Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Elad (administrator) on ELAD-PC on 19-02-2015 06:20:27
Running from C:\Users\Elad\Desktop
Loaded Profiles: Elad & ילדים (Available profiles: Elad & ילדים)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: עברית (ישראל)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\ComboFix\PEV.exe
() C:\ComboFix\PEV.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\5ea8c384-aed9-4d10-9c8d-c672ebd84aad.exe [183232 2015-02-18] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3441956485-605021414-3669656422-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2014-10-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Elad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Elad\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Elad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\מעקב אחר התראות על מפלס דיו נמוך - HP Deskjet 4640 series.lnk
ShortcutTarget: מעקב אחר התראות על מפלס דיו נמוך - HP Deskjet 4640 series.lnk -> C:\Program Files\HP\HP Deskjet 4640 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3441956485-605021414-3669656422-1000\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3441956485-605021414-3669656422-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://il.msn.com/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: עוזר הכניסה של חשבון Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6F0F62C-8B26-45C1-BA31-AD087048E295}: [NameServer] 8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Elad\AppData\Roaming\Mozilla\Firefox\Profiles\nll55r7u.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Elad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @talk.google.com/O1DPlugin -> C:\Users\Elad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Elad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Elad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3441956485-605021414-3669656422-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Elad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Elad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Elad\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-05]
Chrome:
=======
CHR Profile: C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-18]
CHR Extension: (Google Docs) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-18]
CHR Extension: (Google Drive) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-18]
CHR Extension: (YouTube) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-18]
CHR Extension: (Google Search) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-18]
CHR Extension: (Google Sheets) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-18]
CHR Extension: (Avast Online Security) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-18]
CHR Extension: (Gmail) - C:\Users\Elad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-01] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-01] (Avast Software)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-01] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(
www.devguru.co.kr))
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-15] ()
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-01] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 06:20 - 2015-02-19 06:21 - 00016007 _____ () C:\Users\Elad\Desktop\FRST.txt
2015-02-19 06:20 - 2015-02-19 06:20 - 00000000 ____D () C:\Users\Elad\Desktop\FRST-OlderVersion
2015-02-18 10:42 - 2015-02-18 10:42 - 00003608 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 4640 series
2015-02-18 10:42 - 2015-02-18 10:42 - 00001991 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2015-02-18 10:42 - 2015-02-18 10:42 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2015-02-18 10:42 - 2015-02-18 10:42 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\HpUpdate
2015-02-18 10:42 - 2015-02-18 10:42 - 00000000 ____D () C:\ProgramData\Visan
2015-02-18 10:42 - 2015-02-18 10:42 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-02-18 10:42 - 2015-02-18 10:42 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2015-02-18 10:42 - 2015-02-18 10:42 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-02-18 10:41 - 2015-02-18 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-02-18 10:41 - 2015-02-18 10:42 - 00000000 ____D () C:\Program Files (x86)\HP
2015-02-18 10:41 - 2015-02-18 10:41 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 4640 series.lnk
2015-02-18 10:41 - 2015-02-18 10:41 - 00001159 _____ () C:\Users\Public\Desktop\רכישת חומרים מתכלים - HP Deskjet 4640 series.lnk
2015-02-18 10:41 - 2015-02-18 10:41 - 00000000 ____D () C:\ProgramData\HP
2015-02-18 10:41 - 2015-02-18 10:41 - 00000000 ____D () C:\Program Files\HP
2015-02-18 10:41 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMC811.dll
2015-02-18 10:40 - 2015-02-18 10:40 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-02-18 10:39 - 2015-02-18 12:20 - 00000000 ____D () C:\Users\Elad\AppData\Local\HP
2015-02-18 07:23 - 2015-02-18 07:23 - 00002249 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-18 07:23 - 2015-02-18 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-18 07:22 - 2015-02-19 05:27 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-18 07:22 - 2015-02-18 15:08 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-18 07:22 - 2015-02-18 07:22 - 00003920 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-18 07:22 - 2015-02-18 07:22 - 00003668 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-18 04:45 - 2015-02-18 04:45 - 00024420 _____ () C:\ComboFix.txt
2015-02-18 04:32 - 2015-02-18 04:45 - 00000000 ____D () C:\Qoobox
2015-02-18 04:32 - 2015-02-18 04:45 - 00000000 ____D () C:\ComboFix
2015-02-18 04:32 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-18 04:32 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-18 04:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-18 04:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-18 04:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-18 04:32 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-18 04:32 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-18 04:32 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-18 04:29 - 2015-02-18 04:29 - 00000316 _____ () C:\Windows\PFRO.log
2015-02-18 03:35 - 2015-02-18 03:36 - 05611903 ____R (Swearware) C:\Users\Elad\Desktop\ComboFix.exe
2015-02-17 18:43 - 2015-02-18 20:13 - 00000000 ____D () C:\Users\ילדים\Desktop\מעין
2015-02-17 10:32 - 2015-02-17 10:32 - 00000000 ____D () C:\Users\Elad\AppData\Local\Macromedia
2015-02-17 10:26 - 2015-02-17 10:27 - 00000000 ____D () C:\Users\Elad\AppData\Local\Mozilla
2015-02-17 10:26 - 2015-02-17 10:26 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-17 10:26 - 2015-02-17 10:26 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-17 10:26 - 2015-02-17 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-17 10:26 - 2015-02-17 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-16 10:44 - 2015-02-16 10:45 - 00880208 _____ (Google Inc.) C:\Users\Elad\Desktop\ChromeSetup (1).exe
2015-02-16 01:00 - 2015-02-19 06:20 - 00000000 ____D () C:\FRST
2015-02-16 00:58 - 2015-02-16 00:58 - 00000630 _____ () C:\Users\Elad\Desktop\JRT.txt
2015-02-16 00:45 - 2015-02-19 06:20 - 02086912 _____ (Farbar) C:\Users\Elad\Desktop\FRST64.exe
2015-02-16 00:44 - 2015-02-18 04:30 - 00000112 _____ () C:\Windows\setupact.log
2015-02-16 00:44 - 2015-02-16 00:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-16 00:43 - 2015-02-16 00:44 - 01388274 _____ (Thisisu) C:\Users\Elad\Desktop\JRT (2).exe
2015-02-15 22:25 - 2015-02-15 22:44 - 00000000 ____D () C:\Users\Elad\Desktop\mbar
2015-02-15 19:49 - 2015-02-15 19:49 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-49-13.064-aswFe.exe-5104.log
2015-02-15 19:45 - 2015-02-15 19:49 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-45-10.004-aswFe.exe-4440.log
2015-02-15 19:45 - 2015-02-15 19:45 - 00000197 _____ () C:\Windows\system32\2015-02-15-17-45-06.031-AvastVBoxSVC.exe-3816.log
2015-02-15 19:35 - 2015-02-15 19:39 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-35-01.035-aswFe.exe-5060.log
2015-02-15 19:34 - 2015-02-15 19:35 - 00000197 _____ () C:\Windows\system32\2015-02-15-17-34-58.069-AvastVBoxSVC.exe-5304.log
2015-02-15 19:22 - 2015-02-15 19:22 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-22-44.056-aswFe.exe-2628.log
2015-02-15 19:14 - 2015-02-15 19:22 - 00000247 _____ () C:\Windows\system32\2015-02-15-17-14-51.036-aswFe.exe-4924.log
2015-02-15 19:14 - 2015-02-15 19:14 - 00000197 _____ () C:\Windows\system32\2015-02-15-17-14-45.092-AvastVBoxSVC.exe-5604.log
2015-02-15 10:55 - 2015-02-15 10:55 - 00000197 _____ () C:\Windows\system32\2015-02-15-08-55-36.096-AvastVBoxSVC.exe-2480.log
2015-02-15 10:47 - 2015-02-16 00:46 - 00000000 ____D () C:\AdwCleaner
2015-02-15 10:40 - 2015-02-15 10:40 - 00000000 ____D () C:\Users\Elad\AppData\Local\Secunia PSI
2015-02-15 10:28 - 2015-02-15 10:28 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-02-15 10:28 - 2015-02-15 10:28 - 00000000 ____D () C:\Program Files (x86)\Secunia
2015-02-15 00:00 - 2015-02-15 00:00 - 00000197 _____ () C:\Windows\system32\2015-02-14-22-00-08.046-AvastVBoxSVC.exe-2456.log
2015-02-14 23:18 - 2015-01-15 10:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-14 23:18 - 2015-01-15 10:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-14 23:18 - 2015-01-15 10:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-14 23:18 - 2015-01-15 10:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-14 23:18 - 2015-01-15 10:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-14 23:18 - 2015-01-15 10:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-14 23:18 - 2015-01-15 10:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-14 23:18 - 2015-01-15 10:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-14 23:18 - 2015-01-15 10:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-14 23:18 - 2015-01-15 10:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-14 23:18 - 2015-01-15 10:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-14 23:18 - 2015-01-15 09:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-14 23:18 - 2015-01-15 09:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-14 23:18 - 2015-01-15 09:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-14 23:18 - 2015-01-15 09:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-14 23:18 - 2015-01-15 09:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-14 23:18 - 2015-01-15 09:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-14 23:18 - 2015-01-15 06:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-14 23:17 - 2015-01-14 08:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-14 23:17 - 2015-01-14 08:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-14 23:17 - 2015-01-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-14 23:17 - 2015-01-14 08:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-14 23:17 - 2015-01-14 07:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-14 23:17 - 2015-01-14 07:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-14 23:17 - 2015-01-14 07:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-14 23:17 - 2015-01-14 07:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-14 23:17 - 2015-01-14 07:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-14 23:17 - 2015-01-12 05:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-14 23:17 - 2015-01-12 05:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-14 23:17 - 2015-01-12 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-14 23:17 - 2015-01-12 04:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-14 23:17 - 2015-01-12 04:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-14 23:17 - 2015-01-12 04:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-14 23:17 - 2015-01-12 04:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-14 23:17 - 2015-01-12 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-14 23:17 - 2015-01-12 04:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-14 23:17 - 2015-01-12 04:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-14 23:17 - 2015-01-12 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-14 23:17 - 2015-01-12 04:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-14 23:17 - 2015-01-12 04:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-14 23:17 - 2015-01-12 04:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 23:17 - 2015-01-12 04:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 23:17 - 2015-01-12 04:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-14 23:17 - 2015-01-12 04:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-14 23:17 - 2015-01-12 04:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-14 23:17 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-14 23:17 - 2015-01-12 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-14 23:17 - 2015-01-12 04:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-14 23:17 - 2015-01-12 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-14 23:17 - 2015-01-12 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-14 23:17 - 2015-01-12 04:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-14 23:17 - 2015-01-12 04:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-14 23:17 - 2015-01-12 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-14 23:17 - 2015-01-12 04:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-14 23:17 - 2015-01-12 04:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-14 23:17 - 2015-01-12 04:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-14 23:17 - 2015-01-12 03:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-14 23:17 - 2015-01-12 03:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-14 23:17 - 2015-01-12 03:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 23:17 - 2015-01-12 03:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-14 23:17 - 2015-01-12 03:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-14 23:17 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-14 23:17 - 2015-01-12 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-14 23:17 - 2015-01-12 03:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-14 23:17 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-14 23:17 - 2015-01-12 03:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-14 23:17 - 2015-01-12 03:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-14 23:17 - 2015-01-12 03:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-14 23:17 - 2015-01-12 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-14 23:17 - 2015-01-12 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-14 23:17 - 2015-01-12 03:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-14 23:17 - 2015-01-12 03:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-14 23:17 - 2015-01-12 03:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-14 23:17 - 2015-01-12 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-14 23:17 - 2015-01-12 03:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-14 23:17 - 2015-01-12 03:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-14 23:17 - 2015-01-12 03:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-14 23:17 - 2015-01-12 03:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-14 23:17 - 2015-01-12 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-14 23:17 - 2015-01-12 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-14 23:17 - 2015-01-12 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-14 23:17 - 2015-01-10 08:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-14 23:17 - 2015-01-10 08:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-14 23:16 - 2015-01-13 05:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-14 23:16 - 2015-01-13 04:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-14 23:16 - 2015-01-10 08:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-14 23:16 - 2015-01-10 08:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-14 23:16 - 2015-01-10 08:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-14 23:16 - 2015-01-09 04:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-14 23:16 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-14 23:16 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-14 22:37 - 2015-02-14 22:37 - 00000197 _____ () C:\Windows\system32\2015-02-14-20-37-37.054-AvastVBoxSVC.exe-2256.log
2015-02-09 11:22 - 2015-02-09 11:22 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-22-25.072-AvastVBoxSVC.exe-2568.log
2015-02-09 11:03 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-02-09 11:03 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-02-09 11:03 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-02-09 11:03 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-02-09 11:03 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-02-09 11:03 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-02-09 11:03 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-02-09 11:03 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-02-09 10:46 - 2015-02-09 10:46 - 00000000 ____D () C:\Windows\he
2015-02-09 10:45 - 2015-02-09 10:45 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-02-09 10:45 - 2015-02-09 10:45 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-02-09 10:45 - 2015-02-09 10:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-02-09 10:43 - 2015-02-09 10:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-02-09 10:43 - 2015-02-09 10:43 - 00000000 ____D () C:\Program Files\Windows Live
2015-02-09 10:43 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2015-02-09 10:42 - 2015-02-09 10:46 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-02-09 10:40 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-02-09 10:40 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-02-09 10:40 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-02-09 10:40 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-09 10:40 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-09 10:40 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-02-09 10:40 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-02-09 10:39 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-02-09 10:39 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-02-09 10:38 - 2015-02-09 10:38 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-02-09 10:36 - 2015-02-15 02:25 - 00000000 ____D () C:\Users\Elad\AppData\Local\Windows Live
2015-02-07 19:30 - 2015-02-07 19:31 - 00000197 _____ () C:\Windows\system32\2015-02-07-17-30-20.089-AvastVBoxSVC.exe-2292.log
2015-01-31 21:00 - 2015-02-17 10:27 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Mozilla
2015-01-31 20:01 - 2015-01-31 20:02 - 00000197 _____ () C:\Windows\system32\2015-01-31-18-01-53.017-AvastVBoxSVC.exe-2140.log
2015-01-23 16:48 - 2015-01-23 16:48 - 00000197 _____ () C:\Windows\system32\2015-01-23-14-48-21.025-AvastVBoxSVC.exe-2252.log
2015-01-22 10:55 - 2015-01-22 10:55 - 00000197 _____ () C:\Windows\system32\2015-01-22-08-55-00.027-AvastVBoxSVC.exe-2084.log
2015-01-22 09:50 - 2015-01-22 10:48 - 00000000 ____D () C:\Users\Elad\Desktop\תיקיה חדשה
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 06:20 - 2013-12-13 10:45 - 01736620 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 06:18 - 2013-12-16 20:38 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\vlc
2015-02-19 06:08 - 2014-05-26 20:37 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000UA.job
2015-02-19 06:06 - 2014-05-26 20:37 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000Core.job
2015-02-19 05:26 - 2013-12-14 23:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-18 15:07 - 2014-04-09 10:15 - 00002249 _____ () C:\Users\ילדים\Desktop\Google Chrome.lnk
2015-02-18 10:39 - 2009-07-14 06:45 - 00018880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-18 10:39 - 2009-07-14 06:45 - 00018880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-18 10:38 - 2014-01-04 20:54 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Copy
2015-02-18 07:23 - 2013-12-16 20:25 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-18 04:41 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-18 04:32 - 2014-11-05 11:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-18 04:31 - 2013-12-20 09:55 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Dropbox
2015-02-18 04:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 19:43 - 2014-04-09 10:15 - 00000000 ____D () C:\Users\ילדים\Desktop\נעה
2015-02-17 19:43 - 2014-04-09 10:15 - 00000000 ____D () C:\Users\ילדים\Desktop\הלל
2015-02-17 10:24 - 2014-10-18 21:26 - 00000000 ____D () C:\Users\Elad\Desktop\psalim
2015-02-16 01:39 - 2014-05-10 23:25 - 00000000 ____D () C:\Windows\pss
2015-02-15 22:44 - 2014-11-11 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-15 22:26 - 2014-06-08 19:14 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-15 22:25 - 2014-06-08 19:14 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-15 22:14 - 2014-11-11 10:52 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-15 11:01 - 2013-12-16 20:33 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\uTorrent
2015-02-15 10:21 - 2014-05-03 23:32 - 00000000 ____D () C:\Users\Elad\AppData\Local\com
2015-02-15 10:12 - 2014-06-08 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-15 10:12 - 2014-06-08 19:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-15 04:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 23:57 - 2009-07-14 06:45 - 00447632 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-02-14 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-14 23:37 - 2013-12-14 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-14 23:30 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-14 23:29 - 2013-12-21 19:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-14 23:22 - 2013-12-21 19:50 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 13:03 - 2013-12-20 09:56 - 00000000 ____D () C:\Users\Elad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 20:17 - 2009-09-03 10:15 - 00390626 _____ () C:\Windows\system32\perfh00D.dat
2015-02-12 20:17 - 2009-09-03 10:15 - 00083858 _____ () C:\Windows\system32\perfc00D.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00680166 _____ () C:\Windows\system32\perfh00C.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00469020 _____ () C:\Windows\system32\perfh001.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00128832 _____ () C:\Windows\system32\perfc00C.dat
2015-02-12 20:17 - 2009-09-03 10:00 - 00093678 _____ () C:\Windows\system32\perfc001.dat
2015-02-12 20:17 - 2009-07-14 07:13 - 02611390 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-09 11:17 - 2009-09-03 10:14 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-02-09 11:17 - 2009-09-03 09:59 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-02-09 10:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-05 06:01 - 2014-05-26 20:37 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000UA
2015-02-05 06:01 - 2014-05-26 20:37 - 00003506 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441956485-605021414-3669656422-1000Core
2015-02-05 00:26 - 2013-12-14 23:18 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 00:26 - 2013-12-14 23:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 00:26 - 2013-12-14 23:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-31 20:10 - 2014-11-12 18:02 - 00000000 ____D () C:\Users\Elad\AppData\Local\CrashDumps
2015-01-31 20:10 - 2014-11-05 11:25 - 00000000 ____D () C:\Windows\Minidump
2015-01-31 20:10 - 2013-12-13 20:41 - 00000000 ____D () C:\Windows\Panther
==================== Files in the root of some directories =======
2015-02-18 10:40 - 2015-02-18 10:40 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 00:24
==================== End Of Log ============================