I have the following machine:
Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 3
System Manufacturer: TOSHIBA
System Model: Satellite L40
Processor: Intel® Celeron® M CPU 440 @ 1.86GHz
Memory: 1016MB RAM
My major problem is: it became much slower than it used to be. It is also freezing up once in every few days. I would like to get rid of everything that is starting up and running on the background that is slowing up my computer and that I don't really need.
Also I have another problem: When I work with Microsoft Access 2003 and close one database application in order to open another one (I do it very often), so the second one is not starting unless I do CTL+ALT+DEL and shut down the MSACCESS.EXE proccess manually. Why does it not stopped by the program?
Basically I would like to clean up my laptop from everything unnessesory and make it work like a new one.
Thank you for your help.
Here goes the OTL.txt:
OTL logfile created on: 17/03/2013 00:37:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop\SETUPS
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy
1015.30 Mb Total Physical Memory | 167.44 Mb Available Physical Memory | 16.49% Memory free
2.38 Gb Paging File | 1.69 Gb Available in Paging File | 70.70% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.11 Gb Total Space | 0.92 Gb Free Space | 2.47% Space Free | Partition Type: NTFS
Drive E: | 37.42 Gb Total Space | 29.55 Gb Free Space | 78.97% Space Free | Partition Type: NTFS
Drive P: | 93132.26 Gb Total Space | 93131.60 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Computer Name: LAPTOP | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\User\Desktop\SETUPS\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\BezeqCloud\ppbrowser.exe (Cloud Engines, Inc.)
PRC - C:\Program Files\BezeqCloud\ppfs.exe (Cloud Engines, Inc.)
PRC - C:\Program Files\BezeqCloud\dokanmnt.exe (Cloud Engines)
PRC - C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Avant Browser\adownloader.exe ()
PRC - C:\Program Files\Avant Browser\ybrowser.exe (Avant Force)
PRC - C:\Program Files\Avant Browser\avant.exe (Avant Force)
PRC - C:\Program Files\Allway Sync\Bin\SyncService.exe ()
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\WINDOWS\system32\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\DynAdvanceNotifierPortable\App\DynAdvanceNotifier\MailNotifier.exe (DynAdvance)
PRC - C:\Program Files\1-Click Answers\answers.exe (Answers Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE (Software 2000 Limited)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\ClocX\ClocX.exe (BonSoft)
PRC - C:\WINDOWS\system32\PSIService.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Alwil Software\Avast5\defs\13031600\algo.dll ()
MOD - C:\Program Files\Avant Browser\adownloader.exe ()
MOD - C:\Program Files\Avant Browser\_sqlite3.dll ()
MOD - C:\Program Files\Allway Sync\Bin\SyncService.exe ()
MOD - C:\Program Files\Alwil Software\Avast5\aswDld.dll ()
MOD - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
MOD - C:\WINDOWS\system32\redmonnt.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\PSIService.exe ()
MOD - C:\WINDOWS\system32\Primomonnt.dll ()
========== Services (SafeList) ==========
SRV - (AmmyyAdmin) -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DokanCEMounter) -- C:\Program Files\BezeqCloud\dokanmnt.exe (Cloud Engines)
SRV - (BotkindSyncService) -- C:\Program Files\Allway Sync\Bin\SyncService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ExpressInvoiceService) -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe (NCH Software)
SRV - (SolidWorks Licensing Service) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (dgdersvc) -- C:\WINDOWS\system32\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (acssrv) -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe (Agnitum Ltd.)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SABProcEnum) -- C:\Program Files\Internet Explorer\SABProcEnum.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (adfs) -- File not found
DRV - (DokanCEDriver) -- C:\Program Files\BezeqCloud\dokance.sys (Cloud Engines)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\WINDOWS\system32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (SandBox) -- C:\WINDOWS\system32\drivers\SandBox.sys (Agnitum Ltd.)
DRV - (afw) -- C:\WINDOWS\system32\drivers\afw.sys (Agnitum Ltd.)
DRV - (afwcore) -- C:\WINDOWS\system32\drivers\afwcore.sys (Agnitum Ltd.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {40D06567-6485-4DD5-AFB2-4A4F0CF3E140}
IE - HKCU\..\SearchScopes\{40D06567-6485-4DD5-AFB2-4A4F0CF3E140}: "URL" = http://www.google.co...&rlz=1I7GGLT_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2504091
IE - HKCU\..\SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = http://www.google.co...,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\User\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\User\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
[2010/10/13 21:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2010/10/13 21:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2009/12/28 19:31:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {54B02808-B60E-44CD-A72D-9865117E4E62} - No CLSID value found.
O2 - BHO: (AGFormHelperObj Class) - {6620E618-1AB9-4EB2-ACA4-CBBE9066DBE6} - C:\Program Files\agat\AGForm\AGFormsHelper.dll (Agat software solutions)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe (BonSoft)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OutpostFeedBack] c:\program files\agnitum\outpost firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.)
O4 - HKCU..\Run: [Alwact.exe] File not found
O4 - HKCU..\Run: [DIMDownloading...1271254118180] c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe (Corel Corporation)
O4 - HKCU..\Run: [DynAdvance Notifier] C:\Program Files\DynAdvanceNotifierPortable\App\DynAdvanceNotifier\MailNotifier.exe (DynAdvance)
O4 - HKCU..\Run: [Pogoplug Backup] C:\Program Files\BezeqCloud\ppbrowser.exe (Cloud Engines, Inc.)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Desktop Tray Clock\AtomicAlarmClock.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\1-Click Answers.lnk = C:\Program Files\1-Click Answers\answers.exe (Answers Corporation)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Answers... - C:\Program Files\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM File not found
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM File not found
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Toggle Flash - {93089660-AD23-44F1-AF37-54011A1A5A22} - C:\Program Files\Toggle Flash\togflash.exe ( )
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://downloadcente...trolLite_EN.cab (DjVuCtl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {9E065E4A-BD9D-4547-8F90-985DC62A5591} http://62.219.123.12...24/PlayerPT.cab (PlayerPT Control)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...ivex/RACtrl.cab (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92B43E5C-31A4-4679-A713-F02C0B1B7574}: NameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - File not found
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/28 16:21:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{295e6fdb-8928-11df-8f56-001b9e1c21de}\Shell - "" = AutoRun
O33 - MountPoints2\{295e6fdb-8928-11df-8f56-001b9e1c21de}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{295e6fdb-8928-11df-8f56-001b9e1c21de}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{d54470e6-a686-11dd-8cfa-001b9e1c21de}\Shell\AutoRun\command - "" = D:\wubi.exe --cdmenu
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/10 16:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Pogoplug
[2013/03/10 16:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bezeq Cloud
[2013/03/10 16:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\BezeqCloud
[2013/03/05 11:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Avant Browser
[2013/03/03 16:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\BlueVoda
[2013/03/03 00:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/03/17 00:38:04 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/17 00:32:00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1500820517-839522115-1003UA.job
[2013/03/17 00:21:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/16 22:39:58 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/16 22:39:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/16 22:38:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/14 07:32:00 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1500820517-839522115-1003Core1cd95ead09cd57c.job
[2013/03/14 03:02:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/03/11 11:00:00 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/03/10 10:39:29 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\CCleaner.job
[2013/03/07 19:32:09 | 003,407,952 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Eineinu_Afarsemon_Vaad Harabanim.pdf
[2013/03/07 19:06:52 | 001,602,707 | ---- | M] () -- C:\Documents and Settings\User\Desktop\ועד הרבנים - עינינו.pdf
[2013/03/05 15:40:16 | 000,583,391 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Vaad Harabanim.pdf
[2013/03/05 15:20:44 | 001,882,316 | ---- | M] () -- C:\Documents and Settings\User\Desktop\לוגו עיגול.jpg
[2013/03/05 11:47:22 | 000,001,598 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk
[2013/03/05 11:47:22 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avant Browser.lnk
[2013/03/04 11:18:14 | 000,017,131 | ---- | M] () -- C:\Documents and Settings\User\Desktop\%D7%95%D7%A2%D7%93_%D7%94%D7%A8%D7%91%D7%A0%D7%99%D7%9D.jpg
[2013/03/03 00:48:17 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/02/27 10:55:54 | 000,002,667 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sign&Verify Software.lnk
[2013/02/24 00:48:00 | 000,001,956 | ---- | M] () -- C:\WINDOWS\KeePass.ini
[2013/02/18 01:03:26 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\User\Desktop\EINEINU Folder.lnk
[2013/02/18 00:59:31 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Payments.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/03/14 03:02:22 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/03/07 19:13:39 | 003,407,952 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Eineinu_Afarsemon_Vaad Harabanim.pdf
[2013/03/05 15:40:12 | 000,583,391 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Vaad Harabanim.pdf
[2013/03/05 15:20:39 | 001,882,316 | ---- | C] () -- C:\Documents and Settings\User\Desktop\לוגו עיגול.jpg
[2013/03/05 12:14:24 | 000,017,131 | ---- | C] () -- C:\Documents and Settings\User\Desktop\%D7%95%D7%A2%D7%93_%D7%94%D7%A8%D7%91%D7%A0%D7%99%D7%9D.jpg
[2013/03/05 12:08:38 | 001,602,707 | ---- | C] () -- C:\Documents and Settings\User\Desktop\ועד הרבנים - עינינו.pdf
[2013/03/03 00:48:17 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/02/27 10:55:54 | 000,002,667 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sign&Verify Software.lnk
[2013/02/18 01:03:26 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\User\Desktop\EINEINU Folder.lnk
[2013/02/18 00:59:31 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Payments.lnk
[2013/01/18 12:57:13 | 000,448,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/12/20 21:34:42 | 000,001,078 | ---- | C] () -- C:\Documents and Settings\User\Application Data\alarms.ini
[2012/12/20 21:34:42 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\User\Application Data\DesktopTrayClock.ini
[2012/11/28 21:22:58 | 000,001,956 | ---- | C] () -- C:\WINDOWS\KeePass.ini
[2012/10/15 01:08:03 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2012/10/15 01:08:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2012/10/14 21:02:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\StrStorage.dll
[2012/02/16 11:12:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/10/23 21:40:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\MouseHook.dll
[2009/07/22 14:06:34 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2009/07/15 15:08:20 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\User\Application Data\$_hpcst$.hpc
[2008/10/27 22:25:24 | 000,006,993 | ---- | C] () -- C:\Documents and Settings\User\Application Data\PrimoPDFSet.xml
[2008/10/27 22:25:23 | 000,000,310 | ---- | C] () -- C:\Documents and Settings\User\Application Data\APUSet.xml
[2008/10/23 03:15:11 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2008/10/27 22:21:09 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/01/07 17:20:52 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 02:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010/09/08 11:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agnitum
[2010/10/08 11:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alibre Design
[2010/12/02 10:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/07/08 23:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMMYY
[2010/12/26 18:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/12/03 13:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/03 13:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/04/28 21:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2013/02/03 16:03:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2013/02/03 16:24:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2013/02/14 23:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2013/02/03 16:24:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2013/02/03 16:22:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJFAX
[2013/02/03 16:24:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2013/02/14 23:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2013/02/14 23:41:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2013/02/03 16:24:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2013/02/03 16:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2010/11/26 10:32:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/04/27 16:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynAdvance
[2013/02/03 12:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreePDF
[2009/01/12 02:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009/12/28 20:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2013/01/24 00:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kol Halashon
[2010/12/03 13:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/02/25 22:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/06/11 14:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/10/27 16:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2009/12/10 18:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/06/15 17:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrettyMay
[2010/10/27 10:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RiseFly
[2010/05/02 22:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010/11/29 14:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sync App Settings
[2010/10/12 20:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/08 13:28:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
[2010/11/01 20:36:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.anki
[2010/11/01 20:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.matplotlib
[2010/10/08 01:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Alibre Design
[2009/12/20 21:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Antispyware
[2013/02/03 18:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Any Video Converter
[2010/12/26 18:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Autodesk
[2013/03/05 11:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Avant Browser
[2012/10/22 19:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Avant Downloader
[2010/11/26 10:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG9
[2011/12/28 00:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2010/10/07 21:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Blender Foundation
[2010/03/23 14:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BlogDesk
[2009/12/25 11:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bluefive software
[2013/02/14 23:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Canon
[2011/11/23 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/06/08 17:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\com.adobe.ExMan
[2013/03/17 00:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Dropbox
[2010/12/05 14:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\eM Client
[2011/06/09 22:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EurekaLog
[2010/10/31 17:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FileZilla
[2010/05/02 09:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FinalMediaPlayer
[2009/08/23 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FreeImageConverter
[2011/12/22 14:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GetRightToGo
[2009/12/09 11:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Hide IP NG
[2008/12/04 16:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ICQ
[2010/12/10 10:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ieSpell
[2010/06/16 10:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Image Zone Express
[2009/06/08 17:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\IObit
[2010/06/06 21:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\KeePass
[2011/12/21 15:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Kernel for Windows Data Recovery
[2011/12/17 22:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\MZTools Software
[2010/06/11 14:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NCH Swift Sound
[2009/10/27 16:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nokia
[2011/11/15 11:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ntr
[2009/03/24 12:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PC Suite
[2010/12/09 19:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Plot Builder
[2010/06/11 14:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Recordpad
[2010/10/27 10:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\RiseFly
[2010/03/16 12:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SAIG
[2010/05/02 22:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Samsung
[2012/11/19 21:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SanDisk
[2010/06/14 15:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Scendix Software
[2012/05/19 23:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Scribus
[2010/06/14 15:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Softland
[2010/06/07 23:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Stardock
[2010/11/29 14:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sync App Settings
[2011/11/20 18:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TeamViewer
[2008/12/04 14:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TeleMessage
[2009/04/29 14:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Thinstall
[2010/10/21 18:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TightVNC
[2009/12/16 18:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Uniblue
[2010/03/23 15:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Zoundry
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2012/05/19 23:22:31 | 000,000,000 | ---D | M](C:\Documents and Settings\User\My Documents\?????????) -- C:\Documents and Settings\User\My Documents\ПИЛИТОВИЧ
[2010/11/02 21:36:40 | 000,000,000 | ---D | C](C:\Documents and Settings\User\My Documents\?????????) -- C:\Documents and Settings\User\My Documents\ПИЛИТОВИЧ
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Edited by 7625965, 16 March 2013 - 05:40 PM.