ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2be25bef179aba418d1149d37a0817a2
# engine=14866
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=תשע"ג-י"ב-ט"ז 06:07:11
# local_time=תשע"ג-י"ב-ט"ז 09:07:11 )
# country="Israel"
# lang=1037
# osver=5.1.2600 NT Service Pack 3
# scanned=145180
# found=20
# cleaned=0
# scan_time=10630
sh=42429268B05688DDB685172D8CF861E00D2256B6 ft=1 fh=21a3673dda1eec3a vn="multiple threats" ac=I fn="C:\Documents and Settings\sh770\שולחן העבודה\מיון\NOD32view4_06_5.exe"
sh=3B14C90F1A129328E27521D592C277B8C87FA769 ft=0 fh=0000000000000000 vn="BAT/HostsChanger.A application" ac=I fn="C:\Inst\XP_RAM.ISO"
sh=855AA5034727785A824E816270607E1C32F7251D ft=0 fh=0000000000000000 vn="BAT/HostsChanger.A application" ac=I fn="C:\Inst\xp_ram\I386\SVCPACK\FIX.CMD"
sh=8C85856D3B940C035A3C7FC6359A54BAFE9361EE ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A application" ac=I fn="C:\pmagic\Hiren'sBootCD.iso"
sh=519D06745DAD2BE35D2DE25F9739B80EA64E1FDD ft=1 fh=448900da2d4e2f5a vn="a variant of Win32/RemoteAdmin.Ammyy.B application" ac=I fn="C:\Program Files\Ammyy Admin\AA_v3.1.exe"
sh=2E5265F35F75A50C89E592E127BC80E1E45AA840 ft=1 fh=665395c0536173b7 vn="a variant of Win32/RemoteAdmin.Ammyy.B application" ac=I fn="C:\Program Files\Ammyy Admin\AA_v3.2.exe"
sh=98E44B9C65C15384DA664D1B548E408B486E47BC ft=1 fh=4c0c6dd643ef2f13 vn="a variant of Win32/RemoteAdmin.Ammyy.B application" ac=I fn="C:\Program Files\Ammyy Admin\AA_v3.exe"
sh=229EA863EF8BBB00F051DBF764856D9DA8096D98 ft=1 fh=727b5f8d2ae26ca4 vn="probably a variant of Win32/PSWTool.WirelessNetView.A application" ac=I fn="C:\Program Files\NirSoft\WirelessNetView\WirelessNetView.exe"
sh=90E4890A2DA26A98BAA63AB5D0B7EBC27CEEA5D3 ft=1 fh=ea2de559c4790142 vn="a variant of Win32/PSWTool.PdfCracker.A application" ac=I fn="C:\Program Files\PDF Password Cracker Pro v3.1\crackpdf.exe"
sh=D868070EA6980942E4E0A7A9030B70CCA5C36D1B ft=1 fh=2d84a9c9616021bc vn="Win32/PSWTool.PdfCracker.B application" ac=I fn="C:\Program Files\PDF Password Remover v3.0\winDecrypt.exe"
sh=D25B9BF3F5DA04C98C4BD0653CD3F9D51A28EC3B ft=1 fh=641788557dcf527c vn="Win32/PSWTool.PdfCracker.B application" ac=I fn="C:\Program Files\PDF Password Remover v3.0\winDecrypt.exe.BAK"
sh=6155B7161677DE78E796D6F147137D790608F91F ft=1 fh=06df8b4e52078e03 vn="a variant of Win32/HackTool.Patcher.AD application" ac=I fn="C:\Program Files\SlySoft\AnyDVD\Patch.exe"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files\The KMPlayer\ApnIC.dll"
sh=D0AEA07DD876D90CCBEE70F6AB3ADF5ADD1EA075 ft=0 fh=0000000000000000 vn="Win32/HackTool.Crack.AC application" ac=I fn="C:\Program Files\USB Safely Remove\USB Safely Remove.rar"
sh=2A2F88BA3E4361A59A4A845EF98BB12817BB6F60 ft=1 fh=157fd3917dfb8221 vn="a variant of Win32/InstallIQ.A application" ac=I fn="C:\System Volume Information\_restore{152CB5B2-9753-4333-9F16-26DCA89093D8}\RP11\A0004460.exe"
sh=2A2F88BA3E4361A59A4A845EF98BB12817BB6F60 ft=1 fh=157fd3917dfb8221 vn="a variant of Win32/InstallIQ.A application" ac=I fn="C:\System Volume Information\_restore{152CB5B2-9753-4333-9F16-26DCA89093D8}\RP12\A0004524.exe"
sh=98E44B9C65C15384DA664D1B548E408B486E47BC ft=1 fh=4c0c6dd643ef2f13 vn="a variant of Win32/RemoteAdmin.Ammyy.B application" ac=I fn="C:\System Volume Information\_restore{152CB5B2-9753-4333-9F16-26DCA89093D8}\RP14\A0005479.exe"
sh=7A5B4EC405022ABEB1664161F505523956B77F9F ft=0 fh=0000000000000000 vn="Win32/PrcView application" ac=I fn="C:\UBCD4Win\UBCD4WinBuilder.iso"
sh=6661EDA8383915E3713D78F0189D1A15EB5D80C7 ft=1 fh=cd240aea2e807323 vn="Win32/PrcView application" ac=I fn="C:\UBCD4Win\BartPE\PROGRAMS\sdfix\SDFix.exe"
sh=6661EDA8383915E3713D78F0189D1A15EB5D80C7 ft=1 fh=cd240aea2e807323 vn="Win32/PrcView application" ac=I fn="C:\UBCD4Win\plugin\Cleanup Tools\SDFix\SDFix.exe"
OTL logfile created on: 23/08/2013 03:03:33 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\sh770\שולחן העבודה
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 38.00% Memory free
4.82 Gb Paging File | 3.44 Gb Available in Paging File | 71.39% Paging File free
Paging file location(s): C:\pagefile.sys 2050 2050E:\pagef [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.00 Gb Total Space | 9.00 Gb Free Space | 18.00% Space Free | Partition Type: NTFS
Drive D: | 100.01 Gb Total Space | 3.15 Gb Free Space | 3.15% Space Free | Partition Type: NTFS
Drive E: | 32.87 Gb Total Space | 1.95 Gb Free Space | 5.95% Space Free | Partition Type: NTFS
Drive F: | 44.26 Gb Total Space | 13.32 Gb Free Space | 30.10% Space Free | Partition Type: NTFS
Drive G: | 5.75 Gb Total Space | 5.19 Gb Free Space | 90.41% Space Free | Partition Type: NTFS
Drive W: | 931.51 Gb Total Space | 8.30 Gb Free Space | 0.89% Space Free | Partition Type: NTFS
Computer Name: CHABADGAT | User Name: sh770 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/08/17 21:53:05 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/08/12 17:29:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sh770\שולחן העבודה\OTL.exe
PRC - [2013/07/20 22:23:40 | 001,169,920 | ---- | M] (wj32) -- C:\Program Files\Process Hacker 2\ProcessHacker.exe
PRC - [2013/07/19 00:16:13 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2008/07/25 14:22:52 | 000,031,744 | ---- | M] (DiamondCS) -- C:\Program Files\ProcessGuard\DCSUserProt.exe
PRC - [2008/07/25 14:22:50 | 000,267,287 | ---- | M] (DiamondCS) -- C:\Program Files\ProcessGuard\procguard.exe
PRC - [2008/07/25 14:11:58 | 000,120,832 | ---- | M] (DiamondCS) -- C:\Program Files\ProcessGuard\pgaccount.exe
PRC - [2008/04/14 15:00:00 | 001,202,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ========== MOD - [2013/08/17 21:53:05 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/07/18 08:14:53 | 016,166,280 | ---- | M] () -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2012/11/21 07:26:34 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2012/01/29 13:54:40 | 000,408,576 | ---- | M] () -- C:\Program Files\TeraCopy\TeraCopy.dll
MOD - [2012/01/20 11:55:04 | 000,427,520 | ---- | M] () -- C:\Program Files\TeraCopy\TeraCopyExt.dll
MOD - [2010/10/05 21:26:52 | 002,111,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avzkrnl.dll
========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/20 23:29:30 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/17 21:53:05 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/07 12:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [On_Demand | Stopped] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/19 00:16:13 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/07/08 14:28:42 | 000,129,112 | ---- | M] (Sandboxie Holdings, LLC) [On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/13 23:56:20 | 001,035,576 | ---- | M] (Crystal Rich Ltd) [On_Demand | Stopped] -- C:\Program Files\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService)
SRV - [2013/02/26 03:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013/02/26 03:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2013/02/26 02:54:34 | 013,242,960 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2013/02/26 02:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/10/11 17:15:28 | 000,721,048 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2012/01/05 18:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/06/25 20:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/04/21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [On_Demand | Stopped] -- C:\Windows\system32\hasplms.exe -- (hasplms)
SRV - [2008/07/25 14:22:52 | 000,031,744 | ---- | M] (DiamondCS) [Auto | Running] -- C:\Program Files\ProcessGuard\DCSUserProt.exe -- (DCSPGSRV)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VNic.sys -- (VNic)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ulink.sys -- (Usblink)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\A-FF Find and Mount\slicedisk.sys -- (SliceDisk5)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\Scutum50.sys -- (Scutum50)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Unknown] -- system32\drivers\Partizan.sys -- (Partizan)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NSNDIS5.SYS -- (NSNDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\sh770\LOCALS~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\sh770\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\sh770\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2013/07/08 14:28:40 | 000,159,208 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2013/06/24 19:13:12 | 000,158,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\snapman.sys -- (snapman)
DRV - [2013/05/19 14:04:42 | 000,124,504 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/29 22:42:40 | 005,444,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2013/02/26 03:29:02 | 000,034,384 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2013/02/26 03:28:26 | 000,024,272 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\vmparport.sys -- (VMparport)
DRV - [2013/02/26 03:28:06 | 000,026,192 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2013/02/26 03:28:04 | 000,062,416 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2013/02/26 03:27:46 | 000,026,064 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2013/02/26 03:27:46 | 000,016,664 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2012/12/20 19:11:38 | 000,026,624 | ---- | M] (wj32) [Kernel | System | Running] -- C:\Program Files\Process Hacker 2\kprocesshacker.sys -- (KProcessHacker2)
DRV - [2012/12/19 21:04:16 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\system32\drivers\klif.sys -- (KLIF)
DRV - [2012/12/06 01:55:03 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/10/24 15:16:58 | 000,061,464 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsock.sys -- (vsock)
DRV - [2012/10/24 15:16:50 | 000,071,152 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmci.sys -- (vmci)
DRV - [2012/10/11 17:15:36 | 000,041,496 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2012/10/11 17:15:06 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2012/08/01 21:13:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/06/13 16:49:30 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2012/05/02 17:50:14 | 000,259,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\system32\drivers\XHASP.sys -- (XHASP)
DRV - [2012/05/02 17:44:38 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2011/08/08 21:13:10 | 000,117,584 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
DRV - [2011/07/12 10:36:28 | 000,022,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\vstor2-mntapi10-shared.sys -- (vstor2-mntapi10-shared)
DRV - [2011/06/26 03:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011/06/26 03:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appliand.sys -- (appliand)
DRV - [2010/09/01 16:07:24 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2010/08/27 16:04:42 | 000,105,344 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\jrdusbser.sys -- (jrdusbser)
DRV - [2010/08/06 23:45:28 | 000,907,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2010/06/25 20:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\npf.sys -- (NPF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\kl1.sys -- (KL1)
DRV - [2010/05/21 20:34:12 | 000,827,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010/05/07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\klim5.sys -- (klim5)
DRV - [2010/01/29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/21 21:39:14 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2009/12/21 21:39:12 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\pwdspio.sys -- (pwdspio)
DRV - [2009/11/18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/11/02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/01/16 12:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008/10/17 07:14:00 | 000,030,720 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\l251x86.sys -- (AtcL002)
DRV - [2008/07/25 14:33:06 | 000,026,688 | ---- | M] (DiamondCS) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\procguard.sys -- (procguard)
DRV - [2008/01/19 00:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/11/22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006/10/19 03:12:16 | 000,012,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/04/26 02:03:56 | 000,009,600 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ISODisk.sys -- (ISODisk)
DRV - [2005/11/03 10:46:43 | 000,390,379 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\usbVM305.sys -- (ZSMC0305)
DRV - [2005/10/16 08:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2004/08/13 11:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/04 22:11:40 | 000,013,654 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\IPSecVPN.sys -- (IPSecVPN)
DRV - [2002/12/24 21:18:56 | 000,003,712 | ---- | M] (Hitachi Global Storage Technologies) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\cfadisk.sys -- (cfadisk)
DRV - [2001/08/17 13:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\loop.sys -- (msloop)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.il/IE - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\..\SearchScopes,DefaultScope = {A29C6051-83AD-4B4F-ADDE-18FFC2E7AD07}
IE - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\..\SearchScopes\{A29C6051-83AD-4B4F-ADDE-18FFC2E7AD07}: "URL" =
http://www.google.co.il/search?hl=iw&q={searchTerms}
IE - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.context.loadInBackground: true
FF - prefs.js..browser.search.defaultenginename: "Google SSL"
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.selectedEngine: "Google SSL"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://mail.google.com/mail/u/0/?shva=1#inbox"
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: mintrayr%40tn123.ath.cx:1.1.2
FF - prefs.js..extensions.enabledAddons: optimizegoogle%40optimizegoogle.com:0.79.1
FF - prefs.js..extensions.enabledAddons: %7Baff87fa2-a58e-4edd-b852-0a20203c1e17%7D:0.9
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.11
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.1pre.130817a
FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "https://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://127.0.0.1:9151/"
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9150
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: d:\FirefoxPortable ols\App\Firefox\components [2013/07/15 23:29:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: d:\FirefoxPortable ols\App\Firefox\plugins [2013/07/25 01:00:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/17 21:52:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/17 21:52:55 | 000,000,000 | ---D | M]
[2013/07/15 23:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Extensions
[2013/08/13 16:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\filips332\extensions
[2012/07/26 18:37:03 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\filips332\extensions\support@lastpass.com
[2013/08/22 21:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions
[2013/06/16 20:03:19 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2013/04/17 12:34:35 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013/08/18 19:54:34 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\foxyproxy@eric.h.jung
[2012/11/25 16:28:28 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\mintrayr@tn123.ath.cx
[2013/08/22 21:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\staged
[2013/02/10 22:55:30 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\support@lastpass.com
[2013/07/02 19:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\levitzu770\extensions
[2013/07/02 19:55:04 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\levitzu770\extensions\support@lastpass.com
[2013/08/13 16:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yq1es6h8.mini\extensions
[2012/07/15 23:18:19 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yq1es6h8.mini\extensions\ietab@ip.cn
[2013/06/17 18:13:57 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yq1es6h8.mini\extensions\support@lastpass.com
[2013/08/13 16:17:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions
[2012/07/14 23:48:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/07/14 23:48:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2012/07/14 23:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/07/14 23:48:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\mintrayr@tn123.ath.cx
[2012/07/14 23:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\support@lastpass.com
[2013/06/17 19:03:27 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\filips332\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/17 21:45:31 | 000,128,676 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012/07/16 00:31:55 | 000,025,781 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2012/08/23 21:36:31 | 000,024,018 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\customization@adblockplus.org.xpi
[2012/07/15 20:48:21 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\elemhidehelper@adblockplus.org.xpi
[2012/07/15 17:20:55 | 000,236,088 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\optimizegoogle@optimizegoogle.com.xpi
[2012/10/10 17:22:54 | 000,042,737 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
[2013/07/31 22:01:48 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/07/15 17:20:55 | 000,434,392 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013/08/17 21:45:31 | 000,816,139 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/08/04 11:37:59 | 000,275,449 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/06/12 02:13:23 | 000,402,344 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi
[2013/08/22 21:28:15 | 000,814,552 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\extensions\staged\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012/11/27 18:17:34 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\levitzu770\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/07/15 23:08:35 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yq1es6h8.mini\extensions\elemhidehelper@adblockplus.org.xpi
[2013/06/17 18:22:14 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yq1es6h8.mini\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/07/12 22:43:47 | 000,025,781 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2012/07/06 00:12:19 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\elemhidehelper@adblockplus.org.xpi
[2012/04/22 12:53:32 | 000,236,088 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\optimizegoogle@optimizegoogle.com.xpi
[2012/06/22 00:33:29 | 000,061,700 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2012/07/04 09:21:17 | 000,743,290 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/05/20 10:02:17 | 000,697,058 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012/07/08 22:29:00 | 000,324,741 | ---- | M] () (No name found) -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\yt5kxeg9.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi
[2012/07/15 22:30:52 | 000,002,024 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\---.xml
[2013/06/12 06:20:09 | 000,001,990 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\duckduckgo-tor.xml
[2013/07/12 00:31:38 | 000,010,316 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\duckduckgo.xml
[2013/02/10 01:45:59 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\firefox-add-ons.xml
[2012/11/25 20:05:15 | 000,005,598 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\google-ssl-1.xml
[2012/11/25 20:03:10 | 000,008,215 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\google-ssl.xml
[2013/08/22 23:41:29 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\ixquick-https.xml
[2013/08/22 23:41:29 | 000,005,519 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Mozilla\Firefox\Profiles\j07ullke.default\searchplugins\startpage-https.xml
[2013/08/17 21:52:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/17 21:53:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013/08/20 08:45:00 | 000,000,027 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll ()
O4 - HKLM..\Run: [!1_pgaccount] C:\Program Files\ProcessGuard\pgaccount.exe (DiamondCS)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003..\Run: [!1_ProcessGuard_Startup] C:\Program Files\ProcessGuard\procguard.exe (DiamondCS)
O4 - Startup: C:\Documents and Settings\sh770\תפריט התחלה\תוכניות\הפעלה\Dropbox.lnk = C:\Documents and Settings\sh770\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\sh770\תפריט התחלה\תוכניות\הפעלה\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 01 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: הוסף לאנטי באנר - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll ()
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://windowsupdate.microsoft.com/wind ... 3952319953 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 2371633937 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.179.52.100 80.179.55.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E40AD9AC-0131-41E5-8124-6F69F2089729}: DhcpNameServer = 80.179.52.100 80.179.55.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E40AD9AC-0131-41E5-8124-6F69F2089729}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\mhtml - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\Windows\system32\klogon.dll (Kaspersky Lab ZAO)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/17 02:01:48 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/17 02:01:51 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/17 02:01:54 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/17 02:02:01 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/07/17 15:15:53 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/07/17 15:15:49 | 000,000,000 | RHSD | M] - W:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2842/08/08 23:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\open-in-default-browser
[2013/08/22 17:54:25 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\sh770\שולחן העבודה\esetsmartinstaller_heb.exe
[2013/08/21 01:24:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/08/20 08:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AMMYY
[2013/08/18 19:20:28 | 000,000,000 | ---D | C] -- d:\App
[2013/08/18 19:20:22 | 000,000,000 | ---D | C] -- d:\Docs
[2013/08/18 19:20:22 | 000,000,000 | ---D | C] -- d:\Data
[2013/08/18 17:55:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/08/18 17:55:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/08/18 17:55:42 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/08/18 17:55:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/08/18 17:55:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/18 17:41:10 | 005,106,564 | R--- | C] (Swearware) -- C:\Documents and Settings\sh770\שולחן העבודה\ComboFix.exe
[2013/08/18 16:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\שולחן העבודה\PirateBrowser 0.6b
[2013/08/18 14:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/08/17 21:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/08/17 21:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/08/15 23:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\Local Settings\Application Data\Adblock Plus for IE
[2013/08/15 23:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\Application Data\Adblock Plus for IE
[2013/08/15 23:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adblock Plus for IE
[2013/08/15 23:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/08/15 17:19:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\APN
[2013/08/14 07:58:02 | 000,357,143 | ---- | C] (Farbar) -- C:\Documents and Settings\sh770\שולחן העבודה\FSS.exe
[2013/08/13 23:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\שולחן העבודה\4936f7033993c518
[2013/08/13 16:23:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/13 04:59:34 | 000,000,000 | ---D | C] -- d:\Kaspersky Rescue Disk 10.0
[2013/08/12 18:19:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\Local Settings\Application Data\Jaksta_Technologies_Pty_L
[2013/08/12 17:29:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sh770\שולחן העבודה\OTL.exe
[2013/08/11 19:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\שולחן העבודה\RK_Quarantine
[2013/08/10 21:45:18 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\sh770\שולחן העבודה\tdsskiller.exe
[2013/08/07 16:49:32 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2013/08/05 09:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\CDex_150
[2013/08/05 09:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\שולחן העבודה\SafeBoot
[2013/08/05 01:52:31 | 000,000,000 | R--D | C] -- d:\My Videos
[2013/08/05 01:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\Exact Audio Copy
[2013/08/04 22:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sh770\Local Settings\Application Data\Remove Toolbar Buddy
[2013/08/04 22:48:39 | 001,140,728 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.PropertyGrid.Unicode.v15.1.3.0908.ocx
[2013/08/04 22:48:39 | 000,587,768 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.SkinFramework.Unicode.v15.1.3.0908.ocx
[2013/08/04 22:48:39 | 000,509,944 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.ShortcutBar.Unicode.v15.1.3.0908.ocx
[2013/08/04 22:48:38 | 002,717,688 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.CommandBars.Unicode.v15.1.3.0908.ocx
[2013/08/04 22:48:38 | 001,906,680 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.Controls.Unicode.v15.1.3.0908.ocx
[2013/08/04 22:48:38 | 000,218,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\richtx32.Ocx
[2013/08/04 22:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Scorpio Software
[2013/08/04 22:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Scorpio Software
[2013/07/29 15:43:40 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2013/07/29 15:43:38 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2013/07/29 15:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2013/07/29 15:02:18 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013/07/29 15:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2013/07/29 14:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2013/07/27 22:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/07/24 23:59:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\sh770\UserData
[2010/01/12 01:37:08 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\sh770\Application Data\pcouffin.sys
========== Files - Modified Within 30 Days ========== File not found -- C:\WINDOWS\System32\drivers\mshcmd.sys.
[2013/08/23 03:09:33 | 002,866,528 | ---- | M] () -- C:\WINDOWS\System32\pghash.dat
[2013/08/23 02:27:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/22 17:55:52 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\sh770\שולחן העבודה\esetsmartinstaller_heb.exe
[2013/08/22 11:42:11 | 000,710,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/22 11:42:11 | 000,587,246 | ---- | M] () -- C:\WINDOWS\System32\perfh00d.dat
[2013/08/22 11:42:11 | 000,132,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/22 11:42:11 | 000,132,250 | ---- | M] () -- C:\WINDOWS\System32\perfc00d.dat
[2013/08/22 11:37:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 11:37:13 | 2138,296,320 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/21 00:40:27 | 000,000,964 | ---- | M] () -- C:\WINDOWS\Kaluach3.INI
[2013/08/20 23:29:27 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/20 23:29:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/20 17:35:16 | 000,000,988 | ---- | M] () -- C:\Documents and Settings\sh770\תפריט התחלה\תוכניות\הפעלה\Dropbox.lnk
[2013/08/20 09:20:43 | 000,126,632 | ---- | M] () -- C:\WINDOWS\System32\pguard.dat
[2013/08/20 09:20:08 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\זרמי נתונים חלופיים של Windows .URL
[2013/08/20 09:17:15 | 000,000,083 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\Frank Heyne Software - NTFS ADS.URL
[2013/08/20 09:00:30 | 000,000,260 | ---- | M] () -- d:\Ammyy_Contact_Book.bin
[2013/08/20 08:45:00 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/08/20 08:34:00 | 000,014,875 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\4.JPG
[2013/08/20 08:15:58 | 005,106,564 | R--- | M] (Swearware) -- C:\Documents and Settings\sh770\שולחן העבודה\ComboFix.exe
[2013/08/20 08:03:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/08/17 21:44:14 | 018,087,936 | ---- | M] () -- C:\Documents and Settings\sh770\NTUSER.bak
[2013/08/17 21:28:38 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\ERUNT.lnk
[2013/08/17 20:30:06 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/16 12:46:17 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/16 00:27:43 | 000,005,508 | ---- | M] () -- C:\menu.lst
[2013/08/15 02:44:13 | 000,004,414 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2013/08/15 00:19:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/14 07:58:04 | 000,357,143 | ---- | M] (Farbar) -- C:\Documents and Settings\sh770\שולחן העבודה\FSS.exe
[2013/08/13 20:50:15 | 000,000,124 | ---- | M] () -- d:\ax_files.xml
[2013/08/13 01:12:35 | 001,418,021 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\צניעות.pdf
[2013/08/13 00:50:48 | 000,007,789 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\menu.lst
[2013/08/12 17:29:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sh770\שולחן העבודה\OTL.exe
[2013/08/11 16:17:53 | 000,920,576 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\RogueKiller.exe
[2013/08/10 22:27:11 | 000,024,176 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\417.jpg
[2013/08/10 21:45:23 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\sh770\שולחן העבודה\tdsskiller.exe
[2013/08/08 19:40:18 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\sh770\שולחן העבודה\dds.scr
[2013/08/01 22:04:52 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2013/07/30 19:06:13 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\winscp.rnd
[2013/07/30 12:14:29 | 000,167,274 | ---- | M] () -- C:\WinVBlock.IMG.gz
[2013/07/28 23:03:33 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\sh770\Application Data\Microsoft\Internet Explorer\Quick Launch\Process Hacker 2.lnk
[2013/07/26 05:48:58 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/07/26 05:48:58 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/07/26 05:48:58 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/07/26 05:48:58 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/07/26 05:48:58 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/07/26 05:48:58 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/07/26 05:48:58 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/07/26 05:48:58 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/07/26 05:48:58 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/07/26 05:48:58 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/07/26 05:48:58 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/07/26 05:48:58 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/07/26 05:48:58 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/07/26 05:48:58 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/07/26 05:48:57 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/07/26 05:48:57 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/07/26 05:48:57 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/07/26 05:48:57 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/07/26 05:48:57 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/07/26 05:48:57 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/07/26 05:48:57 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/07/26 05:48:57 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/07/26 05:48:57 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/07/26 05:48:57 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/07/26 05:48:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/07/26 05:48:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/07/26 05:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/07/26 05:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/07/25 21:24:58 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/07/25 21:24:58 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/07/25 18:54:52 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
========== Files Created - No Company Name ========== File not found -- C:\WINDOWS\System32\drivers\mshcmd.sys.
[2013/08/20 09:19:40 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\זרמי נתונים חלופיים של Windows .URL
[2013/08/20 09:17:15 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\Frank Heyne Software - NTFS ADS.URL
[2013/08/20 08:34:00 | 000,014,875 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\4.JPG
[2013/08/18 17:55:42 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/08/18 17:55:42 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/08/18 17:55:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/08/18 17:55:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/08/18 17:55:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/08/17 21:28:38 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\ERUNT.lnk
[2013/08/13 01:12:35 | 001,418,021 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\צניעות.pdf
[2013/08/13 00:50:48 | 000,007,789 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\menu.lst
[2013/08/11 16:17:37 | 000,920,576 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\RogueKiller.exe
[2013/08/10 22:27:10 | 000,024,176 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\417.jpg
[2013/08/08 19:40:06 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\sh770\שולחן העבודה\dds.scr
[2013/08/07 10:02:39 | 2138,296,320 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/01 22:04:51 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2013/08/01 22:03:20 | 000,000,025 | ---- | C] () -- d:\popcinfot.dat
[2013/07/30 22:20:01 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2013/07/30 12:14:27 | 000,167,274 | ---- | C] () -- C:\WinVBlock.IMG.gz
[2013/07/29 16:16:11 | 000,175,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/02 18:49:04 | 018,087,936 | ---- | C] () -- C:\Documents and Settings\sh770\NTUSER.bak
[2013/06/13 17:06:06 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\sh770\.rnd
[2013/05/09 19:18:44 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/05/05 21:38:03 | 000,013,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\IPSecVPN.sys
[2013/04/25 17:10:52 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\sh770\.recently-used.xbel
[2013/02/07 02:04:45 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\sh770\ntuser.pol
[2012/12/27 22:25:00 | 000,302,402 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/19 21:05:51 | 000,116,189 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012/12/19 21:05:51 | 000,098,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012/09/24 06:17:01 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\ISODisk.sys
[2012/08/21 18:28:22 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\sh770\SecurityKISSTunnel.config
[2012/07/04 19:57:11 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\sh770\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/02 18:03:11 | 000,000,085 | ---- | C] () -- C:\WINDOWS\Macro.ini
[2012/06/05 18:49:54 | 000,000,237 | ---- | C] () -- C:\Documents and Settings\sh770\.swfinfo
[2012/05/31 14:49:07 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/02 17:56:21 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\F4273C6D.bin
[2012/05/02 17:50:14 | 000,259,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\XHASP.sys
[2012/05/02 17:48:53 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\hdsuinst.exe
[2012/05/02 17:44:38 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2012/02/15 21:40:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 22:57:38 | 000,002,930 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012/01/30 18:27:29 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/10/05 19:54:15 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2011/04/08 01:44:24 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\sh770\Application Data\winscp.rnd
[2011/03/12 23:44:45 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/11/03 21:50:10 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/02/16 21:30:29 | 034,516,576 | ---- | C] () -- C:\Documents and Settings\sh770\ff_ppz_1266345016343.ppz
[2010/01/12 01:37:08 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\sh770\Application Data\pcouffin.cat
[2010/01/12 01:37:08 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\sh770\Application Data\pcouffin.inf
[2009/08/31 23:30:12 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\sh770\PUTTY.RND
[2009/08/28 00:09:47 | 000,000,303 | ---- | C] () -- C:\Documents and Settings\sh770\.jupload.properties
[2009/06/16 22:05:03 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
========== ZeroAccess Check ========== [2009/06/02 16:24:21 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/03/03 02:11:17 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 13:53:33 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 15:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========[2013/08/15 16:29:19 | 000,000,000 | ---D | M](C:\Documents and Settings\sh770\????? ??????) -- C:\Documents and Settings\sh770\����� ������
[2013/08/15 16:29:19 | 000,000,000 | ---D | M](C:\Documents and Settings\sh770\????? ??????) -- C:\Documents and Settings\sh770\����� ������
[2013/08/15 16:29:19 | 000,000,000 | ---D | C](C:\Documents and Settings\sh770\????? ??????) -- C:\Documents and Settings\sh770\����� ������
< End of report >
OTL Extras logfile created on: 23/08/2013 03:03:33 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\sh770\שולחן העבודה
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 38.00% Memory free
4.82 Gb Paging File | 3.44 Gb Available in Paging File | 71.39% Paging File free
Paging file location(s): C:\pagefile.sys 2050 2050E:\pagef [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.00 Gb Total Space | 9.00 Gb Free Space | 18.00% Space Free | Partition Type: NTFS
Drive D: | 100.01 Gb Total Space | 3.15 Gb Free Space | 3.15% Space Free | Partition Type: NTFS
Drive E: | 32.87 Gb Total Space | 1.95 Gb Free Space | 5.95% Space Free | Partition Type: NTFS
Drive F: | 44.26 Gb Total Space | 13.32 Gb Free Space | 30.10% Space Free | Partition Type: NTFS
Drive G: | 5.75 Gb Total Space | 5.19 Gb Free Space | 90.41% Space Free | Partition Type: NTFS
Drive W: | 931.51 Gb Total Space | 8.30 Gb Free Space | 0.89% Space Free | Partition Type: NTFS
Computer Name: CHABADGAT | User Name: sh770 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP פורט 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP פורט 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP פורט 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP פורט 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP פורט 37675
"1947:TCP" = 1947:TCP:*:Disabled:HASP SRM
"1947:UDP" = 1947:UDP:*:Disabled:HASP SRM
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\sh770\שולחן העבודה\ChromePortable\App\Chrome\chrome.exe" = C:\Documents and Settings\sh770\שולחן העבודה\ChromePortable\App\Chrome\chrome.exe:*:Enabled:Chrome -- (Google Inc.)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ammyy Admin\AA_v3.exe" = C:\Program Files\Ammyy Admin\AA_v3.exe:*:Disabled:Ammyy Admin -- ()
"C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2011 11.0.2.556\en\setup.exe" = C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2011 11.0.2.556\en\setup.exe:*:Disabled:Kaspersky Internet Security 2011 -- (Kaspersky Lab)
"D:\אתר\אנשי קשר ישן\MailDB chabad\MailDB.exe" = D:\אתר\אנשי קשר ישן\MailDB chabad\MailDB.exe:*:Disabled:MailDB -- (Romkal)
"C:\Windows\system32\mmc.exe" = C:\Windows\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Disabled:Miranda IM -- ( )
"D:\תוכנות ארכיון\Skype Portable\Skype.exe" = D:\תוכנות ארכיון\Skype Portable\Skype.exe:*:Disabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Miranda IM\SKYPE\Skype.exe" = C:\Program Files\Miranda IM\SKYPE\Skype.exe:*:Disabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\VMware\VMware Workstation\vmware-authd.exe" = C:\Program Files\VMware\VMware Workstation\vmware-authd.exe:*:Disabled:VMware Authd Service -- (VMware, Inc.)
"C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe" = C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe:*:Disabled:VMware Workstation Server -- ()
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Applian Technologies\Replay Media Catcher 5\aria2c.exe" = C:\Program Files\Applian Technologies\Replay Media Catcher 5\aria2c.exe:*:Enabled:Replay Media Catcher 5 Torrent Module -- ()
"C:\Program Files\Applian Technologies\Replay Media Catcher 5\qtCopy.exe" = C:\Program Files\Applian Technologies\Replay Media Catcher 5\qtCopy.exe:*:Enabled:Replay Media Catcher 5 QT Module -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\sh770\שולחן העבודה\ChromePortable\App\Chrome\chrome.exe" = C:\Documents and Settings\sh770\שולחן העבודה\ChromePortable\App\Chrome\chrome.exe:*:Enabled:Chrome -- (Google Inc.)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Ammyy Admin\AA_v3.2.exe" = C:\Program Files\Ammyy Admin\AA_v3.2.exe:*:Enabled:Ammyy Admin -- ()
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Documents and Settings\sh770\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\sh770\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{049D548B-B724-4E16-B55E-7B78B7A28A37}" = InstEd 1.5.12.21
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1ce01891-839b-4ad1-b629-2e608ba0c6ba}" = Adblock Plus for IE
"{1E5F3CC6-D390-4393-A2AA-6CEC04F1705A}" = Image Resizer Powertoy Clone for Windows
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.8
"{26583DDE-7506-4046-9C3A-F02852537B8A}" = Splash PRO EX
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{4653FE0D-2762-41B6-A757-8C4F00B790C3}" = Adblock Plus for IE (32-bit)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.5
"{68880887-285F-4260-989B-8B22020D756F}" = E-GOV.IL Sign&Verify Software - AGForm toolbar
"{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C9FA746-8759-4040-A436-42922CB3492E}" = VistaBootPRO 3.3
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74E78471-E122-4101-8744-CEB6C5C027A0}" = Foxit PDF IFilter
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86F4F32B-77C7-4951-B33C-05D41A8190C1}" = Microsoft RichCopy 4.0
"{879C4951-5561-324B-B0F5-AA0864C4499E}" = Microsoft .NET Framework 4 Extended HEB Language Pack
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC35EC2-F690-3417-8175-ED16EC771126}" = Microsoft .NET Framework 4 Client Profile HEB Language Pack
"{9011040D-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040D-0000-0000000FF1CE}" = חבילת תאימות עבור מהדורת 2007 של מערכת Office
"{90120000-00B2-040D-0000-0000000FF1CE}" = תוספת שמירה בשם כ- PDF או XPS של Microsoft עבור תוכניות Microsoft Office 2007
"{90140000-0010-040D-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Hebrew) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-040D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hebrew) 2010
"{90140000-0016-040D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hebrew) 2010
"{90140000-0018-040D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hebrew) 2010
"{90140000-0019-040D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hebrew) 2010
"{90140000-001A-040D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hebrew) 2010
"{90140000-001B-040D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hebrew) 2010
"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2010
"{90140000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2010
"{90140000-002C-040D-0000-0000000FF1CE}" = Microsoft Office Proofing (Hebrew) 2010
"{90140000-0044-040D-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Hebrew) 2010
"{90140000-006E-040D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hebrew) 2010
"{90140000-00A1-040D-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Hebrew) 2010
"{90140000-00BA-040D-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Hebrew) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961688FD-5FD8-3D21-BE82-ACB1800EBEA2}" = Microsoft .NET Framework 3.5 Language Pack SP1 - heb
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B591BD75-2811-4D09-A590-0D06E4762F34}" = Sudoku Solver V 1.3
"{B70F9EB4-1848-4060-973B-9D9952F2D5C9}" = Responsa CD19
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BF731945-7AAD-45E3-A202-A60C9213915C}_is1" = ISODisk 1.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F49C5BB6-77AF-40EA-AD40-C54FDB05803D}" = Adobe Setup
"{F5BF6AF4-DD9C-4A2C-9B66-DED3E8FD746E}" = Acronis Backup & Recovery 11.5 Bootable Media Builder
"{FB686487-C637-4EEF-BCB1-C92463F2CC05}" = Atheros Ethernet Utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"5513-1208-7298-9440" = JDownloader 0.9
"AC3Filter_is1" = AC3Filter 2.2a
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe_95e0cc74dbf32662d4445ac1ef67d56" = Adobe InDesign CS4
"aignesamdeadlink_is1" = AM-DeadLink 4.5
"AnalogX DXMan" = AnalogX DXMan
"AnyDVD" = AnyDVD
"Audacity_is1" = Audacity 2.0.3
"AuthoringTool " = AuthoringTool 1.0.7
"BurnInTest_is1" = BurnInTest v7.0 Pro
"Chicken Invaders: Revenge of the Yolk (Christmas Edition)_is1" = Chicken Invaders: Revenge of the Yolk (Christmas Edition) v3.20
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.63.0
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"Defraggler" = Defraggler
"DiamondCS ProcessGuard_is1" = DiamondCS ProcessGuard v3.500
"Dream Aquarium" = Dream Aquarium 1.2415
"DVDSmith Movie Backup_is1" = DVDSmith Movie Backup 1.0.8
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"EasyBCD" = EasyBCD 2.2
"ERUNT_is1" = ERUNT 1.1j
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"FLAC" = FLAC 1.2.1b (remove only)
"FlashBoot_is1" = FlashBoot 2.1m
"FlashFXP" = FlashFXP
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader_is1" = Foxit Reader
"Greatis Reanimator_is1" = RegRun Reanimator
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.4
"Icons from File_is1" = Icons from File 3.4
"InfraRecorder" = InfraRecorder
"InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"IrfanView" = IrfanView (remove only)
"Kaluach3" = Kaluach3
"KeyTweak" = KeyTweak - Keyboard Remapper (remove only)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"LAME_is1" = LAME v3.99.3 (for Windows)
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware גירסה 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - heb" = ערכת שפה של Microsoft .NET Framework 3.5 SP1 - heb
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile HEB Language Pack" = Microsoft .NET Framework 4 Client Profile HEB Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended HEB Language Pack" = Microsoft .NET Framework 4 Extended HEB Language Pack
"Miranda IM" = Miranda IM 0.10.11
"Mozilla Firefox 22.0 (x86 he)" = Mozilla Firefox 22.0 (x86 he)
"Mozilla Firefox 23.0.1 (x86 he)" = Mozilla Firefox 23.0.1 (x86 he)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.2
"mp3splt-gtk" = mp3splt-gtk
"Mp3tag" = Mp3tag v2.55a
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NirSoft VideoCacheView" = NirSoft VideoCacheView
"NirSoft WebVideoCap" = NirSoft WebVideoCap
"NirSoft WirelessNetView" = NirSoft WirelessNetView
"nLite_is1" = nLite 1.4.9.1
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8k Light (32-bit)
"Opera 12.16.1860" = Opera 12.16
"PDFTK Builder_is1" = PDFTK Builder 3.5.3
"Process_Hacker2_is1" = Process Hacker 2.31 (r5355)
"Recuva" = Recuva
"Registry Workshop" = Registry Workshop
"Remove Toolbar Buddy_is1" = Remove Toolbar Buddy 6.1
"Replay Media Catcher 4" = Replay Media Catcher 4 (4.4.3)
"Replay Media Catcher 5" = Replay Media Catcher 5 (5.0.0.99)
"RMPrepUSB" = RMPrepUSB
"RollerCoaster Tycoon Setup" = Roll
"Sandboxie" = Sandboxie 4.04 (32-bit)
"SecurityKISS Tunnel_is1" = SecurityKISS Tunnel v0.3.0
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SysTracer" = SysTracer v2.6
"TeamViewer 8" = TeamViewer 8
"TeraCopy_is1" = TeraCopy 2.3 beta 2
"The KMPlayer" = The KMPlayer
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"Tweak UI 2.10" = Tweak UI
"UBCD4Win_is1" = UBCD4Win 3.60
"UltraISO_is1" = UltraISO Premium V9.52
"UnHackMe_is1" = UnHackMe 5.99 release
"Universal Extractor_is1" = Universal Extractor 1.6.1
"Unlocker" = Unlocker 1.9.2
"USB Safely Remove_is1" = USB Safely Remove 5.2
"VLC media player" = VLC media player 2.0.7
"VMware_Workstation" = VMware Workstation
"Winamp" = Winamp
"Windows Unattended CD Creator" = Windows Unattended CD Creator 1.0.2 Beta 10
"Windows Update Remover" = Windows Update Remover
"WinHex" = WinHex
"WinImage" = WinImage
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 5.00 ביתא 5 (32-סיביות)
"winscp3_is1" = WinSCP 5.1.5
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"Wubi" = Ubuntu
"תורת אמת - 346" = תורת אמת - 346
"תורת אמת - 347" = תורת אמת - 347
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1935655697-616249376-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 11/06/2013 23:08:50 | Computer Name = CHABADGAT | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 13/06/2013 01:33:12 | Computer Name = CHABADGAT | Source = nginx | ID = 3299
Description = E:\nginx-1.5.1\nginx.exe: could not open error log file: CreateFile()
"logs/error.log" failed (3: The system cannot find the path specified) .
[ System Events ]
Error - 17/08/2013 14:36:59 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 17/08/2013 14:36:59 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7031
Description = The TeamViewer 8 service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 2000 milliseconds:
הפעל מחדש את השירות.
Error - 17/08/2013 14:47:06 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2
Error - 18/08/2013 07:55:10 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2
Error - 19/08/2013 08:04:47 | Computer Name = CHABADGAT | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 46.121.214.106
on the Network Card with network address 001E8C124CC3.
Error - 20/08/2013 01:04:34 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2
Error - 20/08/2013 06:34:21 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2
Error - 21/08/2013 03:18:51 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2
Error - 22/08/2013 04:38:53 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2
Error - 22/08/2013 04:39:14 | Computer Name = CHABADGAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cfadisk
< End of report >