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/04/08 13:27:18 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/18 07:56:06 | 000,852,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/03/02 15:22:44 | 000,217,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/02/24 13:59:08 | 000,422,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010/02/24 13:59:08 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010/02/24 13:59:08 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/10/24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/02/15 07:25:38 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2011/01/10 14:23:53 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/01/10 14:23:52 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010/12/14 18:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/07/06 19:09:54 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010/07/06 19:09:37 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/07/06 19:09:37 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/06 19:09:37 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/06/30 19:10:30 | 000,073,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/06/30 19:10:30 | 000,028,800 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/05/16 19:29:44 | 000,301,688 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/05/15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/04/06 20:08:44 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/22 03:21:21 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/09 00:59:23 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010/03/08 23:56:08 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010/03/08 22:09:24 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/03/08 22:09:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/03/08 19:23:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/12/22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 17:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 17:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 12:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/04/17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SNNT&bmod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SNNT&bmod=SNNT
IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SNNT&bmod=SNNT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2645238
IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011/03/01 17:46:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/03/01 19:22:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/03/02 22:20:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/03/04 03:05:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/02 22:19:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/02 22:19:21 | 000,000,000 | ---D | M]

[2011/03/01 19:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilad\AppData\Roaming\Mozilla\Extensions
[2011/03/03 20:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilad\AppData\Roaming\Mozilla\Firefox\Profiles\rn1fyaje.default\extensions
[2011/03/01 19:14:14 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Gilad\AppData\Roaming\Mozilla\Firefox\Profiles\rn1fyaje.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011/03/01 19:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/01 19:22:46 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2009/11/06 08:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2009/11/06 08:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2011/03/01 21:18:48 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2011/03/04 04:48:38 | 000,430,182 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14806 more lines...
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/04 06:14:32 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2011/03/04 05:22:13 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Malwarebytes
[2011/03/04 05:21:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/03/04 05:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/04 05:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/04 05:21:53 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/03/04 05:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/03/04 05:04:47 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/03/04 05:04:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/03/04 05:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/03/04 04:56:39 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Windows Live
[2011/03/04 03:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/03/04 03:01:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/03/03 16:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011/03/03 13:18:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/03/03 13:13:41 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\SoftGrid Client
[2011/03/03 13:13:41 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\SoftGrid Client
[2011/03/03 13:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2011/03/03 13:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/03/03 13:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011/03/03 13:12:31 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\TP
[2011/03/03 12:35:45 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Avira
[2011/03/03 11:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/03/03 01:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/03/02 22:35:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/03/02 22:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2011/03/02 22:19:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2011/03/02 22:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2011/03/02 22:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2011/03/02 22:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2011/03/02 22:19:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2011/03/02 22:19:10 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\HpUpdate
[2011/03/02 22:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011/03/02 22:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/03/02 22:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2011/03/02 22:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/03/02 22:15:12 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\HP
[2011/03/02 17:20:45 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\WinRAR
[2011/03/02 17:20:45 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/03/02 17:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/03/02 17:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/03/02 14:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/03/02 14:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/03/02 14:34:13 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Adobe
[2011/03/02 13:01:21 | 000,000,000 | ---D | C] -- C:\Update
[2011/03/02 12:45:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/03/02 12:45:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/03/02 02:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
[2011/03/02 02:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentBar
[2011/03/02 02:41:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/03/02 02:41:00 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\uTorrent
[2011/03/02 02:16:22 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Apple Computer
[2011/03/02 02:16:22 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Apple Computer
[2011/03/02 02:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/02 02:16:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/02 02:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/02 02:16:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/03/02 02:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/03/02 02:14:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/03/02 02:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/03/02 02:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/03/02 02:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/03/02 01:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/03/02 01:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/03/02 01:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/03/02 00:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/03/02 00:59:18 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Apple
[2011/03/02 00:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/03/01 21:28:25 | 000,000,000 | ---D | C] -- C:\Users\Gilad\Tracing
[2011/03/01 21:23:06 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\acccore
[2011/03/01 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\AOL
[2011/03/01 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\AIM
[2011/03/01 21:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/03/01 21:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/03/01 21:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/03/01 21:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2011/03/01 21:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2011/03/01 19:17:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2011/03/01 19:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/03/01 19:17:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2011/03/01 19:05:02 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Mozilla
[2011/03/01 19:05:02 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Mozilla
[2011/03/01 19:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/03/01 19:04:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/03/01 18:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/03/01 18:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/03/01 18:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/03/01 18:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/03/01 18:40:45 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/03/01 18:40:45 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/03/01 18:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/03/01 18:40:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011/03/01 17:46:50 | 000,000,000 | ---D | C] -- C:\Users\Gilad\Documents\ForceField Shared Files
[2011/03/01 17:46:50 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\CheckPoint
[2011/03/01 17:46:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm_Security
[2011/03/01 17:46:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/03/01 17:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011/03/01 17:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2011/03/01 17:45:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2011/03/01 17:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2011/03/01 17:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011/03/01 17:44:57 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/03/01 17:43:13 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Adobe
[2011/03/01 17:43:00 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Google
[2011/03/01 17:39:14 | 000,000,000 | R--D | C] -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/03/01 17:39:14 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Searches
[2011/03/01 17:39:14 | 000,000,000 | R--D | C] -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/03/01 17:39:14 | 000,000,000 | -H-D | C] -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/03/01 17:39:05 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Identities
[2011/03/01 17:39:03 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Contacts
[2011/03/01 17:39:00 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\VirtualStore
[2011/03/01 17:37:19 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Sony Corporation
[2011/03/01 17:36:40 | 000,000,000 | --SD | C] -- C:\Users\Gilad\AppData\Roaming\Microsoft
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Videos
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Saved Games
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Pictures
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Music
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Links
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Favorites
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Downloads
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\My Documents
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\Desktop
[2011/03/01 17:36:40 | 000,000,000 | R--D | C] -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\AppData\Local\Temporary Internet Files
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Templates
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Start Menu
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\SendTo
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Recent
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\PrintHood
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\NetHood
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Documents\My Videos
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Documents\My Pictures
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Documents\My Music
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\My Documents
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Local Settings
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\AppData\Local\History
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Cookies
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\Application Data
[2011/03/01 17:36:40 | 000,000,000 | -HSD | C] -- C:\Users\Gilad\AppData\Local\Application Data
[2011/03/01 17:36:40 | 000,000,000 | -H-D | C] -- C:\Users\Gilad\AppData
[2011/03/01 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Temp
[2011/03/01 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Local\Microsoft
[2011/03/01 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Media Center Programs
[2011/03/01 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Gilad\AppData\Roaming\Macromedia
[2011/03/01 16:35:13 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/04 13:09:48 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/04 13:09:48 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/04 13:01:14 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/04 13:00:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/04 13:00:39 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/04 05:33:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/04 05:21:57 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/04 04:48:38 | 000,430,182 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/03/04 03:55:22 | 000,349,742 | ---- | M] () -- C:\Users\Gilad\Documents\Scan0004.pdf
[2011/03/04 03:52:54 | 000,173,542 | ---- | M] () -- C:\Users\Gilad\Documents\Scan0003.pdf
[2011/03/04 03:51:06 | 000,230,596 | ---- | M] () -- C:\Users\Gilad\Documents\Scan0002.pdf
[2011/03/04 03:47:15 | 000,260,731 | ---- | M] () -- C:\Users\Gilad\Documents\Scan0001.pdf
[2011/03/04 03:02:48 | 000,741,240 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/04 03:02:48 | 000,624,622 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/04 03:02:48 | 000,106,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/04 03:01:12 | 000,743,534 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/03 22:09:08 | 414,734,561 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/02 22:35:29 | 000,000,546 | ---- | M] () -- C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
[2011/03/02 22:19:22 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2011/03/02 22:18:37 | 000,002,236 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 3050 J610 series.lnk
[2011/03/02 22:18:37 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 3050 J610 series.lnk
[2011/03/02 22:18:37 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 3050 J610 series Scan.lnk
[2011/03/02 14:39:52 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/03/02 12:48:07 | 000,310,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/02 02:41:59 | 000,000,927 | ---- | M] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/03/02 02:41:59 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011/03/02 02:37:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/03/02 02:16:18 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/02 01:00:38 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/03/01 21:23:06 | 000,000,359 | -H-- | M] () -- C:\IPH.PH
[2011/03/01 21:21:23 | 000,001,893 | ---- | M] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/03/01 21:21:23 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/03/01 19:04:52 | 000,001,923 | ---- | M] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/01 19:04:52 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/01 18:56:00 | 000,001,242 | ---- | M] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/03/01 18:56:00 | 000,001,218 | ---- | M] () -- C:\Users\Gilad\Desktop\Spybot - Search & Destroy.lnk
[2011/03/01 18:40:52 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/03/01 17:47:01 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011/03/01 17:46:24 | 000,001,026 | ---- | M] () -- C:\Users\Gilad\Desktop\ZoneAlarm Security.lnk
[2011/03/01 17:38:57 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCEE37FX.mrk
[2011/03/01 17:38:57 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCEE37FX.mrk
[2011/03/01 16:36:53 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/03/01 16:36:53 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/04 05:21:57 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/04 05:04:11 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/03/04 05:03:51 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/03/04 05:03:31 | 000,001,418 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/03/04 05:03:02 | 000,002,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/03/04 03:55:22 | 000,349,742 | ---- | C] () -- C:\Users\Gilad\Documents\Scan0004.pdf
[2011/03/04 03:52:54 | 000,173,542 | ---- | C] () -- C:\Users\Gilad\Documents\Scan0003.pdf
[2011/03/04 03:51:05 | 000,230,596 | ---- | C] () -- C:\Users\Gilad\Documents\Scan0002.pdf
[2011/03/04 03:47:14 | 000,260,731 | ---- | C] () -- C:\Users\Gilad\Documents\Scan0001.pdf
[2011/03/03 13:13:05 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/02 22:35:06 | 414,734,561 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/02 22:27:54 | 000,000,546 | ---- | C] () -- C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
[2011/03/02 22:20:10 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
[2011/03/02 22:19:22 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2011/03/02 22:18:37 | 000,002,236 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 3050 J610 series.lnk
[2011/03/02 22:18:37 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 3050 J610 series.lnk
[2011/03/02 22:18:37 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 3050 J610 series Scan.lnk
[2011/03/02 14:39:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/03/02 14:39:21 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/03/02 13:02:49 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011/03/02 02:41:59 | 000,000,927 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/03/02 02:41:59 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011/03/02 02:37:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/03/02 02:16:18 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/02 01:00:38 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/03/02 00:59:18 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/03/01 21:21:23 | 000,001,893 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/03/01 21:21:23 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/03/01 21:21:02 | 000,000,359 | -H-- | C] () -- C:\IPH.PH
[2011/03/01 19:04:52 | 000,001,923 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/01 19:04:52 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/01 18:56:00 | 000,001,242 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/03/01 18:56:00 | 000,001,218 | ---- | C] () -- C:\Users\Gilad\Desktop\Spybot - Search & Destroy.lnk
[2011/03/01 18:40:52 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/03/01 17:46:24 | 000,001,026 | ---- | C] () -- C:\Users\Gilad\Desktop\ZoneAlarm Security.lnk
[2011/03/01 17:45:48 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011/03/01 17:39:20 | 000,001,409 | ---- | C] () -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/03/01 17:39:16 | 000,001,403 | ---- | C] () -- C:\Users\Gilad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/03/01 17:38:57 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCEE37FX.mrk
[2011/03/01 17:38:57 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCEE37FX.mrk
[2011/03/01 17:36:40 | 000,002,239 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/01 17:36:40 | 000,000,290 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/03/01 17:36:40 | 000,000,272 | ---- | C] () -- C:\Users\Gilad\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/03/01 16:35:04 | 3015,884,800 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/21 11:25:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/07/06 21:21:09 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/03/01 21:23:32 | 000,000,000 | ---D | M] -- C:\Users\Gilad\AppData\Roaming\acccore
[2011/03/01 17:46:50 | 000,000,000 | ---D | M] -- C:\Users\Gilad\AppData\Roaming\CheckPoint
[2011/03/03 13:13:42 | 000,000,000 | ---D | M] -- C:\Users\Gilad\AppData\Roaming\SoftGrid Client
[2011/03/03 13:13:53 | 000,000,000 | ---D | M] -- C:\Users\Gilad\AppData\Roaming\TP
[2011/03/02 18:34:56 | 000,000,000 | ---D | M] -- C:\Users\Gilad\AppData\Roaming\uTorrent
[2009/07/13 21:08:49 | 000,007,420 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
barrage
Posted 05 March 2011 - 09:28 PM

barrage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Is there less help on these forums now? I used to get responses within a day or at least an acknowledgment that my post was being looked into. Don't mean to be a bother as I know this is a free help forum but I would like to know, thanks in advance.
  • 0

#3
Gammo
Posted 16 March 2011 - 09:23 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hi Barrage,

I'm sorry for the delay. It's very busy in the malware removal forum as always.

I noticed you're already being helped at our Windows 7 forum, so I'll close this topic in a few days if I don't hear back from you. I did review your OTL log though, and it's clean. :D

Please run this clean-up tool to remove OTL:

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

  • 0

#4
Gammo
Posted 02 April 2011 - 04:42 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP