Publicité
Publicité
Commentaire : fichier scan suite à un virus type locker
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
Ran by אלי חזן (administrator) on ORDINATEURELIE (28-07-2015 18:20:41)
Running from C:\Users\אלי חזן\Downloads
Loaded Profiles: אלי חזן (Available Profiles: אלי חזן & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Hébreu (Israël)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
( ) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(ActivePath Ltd.) C:\Program Files (x86)\ActivePath\Bank Leumi\LeumiComposer.exe
() C:\Users\אלי חזן\AppData\Roaming\cacaoweb\cacaoweb.exe
() C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
() C:\Program Files (x86)\ZTE\MF636\AutoDect.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mindspark) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
() C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_162_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-08-31] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-31] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Allin1Convert Home Page Guard 64 bit] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe [485448 2014-02-23] ( )
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [TaskTray] => [X]
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [136512 2009-08-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [124240 2009-10-22] (McAfee, Inc.)
HKLM-x32\...\Run: [autodetect] => C:\Program Files (x86)\ZTE\MF636\AutoDect.exe [123392 2009-08-04] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM-x32\...\Run: [Allin1Convert EPM Support] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmedint.exe [12872 2014-02-23] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Allin1Convert Search Scope Monitor] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe [55368 2014-02-23] (Mindspark)
HKLM-x32\...\Run: [Allin1Convert_8h Browser Plugin Loader] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe [61512 2014-02-23] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Allin1Convert_8h Browser Plugin Loader 64] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe [71752 2014-02-23] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\common\Lib\ioloLManager.exe [4521272 2015-04-27] (iolo technologies, LLC)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [zixi_http_proxy-win32] => C:\Users\אלי חזן\AppData\Local\ZiXi\Proxy\launch.bat [86 2012-11-18] ()
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [ActiveMail Leumi Composer] => C:\Program Files (x86)\ActivePath\Bank Leumi\LeumiComposer.exe [47616 2012-09-20] (ActivePath Ltd.)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [Google Update] => C:\Users\אלי חזן\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-17] (Google Inc.)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [cacaoweb] => C:\Users\אלי חזן\AppData\Roaming\cacaoweb\cacaoweb.exe [532784 2015-06-27] ()
HKU\S-1-5-18\...\RunOnce: [{90140000-006E-040D-1000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-0011-0000-1000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001A-040D-1000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
Startup: C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Direct Downloader.lnk [2012-11-08]
ShortcutTarget: Direct Downloader.lnk -> C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe ()
Startup: C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2012-11-08]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-621799793-644846384-3821762763-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AYY^xdm067^YYA^il&ptb=57066D44-89A6-4D4C-BD42-196026C8927B&si=flvrunner
HKU\S-1-5-21-621799793-644846384-3821762763-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-621799793-644846384-3821762763-1000 - (No Name) - {94996a74-8a98-41bb-85fe-0b6b9787e851} - No File
URLSearchHook: HKU\S-1-5-21-621799793-644846384-3821762763-1000 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll (Mindspark)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {66C7CB42-5C8B-436B-BEE1-E6C885630561} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^IL&apn_uid=35713611-0764-4BD0-A692-436BBE26C315&apn_sauid=AC0941B3-6654-4BCB-BAB1-D55F2D37BC2E
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> CCFA0301CA914EA49A73FD09B3247959 URL = http://mysearch.avg.com/search?cid={D9ED8EE5-D665-4C72-A279-0E58EC8DABFB}&mid=a58837b2bf8b47d385545502b38ca1a7-a867f1a0d5f7a642c8ba79ba10479c971efb2e6e&lang=en&ds=co011&coid=avgtbdisco&pr=sa&d=2013-09-29 01:14:07&v=17.0.0.9&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> {5D87D551-DDEB-4C94-8646-D755298AFDBD} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIL&apn_uid=35713611-0764-4BD0-A692-436BBE26C315&apn_sauid=AC0941B3-6654-4BCB-BAB1-D55F2D37BC2E
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={2F2BE132-3555-486E-AD50-93FAB02A8B9A}&mid=a58837b2bf8b47d385545502b38ca1a7-a867f1a0d5f7a642c8ba79ba10479c971efb2e6e&lang=fr&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-23 19:23:14&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> {99DC36C8-8B1A-412C-92DF-344B6BBA08B8} URL = http://index.nana10.co.il/SearchUTF8.asp?g=1&gr=0&p=48&fbs=0&ServiceDomain=&SourceService=5&cr=1&rd=1&cx=partner-pub-7699565714483996%3A4cpkrwyo35t&cof=FORID%3A11&AutoRedirect=1&q={searchTerms}&SearchProvider=nana10
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-31] (Qualcomm Atheros Commnucations)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-03-08] (Atheros Commnucations)
BHO-x32: עוזר הכניסה של חשבון Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Search Assistant BHO -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2014-02-23] (Mindspark)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation)
BHO-x32: No Name -> {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} -> No File
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-02-23] (Mindspark)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-02-23] (Mindspark)
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{09B3D15D-598A-4B3D-B445-A962F75203CA}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5C93B146-48C3-4279-A9DC-63AC9CA78F45}: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\אלי חזן\AppData\Roaming\Mozilla\Firefox\Profiles\mjag9cu7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_154.dll [2015-05-28] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_154.dll [2015-05-28] ()
FF Plugin-x32: @Allin1Convert_8h.com/Plugin -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\NP8hStub.dll [2014-02-23] (Mindspark)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @citrixonline.com/appdetectorplugin -> C:\Users\אלי חזן\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-24] (Citrix Online)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\אלי חזן\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @talk.google.com/O1DPlugin -> C:\Users\אלי חזן\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @tools.google.com/Google Update;version=3 -> C:\Users\אלי חזן\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @tools.google.com/Google Update;version=9 -> C:\Users\אלי חזן\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\אלי חזן\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\אלי חזן\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: cacaoweb - C:\Users\אלי חזן\AppData\Roaming\Mozilla\Firefox\Profiles\mjag9cu7.default\Extensions\cacaoweb@cacaoweb.org [2014-10-31]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-28]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-19]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-28]
FF HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-10-29]
CHR Extension: (Google Slides) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-21]
CHR Extension: (Google Docs) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-21]
CHR Extension: (YouTube) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-25]
CHR Extension: (Google Search) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-25]
CHR Extension: (Google Sheets) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-21]
CHR Extension: (SiteAdvisor) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-10-28]
CHR Extension: (cacaoweb) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf [2013-12-29]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-10-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23]
CHR Extension: (Skype Click to Call) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-11-01]
CHR Extension: (Media Player) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkigfdipchbagbecdmmomiahkkhlcfo [2013-10-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-25]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-24]
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\B40E~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-07]
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kgbcbdejncdpahgapnmkjimfmlipdgdl] - C:\Users\אלי חזן\AppData\Local\CRE\kgbcbdejncdpahgapnmkjimfmlipdgdl.crx [2013-10-24]
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [okemjkdkkihnhdaanohnleknbaddlddb] - C:\Users\אלי חזן\AppData\Local\CRE\okemjkdkkihnhdaanohnleknbaddlddb.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [kgbcbdejncdpahgapnmkjimfmlipdgdl] - C:\Users\אלי חזן\AppData\Local\CRE\kgbcbdejncdpahgapnmkjimfmlipdgdl.crx [2013-10-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [okemjkdkkihnhdaanohnleknbaddlddb] - C:\Users\אלי חזן\AppData\Local\CRE\okemjkdkkihnhdaanohnleknbaddlddb.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Allin1Convert_8hService; C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe [88648 2014-02-23] (COMPANYVERS_NAME)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations) [File not signed]
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AC_Service.exe [310080 2015-07-24] (Citrix Online, a division of Citrix Systems, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4676408 2015-04-27] (iolo technologies, LLC)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-21] (McAfee, Inc.)
R2 McAfeeEngineService; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [19720 2009-10-22] (McAfee, Inc.)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [103744 2009-08-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
U2 McShield; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe [178920 2009-10-22] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [66896 2009-10-22] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Update SerialTrunc; C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe [465648 2015-07-28] ()
R2 Util SerialTrunc; C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe [465648 2015-07-28] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [159360 2012-03-08] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-03-28] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-31] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2013-10-27] (McAfee, Inc.)
S4 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [83784 2009-10-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-04-27] (EldoS Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [729704 2010-08-06] (Realtek Semiconductor Corporation )
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-31] (StdLib)
S3 JLTECH0227; System32\Drivers\jl2005c.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-28 18:20 - 2015-07-28 18:23 - 00039296 _____ C:\Users\אלי חזן\Downloads\FRST.txt
2015-07-28 18:20 - 2015-07-28 18:21 - 00000000 ____D C:\FRST
2015-07-28 18:20 - 2015-07-28 18:20 - 02146816 _____ (Farbar) C:\Users\אלי חזן\Downloads\FRST64.exe
2015-07-28 17:18 - 2015-07-28 17:18 - 00001195 _____ C:\Users\אלי חזן\Desktop\File Repair.lnk
2015-07-28 17:18 - 2015-07-28 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Repair
2015-07-28 17:18 - 2015-07-28 17:18 - 00000000 ____D C:\Program Files (x86)\Repair File
2015-07-28 17:17 - 2015-07-28 17:17 - 01020848 _____ (File Repair ) C:\Users\אלי חזן\Downloads\file-repair-setup.exe
2015-07-28 17:08 - 2015-07-28 17:26 - 00000000 ____D C:\Program Files (x86)\Kernel for PDF Repair - Evaluation version
2015-07-28 17:08 - 2015-07-28 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel for PDF Repair - Evaluation version
2015-07-28 17:08 - 2004-10-17 04:08 - 00835584 _____ () C:\Windows\SysWOW64\AxImage.ocx
2015-07-28 17:08 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2015-07-28 17:07 - 2015-07-28 17:07 - 06896736 _____ (Lepide Software Pvt. Ltd. ) C:\Users\אלי חזן\Downloads\kernelpdfrepair.exe
2015-07-28 16:24 - 2015-07-28 16:24 - 00000000 ___RD C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-07-28 15:19 - 2015-07-28 15:21 - 36570832 _____ (Foxit Software Inc. ) C:\Users\אלי חזן\Downloads\FoxitReader715.0425_enu_Setup.exe
2015-07-28 15:06 - 2015-07-28 15:06 - 00274088 _____ C:\Users\אלי חזן\Documents\lang_fr_fr.xml
2015-07-28 15:00 - 2015-07-28 15:00 - 00274088 _____ C:\Users\אלי חזן\Downloads\lang_fr_fr (2).xml
2015-07-28 14:48 - 2015-07-28 14:48 - 00274088 _____ C:\Users\אלי חזן\Downloads\lang_fr_fr (1).xml
2015-07-28 13:52 - 2015-07-28 13:52 - 00274088 _____ C:\Users\אלי חזן\Downloads\lang_fr_fr.xml
2015-07-28 00:17 - 2015-07-28 00:17 - 00082843 _____ C:\Users\אלי חזן\Desktop\HijackThis.exe
2015-07-27 23:46 - 2015-07-27 23:46 - 00333056 _____ C:\Users\אלי חזן\Downloads\pjjoint_uploader (1).exe
2015-07-27 23:39 - 2015-07-27 23:39 - 00333056 _____ C:\Users\אלי חזן\Downloads\pjjoint_uploader.exe
2015-07-27 15:04 - 2015-07-27 15:16 - 00075217 _____ C:\Users\אלי חזן\Desktop\Addition.txt
2015-07-27 14:56 - 2015-07-27 14:56 - 00000000 ____D C:\Users\אלי חזן\Downloads\FRST-OlderVersion
2015-07-27 00:43 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-07-27 00:06 - 2015-07-27 00:07 - 01059840 _____ C:\Users\אלי חזן\Downloads\MicrosoftFixit50981.msi
2015-07-24 11:51 - 2015-07-24 11:51 - 00000060 ___RH C:\Users\אלי חזן\Downloads\GetSusp.opt
2015-07-24 11:23 - 2015-07-24 11:23 - 04735126 _____ C:\Users\אלי חזן\Downloads\gsusp_D5B01DBD53AA_072415_112340.zip
2015-07-24 11:16 - 2015-07-24 11:23 - 00001155 _____ C:\Users\אלי חזן\Downloads\GetSusp.xml
2015-07-24 10:52 - 2015-07-24 10:52 - 04721514 _____ C:\Users\אלי חזן\Downloads\gsusp_EA9A2EFE457F_072415_105205.zip
2015-07-24 10:44 - 2015-07-24 10:44 - 01579552 _____ (McAfee Inc.) C:\Users\אלי חזן\Downloads\getsusp.exe
2015-07-24 10:37 - 2015-07-24 10:37 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-07-24 01:27 - 2015-07-24 01:27 - 00018432 ___SH C:\Users\אלי חזן\AppData\Thumbs.db
2015-07-24 00:16 - 2015-07-24 00:16 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\McAfee
2015-07-23 13:35 - 2015-07-23 13:35 - 00000284 _____ C:\Users\אלי חזן\AppData\Roaming\HELP_DECRYPT.URL
2015-07-23 13:35 - 2015-07-23 13:35 - 00000284 _____ C:\Users\אלי חזן\AppData\HELP_DECRYPT.URL
2015-07-23 10:30 - 2015-07-23 10:30 - 00000284 _____ C:\Users\Default\AppData\HELP_DECRYPT.URL
2015-07-23 10:30 - 2015-07-23 10:30 - 00000284 _____ C:\Users\Default User\AppData\HELP_DECRYPT.URL
2015-07-23 10:30 - 2015-07-23 10:30 - 00000284 _____ C:\ProgramData\HELP_DECRYPT.URL
2015-07-23 10:27 - 2015-07-24 14:27 - 00000000 ___HD C:\5a915b5c
2015-07-21 15:53 - 2015-07-15 06:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 15:53 - 2015-07-15 06:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 15:53 - 2015-07-15 06:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 15:53 - 2015-07-15 06:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 15:53 - 2015-07-15 05:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 15:53 - 2015-07-15 05:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 15:53 - 2015-07-15 05:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 15:53 - 2015-07-15 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 15:53 - 2015-07-15 04:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 15:53 - 2015-07-15 04:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 10:15 - 2015-07-22 15:13 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2015-07-20 10:15 - 2015-07-20 10:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-15 00:17 - 2015-06-25 21:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 00:17 - 2015-06-25 20:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 00:17 - 2015-06-20 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 00:17 - 2015-06-20 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 00:17 - 2015-06-20 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 00:17 - 2015-06-20 22:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 00:17 - 2015-06-20 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 00:17 - 2015-06-20 22:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 00:17 - 2015-06-20 22:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 00:17 - 2015-06-20 22:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 00:17 - 2015-06-20 22:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 00:17 - 2015-06-20 22:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 00:17 - 2015-06-20 22:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 00:17 - 2015-06-20 22:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 00:17 - 2015-06-20 22:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 00:17 - 2015-06-20 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 00:17 - 2015-06-20 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 00:17 - 2015-06-20 22:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 00:17 - 2015-06-20 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 00:17 - 2015-06-20 21:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 00:17 - 2015-06-20 21:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 00:17 - 2015-06-20 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 00:17 - 2015-06-20 21:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 00:17 - 2015-06-20 21:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 00:17 - 2015-06-20 21:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 00:17 - 2015-06-19 21:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 00:17 - 2015-06-19 21:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 00:17 - 2015-06-19 21:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 00:17 - 2015-06-19 21:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 00:17 - 2015-06-19 21:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 00:17 - 2015-06-19 21:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 00:17 - 2015-06-19 21:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 00:17 - 2015-06-19 21:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 00:17 - 2015-06-19 21:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 00:17 - 2015-06-19 21:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 00:17 - 2015-06-19 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 00:17 - 2015-06-19 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 00:17 - 2015-06-19 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 00:17 - 2015-06-19 20:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 00:17 - 2015-06-19 20:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 00:17 - 2015-06-19 20:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 00:17 - 2015-06-19 20:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 00:17 - 2015-06-19 20:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 00:17 - 2015-06-19 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 00:16 - 2015-06-16 00:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 00:16 - 2015-06-16 00:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 00:16 - 2015-06-16 00:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 00:16 - 2015-06-16 00:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 00:16 - 2015-06-16 00:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 00:16 - 2015-06-16 00:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 00:16 - 2015-06-16 00:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 00:16 - 2015-06-16 00:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 00:16 - 2015-06-16 00:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 00:16 - 2015-06-16 00:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 00:16 - 2015-06-16 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 00:16 - 2015-06-16 00:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 00:15 - 2015-07-09 20:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 00:15 - 2015-07-09 20:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 00:15 - 2015-07-09 20:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 00:15 - 2015-06-25 11:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 00:15 - 2015-06-02 03:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 00:15 - 2015-06-02 02:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 00:14 - 2015-06-27 05:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 00:14 - 2015-06-27 05:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 00:14 - 2015-06-27 04:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 00:14 - 2015-06-27 04:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 00:14 - 2015-06-17 20:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 00:14 - 2015-06-17 20:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 00:12 - 2015-07-03 00:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 00:12 - 2015-07-03 00:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 00:12 - 2015-07-02 23:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 00:12 - 2015-07-02 23:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 00:12 - 2015-07-02 23:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 00:12 - 2015-07-02 23:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 00:12 - 2015-07-02 23:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 00:12 - 2015-07-02 23:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 00:12 - 2015-07-02 23:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 00:12 - 2015-07-02 22:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 00:12 - 2015-07-02 22:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 00:12 - 2015-07-02 21:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 00:09 - 2015-07-04 21:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 00:09 - 2015-07-04 20:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 00:09 - 2015-04-27 22:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 00:09 - 2015-04-27 22:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 00:09 - 2015-04-27 22:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 00:09 - 2015-04-27 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 00:07 - 2015-07-01 23:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 00:07 - 2015-07-01 23:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 00:07 - 2015-07-01 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 00:07 - 2015-07-01 23:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 00:07 - 2015-07-01 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 00:07 - 2015-07-01 23:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 00:07 - 2015-07-01 23:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 00:07 - 2015-07-01 23:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 00:07 - 2015-07-01 23:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 00:07 - 2015-07-01 23:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 00:07 - 2015-07-01 23:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 00:07 - 2015-07-01 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 00:07 - 2015-07-01 23:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 00:07 - 2015-07-01 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 00:07 - 2015-07-01 23:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 00:07 - 2015-07-01 23:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 00:07 - 2015-07-01 22:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 00:07 - 2015-07-01 22:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 00:07 - 2015-07-01 22:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 00:04 - 2015-07-09 20:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 00:04 - 2015-07-09 20:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 00:04 - 2015-07-09 20:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 00:04 - 2015-06-11 20:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 00:04 - 2015-06-11 20:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 00:04 - 2015-06-11 20:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-28 18:23 - 2015-04-14 00:07 - 00000000 ____D C:\temp
2015-07-28 18:19 - 2013-12-29 23:29 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\cacaoweb
2015-07-28 17:50 - 2014-11-15 23:38 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 17:49 - 2013-11-17 23:24 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000UA.job
2015-07-28 17:47 - 2012-10-25 03:40 - 01443130 _____ C:\Windows\WindowsUpdate.log
2015-07-28 17:36 - 2012-11-26 18:34 - 00000000 ____D C:\Program Files (x86)\File Type Assistant
2015-07-28 17:30 - 2012-10-25 12:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 16:39 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\tracing
2015-07-28 16:34 - 2009-07-14 07:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 16:34 - 2009-07-14 07:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 16:30 - 2012-10-25 04:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-28 16:24 - 2014-11-15 23:36 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 16:24 - 2014-02-23 19:55 - 00000364 _____ C:\Windows\Tasks\AmiUpdXp.job
2015-07-28 16:24 - 2014-01-06 19:50 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-28 16:23 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 16:23 - 2009-07-14 07:51 - 00140776 _____ C:\Windows\setupact.log
2015-07-28 16:08 - 2015-04-14 12:16 - 00007891 _____ C:\Windows\BRRBCOM.INI
2015-07-28 14:41 - 2013-01-14 19:54 - 00000000 ____D C:\Users\אלי חזן\Desktop\DOSSIERS TRAVAIL EN COURS
2015-07-28 12:21 - 2012-10-25 11:46 - 00000000 ____D C:\Users\אלי חזן\Documents\Bluetooth Folder
2015-07-28 10:34 - 2012-10-25 11:32 - 00000000 ____D C:\Program Files (x86)\Intel
2015-07-28 07:59 - 2014-02-23 19:56 - 00000000 ____D C:\Program Files (x86)\SerialTrunc
2015-07-28 07:59 - 2012-10-25 11:53 - 00318814 _____ C:\Windows\PFRO.log
2015-07-28 00:21 - 2014-08-31 13:23 - 00290816 ___SH C:\Users\אלי חזן\Desktop\Thumbs.db
2015-07-27 22:53 - 2012-10-25 15:27 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Adobe
2015-07-27 22:49 - 2013-11-17 23:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000Core.job
2015-07-27 16:38 - 2013-05-03 15:46 - 00000000 ____D C:\Users\אלי חזן\Desktop\rivka photos
2015-07-27 16:27 - 2012-10-14 17:23 - 00000000 ____D C:\Users\אלי חזן\Desktop\BlackBerry photos
2015-07-27 16:15 - 2013-05-05 08:53 - 00000000 ____D C:\Users\אלי חזן\Desktop\acer 2 COPIE
2015-07-27 14:04 - 2009-09-03 11:15 - 00443990 _____ C:\Windows\system32\perfh00D.dat
2015-07-27 14:04 - 2009-09-03 11:15 - 00105700 _____ C:\Windows\system32\perfc00D.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00809314 _____ C:\Windows\system32\perfh00C.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00532480 _____ C:\Windows\system32\perfh001.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00176072 _____ C:\Windows\system32\perfc00C.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00115636 _____ C:\Windows\system32\perfc001.dat
2015-07-27 14:04 - 2009-07-14 08:13 - 03040904 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 13:51 - 2012-11-08 22:29 - 00000000 ____D C:\Users\אלי חזן\Documents\קבצי Outlook
2015-07-27 13:30 - 2009-07-14 06:20 - 00000000 __RHD C:\Users\Default
2015-07-27 13:06 - 2013-01-14 19:52 - 00000000 ____D C:\Users\אלי חזן\Desktop\DOSSIERS EN COURS - FAMILLE
2015-07-27 13:04 - 2013-02-14 14:07 - 00000000 ____D C:\Users\אלי חזן\comptes
2015-07-27 10:46 - 2012-10-25 04:05 - 00000000 ____D C:\ProgramData\McAfee
2015-07-27 03:22 - 2015-04-14 00:07 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\PCDr
2015-07-27 03:22 - 2014-10-29 17:22 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Mozilla
2015-07-27 03:22 - 2013-05-29 23:40 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Skype
2015-07-27 03:22 - 2012-11-29 19:01 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Research In Motion
2015-07-27 03:21 - 2014-03-06 15:17 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Dropbox
2015-07-27 03:21 - 2013-03-10 14:40 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\DVDVideoSoft
2015-07-27 02:53 - 2015-04-14 00:14 - 00000000 ____D C:\ProgramData\PCDr
2015-07-27 02:53 - 2014-08-08 16:34 - 00000000 ____D C:\quoram
2015-07-27 02:53 - 2013-03-10 14:48 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-07-27 02:40 - 2015-06-05 10:28 - 00000000 ____D C:\ProgramData\iolo
2015-07-27 02:40 - 2014-08-01 18:25 - 00000000 ____D C:\ProgramData\Installations
2015-07-27 02:40 - 2013-01-20 12:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-07-27 02:40 - 2012-10-25 12:11 - 00000000 ____D C:\ProgramData\Dell
2015-07-27 02:40 - 2012-10-25 11:56 - 00000000 ____D C:\ProgramData\Atheros
2015-07-27 02:12 - 2012-10-25 12:10 - 00000000 ____D C:\Dell
2015-07-27 00:44 - 2013-10-27 18:24 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-07-27 00:34 - 2012-10-25 04:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-24 14:19 - 2012-10-25 03:43 - 00000000 ____D C:\Users\אלי חזן
2015-07-24 01:30 - 2015-06-21 15:15 - 00050688 ___SH C:\Users\אלי חזן\Downloads\Thumbs.db
2015-07-23 16:38 - 2012-10-25 12:24 - 00003936 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D7415ACB-B3AC-41D7-B961-1FFF46F2A013}
2015-07-22 19:53 - 2009-07-14 07:45 - 05129584 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 23:07 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-20 10:00 - 2012-10-25 11:56 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Atheros
2015-07-19 17:34 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 10:45 - 2014-11-15 23:38 - 00003924 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 10:45 - 2014-11-15 23:37 - 00003672 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 22:48 - 2013-02-27 14:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 22:47 - 2014-12-29 21:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:44 - 2013-11-17 23:24 - 00003924 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000UA
2015-07-15 22:44 - 2013-11-17 23:24 - 00003528 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000Core
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 16:14 - 2014-12-11 12:57 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 16:14 - 2014-05-18 03:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 15:51 - 2012-10-25 04:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 15:33 - 2013-07-18 03:01 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 11:22 - 2013-01-21 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-03 14:12 - 2009-07-14 08:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-03 08:43 - 2012-11-08 21:37 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 14:09 - 2009-07-14 07:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
==================== Files in the root of some directories =======
2014-06-24 17:25 - 2014-06-24 17:25 - 6010880 _____ () C:\Program Files (x86)\GUT3656.tmp
2013-08-13 15:44 - 2013-08-13 20:10 - 0000000 _____ () C:\Users\אלי חזן\AppData\Roaming\bibstats
2015-07-23 13:35 - 2015-07-23 13:35 - 0045534 _____ () C:\Users\אלי חזן\AppData\Roaming\HELP_DECRYPT.PNG
2015-07-23 13:35 - 2015-07-23 13:35 - 0000284 _____ () C:\Users\אלי חזן\AppData\Roaming\HELP_DECRYPT.URL
2012-11-07 20:56 - 2015-04-17 17:24 - 0027940 _____ () C:\Users\אלי חזן\AppData\Roaming\Rim.Desktop.Exception.log
2012-11-07 20:54 - 2012-11-29 19:00 - 0008484 _____ () C:\Users\אלי חזן\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-11-07 20:57 - 2012-11-29 17:32 - 0000770 _____ () C:\Users\אלי חזן\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-11-09 01:04 - 2012-11-09 01:50 - 0037063 _____ () C:\Users\אלי חזן\AppData\Roaming\ערכים מופרדים באמצעות פסיקים (DOS).ADR
2013-06-05 19:17 - 2013-06-05 19:17 - 0003584 _____ () C:\Users\אלי חזן\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-23 13:31 - 2015-07-23 13:31 - 0045534 _____ () C:\Users\אלי חזן\AppData\Local\HELP_DECRYPT.PNG
2015-07-23 13:31 - 2015-07-23 13:31 - 0000284 _____ () C:\Users\אלי חזן\AppData\Local\HELP_DECRYPT.URL
2013-11-26 02:03 - 2013-11-26 04:21 - 0000600 _____ () C:\Users\אלי חזן\AppData\Local\PUTTY.RND
2013-08-26 20:04 - 2013-08-26 20:04 - 0001097 _____ () C:\Users\אלי חזן\AppData\Local\recently-used.xbel
2012-11-28 20:37 - 2015-04-12 20:44 - 0007598 _____ () C:\Users\אלי חזן\AppData\Local\resmon.resmoncfg
2015-02-16 11:34 - 2015-02-16 11:34 - 0000000 _____ () C:\Users\אלי חזן\AppData\Local\{0EB14EFD-7C12-4995-876E-98BAD878CD15}
2015-07-23 10:30 - 2015-07-23 10:30 - 0045534 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-07-23 10:30 - 2015-07-23 10:30 - 0000284 _____ () C:\ProgramData\HELP_DECRYPT.URL
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 16:43
==================== End of log ============================
Ran by אלי חזן (administrator) on ORDINATEURELIE (28-07-2015 18:20:41)
Running from C:\Users\אלי חזן\Downloads
Loaded Profiles: אלי חזן (Available Profiles: אלי חזן & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Hébreu (Israël)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
( ) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(ActivePath Ltd.) C:\Program Files (x86)\ActivePath\Bank Leumi\LeumiComposer.exe
() C:\Users\אלי חזן\AppData\Roaming\cacaoweb\cacaoweb.exe
() C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
() C:\Program Files (x86)\ZTE\MF636\AutoDect.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mindspark) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
() C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_162_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-08-31] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-31] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Allin1Convert Home Page Guard 64 bit] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe [485448 2014-02-23] ( )
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [TaskTray] => [X]
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [136512 2009-08-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [124240 2009-10-22] (McAfee, Inc.)
HKLM-x32\...\Run: [autodetect] => C:\Program Files (x86)\ZTE\MF636\AutoDect.exe [123392 2009-08-04] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM-x32\...\Run: [Allin1Convert EPM Support] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmedint.exe [12872 2014-02-23] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Allin1Convert Search Scope Monitor] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe [55368 2014-02-23] (Mindspark)
HKLM-x32\...\Run: [Allin1Convert_8h Browser Plugin Loader] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe [61512 2014-02-23] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Allin1Convert_8h Browser Plugin Loader 64] => C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe [71752 2014-02-23] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\common\Lib\ioloLManager.exe [4521272 2015-04-27] (iolo technologies, LLC)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [zixi_http_proxy-win32] => C:\Users\אלי חזן\AppData\Local\ZiXi\Proxy\launch.bat [86 2012-11-18] ()
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [ActiveMail Leumi Composer] => C:\Program Files (x86)\ActivePath\Bank Leumi\LeumiComposer.exe [47616 2012-09-20] (ActivePath Ltd.)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [Google Update] => C:\Users\אלי חזן\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-17] (Google Inc.)
HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Run: [cacaoweb] => C:\Users\אלי חזן\AppData\Roaming\cacaoweb\cacaoweb.exe [532784 2015-06-27] ()
HKU\S-1-5-18\...\RunOnce: [{90140000-006E-040D-1000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-0011-0000-1000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001A-040D-1000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
Startup: C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Direct Downloader.lnk [2012-11-08]
ShortcutTarget: Direct Downloader.lnk -> C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe ()
Startup: C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2012-11-08]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-621799793-644846384-3821762763-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AYY^xdm067^YYA^il&ptb=57066D44-89A6-4D4C-BD42-196026C8927B&si=flvrunner
HKU\S-1-5-21-621799793-644846384-3821762763-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-621799793-644846384-3821762763-1000 - (No Name) - {94996a74-8a98-41bb-85fe-0b6b9787e851} - No File
URLSearchHook: HKU\S-1-5-21-621799793-644846384-3821762763-1000 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll (Mindspark)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {66C7CB42-5C8B-436B-BEE1-E6C885630561} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^IL&apn_uid=35713611-0764-4BD0-A692-436BBE26C315&apn_sauid=AC0941B3-6654-4BCB-BAB1-D55F2D37BC2E
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> CCFA0301CA914EA49A73FD09B3247959 URL = http://mysearch.avg.com/search?cid={D9ED8EE5-D665-4C72-A279-0E58EC8DABFB}&mid=a58837b2bf8b47d385545502b38ca1a7-a867f1a0d5f7a642c8ba79ba10479c971efb2e6e&lang=en&ds=co011&coid=avgtbdisco&pr=sa&d=2013-09-29 01:14:07&v=17.0.0.9&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> {5D87D551-DDEB-4C94-8646-D755298AFDBD} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIL&apn_uid=35713611-0764-4BD0-A692-436BBE26C315&apn_sauid=AC0941B3-6654-4BCB-BAB1-D55F2D37BC2E
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={2F2BE132-3555-486E-AD50-93FAB02A8B9A}&mid=a58837b2bf8b47d385545502b38ca1a7-a867f1a0d5f7a642c8ba79ba10479c971efb2e6e&lang=fr&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-23 19:23:14&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> {99DC36C8-8B1A-412C-92DF-344B6BBA08B8} URL = http://index.nana10.co.il/SearchUTF8.asp?g=1&gr=0&p=48&fbs=0&ServiceDomain=&SourceService=5&cr=1&rd=1&cx=partner-pub-7699565714483996%3A4cpkrwyo35t&cof=FORID%3A11&AutoRedirect=1&q={searchTerms}&SearchProvider=nana10
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-31] (Qualcomm Atheros Commnucations)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-03-08] (Atheros Commnucations)
BHO-x32: עוזר הכניסה של חשבון Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Search Assistant BHO -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2014-02-23] (Mindspark)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation)
BHO-x32: No Name -> {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} -> No File
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-02-23] (Mindspark)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-02-23] (Mindspark)
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-621799793-644846384-3821762763-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{09B3D15D-598A-4B3D-B445-A962F75203CA}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5C93B146-48C3-4279-A9DC-63AC9CA78F45}: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\אלי חזן\AppData\Roaming\Mozilla\Firefox\Profiles\mjag9cu7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_154.dll [2015-05-28] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_154.dll [2015-05-28] ()
FF Plugin-x32: @Allin1Convert_8h.com/Plugin -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\NP8hStub.dll [2014-02-23] (Mindspark)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @citrixonline.com/appdetectorplugin -> C:\Users\אלי חזן\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-24] (Citrix Online)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\אלי חזן\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @talk.google.com/O1DPlugin -> C:\Users\אלי חזן\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @tools.google.com/Google Update;version=3 -> C:\Users\אלי חזן\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-621799793-644846384-3821762763-1000: @tools.google.com/Google Update;version=9 -> C:\Users\אלי חזן\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\אלי חזן\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\אלי חזן\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: cacaoweb - C:\Users\אלי חזן\AppData\Roaming\Mozilla\Firefox\Profiles\mjag9cu7.default\Extensions\cacaoweb@cacaoweb.org [2014-10-31]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-28]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-19]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-28]
FF HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-10-29]
CHR Extension: (Google Slides) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-21]
CHR Extension: (Google Docs) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-21]
CHR Extension: (YouTube) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-25]
CHR Extension: (Google Search) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-25]
CHR Extension: (Google Sheets) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-21]
CHR Extension: (SiteAdvisor) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-10-28]
CHR Extension: (cacaoweb) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf [2013-12-29]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-10-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23]
CHR Extension: (Skype Click to Call) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-11-01]
CHR Extension: (Media Player) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkigfdipchbagbecdmmomiahkkhlcfo [2013-10-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\אלי חזן\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-25]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-24]
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\B40E~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-07]
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kgbcbdejncdpahgapnmkjimfmlipdgdl] - C:\Users\אלי חזן\AppData\Local\CRE\kgbcbdejncdpahgapnmkjimfmlipdgdl.crx [2013-10-24]
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-621799793-644846384-3821762763-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [okemjkdkkihnhdaanohnleknbaddlddb] - C:\Users\אלי חזן\AppData\Local\CRE\okemjkdkkihnhdaanohnleknbaddlddb.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [kgbcbdejncdpahgapnmkjimfmlipdgdl] - C:\Users\אלי חזן\AppData\Local\CRE\kgbcbdejncdpahgapnmkjimfmlipdgdl.crx [2013-10-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [okemjkdkkihnhdaanohnleknbaddlddb] - C:\Users\אלי חזן\AppData\Local\CRE\okemjkdkkihnhdaanohnleknbaddlddb.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Allin1Convert_8hService; C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe [88648 2014-02-23] (COMPANYVERS_NAME)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations) [File not signed]
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AC_Service.exe [310080 2015-07-24] (Citrix Online, a division of Citrix Systems, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4676408 2015-04-27] (iolo technologies, LLC)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-21] (McAfee, Inc.)
R2 McAfeeEngineService; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [19720 2009-10-22] (McAfee, Inc.)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [103744 2009-08-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
U2 McShield; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe [178920 2009-10-22] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [66896 2009-10-22] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Update SerialTrunc; C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe [465648 2015-07-28] ()
R2 Util SerialTrunc; C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe [465648 2015-07-28] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [159360 2012-03-08] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-03-28] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-31] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2013-10-27] (McAfee, Inc.)
S4 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [83784 2009-10-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-04-27] (EldoS Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [729704 2010-08-06] (Realtek Semiconductor Corporation )
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-31] (StdLib)
S3 JLTECH0227; System32\Drivers\jl2005c.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-28 18:20 - 2015-07-28 18:23 - 00039296 _____ C:\Users\אלי חזן\Downloads\FRST.txt
2015-07-28 18:20 - 2015-07-28 18:21 - 00000000 ____D C:\FRST
2015-07-28 18:20 - 2015-07-28 18:20 - 02146816 _____ (Farbar) C:\Users\אלי חזן\Downloads\FRST64.exe
2015-07-28 17:18 - 2015-07-28 17:18 - 00001195 _____ C:\Users\אלי חזן\Desktop\File Repair.lnk
2015-07-28 17:18 - 2015-07-28 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Repair
2015-07-28 17:18 - 2015-07-28 17:18 - 00000000 ____D C:\Program Files (x86)\Repair File
2015-07-28 17:17 - 2015-07-28 17:17 - 01020848 _____ (File Repair ) C:\Users\אלי חזן\Downloads\file-repair-setup.exe
2015-07-28 17:08 - 2015-07-28 17:26 - 00000000 ____D C:\Program Files (x86)\Kernel for PDF Repair - Evaluation version
2015-07-28 17:08 - 2015-07-28 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel for PDF Repair - Evaluation version
2015-07-28 17:08 - 2004-10-17 04:08 - 00835584 _____ () C:\Windows\SysWOW64\AxImage.ocx
2015-07-28 17:08 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2015-07-28 17:07 - 2015-07-28 17:07 - 06896736 _____ (Lepide Software Pvt. Ltd. ) C:\Users\אלי חזן\Downloads\kernelpdfrepair.exe
2015-07-28 16:24 - 2015-07-28 16:24 - 00000000 ___RD C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-07-28 15:19 - 2015-07-28 15:21 - 36570832 _____ (Foxit Software Inc. ) C:\Users\אלי חזן\Downloads\FoxitReader715.0425_enu_Setup.exe
2015-07-28 15:06 - 2015-07-28 15:06 - 00274088 _____ C:\Users\אלי חזן\Documents\lang_fr_fr.xml
2015-07-28 15:00 - 2015-07-28 15:00 - 00274088 _____ C:\Users\אלי חזן\Downloads\lang_fr_fr (2).xml
2015-07-28 14:48 - 2015-07-28 14:48 - 00274088 _____ C:\Users\אלי חזן\Downloads\lang_fr_fr (1).xml
2015-07-28 13:52 - 2015-07-28 13:52 - 00274088 _____ C:\Users\אלי חזן\Downloads\lang_fr_fr.xml
2015-07-28 00:17 - 2015-07-28 00:17 - 00082843 _____ C:\Users\אלי חזן\Desktop\HijackThis.exe
2015-07-27 23:46 - 2015-07-27 23:46 - 00333056 _____ C:\Users\אלי חזן\Downloads\pjjoint_uploader (1).exe
2015-07-27 23:39 - 2015-07-27 23:39 - 00333056 _____ C:\Users\אלי חזן\Downloads\pjjoint_uploader.exe
2015-07-27 15:04 - 2015-07-27 15:16 - 00075217 _____ C:\Users\אלי חזן\Desktop\Addition.txt
2015-07-27 14:56 - 2015-07-27 14:56 - 00000000 ____D C:\Users\אלי חזן\Downloads\FRST-OlderVersion
2015-07-27 00:43 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-07-27 00:06 - 2015-07-27 00:07 - 01059840 _____ C:\Users\אלי חזן\Downloads\MicrosoftFixit50981.msi
2015-07-24 11:51 - 2015-07-24 11:51 - 00000060 ___RH C:\Users\אלי חזן\Downloads\GetSusp.opt
2015-07-24 11:23 - 2015-07-24 11:23 - 04735126 _____ C:\Users\אלי חזן\Downloads\gsusp_D5B01DBD53AA_072415_112340.zip
2015-07-24 11:16 - 2015-07-24 11:23 - 00001155 _____ C:\Users\אלי חזן\Downloads\GetSusp.xml
2015-07-24 10:52 - 2015-07-24 10:52 - 04721514 _____ C:\Users\אלי חזן\Downloads\gsusp_EA9A2EFE457F_072415_105205.zip
2015-07-24 10:44 - 2015-07-24 10:44 - 01579552 _____ (McAfee Inc.) C:\Users\אלי חזן\Downloads\getsusp.exe
2015-07-24 10:37 - 2015-07-24 10:37 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-07-24 01:27 - 2015-07-24 01:27 - 00018432 ___SH C:\Users\אלי חזן\AppData\Thumbs.db
2015-07-24 00:16 - 2015-07-24 00:16 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\McAfee
2015-07-23 13:35 - 2015-07-23 13:35 - 00000284 _____ C:\Users\אלי חזן\AppData\Roaming\HELP_DECRYPT.URL
2015-07-23 13:35 - 2015-07-23 13:35 - 00000284 _____ C:\Users\אלי חזן\AppData\HELP_DECRYPT.URL
2015-07-23 10:30 - 2015-07-23 10:30 - 00000284 _____ C:\Users\Default\AppData\HELP_DECRYPT.URL
2015-07-23 10:30 - 2015-07-23 10:30 - 00000284 _____ C:\Users\Default User\AppData\HELP_DECRYPT.URL
2015-07-23 10:30 - 2015-07-23 10:30 - 00000284 _____ C:\ProgramData\HELP_DECRYPT.URL
2015-07-23 10:27 - 2015-07-24 14:27 - 00000000 ___HD C:\5a915b5c
2015-07-21 15:53 - 2015-07-15 06:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 15:53 - 2015-07-15 06:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 15:53 - 2015-07-15 06:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 15:53 - 2015-07-15 06:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 15:53 - 2015-07-15 05:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 15:53 - 2015-07-15 05:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 15:53 - 2015-07-15 05:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 15:53 - 2015-07-15 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 15:53 - 2015-07-15 04:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 15:53 - 2015-07-15 04:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 10:15 - 2015-07-22 15:13 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2015-07-20 10:15 - 2015-07-20 10:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-15 00:17 - 2015-06-25 21:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 00:17 - 2015-06-25 20:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 00:17 - 2015-06-20 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 00:17 - 2015-06-20 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 00:17 - 2015-06-20 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 00:17 - 2015-06-20 22:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 00:17 - 2015-06-20 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 00:17 - 2015-06-20 22:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 00:17 - 2015-06-20 22:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 00:17 - 2015-06-20 22:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 00:17 - 2015-06-20 22:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 00:17 - 2015-06-20 22:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 00:17 - 2015-06-20 22:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 00:17 - 2015-06-20 22:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 00:17 - 2015-06-20 22:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 00:17 - 2015-06-20 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 00:17 - 2015-06-20 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 00:17 - 2015-06-20 22:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 00:17 - 2015-06-20 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 00:17 - 2015-06-20 21:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 00:17 - 2015-06-20 21:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 00:17 - 2015-06-20 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 00:17 - 2015-06-20 21:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 00:17 - 2015-06-20 21:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 00:17 - 2015-06-20 21:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 00:17 - 2015-06-19 21:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 00:17 - 2015-06-19 21:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 00:17 - 2015-06-19 21:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 00:17 - 2015-06-19 21:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 00:17 - 2015-06-19 21:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 00:17 - 2015-06-19 21:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 00:17 - 2015-06-19 21:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 00:17 - 2015-06-19 21:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 00:17 - 2015-06-19 21:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 00:17 - 2015-06-19 21:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 00:17 - 2015-06-19 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 00:17 - 2015-06-19 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 00:17 - 2015-06-19 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 00:17 - 2015-06-19 20:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 00:17 - 2015-06-19 20:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 00:17 - 2015-06-19 20:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 00:17 - 2015-06-19 20:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 00:17 - 2015-06-19 20:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 00:17 - 2015-06-19 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 00:16 - 2015-06-16 00:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 00:16 - 2015-06-16 00:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 00:16 - 2015-06-16 00:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 00:16 - 2015-06-16 00:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 00:16 - 2015-06-16 00:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 00:16 - 2015-06-16 00:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 00:16 - 2015-06-16 00:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 00:16 - 2015-06-16 00:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 00:16 - 2015-06-16 00:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 00:16 - 2015-06-16 00:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 00:16 - 2015-06-16 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 00:16 - 2015-06-16 00:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 00:15 - 2015-07-09 20:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 00:15 - 2015-07-09 20:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 00:15 - 2015-07-09 20:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 00:15 - 2015-07-09 20:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 00:15 - 2015-07-09 20:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 00:15 - 2015-06-25 11:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 00:15 - 2015-06-02 03:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 00:15 - 2015-06-02 02:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 00:14 - 2015-06-27 05:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 00:14 - 2015-06-27 05:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 00:14 - 2015-06-27 04:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 00:14 - 2015-06-27 04:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 00:14 - 2015-06-17 20:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 00:14 - 2015-06-17 20:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 00:12 - 2015-07-03 00:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 00:12 - 2015-07-03 00:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 00:12 - 2015-07-02 23:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 00:12 - 2015-07-02 23:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 00:12 - 2015-07-02 23:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 00:12 - 2015-07-02 23:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 00:12 - 2015-07-02 23:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 00:12 - 2015-07-02 23:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 00:12 - 2015-07-02 23:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 00:12 - 2015-07-02 22:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 00:12 - 2015-07-02 22:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 00:12 - 2015-07-02 21:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 00:09 - 2015-07-04 21:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 00:09 - 2015-07-04 20:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 00:09 - 2015-04-27 22:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 00:09 - 2015-04-27 22:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 00:09 - 2015-04-27 22:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 00:09 - 2015-04-27 22:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 00:09 - 2015-04-27 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 00:07 - 2015-07-01 23:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 00:07 - 2015-07-01 23:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 00:07 - 2015-07-01 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 00:07 - 2015-07-01 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 00:07 - 2015-07-01 23:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 00:07 - 2015-07-01 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 00:07 - 2015-07-01 23:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 00:07 - 2015-07-01 23:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 00:07 - 2015-07-01 23:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 00:07 - 2015-07-01 23:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 00:07 - 2015-07-01 23:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 00:07 - 2015-07-01 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 00:07 - 2015-07-01 23:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 00:07 - 2015-07-01 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 00:07 - 2015-07-01 23:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 00:07 - 2015-07-01 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 00:07 - 2015-07-01 23:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 00:07 - 2015-07-01 23:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 00:07 - 2015-07-01 22:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 00:07 - 2015-07-01 22:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 00:07 - 2015-07-01 22:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 00:04 - 2015-07-09 20:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 00:04 - 2015-07-09 20:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 00:04 - 2015-07-09 20:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 00:04 - 2015-07-09 20:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 00:04 - 2015-06-11 20:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 00:04 - 2015-06-11 20:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 00:04 - 2015-06-11 20:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-28 18:23 - 2015-04-14 00:07 - 00000000 ____D C:\temp
2015-07-28 18:19 - 2013-12-29 23:29 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\cacaoweb
2015-07-28 17:50 - 2014-11-15 23:38 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 17:49 - 2013-11-17 23:24 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000UA.job
2015-07-28 17:47 - 2012-10-25 03:40 - 01443130 _____ C:\Windows\WindowsUpdate.log
2015-07-28 17:36 - 2012-11-26 18:34 - 00000000 ____D C:\Program Files (x86)\File Type Assistant
2015-07-28 17:30 - 2012-10-25 12:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 16:39 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\tracing
2015-07-28 16:34 - 2009-07-14 07:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 16:34 - 2009-07-14 07:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 16:30 - 2012-10-25 04:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-28 16:24 - 2014-11-15 23:36 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 16:24 - 2014-02-23 19:55 - 00000364 _____ C:\Windows\Tasks\AmiUpdXp.job
2015-07-28 16:24 - 2014-01-06 19:50 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-28 16:23 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 16:23 - 2009-07-14 07:51 - 00140776 _____ C:\Windows\setupact.log
2015-07-28 16:08 - 2015-04-14 12:16 - 00007891 _____ C:\Windows\BRRBCOM.INI
2015-07-28 14:41 - 2013-01-14 19:54 - 00000000 ____D C:\Users\אלי חזן\Desktop\DOSSIERS TRAVAIL EN COURS
2015-07-28 12:21 - 2012-10-25 11:46 - 00000000 ____D C:\Users\אלי חזן\Documents\Bluetooth Folder
2015-07-28 10:34 - 2012-10-25 11:32 - 00000000 ____D C:\Program Files (x86)\Intel
2015-07-28 07:59 - 2014-02-23 19:56 - 00000000 ____D C:\Program Files (x86)\SerialTrunc
2015-07-28 07:59 - 2012-10-25 11:53 - 00318814 _____ C:\Windows\PFRO.log
2015-07-28 00:21 - 2014-08-31 13:23 - 00290816 ___SH C:\Users\אלי חזן\Desktop\Thumbs.db
2015-07-27 22:53 - 2012-10-25 15:27 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Adobe
2015-07-27 22:49 - 2013-11-17 23:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000Core.job
2015-07-27 16:38 - 2013-05-03 15:46 - 00000000 ____D C:\Users\אלי חזן\Desktop\rivka photos
2015-07-27 16:27 - 2012-10-14 17:23 - 00000000 ____D C:\Users\אלי חזן\Desktop\BlackBerry photos
2015-07-27 16:15 - 2013-05-05 08:53 - 00000000 ____D C:\Users\אלי חזן\Desktop\acer 2 COPIE
2015-07-27 14:04 - 2009-09-03 11:15 - 00443990 _____ C:\Windows\system32\perfh00D.dat
2015-07-27 14:04 - 2009-09-03 11:15 - 00105700 _____ C:\Windows\system32\perfc00D.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00809314 _____ C:\Windows\system32\perfh00C.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00532480 _____ C:\Windows\system32\perfh001.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00176072 _____ C:\Windows\system32\perfc00C.dat
2015-07-27 14:04 - 2009-09-03 11:00 - 00115636 _____ C:\Windows\system32\perfc001.dat
2015-07-27 14:04 - 2009-07-14 08:13 - 03040904 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 13:51 - 2012-11-08 22:29 - 00000000 ____D C:\Users\אלי חזן\Documents\קבצי Outlook
2015-07-27 13:30 - 2009-07-14 06:20 - 00000000 __RHD C:\Users\Default
2015-07-27 13:06 - 2013-01-14 19:52 - 00000000 ____D C:\Users\אלי חזן\Desktop\DOSSIERS EN COURS - FAMILLE
2015-07-27 13:04 - 2013-02-14 14:07 - 00000000 ____D C:\Users\אלי חזן\comptes
2015-07-27 10:46 - 2012-10-25 04:05 - 00000000 ____D C:\ProgramData\McAfee
2015-07-27 03:22 - 2015-04-14 00:07 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\PCDr
2015-07-27 03:22 - 2014-10-29 17:22 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Mozilla
2015-07-27 03:22 - 2013-05-29 23:40 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Skype
2015-07-27 03:22 - 2012-11-29 19:01 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Research In Motion
2015-07-27 03:21 - 2014-03-06 15:17 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Dropbox
2015-07-27 03:21 - 2013-03-10 14:40 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\DVDVideoSoft
2015-07-27 02:53 - 2015-04-14 00:14 - 00000000 ____D C:\ProgramData\PCDr
2015-07-27 02:53 - 2014-08-08 16:34 - 00000000 ____D C:\quoram
2015-07-27 02:53 - 2013-03-10 14:48 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-07-27 02:40 - 2015-06-05 10:28 - 00000000 ____D C:\ProgramData\iolo
2015-07-27 02:40 - 2014-08-01 18:25 - 00000000 ____D C:\ProgramData\Installations
2015-07-27 02:40 - 2013-01-20 12:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-07-27 02:40 - 2012-10-25 12:11 - 00000000 ____D C:\ProgramData\Dell
2015-07-27 02:40 - 2012-10-25 11:56 - 00000000 ____D C:\ProgramData\Atheros
2015-07-27 02:12 - 2012-10-25 12:10 - 00000000 ____D C:\Dell
2015-07-27 00:44 - 2013-10-27 18:24 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-07-27 00:34 - 2012-10-25 04:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-24 14:19 - 2012-10-25 03:43 - 00000000 ____D C:\Users\אלי חזן
2015-07-24 01:30 - 2015-06-21 15:15 - 00050688 ___SH C:\Users\אלי חזן\Downloads\Thumbs.db
2015-07-23 16:38 - 2012-10-25 12:24 - 00003936 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D7415ACB-B3AC-41D7-B961-1FFF46F2A013}
2015-07-22 19:53 - 2009-07-14 07:45 - 05129584 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 23:07 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-20 10:00 - 2012-10-25 11:56 - 00000000 ____D C:\Users\אלי חזן\AppData\Roaming\Atheros
2015-07-19 17:34 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 10:45 - 2014-11-15 23:38 - 00003924 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 10:45 - 2014-11-15 23:37 - 00003672 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 22:48 - 2013-02-27 14:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 22:47 - 2014-12-29 21:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:44 - 2013-11-17 23:24 - 00003924 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000UA
2015-07-15 22:44 - 2013-11-17 23:24 - 00003528 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000Core
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-07-15 16:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 16:14 - 2014-12-11 12:57 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 16:14 - 2014-05-18 03:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 15:51 - 2012-10-25 04:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 15:33 - 2013-07-18 03:01 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 11:22 - 2013-01-21 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-03 14:12 - 2009-07-14 08:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-03 08:43 - 2012-11-08 21:37 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 14:09 - 2009-07-14 07:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
==================== Files in the root of some directories =======
2014-06-24 17:25 - 2014-06-24 17:25 - 6010880 _____ () C:\Program Files (x86)\GUT3656.tmp
2013-08-13 15:44 - 2013-08-13 20:10 - 0000000 _____ () C:\Users\אלי חזן\AppData\Roaming\bibstats
2015-07-23 13:35 - 2015-07-23 13:35 - 0045534 _____ () C:\Users\אלי חזן\AppData\Roaming\HELP_DECRYPT.PNG
2015-07-23 13:35 - 2015-07-23 13:35 - 0000284 _____ () C:\Users\אלי חזן\AppData\Roaming\HELP_DECRYPT.URL
2012-11-07 20:56 - 2015-04-17 17:24 - 0027940 _____ () C:\Users\אלי חזן\AppData\Roaming\Rim.Desktop.Exception.log
2012-11-07 20:54 - 2012-11-29 19:00 - 0008484 _____ () C:\Users\אלי חזן\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-11-07 20:57 - 2012-11-29 17:32 - 0000770 _____ () C:\Users\אלי חזן\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-11-09 01:04 - 2012-11-09 01:50 - 0037063 _____ () C:\Users\אלי חזן\AppData\Roaming\ערכים מופרדים באמצעות פסיקים (DOS).ADR
2013-06-05 19:17 - 2013-06-05 19:17 - 0003584 _____ () C:\Users\אלי חזן\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-23 13:31 - 2015-07-23 13:31 - 0045534 _____ () C:\Users\אלי חזן\AppData\Local\HELP_DECRYPT.PNG
2015-07-23 13:31 - 2015-07-23 13:31 - 0000284 _____ () C:\Users\אלי חזן\AppData\Local\HELP_DECRYPT.URL
2013-11-26 02:03 - 2013-11-26 04:21 - 0000600 _____ () C:\Users\אלי חזן\AppData\Local\PUTTY.RND
2013-08-26 20:04 - 2013-08-26 20:04 - 0001097 _____ () C:\Users\אלי חזן\AppData\Local\recently-used.xbel
2012-11-28 20:37 - 2015-04-12 20:44 - 0007598 _____ () C:\Users\אלי חזן\AppData\Local\resmon.resmoncfg
2015-02-16 11:34 - 2015-02-16 11:34 - 0000000 _____ () C:\Users\אלי חזן\AppData\Local\{0EB14EFD-7C12-4995-876E-98BAD878CD15}
2015-07-23 10:30 - 2015-07-23 10:30 - 0045534 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-07-23 10:30 - 2015-07-23 10:30 - 0000284 _____ () C:\ProgramData\HELP_DECRYPT.URL
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 16:43
==================== End of log ============================