I tried to install file called "ALPServer_setup.exe" how is part of a 3d package called "DI-O-MATIC_CHARACTER_PACK"
But when it is starting to install it's suddenly stop with the message "C:\PROGRA~1\ALPSER~1\SetReg.exe is not a valid Win32 application" and after clicking OK to dismiss the pop up window, another window popup saying: "Could not execute the external program "C:\PROGRA~1\ALPSER~1\SetReg.exe" (my system is XP, Sp3)
I tried to install that file on a Different system (XP, sp3) and everything was ok.
When I read a little I found it could be a bagel virus. I really don't know.
I didn't try to scan malewear nor do anything before I'll know what you thing could fix that problem.
Pleas Help Me.
Thanks in advance
Hagay
This is the Log File from OTL Scan:
OTL logfile created on: 09/03/2011 11:04:04 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\hagai\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 81.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 88.03 Gb Free Space | 37.80% Space Free | Partition Type: NTFS
Drive D: | 112.29 Gb Total Space | 2.51 Gb Free Space | 2.24% Space Free | Partition Type: NTFS
Drive E: | 120.58 Gb Total Space | 4.59 Gb Free Space | 3.80% Space Free | Partition Type: NTFS
Drive J: | 700.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: KIL-8 | User Name: hagay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/09 10:46:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hagai\Desktop\OTL.exe
PRC - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010/08/12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010/06/09 13:30:11 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2010/05/27 19:11:12 | 000,373,248 | ---- | M] () -- C:\Program Files\Wi-Fi Sync\wifisync.exe
PRC - [2010/04/16 18:19:28 | 000,103,800 | ---- | M] (Dynamic Network Services, Inc.) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe
PRC - [2010/03/10 01:10:38 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2009/09/06 12:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/03/12 21:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe
PRC - [2008/04/14 14:00:00 | 003,195,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/04 18:53:00 | 000,132,656 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2007/06/04 18:52:20 | 001,197,616 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2007/05/23 20:29:36 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
PRC - [2006/05/14 22:47:48 | 000,344,064 | ---- | M] () -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
PRC - [2006/02/05 14:20:14 | 000,180,224 | ---- | M] () -- C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
PRC - [2002/09/29 14:41:10 | 000,090,112 | ---- | M] (Y'z@Home) -- C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
========== Modules (SafeList) ==========
MOD - [2011/03/09 10:46:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hagai\Desktop\OTL.exe
MOD - [2010/08/23 18:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/14 14:00:00 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crtdll.dll
MOD - [2006/04/25 01:40:58 | 000,003,584 | ---- | M] () -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\MouseHook2.dll
MOD - [2005/08/14 01:26:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon.dll
MOD - [2002/09/29 14:41:08 | 000,057,344 | ---- | M] () -- C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Auto | Stopped] -- -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (Net Driver HPZ12)
SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [Disabled | Stopped] -- -- (.EsetTrialReset)
SRV - [2011/01/12 16:35:52 | 000,069,864 | ---- | M] (SANDBOXIE L.T.D) [On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/01/06 03:43:36 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/08/12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010/06/10 01:16:40 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/09 13:30:11 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/04/16 18:19:28 | 000,103,800 | ---- | M] (Dynamic Network Services, Inc.) [Auto | Running] -- C:\Program Files\DynDNS Updater\DynUpSvc.exe -- (DynDNS Updater)
SRV - [2010/03/17 14:03:34 | 001,581,056 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Pixar\RenderManProServer-13.5.2\bin\alfserver.exe -- (Pixar Alfred Server 13.5.2)
SRV - [2010/03/10 01:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/06 12:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009/06/02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/03/12 21:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe -- (STacSV)
SRV - [2008/03/09 23:04:52 | 000,065,536 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe -- (mi-raysat_3dsMax2009_32)
SRV - [2007/12/10 22:01:49 | 000,741,376 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Pixar\license-5.0.2\PixarLicenseServer.exe -- (Pixar License Server 5.0.2)
SRV - [2007/06/04 18:52:20 | 001,197,616 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Tablet.exe -- (TabletService)
SRV - [2007/05/23 20:29:36 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
========== Driver Services (SafeList) ==========
DRV - [2011/01/18 13:34:20 | 000,014,032 | ---- | M] (SHAPE Services) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\idisplayminiport.sys -- (iDispService)
DRV - [2011/01/12 16:35:48 | 000,125,672 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/08/04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010/08/03 13:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010/07/29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010/07/29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/07/29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010/06/03 17:07:18 | 000,013,112 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jumi.sys -- (jumi)
DRV - [2010/04/19 19:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/18 20:32:13 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/08/18 19:28:46 | 000,022,272 | ---- | M] (Returnil SIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\RVFsSec.sys -- (RVFsSec)
DRV - [2009/08/18 19:28:45 | 000,039,424 | ---- | M] (Returnil SIA) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\RVSystem.sys -- (RVSystem)
DRV - [2009/06/18 17:04:20 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/03/19 13:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/03/19 13:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/03/12 21:53:46 | 001,550,613 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/02/09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/02/09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/02/09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/14 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/05/01 23:15:54 | 000,016,896 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
DRV - [2007/02/16 21:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/16 20:30:12 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2007/02/16 02:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006/08/29 16:56:20 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 01 74 AE 7F DB C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/10/12 13:58:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/08/31 15:42:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/29 13:32:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/29 13:32:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/10/05 10:00:42 | 000,000,000 | ---D | M]
[2010/08/17 19:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Extensions
[2009/09/29 15:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Extensions\{a23983c0-fd0e-11dc-95ff-0800200c9a66}
[2010/08/17 19:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Extensions\[email protected]
[2009/09/29 15:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Fennec\Profiles\61ya9iym.default\extensions
[2011/02/17 10:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Firefox\Profiles\lb74b0yq.default\extensions
[2010/07/19 06:15:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Firefox\Profiles\lb74b0yq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/18 07:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Firefox\Profiles\lb74b0yq.default\extensions\{acedd4cf-84b9-4819-8c7c-4075e06d0fc4}
[2010/10/05 11:39:14 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Firefox\Profiles\lb74b0yq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/24 23:54:42 | 000,000,000 | ---D | M] (WeFi Toolbar) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Firefox\Profiles\lb74b0yq.default\extensions\{ee1a404c-5714-451f-9365-a94936993d19}
[2010/07/19 06:15:47 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\hagai\Application Data\Mozilla\Firefox\Profiles\lb74b0yq.default\extensions\[email protected]
[2011/02/16 14:35:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/10 05:02:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/21 21:22:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/22 18:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/10/22 10:02:33 | 000,000,000 | ---D | M] (Zwunzi) -- C:\Program Files\Mozilla Firefox\extensions\{F270F1AF-34D6-41CB-A9F5-8200EF7DB41F}
[2009/08/19 20:31:28 | 000,000,000 | ---D | M] (Finbu.com) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/10/19 17:59:44 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Mozilla Firefox\components\FFComm.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/10/22 10:02:34 | 000,002,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zwunzi119.xml
O1 HOSTS File: ([2008/12/07 16:16:18 | 000,001,305 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts:
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 pagead2.googlesyndication.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - No CLSID value found.
O2 - BHO: (no name) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Wi-Fi Sync] C:\Program Files\Wi-Fi Sync\wifisync.exe ()
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - Startup: C:\Documents and Settings\hagai\Start Menu\Programs\Startup\RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\hagai\Start Menu\Programs\Startup\UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Documents and Settings\hagai\Start Menu\Programs\Startup\Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe (Y'z@Home)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: התאמה אישית לתפריט לחצן ימני - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: מילוי טפסים - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: סרגל הכלים של רובופורם - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: שמירת טפסים - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: מילוי טפסים - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : מילוי טפסים - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: שמירה - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : שמירת טפסים - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: רובופורם - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : סרגל הכלים של רובופורם - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.117.235.237 62.219.186.7
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\hagai\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\hagai\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/18 06:54:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/08/17 22:44:09 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/09/15 04:13:14 | 000,032,729 | R--- | M] () - J:\Autodesk_SketchBookDesigner_for_AutoCAD_Release_Notes_en-US.html -- [ CDFS ]
O32 - AutoRun File - [2010/09/20 11:22:49 | 000,029,272 | R--- | M] () - J:\Autorun.jpg -- [ CDFS ]
O32 - AutoRun File - [2010/01/14 10:36:04 | 000,000,043 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{023b1bcf-456c-11de-b824-d6588393f09a}\Shell - "" = AutoRun
O33 - MountPoints2\{023b1bcf-456c-11de-b824-d6588393f09a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{32d3b797-6d6f-11df-b570-0019d11817bc}\Shell - "" = AutoRun
O33 - MountPoints2\{32d3b797-6d6f-11df-b570-0019d11817bc}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{32d3b797-6d6f-11df-b570-0019d11817bc}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2010/01/14 10:40:16 | 000,452,456 | R--- | M] (Autodesk, Inc.)
O33 - MountPoints2\{af0b1010-45c0-11de-b0de-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{af0b1010-45c0-11de-b0de-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/09 10:46:42 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\hagai\Desktop\OTL.exe
[2011/03/08 17:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\plugEllo_r12_win
[2011/03/06 09:27:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2011/03/05 11:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\mental mill Standard Edition
[2011/03/05 11:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\mental images
[2011/03/05 10:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Autodesk
[2011/03/05 10:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\Max update
[2011/03/02 21:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\CAT Vid Tutorials
[2011/03/02 13:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CAT
[2011/03/02 13:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\SOFTIMAGE_CAT_V3.3_FOR_3DS_MAX_2009_32BIT-XFORCE
[2011/03/02 13:09:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\PEN_Attribute_holder_2.06
[2011/03/02 13:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\pati
[2011/03/02 00:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\cat tst
[2011/02/26 10:26:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\PackageManCDTools
[2011/02/24 21:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\import
[2011/02/24 21:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\load movie tst
[2011/02/23 15:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\tmp
[2011/02/22 12:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Local Settings\Application Data\SourceTec
[2011/02/22 12:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SourceTec
[2011/02/22 12:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SourceTec
[2011/02/22 12:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\SourceTec
[2011/02/22 12:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\swfdec
[2011/02/20 09:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\SteadyBAKEfiles
[2011/02/18 11:34:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\web+buners+flash
[2011/02/17 14:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\PS
[2011/02/16 20:56:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\Unused Desktop Shortcuts
[2011/02/15 23:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\My Documents\Wondershare FLV Downloader Pro
[2011/02/15 23:35:18 | 000,240,248 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\wpcap.dll
[2011/02/15 23:35:18 | 000,088,704 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\Packet.dll
[2011/02/15 23:35:18 | 000,034,064 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\npf.sys
[2011/02/15 23:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Wondershare
[2011/02/15 23:35:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWOW64
[2011/02/15 22:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\My Documents\StreamTransport
[2011/02/15 21:57:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Application Data\ProgSense
[2011/02/15 14:45:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\story boards+animation
[2011/02/15 09:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\New Folder (4)
[2011/02/14 09:52:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\New Folder
[2011/02/14 09:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iDisplay
[2011/02/14 09:31:15 | 000,015,056 | ---- | C] (SHAPE Services) -- C:\WINDOWS\System32\idisplay.dll
[2011/02/14 09:31:15 | 000,014,032 | ---- | C] (SHAPE Services) -- C:\WINDOWS\System32\drivers\idisplayminiport.sys
[2011/02/14 09:31:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Application Data\SHAPE Services
[2011/02/14 09:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\iDisplay
[2011/02/14 09:30:41 | 003,837,448 | ---- | C] (SHAPE Services ) -- C:\Documents and Settings\hagai\Desktop\iDisplay_setup.exe
[2011/02/13 17:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\Point_of_the_fun_Single.c4d
[2011/02/13 17:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\Point_of_the_fun.c4d
[2011/02/13 17:22:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\XP_Spline_Point_Link2.c4d
[2011/02/13 17:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\Spline and Cylinder2.c4d
[2011/02/08 11:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Desktop\MagicMesh_quick_dinosaur
[2011/02/08 11:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hagai\Start Menu\Programs\Nitro4D
[2011/02/08 11:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro4D
[2004/04/23 17:06:25 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp71.dll
[2004/04/23 17:06:25 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr71.dll
[2003/09/08 09:09:54 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp70.dll
[2003/09/08 09:09:54 | 000,344,064 | R--- | C] (Microsoft Corporation) -- C:\Program Files\msvcr70.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/03/09 11:00:09 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/09 11:00:08 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011/03/09 10:58:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/09 10:46:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hagai\Desktop\OTL.exe
[2011/03/09 10:35:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/09 03:08:01 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/09 02:00:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KIL-8-hagay.job
[2011/03/08 21:43:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/06 21:59:17 | 001,381,413 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Model Character sheet_fina+pigtogramal.ai
[2011/03/06 21:43:09 | 000,133,242 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\front sketch2.ai
[2011/03/06 17:04:33 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/06 16:18:42 | 028,868,783 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\PonyTheTail_sm.rar
[2011/03/06 16:04:36 | 000,008,454 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\PoseStore.Helper.v0.23.zip
[2011/03/06 11:54:54 | 000,255,569 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\shirt.ai
[2011/03/06 11:50:41 | 000,131,777 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\front sketch.ai
[2011/03/06 09:27:45 | 000,002,812 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011/03/06 09:27:08 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Sandboxed Web Browser.lnk
[2011/03/06 02:14:46 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\tst1.max
[2011/03/04 16:48:34 | 000,021,282 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\TST.jpg
[2011/03/04 16:28:39 | 000,044,297 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\sampl.jpg
[2011/03/03 15:16:38 | 000,144,876 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\caricature A4 layout2.jpg
[2011/03/03 15:14:17 | 004,213,784 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Roy.tif
[2011/03/03 15:14:07 | 004,876,667 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Roy.pdf
[2011/03/03 14:48:12 | 000,017,246 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\math-AI-probability-formulae-DHD.gif
[2011/03/03 10:41:14 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\hagai\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/02 20:37:56 | 000,158,318 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\heshbonit.jpg
[2011/03/02 20:35:46 | 000,033,635 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\untitled.JPG
[2011/03/02 15:55:30 | 015,076,128 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\PoseMixerVideo.zip
[2011/03/02 13:57:56 | 000,001,992 | ---- | M] () -- C:\RollupOrder.cfg
[2011/03/02 13:07:47 | 000,004,114 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\PEN_Attribute_holder_2.06.zip
[2011/03/02 13:04:51 | 006,932,202 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\pati.rar
[2011/03/02 12:54:35 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\YouTube - 3dsmax CAT.url
[2011/03/01 15:47:40 | 000,765,424 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\tst.FBX
[2011/02/28 00:57:55 | 000,306,572 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Invitation.jpg
[2011/02/27 15:06:32 | 000,308,204 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/26 10:22:51 | 000,694,501 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\PackageManCDTools.zip
[2011/02/24 22:06:53 | 000,000,127 | ---- | M] () -- C:\WINDOWS\mix-fx.ini
[2011/02/23 15:48:49 | 000,768,047 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\De-Langa.jpg
[2011/02/22 13:39:26 | 051,794,042 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\story boards+animation.rar
[2011/02/22 12:10:08 | 011,419,054 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\swfdec.zip
[2011/02/22 11:07:59 | 000,000,125 | ---- | M] () -- C:\WINDOWS\FlashDecompiler.INI
[2011/02/20 09:08:42 | 003,825,065 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\De-Langa2.jpg
[2011/02/18 23:02:21 | 002,179,331 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\gp_win_rc6.1.zip
[2011/02/18 23:00:33 | 002,173,344 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\gp_win_rc6_final.zip
[2011/02/18 11:37:51 | 026,229,021 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\web+buners+flash.zip
[2011/02/17 13:27:43 | 000,012,650 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\74491_123767621016197_100001488804262_147305_1931954_n.jpg
[2011/02/15 23:35:18 | 000,000,920 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Wondershare Player.lnk
[2011/02/14 09:30:55 | 003,837,448 | ---- | M] (SHAPE Services ) -- C:\Documents and Settings\hagai\Desktop\iDisplay_setup.exe
[2011/02/13 17:20:55 | 000,009,059 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\XP_Spline_Point_Link2.c4d.zip
[2011/02/13 17:18:15 | 000,018,175 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Spline and Cylinder3.c4d.zip
[2011/02/13 17:17:05 | 000,017,921 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\Spline and Cylinder2.c4d.zip
[2011/02/11 09:59:00 | 000,038,673 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\background_0.jpg
[2011/02/10 03:23:41 | 004,680,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 21:35:34 | 000,301,385 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\draw sketches.jpg
[2011/02/09 15:53:52 | 000,270,848 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/02/09 15:53:52 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/02/09 14:55:54 | 000,090,519 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\draw.JPG
[2011/02/08 11:16:00 | 000,506,343 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\PS.zip
[2011/02/08 09:42:07 | 000,279,691 | ---- | M] () -- C:\Documents and Settings\hagai\Desktop\MagicMesh_quick_dinosaur.zip
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/03/06 21:39:14 | 000,133,242 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\front sketch2.ai
[2011/03/06 16:18:41 | 028,868,783 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\PonyTheTail_sm.rar
[2011/03/06 16:04:36 | 000,008,454 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\PoseStore.Helper.v0.23.zip
[2011/03/06 11:54:52 | 000,255,569 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\shirt.ai
[2011/03/06 11:50:39 | 000,131,777 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\front sketch.ai
[2011/03/06 09:27:20 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Sandboxed Web Browser.lnk
[2011/03/06 09:25:54 | 001,381,413 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Model Character sheet_fina+pigtogramal.ai
[2011/03/06 02:14:46 | 000,192,512 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\tst1.max
[2011/03/04 16:47:52 | 000,021,282 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\TST.jpg
[2011/03/04 16:28:39 | 000,044,297 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\sampl.jpg
[2011/03/03 15:14:35 | 004,876,667 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Roy.pdf
[2011/03/03 15:14:16 | 004,213,784 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Roy.tif
[2011/03/03 14:48:56 | 000,017,246 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\math-AI-probability-formulae-DHD.gif
[2011/03/02 20:37:53 | 000,158,318 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\heshbonit.jpg
[2011/03/02 20:35:45 | 000,033,635 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\untitled.JPG
[2011/03/02 15:55:30 | 015,076,128 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\PoseMixerVideo.zip
[2011/03/02 13:57:56 | 000,001,992 | ---- | C] () -- C:\RollupOrder.cfg
[2011/03/02 13:07:47 | 000,004,114 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\PEN_Attribute_holder_2.06.zip
[2011/03/02 13:04:50 | 006,932,202 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\pati.rar
[2011/03/02 12:40:28 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\YouTube - 3dsmax CAT.url
[2011/03/01 15:47:40 | 000,765,424 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\tst.FBX
[2011/02/28 00:57:53 | 000,306,572 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Invitation.jpg
[2011/02/27 11:20:59 | 000,094,076 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\tree.c4d
[2011/02/26 10:22:51 | 000,694,501 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\PackageManCDTools.zip
[2011/02/25 23:20:18 | 000,004,237 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\amon^ra NFO Acsi by Scorn .nfo
[2011/02/24 22:06:53 | 000,000,127 | ---- | C] () -- C:\WINDOWS\mix-fx.ini
[2011/02/23 15:48:47 | 000,768,047 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\De-Langa.jpg
[2011/02/22 13:38:55 | 051,794,042 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\story boards+animation.rar
[2011/02/22 12:10:08 | 011,419,054 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\swfdec.zip
[2011/02/20 09:08:40 | 003,825,065 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\De-Langa2.jpg
[2011/02/18 23:02:14 | 002,179,331 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\gp_win_rc6.1.zip
[2011/02/18 23:00:26 | 002,173,344 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\gp_win_rc6_final.zip
[2011/02/18 11:37:47 | 026,229,021 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\web+buners+flash.zip
[2011/02/17 14:12:57 | 000,506,343 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\PS.zip
[2011/02/17 13:38:06 | 000,012,650 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\74491_123767621016197_100001488804262_147305_1931954_n.jpg
[2011/02/15 23:35:18 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2011/02/15 23:35:18 | 000,000,920 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Wondershare Player.lnk
[2011/02/13 17:20:52 | 000,009,059 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\XP_Spline_Point_Link2.c4d.zip
[2011/02/13 17:18:15 | 000,018,175 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Spline and Cylinder3.c4d.zip
[2011/02/13 17:17:04 | 000,017,921 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\Spline and Cylinder2.c4d.zip
[2011/02/11 09:59:00 | 000,038,673 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\background_0.jpg
[2011/02/09 21:35:32 | 000,301,385 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\draw sketches.jpg
[2011/02/09 14:55:54 | 000,090,519 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\draw.JPG
[2011/02/08 09:42:06 | 000,279,691 | ---- | C] () -- C:\Documents and Settings\hagai\Desktop\MagicMesh_quick_dinosaur.zip
[2010/12/28 11:08:56 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2010/12/28 11:08:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2010/11/10 12:16:16 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\hagai\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2010/11/08 12:06:44 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/11/08 12:06:44 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2010/11/02 23:29:14 | 000,000,000 | ---- | C] () -- C:\Program Files\vlc-1.1.4-win32.exe
[2010/10/17 11:03:44 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\hagai\Local Settings\Application Data\PUTTY.RND
[2010/10/12 15:47:20 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\hagai\Application Data\Adobe IllExport Filter CS5 Prefs
[2010/09/27 12:36:44 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\hagai\Application Data\Adobe PNG Format CS5 Prefs
[2010/09/20 00:40:37 | 000,000,125 | ---- | C] () -- C:\WINDOWS\FlashDecompiler.INI
[2010/09/16 21:23:54 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/28 14:21:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat
[2010/08/28 14:21:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat
[2010/08/28 14:21:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat
[2010/08/28 14:21:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat
[2010/08/28 14:21:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/08/28 14:21:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2010/08/12 12:20:11 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\hagai\Application Data\winscp.rnd
[2010/07/25 22:24:26 | 000,241,224 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/07/25 22:24:23 | 000,241,224 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/07/25 22:24:23 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/07/25 22:11:14 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/07/24 00:52:17 | 002,334,720 | ---- | C] () -- C:\WINDOWS\System32\frysdk32.dll
[2010/07/21 22:43:46 | 000,000,441 | ---- | C] () -- C:\WINDOWS\LTLightBeams.ini
[2010/07/21 22:40:24 | 000,000,296 | ---- | C] () -- C:\WINDOWS\LTShared.INI
[2010/07/07 22:29:36 | 000,308,204 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/06/24 10:47:52 | 000,052,140 | ---- | C] () -- C:\WINDOWS\RFC4DPluginUninstall.exe
[2010/06/24 02:26:58 | 002,557,640 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/08 22:50:03 | 000,037,471 | ---- | C] () -- C:\WINDOWS\System32\epfwdata.bin
[2010/06/08 08:19:01 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\hagai\Application Data\Adobe AIFF Format CS5 Prefs
[2010/05/09 00:15:00 | 000,697,690 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2010/05/09 00:15:00 | 000,010,112 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010/05/09 00:07:11 | 000,000,006 | ---- | C] () -- C:\WINDOWS\System32\IISSGE.dll
[2010/05/09 00:03:32 | 000,000,065 | ---- | C] () -- C:\WINDOWS\3DWarehouseClient.INI
[2010/05/08 23:58:32 | 000,697,690 | ---- | C] () -- C:\WINDOWS\unins001.exe
[2010/05/08 23:58:32 | 000,011,267 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2010/05/02 09:36:37 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2010/05/02 09:36:36 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/04/29 18:43:40 | 000,159,860 | ---- | C] () -- C:\WINDOWS\Marsu-Fix 2.4 Uninstaller.exe
[2010/02/07 14:41:53 | 000,166,153 | ---- | C] () -- C:\WINDOWS\Video Cleaner Pro Uninstaller.exe
[2010/02/05 10:54:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2010/01/12 09:57:50 | 000,000,059 | ---- | C] () -- C:\WINDOWS\LTDLG13N.INI
[2010/01/12 02:54:44 | 000,000,042 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2010/01/12 02:54:40 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2010/01/12 02:54:39 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe
[2010/01/12 02:54:39 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2010/01/12 02:54:39 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
[2010/01/10 12:34:36 | 000,000,110 | ---- | C] () -- C:\WINDOWS\{DAF3DD4F-0921-4686-AE03-DBB26816F8ED}_WiseFW.ini
[2009/12/23 09:47:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/12/03 10:55:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/01 11:21:05 | 000,012,717 | R--- | C] () -- C:\WINDOWS\hpwscr14.dat
[2009/11/27 19:44:19 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/11/13 20:48:54 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/10/23 01:22:15 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/10/22 18:19:52 | 000,003,393 | ---- | C] () -- C:\WINDOWS\BorisFX9.2.ini
[2009/10/22 18:19:51 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2009/08/25 14:54:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\LXBRPMON.DLL
[2009/08/25 14:54:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXBRPMUI.DLL
[2009/08/25 14:49:56 | 000,000,561 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
[2009/08/18 19:21:27 | 000,002,812 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/08/18 07:41:12 | 000,122,368 | ---- | C] () -- C:\Documents and Settings\hagai\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/18 06:57:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/08/18 06:51:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/17 23:26:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/08/17 23:25:11 | 004,680,920 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/06/25 20:00:23 | 000,210,676 | ---- | C] () -- C:\WINDOWS\fix.exe
[2008/05/27 06:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/27 06:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,466,252 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,080,214 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/09/27 19:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 19:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 19:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/06/27 17:13:51 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[2007/01/10 17:44:26 | 001,457,024 | R--- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2004/12/20 10:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 10:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/11/12 12:24:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\meritmgr.exe
[2004/10/04 15:22:09 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\glew32.dll
[2002/09/18 00:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
========== LOP Check ==========
[2009/08/25 14:54:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\4200 Series
[2009/08/25 14:54:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\4200Series
[2010/01/25 12:50:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\AnyCapture
[2010/06/10 01:16:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/08/31 15:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2010/08/31 15:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/03/26 21:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2009/11/13 22:05:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/08/19 06:38:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/04/25 01:01:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2011/03/01 00:37:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\e-onsoftware
[2010/10/05 10:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/10/22 14:43:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\FXhome
[2009/11/21 11:32:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/06/04 15:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Itoo Software
[2010/01/12 03:13:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2009/09/15 15:05:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/10/11 13:57:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2010/09/05 14:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2009/10/11 14:10:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/08/20 04:55:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Poser
[2010/05/05 22:45:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/02/07 15:21:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2009/08/18 20:49:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/07/13 22:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spatial View
[2009/12/10 23:57:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Strata Design 3D CX 60
[2011/01/17 21:17:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/02 10:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUpMedia
[2010/07/07 13:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UltiDev
[2011/03/03 12:02:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Zoom Player
[2009/10/30 19:55:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Zwunzi
[2010/07/01 09:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/07 23:48:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\hagai\Application Data\.#
[2009/09/08 09:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\4200Series
[2010/12/16 20:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Autodesk
[2010/08/31 15:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\BitDefender
[2010/12/08 22:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\BitTorrent
[2010/05/27 07:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Canneverbe Limited
[2009/08/18 07:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Carnival Software
[2010/08/12 14:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/08/18 07:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\ChemTable Software
[2009/08/18 07:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/02/16 02:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Cool Record Edit Deluxe
[2009/10/22 10:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Cool Record Edit Pro
[2009/08/18 07:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\DAEMON Tools Lite
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\DAZ 3D
[2010/12/03 00:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\DigiCel
[2011/02/01 11:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\e-on software
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\EDrawings
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Eltima Software
[2009/10/10 11:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\eMule
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\ESET
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\FileZilla
[2009/10/22 11:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Free Sound Recorder
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\GHISLER
[2010/03/20 01:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\GlobalMapper
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\GrabPro
[2009/12/31 03:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\gtk-2.0
[2009/08/30 13:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\headus
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\IcoFX
[2010/01/07 16:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Indigo Renderer
[2009/08/18 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\IObit
[2010/03/25 13:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\iShell
[2009/08/18 07:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Materialise
[2010/09/13 10:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\MAXON
[2009/08/18 07:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\mentalimages
[2011/02/15 21:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Moyea
[2009/08/18 07:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\NCH Swift Sound
[2009/08/18 07:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Nik Software
[2010/06/27 12:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Nokia
[2009/10/11 14:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Nseries
[2009/08/18 07:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\onOne Software
[2010/11/01 12:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\OpenCandy
[2011/02/15 22:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Orbit
[2009/09/15 14:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\PC Suite
[2009/08/18 07:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\pfclean
[2010/08/10 18:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\PhotoMosaic
[2011/01/24 12:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\PICMO
[2009/08/18 07:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Planetside Software
[2009/08/20 04:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Poser
[2009/08/18 07:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Poser Pro
[2009/12/11 10:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Power Sound Editor Free
[2011/02/15 21:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\ProgSense
[2010/07/25 00:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\RandomControl
[2009/08/18 07:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Right Hemisphere
[2010/02/07 14:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\River Past G5
[2011/02/14 09:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\SHAPE Services
[2010/08/06 09:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\SMSender
[2010/05/05 22:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/12/10 23:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Strata Design 3D CX 60
[2010/04/24 23:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\TeamViewer
[2010/12/04 01:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Thinstall
[2010/12/08 10:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Toon Boom Animation
[2009/11/30 02:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\TopoGun32
[2011/03/02 10:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\TuneUpMedia
[2009/08/18 07:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\uk.co.planetside
[2009/08/18 07:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Unity
[2009/08/18 18:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Windows Desktop Search
[2009/08/18 07:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Windows Search
[2010/12/08 22:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Xilisoft
[2010/02/23 13:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\Xilisoft Corporation
[2009/08/18 07:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hagai\Application Data\YouSendIt
[2011/03/09 11:00:08 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:484EC4B1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A85D770C
< End of report >
Sign In
Create Account
