Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Elad (administrator) on ELAD-PC on 16-02-2015 01:01:17
Running from C:\Users\Elad\Desktop
Loaded Profiles: Elad (Available profiles: Elad & ילדים)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: עברית (ישראל)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\Elad\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Thisisu) C:\Users\Elad\Desktop\JRT (2).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\...\Run: [Google Update] => C:\Users\Elad\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-26] (Google Inc.)
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\...\Run: [GoogleChromeAutoLaunch_1B47AD2C38DF335E991454E603A6EBCF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Elad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Elad\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: עוזר הכניסה של חשבון Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6F0F62C-8B26-45C1-BA31-AD087048E295}: [NameServer] 8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Elad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @talk.google.com/O1DPlugin -> C:\Users\Elad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Elad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Elad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Elad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Elad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Elad\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-05]
Chrome:
=======
CHR HomePage: Default ->
https://www.google.co.il/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR StartupUrls: Default -> "hxxp://
www.google.co.il/", "hxxp://istart.webssearches.com/?type=hp&ts=1399152198&from=tugs&uid=TOSHIBAXDT01ACA200_83R0EPBKSXX83R0EPBKSX", "hxxp://istart.webssearches.com/?type=hppp&ts=1399747179&from=tugs&uid=TOSHIBAXDT01ACA200_83R0EPBKSXX83R0EPBKSX", "hxxp://istart.webssearches.com/?type=hppp&ts=1401360630&from=tugs&uid=TOSHIBAXDT01ACA200_83R0EPBKSXX83R0EPBKSX", "hxxp://istart.webssearches.com/?type=hppp&ts=1401709863&from=tugs&uid=TOSHIBAXDT01ACA200_83R0EPBKSXX83R0EPBKSX", "hxxp://istart.webssearches.com/?type=hppp&ts=1401738428&from=tugs&uid=TOSHIBAXDT01ACA200_83R0EPBKSXX83R0EPBKSX"
CHR Profile: C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google מצגות) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-27]
CHR Extension: (Google Docs) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-27]
CHR Extension: (כונן Google) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-27]
CHR Extension: (WOT) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-02-15]
CHR Extension: (YouTube) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-27]
CHR Extension: (
http://www.nrg.co.il/) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\clfdmokcmibpmbgapmfapjoamgbplgal [2014-11-27]
CHR Extension: (חיפוש Google) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-27]
CHR Extension: (Google Sheets) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-27]
CHR Extension: (
http://qg.sisma.org.il/school/massuah/classes) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\flhjhancahhnneceefpbbpjoneilnggh [2014-11-27]
CHR Extension: (AdBlock) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-27]
CHR Extension: (Avast Online Security) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-27]
CHR Extension: (
http://www.sisma.org.il/Pages/homepage.aspx) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkclklidconadhckdgddkjiflbggajao [2014-11-27]
CHR Extension: (
http://grooveshark.com/) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihhhkmbmpohpepnfhfnbdlcpfbmebeb [2014-11-27]
CHR Extension: (Google Wallet) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-27]
CHR Extension: (Gmail) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-01] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-01] (Avast Software)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-01] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(
www.devguru.co.kr))
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-15] ()
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-01] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-16 01:01 - 2015-02-16 01:01 - 00017078 _____ () C:\Users\Elad\Desktop\FRST.txt
2015-02-16 01:00 - 2015-02-16 01:01 - 00000000 ____D () C:\FRST
2015-02-16 00:58 - 2015-02-16 00:58 - 00000630 _____ () C:\Users\Elad\Desktop\JRT.txt
2015-02-16 00:45 - 2015-02-16 00:45 - 02085888 _____ (Farbar) C:\Users\Elad\Desktop\FRST64.exe
2015-02-16 00:44 - 2015-02-16 00:48 - 00000056 _____ () C:\Windows\setupact.log
2015-02-16 00:44 - 2015-02-16 00:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-16 00:43 - 2015-02-16 00:44 - 01388274 _____ (Thisisu) C:\Users\Elad\Desktop\JRT (2).exe
2015-02-15 22:25 - 2015-02-15 22:44 - 00000000 ____D () C:\Users\Elad\Desktop\mbar
2015-02-15 19:49 - 2015-02-15 19:49 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-49-13.064-aswFe.exe-5104.log
2015-02-15 19:45 - 2015-02-15 19:49 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-45-10.004-aswFe.exe-4440.log
2015-02-15 19:45 - 2015-02-15 19:45 - 00000197 _____ () C:\Windows\system32\2015-02-15-17-45-06.031-AvastVBoxSVC.exe-3816.log
2015-02-15 19:35 - 2015-02-15 19:39 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-35-01.035-aswFe.exe-5060.log
2015-02-15 19:34 - 2015-02-15 19:35 - 00000197 _____ () C:\Windows\system32\2015-02-15-17-34-58.069-AvastVBoxSVC.exe-5304.log
2015-02-15 19:22 - 2015-02-15 19:22 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-22-44.056-aswFe.exe-2628.log
2015-02-15 19:14 - 2015-02-15 19:22 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-14-51.036-aswFe.exe-4924.log
2015-02-15 19:14 - 2015-02-15 19:14 - 00000197 _____ () C:\Windows\system32\2015-02-15-17-14-45.092-AvastVBoxSVC.exe-5604.log
2015-02-15 10:55 - 2015-02-15 10:55 - 00000197 _____ () C:\Windows\system32\2015-02-15-08-55-36.096-AvastVBoxSVC.exe-2480.log
2015-02-15 10:47 - 2015-02-16 00:46 - 00000000 ____D () C:\AdwCleaner
2015-02-15 10:40 - 2015-02-15 10:40 - 00000000 ____D () C:\Users\Elad\AppData\Local\Secunia PSI
2015-02-15 10:28 - 2015-02-15 10:28 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-02-15 10:28 - 2015-02-15 10:28 - 00000000 ____D () C:\Program Files (x86)\Secunia
2015-02-15 00:00 - 2015-02-15 00:00 - 00000197 _____ () C:\Windows\system32\2015-02-14-22-00-08.046-AvastVBoxSVC.exe-2456.log
2015-02-14 23:18 - 2015-01-15 10:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-14 23:18 - 2015-01-15 10:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-14 23:18 - 2015-01-15 10:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-14 23:18 - 2015-01-15 10:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-14 23:18 - 2015-01-15 10:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-14 23:18 - 2015-01-15 10:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-14 23:18 - 2015-01-15 10:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-14 23:18 - 2015-01-15 10:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-14 23:18 - 2015-01-15 10:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-14 23:18 - 2015-01-15 10:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-14 23:18 - 2015-01-15 10:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-14 23:18 - 2015-01-15 09:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-14 23:18 - 2015-01-15 09:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-14 23:18 - 2015-01-15 09:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-14 23:18 - 2015-01-15 09:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-14 23:18 - 2015-01-15 09:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-14 23:18 - 2015-01-15 09:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-14 23:18 - 2015-01-15 06:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-14 23:17 - 2015-01-14 08:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-14 23:17 - 2015-01-14 08:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-14 23:17 - 2015-01-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-14 23:17 - 2015-01-14 08:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-14 23:17 - 2015-01-14 07:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-14 23:17 - 2015-01-14 07:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-14 23:17 - 2015-01-14 07:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-14 23:17 - 2015-01-14 07:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-14 23:17 - 2015-01-14 07:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-14 23:17 - 2015-01-12 05:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-14 23:17 - 2015-01-12 05:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-14 23:17 - 2015-01-12 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-14 23:17 - 2015-01-12 04:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-14 23:17 - 2015-01-12 04:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-14 23:17 - 2015-01-12 04:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-14 23:17 - 2015-01-12 04:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-14 23:17 - 2015-01-12 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-14 23:17 - 2015-01-12 04:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-14 23:17 - 2015-01-12 04:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-14 23:17 - 2015-01-12 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-14 23:17 - 2015-01-12 04:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-14 23:17 - 2015-01-12 04:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-14 23:17 - 2015-01-12 04:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 23:17 - 2015-01-12 04:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 23:17 - 2015-01-12 04:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-14 23:17 - 2015-01-12 04:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-14 23:17 - 2015-01-12 04:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-14 23:17 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-14 23:17 - 2015-01-12 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-14 23:17 - 2015-01-12 04:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-14 23:17 - 2015-01-12 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-14 23:17 - 2015-01-12 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-14 23:17 - 2015-01-12 04:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-14 23:17 - 2015-01-12 04:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-14 23:17 - 2015-01-12 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-14 23:17 - 2015-01-12 04:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-14 23:17 - 2015-01-12 04:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-14 23:17 - 2015-01-12 04:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-14 23:17 - 2015-01-12 03:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-14 23:17 - 2015-01-12 03:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-14 23:17 - 2015-01-12 03:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 23:17 - 2015-01-12 03:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-14 23:17 - 2015-01-12 03:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-14 23:17 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-14 23:17 - 2015-01-12 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-14 23:17 - 2015-01-12 03:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-14 23:17 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-14 23:17 - 2015-01-12 03:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-14 23:17 - 2015-01-12 03:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-14 23:17 - 2015-01-12 03:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-14 23:17 - 2015-01-12 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-14 23:17 - 2015-01-12 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-14 23:17 - 2015-01-12 03:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-14 23:17 - 2015-01-12 03:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-14 23:17 - 2015-01-12 03:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-14 23:17 - 2015-01-12 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-14 23:17 - 2015-01-12 03:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-14 23:17 - 2015-01-12 03:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-14 23:17 - 2015-01-12 03:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-14 23:17 - 2015-01-12 03:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-14 23:17 - 2015-01-12 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-14 23:17 - 2015-01-12 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-14 23:17 - 2015-01-12 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-14 23:16 - 2015-01-13 05:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-14 23:16 - 2015-01-13 04:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-14 23:16 - 2015-01-10 08:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-14 23:16 - 2015-01-10 08:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-14 23:16 - 2015-01-10 08:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-14 23:16 - 2015-01-09 04:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-14 23:16 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-14 23:16 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-14 22:37 - 2015-02-14 22:37 - 00000197 _____ () C:\Windows\system32\2015-02-14-20-37-37.054-AvastVBoxSVC.exe-2256.log
2015-02-09 11:22 - 2015-02-09 11:22 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-22-25.072-AvastVBoxSVC.exe-2568.log
2015-02-09 11:03 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-02-09 11:03 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-02-09 11:03 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-02-09 11:03 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-02-09 11:03 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-02-09 11:03 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-02-09 11:03 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-02-09 11:03 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-02-09 10:46 - 2015-02-09 10:46 - 00000000 ____D () C:\Windows\he
2015-02-09 10:45 - 2015-02-09 10:45 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-02-09 10:45 - 2015-02-09 10:45 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-02-09 10:45 - 2015-02-09 10:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-02-09 10:43 - 2015-02-09 10:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-02-09 10:43 - 2015-02-09 10:43 - 00000000 ____D () C:\Program Files\Windows Live
2015-02-09 10:43 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2015-02-09 10:42 - 2015-02-09 10:46 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-02-09 10:40 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-02-09 10:40 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-02-09 10:40 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-02-09 10:40 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-09 10:40 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-02-09 10:40 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-02-09 10:39 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-02-09 10:39 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-02-09 10:38 - 2015-02-09 10:38 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-02-09 10:36 - 2015-02-15 02:25 - 00000000 ____D () C:\Users\Elad\AppData\Local\Windows Live
2015-02-07 19:30 - 2015-02-07 19:31 - 00000197 _____ () C:\Windows\system32\2015-02-07-17-30-20.089-AvastVBoxSVC.exe-2292.log
2015-01-31 21:00 - 2015-01-31 21:00 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Mozilla
2015-01-31 20:01 - 2015-01-31 20:02 - 00000197 _____ () C:\Windows\system32\2015-01-31-18-01-53.017-AvastVBoxSVC.exe-2140.log
2015-01-23 16:48 - 2015-01-23 16:48 - 00000197 _____ () C:\Windows\system32\2015-01-23-14-48-21.025-AvastVBoxSVC.exe-2252.log
2015-01-22 10:55 - 2015-01-22 10:55 - 00000197 _____ () C:\Windows\system32\2015-01-22-08-55-00.027-AvastVBoxSVC.exe-2084.log
2015-01-22 09:50 - 2015-01-22 10:48 - 00000000 ____D () C:\Users\Elad\Desktop\תיקיה חדשה
2015-01-17 20:00 - 2015-01-17 20:01 - 00000197 _____ () C:\Windows\system32\2015-01-17-18-00-35.047-AvastVBoxSVC.exe-2140.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-16 00:55 - 2009-07-14 06:45 - 00018880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 00:55 - 2009-07-14 06:45 - 00018880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 00:54 - 2014-11-05 11:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-16 00:54 - 2014-01-04 20:54 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Copy
2015-02-16 00:52 - 2013-12-13 10:45 - 01653200 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 00:51 - 2013-12-20 09:55 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Dropbox
2015-02-16 00:49 - 2014-11-27 10:31 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-16 00:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-16 00:42 - 2014-11-27 10:31 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-16 00:42 - 2013-12-16 20:38 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\vlc
2015-02-16 00:26 - 2013-12-14 23:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-16 00:06 - 2014-05-26 20:37 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000UA.job
2015-02-15 22:44 - 2014-11-11 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-15 22:26 - 2014-06-08 19:14 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-15 22:25 - 2014-06-08 19:14 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-15 22:14 - 2014-11-11 10:52 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-15 11:01 - 2013-12-16 20:33 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\uTorrent
2015-02-15 10:21 - 2014-05-03 23:32 - 00000000 ____D () C:\Users\Elad\AppData\Local\com
2015-02-15 10:12 - 2014-06-08 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-15 10:12 - 2014-06-08 19:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-15 06:06 - 2014-05-26 20:37 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000Core.job
2015-02-15 04:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 23:57 - 2009-07-14 06:45 - 00447632 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-14 23:37 - 2013-12-14 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-14 23:30 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-14 23:29 - 2013-12-21 19:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-14 23:22 - 2013-12-21 19:50 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 13:03 - 2013-12-20 09:56 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 20:17 - 2009-09-03 10:15 - 00390626 _____ () C:\Windows\system32\perfh00D.dat
2015-02-12 20:17 - 2009-09-03 10:15 - 00083858 _____ () C:\Windows\system32\perfc00D.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00680166 _____ () C:\Windows\system32\perfh00C.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00469020 _____ () C:\Windows\system32\perfh001.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00128832 _____ () C:\Windows\system32\perfc00C.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00093678 _____ () C:\Windows\system32\perfc001.dat
2015-02-12 20:17 - 2009-07-14 07:13 - 02611390 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-10 11:21 - 2014-10-18 21:26 - 00000000 ____D () C:\Users\Elad\Desktop\psalim
2015-02-09 15:30 - 2014-04-09 10:15 - 00000000 ____D () C:\Users\ילדים\Desktop\הלל
2015-02-09 11:17 - 2009-09-03 10:14 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-02-09 11:17 - 2009-09-03 09:59 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-02-09 10:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-05 06:01 - 2014-05-26 20:37 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000UA
2015-02-05 06:01 - 2014-05-26 20:37 - 00003506 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000Core
2015-02-05 00:26 - 2013-12-14 23:18 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 00:26 - 2013-12-14 23:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 00:26 - 2013-12-14 23:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 09:36 - 2014-11-27 10:31 - 00003924 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 09:36 - 2014-11-27 10:31 - 00003672 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-31 20:10 - 2014-11-12 18:02 - 00000000 ____D () C:\Users\Elad\AppData\Local\CrashDumps
2015-01-31 20:10 - 2014-11-05 11:25 - 00000000 ____D () C:\Windows\Minidump
2015-01-31 20:10 - 2013-12-13 20:41 - 00000000 ____D () C:\Windows\Panther
Some content of TEMP:
====================
C:\Users\Elad\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Elad\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzs8lc4.dll
C:\Users\Elad\AppData\Local\Temp\Quarantine.exe
C:\Users\Elad\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 00:24
==================== End Of Log ============================