Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

defualt-search.net keeps coming back to firefox [Solved]

Started by MalwareDetective , Feb 22 2015 05:42 AM

  • This topic is locked This topic is locked

#1
MalwareDetective
Posted 22 February 2015 - 05:42 AM

MalwareDetective

    Member

  • Member
  • PipPip
  • 39 posts

Hello,

 

Every time I open firefox the default homepage is default-search.net. I used malwarebytes to clean it and it found one file connected to the default-search.net and I quarantined the file. I also ran AdwCleaner which also found the file but again, it kept coming back.

 

Malwarebytes log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21/02/2015
Scan Time: 09:15:05
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.20.09
Rootkit Database: v2015.02.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Izi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341891
Time Elapsed: 7 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.DefaultSearch.A, C:\Users\Izi\AppData\Roaming\Mozilla\Firefox\Profiles\htwk7btd.default-1424372382286\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.default-s...&tm=611&src=hmp");), Replaced,[6f4a9b85cac041f5c111798c82847789]

Physical Sectors: 0
(No malicious items detected)

(end)

 

and

 

 

 

OTL Log:

 

 

OTL logfile created on: 22/02/2015 13:31:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Izi\AppData\Local\Microsoft\Windows\INetCache\IE\7S4XEA8I
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17631)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy
 
3.92 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 46.51% Memory free
7.92 Gb Paging File | 5.19 Gb Available in Paging File | 65.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.45 Gb Total Space | 52.77 Gb Free Space | 47.35% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1344.67 Gb Free Space | 72.18% Space Free | Partition Type: NTFS
Drive E: | 229.49 Gb Total Space | 35.57 Gb Free Space | 15.50% Space Free | Partition Type: NTFS
Drive F: | 236.27 Gb Total Space | 36.64 Gb Free Space | 15.51% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 592.16 Gb Free Space | 63.57% Space Free | Partition Type: NTFS
Drive H: | 2762.52 Gb Total Space | 1945.98 Gb Free Space | 70.44% Space Free | Partition Type: NTFS
Drive I: | 31.99 Gb Total Space | 20.62 Gb Free Space | 64.47% Space Free | Partition Type: FAT32
Drive K: | 931.28 Gb Total Space | 300.68 Gb Free Space | 32.29% Space Free | Partition Type: FAT32
 
Computer Name: IZI-PC | User Name: Izi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/22 13:31:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izi\AppData\Local\Microsoft\Windows\INetCache\IE\7S4XEA8I\OTL.exe
PRC - [2015/02/21 04:27:16 | 000,071,992 | ---- | M] (Jaksta Technologies Pty Ltd) -- C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe
PRC - [2015/02/17 11:05:26 | 005,436,176 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2015/02/17 11:05:25 | 016,765,200 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
PRC - [2015/02/17 10:32:49 | 000,229,136 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\tv_w32.exe
PRC - [2015/02/07 18:15:25 | 000,187,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2015/01/16 16:14:48 | 002,724,128 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2014/11/21 16:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 16:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 16:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/11/04 13:19:48 | 000,815,392 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
PRC - [2014/05/23 12:09:00 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2014/05/23 12:06:20 | 001,852,264 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
PRC - [2013/12/07 16:04:46 | 001,305,152 | ---- | M] (Code Sector Inc.) -- C:\Program Files\TeraCopy\TeraCopy.exe
PRC - [2013/01/28 17:12:10 | 001,853,992 | ---- | M] (Copernic Inc.) -- C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe
PRC - [2012/12/12 15:20:18 | 000,419,536 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe
PRC - [2012/09/06 02:46:12 | 000,912,896 | ---- | M] (KARPOLAN) -- G:\fix\Keyboard LEDs\KeyboardLeds.exe
PRC - [2010/11/06 17:52:56 | 000,323,808 | ---- | M] (TGRMN Software) -- C:\Program Files (x86)\VVEngine\VVEngineIcon.exe
PRC - [2010/11/06 17:52:54 | 001,609,952 | ---- | M] (TGRMN Software) -- C:\Program Files (x86)\VVEngine\VVEngine.exe
PRC - [1999/09/30 21:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/02/21 10:52:32 | 007,204,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragisticbec01137#\004b94ca5d9a2492c5ac34a16a690c70\Infragistics4.Win.UltraWinGrid.v14.1.ni.dll
MOD - [2015/02/21 10:52:30 | 004,465,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jsc\fae42e85e5a21b5e780127d675e3b199\jsc.ni.dll
MOD - [2015/02/21 10:52:30 | 001,024,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jresx\c75d9373836fbebe5dd46905cd048940\jresx.ni.dll
MOD - [2015/02/21 10:52:30 | 000,402,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jfonts\76e3e53d97434180883a258e4c3a7cf9\jfonts.ni.dll
MOD - [2015/02/21 10:52:29 | 002,183,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jguides\02cf55ecacf5f6be7a168fe1f9d5f640\jguides.ni.dll
MOD - [2015/02/21 10:52:28 | 000,261,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic5fec2a42#\68574c7e2f865b9e0b2a14e0ef61f329\Infragistics4.Win.UltraWinDataSource.v14.1.ni.dll
MOD - [2015/02/21 10:52:27 | 014,511,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragisticb097ab8f#\ed4e538acd2977a53769daf69eb7f556\Infragistics4.Win.v14.1.ni.dll
MOD - [2015/02/21 10:52:27 | 008,609,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic6e2d1fd5#\91c00afd06bb9f3e8752274d4ac03053\Infragistics4.Win.UltraWinToolbars.v14.1.ni.dll
MOD - [2015/02/21 10:52:27 | 000,921,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jac\e884d09dcfb50180df8a54cc782f7894\jac.ni.dll
MOD - [2015/02/21 10:52:27 | 000,088,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jconv\e777b6a315e2be6536a00e5d8bfacf76\jconv.ni.dll
MOD - [2015/02/21 10:52:26 | 000,417,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jtsched\856ac6c2828b243ecb957c92a25fd4a7\jtsched.ni.dll
MOD - [2015/02/21 10:52:26 | 000,077,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jwmp\109fe6528ba8afab7865e0b0ae5252dc\jwmp.ni.dll
MOD - [2015/02/21 10:52:25 | 001,637,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jtaglib\d3c3a334ed7cb2fc381ed7cb6cd64387\jtaglib.ni.dll
MOD - [2015/02/21 10:52:25 | 000,626,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jmf\1687d1ef37c6ae3d8e9072ec8d3a7711\jmf.ni.dll
MOD - [2015/02/21 10:52:25 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jml\a88a55b878d3215793ac791201a86c9f\jml.ni.dll
MOD - [2015/02/21 10:52:25 | 000,037,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\japp\c776d2708797b80bcb43b834819f05f0\japp.ni.dll
MOD - [2015/02/21 10:52:24 | 000,423,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jjson\6ce88384bfcf50027ab85ce2026d6e9c\jjson.ni.dll
MOD - [2015/02/21 10:52:24 | 000,176,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jmeta\d53d9cb71b943c6e01536be5546927e3\jmeta.ni.dll
MOD - [2015/02/21 10:52:23 | 000,718,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic896d367f#\c69e928ed96671341dc128e9bd20dc6d\Infragistics4.Win.UltraWinTabControl.v14.1.ni.dll
MOD - [2015/02/21 10:52:23 | 000,168,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jlib\bd5d5ff87a20db2c6074cd3a6362ad98\jlib.ni.dll
MOD - [2015/02/21 10:52:22 | 004,039,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\crypto\0429f7021e098bd9ac1a47c797bdb352\crypto.ni.dll
MOD - [2015/02/21 10:52:22 | 001,048,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic4ad72720#\8ccc677a2b2e1fff7e001b33ef91c91c\Infragistics4.Win.UltraWinListView.v14.1.ni.dll
MOD - [2015/02/21 10:52:21 | 000,043,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jar\8e56e11f19f0c35e271b820cf2d3bfd1\jar.ni.dll
MOD - [2015/02/21 10:52:20 | 000,109,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jscr\513723306b15bad96d4bbbd552a650de\jscr.ni.dll
MOD - [2015/02/21 10:52:20 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.Bytb306742e#\a69809f420442b29e3cd8036969091dd\Interop.BytescoutScreenCapturingLib.ni.dll
MOD - [2015/02/21 10:52:19 | 003,385,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic13741c95#\63f266205ab3f20c6c4e50ca13b258a0\Infragistics4.Win.Misc.v14.1.ni.dll
MOD - [2015/02/21 10:52:19 | 000,840,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jgl\b8d9d5784ec8bc38458ea04493451b20\jgl.ni.dll
MOD - [2015/02/21 10:52:19 | 000,093,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jdvr\a4038aadd319037fc03133b0980732ac\jdvr.ni.dll
MOD - [2015/02/21 10:52:19 | 000,089,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jmodel\a2c95c088f4ea8603437061a849b5c89\jmodel.ni.dll
MOD - [2015/02/21 10:52:18 | 002,730,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\juc\b6fd8e41298c539cbb0372c80704660d\juc.ni.dll
MOD - [2015/02/21 10:52:18 | 001,377,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic571ebedd#\4cc4562be3773c3bb8a46a6ef2a222f4\Infragistics4.Win.UltraWinEditors.v14.1.ni.dll
MOD - [2015/02/21 10:52:16 | 000,823,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infragistic99e370b6#\82fb1b855df9d3c9852663be475fcf15\Infragistics4.Shared.v14.1.ni.dll
MOD - [2015/02/21 10:52:16 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\jrmcp\e3b75cde48050dd7548d61bc1c05085e\jrmcp.ni.exe
MOD - [2015/02/21 04:24:34 | 001,590,272 | ---- | M] () -- C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jalw.dll
MOD - [2015/02/19 22:03:40 | 013,669,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\f8f66d54bd6db97f410cf131197d5982\System.Data.Entity.ni.dll
MOD - [2015/02/16 04:58:49 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\794a3d83e77a53d6fc029c389f9cc408\System.Core.ni.dll
MOD - [2015/02/16 04:58:35 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1a6b5095c4416a37f9ca4cf4436d1311\System.ni.dll
MOD - [2015/02/15 18:12:47 | 000,717,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Ionic.Zip.Reduced\e15208aec6e36db47b867b91d76a3d91\Ionic.Zip.Reduced.ni.dll
MOD - [2015/02/15 18:12:46 | 000,250,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\c011d55aa867db49a0b3019e5ea17d05\WindowsFormsIntegration.ni.dll
MOD - [2015/02/15 18:12:46 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MediaInfoNET\9e7573169696327723eec00b9cb48254\MediaInfoNET.ni.dll
MOD - [2015/02/15 18:12:44 | 001,662,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AMG.Lasso\88bf9d557de09e5c53d70f6789f62205\AMG.Lasso.ni.dll
MOD - [2015/02/15 18:12:42 | 000,454,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\HtmlAgilityPack\c715236fa498a54e686728097a8b2ee0\HtmlAgilityPack.ni.dll
MOD - [2015/02/15 18:12:39 | 001,767,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\NAudio\4b9469e60f10e696cdd7f3088637c2b8\NAudio.ni.dll
MOD - [2015/02/15 18:12:36 | 013,583,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\df4475f37dcc72de98b73eb16a739f0a\System.Web.ni.dll
MOD - [2015/02/15 18:12:35 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\eb4dc67f3998b9692a7c596129b2c85c\UIAutomationProvider.ni.dll
MOD - [2015/02/15 18:12:30 | 001,160,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data86569bbf#\cf7beaddc5b51907c4abf367b757962e\System.Data.OracleClient.ni.dll
MOD - [2015/02/15 18:12:28 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\780d94e5d6c1620ed4556ed4d6586007\System.Numerics.ni.dll
MOD - [2015/02/15 18:12:27 | 000,773,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c9ab71df4c1c005a0c93a84bc49a75c8\System.EnterpriseServices.ni.dll
MOD - [2015/02/15 18:12:27 | 000,772,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\3563b6e5a8bd7941f66c3a457a9e45c2\log4net.ni.dll
MOD - [2015/02/15 18:12:27 | 000,244,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c9ab71df4c1c005a0c93a84bc49a75c8\System.EnterpriseServices.Wrapper.dll
MOD - [2015/02/08 11:42:42 | 007,787,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9a349fb029581f4752d2c6cfcfeab816\System.Xml.ni.dll
MOD - [2015/02/08 11:42:39 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d626184834dde3f4906aff139d4e5bbf\System.Xaml.ni.dll
MOD - [2015/02/08 11:42:38 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a4d2243df4af8ab65ff74d436d449789\System.Windows.Forms.ni.dll
MOD - [2015/02/08 11:42:32 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\e0385d2ccd8766063e53bf96510a9350\System.Transactions.ni.dll
MOD - [2015/02/08 11:42:31 | 000,218,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\5e6ca2d633dfd2082ca34db94a9ed1c7\System.ServiceProcess.ni.dll
MOD - [2015/02/08 11:42:18 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\d91798a9a9fcb450351fe8e49026a69f\System.Drawing.ni.dll
MOD - [2015/02/08 11:42:17 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\ec0506570d793fcae40cc19bd8a43e5b\System.Data.ni.dll
MOD - [2015/02/08 11:42:14 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b5b80f1284dfa1b883da48ed58ecbc47\System.Configuration.ni.dll
MOD - [2015/02/08 11:42:13 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\4136b9a7a05c8f0e2c7e15600bc20b1b\PresentationFramework.ni.dll
MOD - [2015/02/08 11:42:04 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\24f6c80242420a1cea5cc254bf420027\PresentationCore.ni.dll
MOD - [2015/02/08 11:41:59 | 003,904,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\bb26d987467eca70ebc4beec29158d67\WindowsBase.ni.dll
MOD - [2015/02/08 11:41:57 | 001,929,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\27cf93b54a0599420abdf1ed4afaa6eb\Microsoft.VisualBasic.ni.dll
MOD - [2015/02/01 19:19:37 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\efe1a616cf971c89560db51569a62ca7\CustomMarshalers.ni.dll
MOD - [2015/02/01 19:19:37 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\d41e2cc6e59b141b6f57ebe70eb95b58\Accessibility.ni.dll
MOD - [2014/04/16 01:34:56 | 017,223,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d03a3ddcd6a395878751c5e90fa16915\mscorlib.ni.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/12/04 21:07:20 | 000,966,336 | ---- | M] (@ByELDI) [Auto | Running] -- C:\Program Files\KMSpico\Service_KMS.exe -- (Service KMSELDI)
SRV:64bit: - [2014/10/31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/29 06:09:06 | 000,092,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2014/10/29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/10/29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/10/29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/10/29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/10/29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/10/29 04:30:35 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2014/10/29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/10/29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/10/29 03:48:36 | 000,780,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/10/29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/10/29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/10/29 03:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/10/29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/10/29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/10/29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/10/29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/10/29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/10/29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/10/29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/10/29 03:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/10/29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/10/29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/10/29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/10/29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/10/29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/09/22 05:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/22 05:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 05:31:58 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/02/17 11:05:26 | 005,436,176 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015/02/11 16:32:17 | 000,169,128 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/08 11:11:23 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/02/07 18:22:17 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/01/16 16:14:48 | 002,724,128 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014/11/21 16:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 16:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/11/04 13:19:48 | 000,815,392 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
SRV - [2014/10/29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 02:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/05/23 12:09:00 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2014/04/04 06:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 05:31:58 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/03/01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/12/12 15:20:18 | 000,419,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/02/22 07:02:02 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015/02/07 18:24:14 | 000,874,712 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2015/02/07 18:22:14 | 005,363,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2015/02/07 18:19:50 | 000,454,416 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2015/02/01 16:15:31 | 000,033,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stdriverx64.sys -- (stdriver)
DRV:64bit: - [2015/01/27 00:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2014/12/12 02:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/12/09 04:58:34 | 000,103,816 | ---- | M] (e2eSoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jaksta_va.sys -- (jakstaVA)
DRV:64bit: - [2014/11/21 16:14:26 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/11/21 16:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/11/10 20:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/11/04 21:33:40 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2014/10/29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/10/29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/10/29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/10/29 04:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2014/10/29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/10/29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/10/29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/10/29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/10/17 06:56:24 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/17 06:56:23 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/17 05:35:04 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/10/08 11:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/10/07 08:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/10/07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/10/07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/09/22 05:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/22 05:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/22 04:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/19 15:27:44 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2014/03/19 15:23:14 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/30 06:14:11 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:54:38 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/09/30 05:54:24 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/09/30 05:54:24 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/09/30 05:54:24 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/09/30 05:54:24 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/09/30 05:54:24 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 17:05:48 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2013/06/18 17:05:48 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2013/06/18 17:05:46 | 000,287,744 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTBS36.SYS -- (SrvHsfPCIe)
DRV:64bit: - [2013/03/01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/10/20 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV - [2015/02/07 18:15:43 | 000,026,528 | ---- | M] (REALiX™) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.melingo.com/nakdan/defa [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/he-il/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.7,he;q=0.3
IE - HKCU\..\SearchScopes,DefaultScope = {78B9E9A5-AA88-427E-96AF-1E7A8B156B12}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{78B9E9A5-AA88-427E-96AF-1E7A8B156B12}: "URL" = http://www.google.co...{outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = https=127.0.0.1:64191
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.default-s...&tm=611&src=hmp"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - prefs.js..keyword.url: "http://www.default-s...tm=611&src=ds="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Izi\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Izi\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/01/30 22:43:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{133B7132-EA16-42F0-9329-2F420F9EB1A1}: c:\program files (x86)\copernic desktop search - pro\firefoxconnector [2015/01/30 14:08:48 | 000,000,000 | ---D | M]
 
[2015/02/01 09:46:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izi\AppData\Roaming\Mozilla\Extensions
[2015/02/22 02:45:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/02/22 02:45:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/02 06:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.18_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Izi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKCU..\Run: [Copernic Desktop Search - Professional] C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe (Copernic Inc.)
O4 - HKCU..\Run: [KeyboardLeds.exe] G:\fix\Keyboard LEDs\KeyboardLeds.exe (KARPOLAN)
O4 - HKCU..\Run: [VVEngineIcon] C:\Program Files (x86)\VVEngine\VVEngineIcon.exe (TGRMN Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0F55D84-472F-4E93-8322-866DEE671AF2}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\Jaksta\AC\x64\jaudcap.dll) - C:\Windows\Jaksta\AC\x64\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20 - AppInit_DLLs: (C:\Windows\Jaksta\AC\x86\jaudcap.dll) - C:\Windows\Jaksta\AC\x86\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{587dfb7b-a8bd-11e4-824f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{587dfb7b-a8bd-11e4-824f-806e6f6e6963}\Shell\AutoRun\command - "" = "J:\AutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/22 02:47:05 | 000,000,000 | ---D | C] -- D:\Izi\Desktop\Old Firefox Data
[2015/02/21 22:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/02/20 21:10:01 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Replay Radio 9
[2015/02/20 14:00:08 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Replay Radio 9
[2015/02/20 13:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2015/02/20 13:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
[2015/02/20 13:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2015/02/18 19:13:48 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Replay Music 7
[2015/02/17 06:56:10 | 000,000,000 | ---D | C] -- C:\Windows\Replay Converter 4
[2015/02/17 06:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Converter 4
[2015/02/17 06:53:33 | 000,000,000 | ---D | C] -- C:\Windows\Replay Media Splitter
[2015/02/17 06:53:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Media Splitter
[2015/02/17 06:51:33 | 000,000,000 | ---D | C] -- C:\Windows\Replay Video Capture 7
[2015/02/17 06:51:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Video Capture 7
[2015/02/17 00:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian Director 3
[2015/02/17 00:10:24 | 000,000,000 | ---D | C] -- C:\Windows\Applian Director
[2015/02/14 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Replay Media Catcher 6
[2015/02/14 20:08:40 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Replay Media Catcher 6
[2015/02/09 21:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/02/09 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AML Free Registry Cleaner
[2015/02/09 18:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AML Products
[2015/02/08 12:39:41 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Softland
[2015/02/08 12:39:40 | 000,029,504 | ---- | C] (Softland) -- C:\Windows\SysNative\novamnk7.dll
[2015/02/08 12:39:40 | 000,022,336 | ---- | C] (Softland) -- C:\Windows\SysNative\novamik7.dll
[2015/02/08 12:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2015/02/08 12:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\עסקית
[2015/02/08 11:16:37 | 000,000,000 | ---D | C] -- D:\Izi\Desktop\נתוני Firefox ישנים
[2015/02/08 10:43:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/02/08 10:24:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015/02/08 08:25:16 | 000,000,000 | -HSD | C] -- C:\Users\Izi\AppData\Local\EmieBrowserModeList
[2015/02/08 08:22:00 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Identities
[2015/02/08 08:18:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015/02/08 08:18:42 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015/02/08 02:52:48 | 000,200,192 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll
[2015/02/07 19:03:30 | 000,000,000 | -HSD | C] -- C:\Users\Izi\AppData\Local\EmieUserList
[2015/02/07 19:03:30 | 000,000,000 | -HSD | C] -- C:\Users\Izi\AppData\Local\EmieSiteList
[2015/02/07 18:24:14 | 000,874,712 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2015/02/07 18:18:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015/02/07 18:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015/02/07 18:18:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015/02/07 18:18:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015/02/07 18:18:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015/02/07 18:18:20 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015/02/07 18:18:17 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015/02/07 18:18:17 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015/02/07 18:18:17 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015/02/07 18:18:17 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015/02/07 18:18:17 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015/02/07 18:18:17 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015/02/07 18:18:15 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015/02/07 18:18:15 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015/02/07 18:18:13 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015/02/07 18:18:12 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015/02/07 18:15:43 | 000,026,528 | ---- | C] (REALiX™) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015/02/07 18:15:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
[2015/02/07 18:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2015/02/06 22:27:02 | 000,000,000 | ---D | C] -- D:\Izi\Documents\ViceVersa PRO
[2015/02/05 14:02:48 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Recordpad
[2015/02/04 17:32:11 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShowMyPC
[2015/02/04 17:32:00 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Deployment
[2015/02/04 17:32:00 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Apps
[2015/02/04 16:43:13 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\TeamViewer
[2015/02/02 17:47:17 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\TeraCopy
[2015/02/02 17:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2015/02/02 17:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\TeraCopy
[2015/02/02 16:26:28 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\4Videosoft Studio
[2015/02/02 16:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Videosoft
[2015/02/02 16:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\4Videosoft Studio
[2015/02/02 16:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4Videosoft Studio
[2015/02/02 16:13:27 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\TuneUp Software
[2015/02/02 16:13:27 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\TuneUp Software
[2015/02/02 16:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2015/02/02 16:13:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2015/02/02 16:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2015/02/02 16:11:18 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Opera Software
[2015/02/02 16:11:18 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Opera Software
[2015/02/02 16:10:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2015/02/02 16:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2015/02/02 16:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2015/02/02 16:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2015/02/02 16:09:06 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\DVDVideoSoft
[2015/02/01 17:10:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015/02/01 16:18:27 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\TeamViewer
[2015/02/01 16:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2015/02/01 16:15:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2015/02/01 16:15:25 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\NCH Software
[2015/02/01 15:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound
[2015/02/01 15:18:52 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\NCH Swift Sound
[2015/02/01 15:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus CD DVD Ripper Deluxe
[2015/02/01 15:16:58 | 000,946,176 | ---- | C] (East Wind Software) -- C:\Windows\SysWow64\ADVDAudio.ocx
[2015/02/01 15:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Focus CD DVD Ripper Deluxe
[2015/02/01 15:14:11 | 000,000,000 | ---D | C] -- D:\Izi\Documents\CyberLink
[2015/02/01 15:14:11 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\CyberLink
[2015/02/01 15:14:11 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2015/02/01 10:14:38 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Macromedia
[2015/02/01 09:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2015/02/01 09:46:28 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Mozilla
[2015/02/01 09:46:28 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Mozilla
[2015/02/01 09:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2015/02/01 09:20:38 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Polar WebSync
[2015/02/01 03:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polar
[2015/02/01 03:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Polar
[2015/01/31 10:58:11 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\ElevatedDiagnostics
[2015/01/31 10:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2015/01/31 08:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VVEngine for ViceVersa PRO
[2015/01/31 08:03:00 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\VVEngine
[2015/01/31 08:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VVEngine
[2015/01/30 23:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViceVersa Pro
[2015/01/30 23:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\ViceVersa Pro
[2015/01/30 23:10:39 | 000,000,000 | ---D | C] -- D:\Izi\Documents\My Streaming Media
[2015/01/30 23:10:39 | 000,000,000 | ---D | C] -- D:\Izi\Documents\My Scans
[2015/01/30 23:10:39 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Freemake
[2015/01/30 23:10:38 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Freecorder 4
[2015/01/30 23:10:38 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Freecorder
[2015/01/30 23:10:38 | 000,000,000 | ---D | C] -- D:\Izi\Documents\FormatFactory
[2015/01/30 23:10:38 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Firstload
[2015/01/30 23:09:19 | 000,000,000 | ---D | C] -- D:\Izi\Documents\FFOutput
[2015/01/30 23:09:19 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Fax
[2015/01/30 23:09:15 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Downloads
[2015/01/30 23:09:15 | 000,000,000 | ---D | C] -- D:\Izi\Documents\default
[2015/01/30 23:09:00 | 000,000,000 | ---D | C] -- D:\Izi\Documents\copernicdesktopsearch-professional
[2015/01/30 23:07:29 | 000,000,000 | ---D | C] -- D:\Izi\Documents\AvastPEToolkit
[2015/01/30 23:07:28 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Ashampoo Media Sync
[2015/01/30 23:07:28 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Ashampoo Burning Studio 14
[2015/01/30 23:07:28 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Ashampoo Burning Studio 12
[2015/01/30 23:07:13 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Applian
[2015/01/30 23:07:13 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Anti-Malware
[2015/01/30 23:07:13 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Android Manager
[2015/01/30 23:07:12 | 000,000,000 | ---D | C] -- D:\Izi\Documents\2013-סופי
[2015/01/30 23:07:04 | 000,000,000 | ---D | C] -- D:\Izi\Documents\2013
[2015/01/30 23:06:56 | 000,000,000 | ---D | C] -- D:\Izi\Documents\1234
[2015/01/30 23:06:27 | 000,000,000 | ---D | C] -- D:\Izi\Documents\4Videosoft Studio
[2015/01/30 23:01:02 | 000,000,000 | ---D | C] -- D:\Izi\Documents\תבניות מותאמות אישית של Office
[2015/01/30 23:01:02 | 000,000,000 | ---D | C] -- D:\Izi\Documents\רועה 2013
[2015/01/30 23:00:51 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\FLV and Media Player
[2015/01/30 23:00:11 | 000,000,000 | ---D | C] -- D:\Izi\Documents\פרס מנכל 2013
[2015/01/30 22:59:30 | 000,000,000 | ---D | C] -- D:\Izi\Documents\מצגת אילן רועה
[2015/01/30 22:59:19 | 000,000,000 | ---D | C] -- D:\Izi\Documents\גיסוי עסקית
[2015/01/30 22:59:19 | 000,000,000 | ---D | C] -- D:\Izi\Documents\אילן רועה
[2015/01/30 22:58:45 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Vuze Downloads
[2015/01/30 22:56:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MajuSoft
[2015/01/30 22:53:20 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2015/01/30 22:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2015/01/30 22:53:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrintKey2000
[2015/01/30 22:49:14 | 000,000,000 | ---D | C] -- D:\Izi\Documents\קבצי Outlook
[2015/01/30 22:46:40 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\ClassicShell
[2015/01/30 22:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2015/01/30 22:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2015/01/30 22:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2015/01/30 22:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2015/01/30 22:43:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/01/30 22:42:56 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015/01/30 22:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2015/01/30 22:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2015/01/30 22:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015/01/30 22:42:14 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Microsoft Help
[2015/01/30 22:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015/01/30 22:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015/01/30 22:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015/01/30 22:42:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2015/01/30 22:40:20 | 000,000,000 | ---D | C] -- D:\Izi\Desktop\office2013
[2015/01/30 22:38:39 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Apple Computer
[2015/01/30 22:38:22 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/30 22:37:58 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Macromedia
[2015/01/30 22:37:37 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\ProductData
[2015/01/30 22:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015/01/30 22:37:27 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Skype
[2015/01/30 22:37:26 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Skype
[2015/01/30 22:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/01/30 22:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/01/30 22:37:23 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015/01/30 22:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015/01/30 22:37:20 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Ahead
[2015/01/30 22:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
[2015/01/30 22:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2015/01/30 22:36:48 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/01/30 22:36:36 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Adobe
[2015/01/30 22:36:32 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\WinRAR
[2015/01/30 22:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2015/01/30 22:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2015/01/30 22:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2015/01/30 22:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2015/01/30 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Google
[2015/01/30 22:36:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015/01/30 22:35:51 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015/01/30 22:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015/01/30 22:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ClassicShell
[2015/01/30 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2015/01/30 22:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
[2015/01/30 22:35:08 | 000,000,000 | ---D | C] -- C:\MyWorks
[2015/01/30 22:35:03 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
[2015/01/30 22:34:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/01/30 22:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2015/01/30 22:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2015/01/30 22:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2015/01/30 22:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2015/01/30 22:34:02 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2015/01/30 22:34:01 | 000,740,442 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx.dll
[2015/01/30 22:34:01 | 000,073,728 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2015/01/30 22:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2015/01/30 22:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/01/30 22:33:48 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2015/01/30 22:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015/01/30 22:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
[2015/01/30 22:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015/01/30 22:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/01/30 22:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015/01/30 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IObit
[2015/01/30 22:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
[2015/01/30 22:33:39 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/01/30 22:33:39 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/01/30 22:33:39 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/01/30 22:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/01/30 22:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/01/30 22:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
[2015/01/30 22:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\Classic Shell
[2015/01/30 22:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2015/01/30 22:33:22 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\IObit
[2015/01/30 22:33:14 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Programs
[2015/01/30 22:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2015/01/30 22:31:26 | 000,000,000 | ---D | C] -- C:\Intel
[2015/01/30 22:22:52 | 000,000,000 | R--D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015/01/30 22:22:52 | 000,000,000 | R--D | C] -- C:\Users\Izi\Searches
[2015/01/30 22:22:52 | 000,000,000 | R--D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015/01/30 22:22:52 | 000,000,000 | -H-D | C] -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/01/30 22:22:51 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\VirtualStore
[2015/01/30 22:22:51 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Packages
[2015/01/30 22:22:51 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Adobe
[2015/01/30 22:22:50 | 000,000,000 | --SD | C] -- C:\Users\Izi\AppData\Roaming\Microsoft
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Videos
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Pictures
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Music
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Links
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Favorites
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Downloads
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Documents
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\Desktop
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015/01/30 22:22:50 | 000,000,000 | R--D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\AppData\Local\Temporary Internet Files
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\Templates
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\Start Menu
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\SendTo
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\Recent
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\PrintHood
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\NetHood
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\My Documents
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\Local Settings
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\AppData\Local\History
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\Cookies
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\Application Data
[2015/01/30 22:22:50 | 000,000,000 | -HSD | C] -- C:\Users\Izi\AppData\Local\Application Data
[2015/01/30 22:22:50 | 000,000,000 | -H-D | C] -- C:\Users\Izi\AppData
[2015/01/30 22:22:50 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Temp
[2015/01/30 22:22:50 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Microsoft
[2015/01/30 22:22:50 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015/01/30 22:21:31 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2015/01/30 22:21:29 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/01/30 22:20:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2015/01/30 22:19:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2015/01/30 22:19:34 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2015/01/30 18:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Keyboard LEDs
[2015/01/30 18:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2015/01/30 18:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2015/01/30 15:21:03 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Diagnostics
[2015/01/30 15:06:15 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Replay Media Catcher 5
[2015/01/30 15:06:15 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Replay Media Catcher 5
[2015/01/30 14:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2015/01/30 14:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2015/01/30 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Media Catcher
[2015/01/30 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Copernic
[2015/01/30 14:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Copernic Desktop Search - Pro
[2015/01/30 14:06:17 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Applian
[2015/01/30 14:04:50 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Jaksta_Technologies_Pty_L
[2015/01/30 14:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[2015/01/30 14:04:34 | 000,000,000 | ---D | C] -- C:\Windows\Jaksta
[2015/01/30 14:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian Technologies
[2015/01/30 13:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Copernic
[2015/01/30 13:56:01 | 000,000,000 | ---D | C] -- C:\ErrorLog
[2015/01/30 13:49:25 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Publish Providers
[2015/01/30 13:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2015/01/30 13:44:44 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Local\Sony
[2015/01/30 13:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2015/01/30 13:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2015/01/30 13:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2015/01/30 13:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2015/01/30 13:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2015/01/30 13:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2015/01/30 13:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2015/01/30 13:29:38 | 000,000,000 | ---D | C] -- C:\Users\Izi\AppData\Roaming\Sony
[2015/01/30 13:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
[2015/01/30 13:16:11 | 000,090,112 | ---- | C] (Vestris Inc.) -- C:\Windows\SysNative\Vestris.ResourceLib.dll
[2015/01/30 13:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\KMSpico
[2015/01/30 13:14:29 | 000,000,000 | ---D | C] -- D:\Izi\Documents\ViceVersa PRO 2
[2015/01/30 13:14:29 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Splashtop Whiteboard
[2015/01/30 13:14:29 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Splashtop Presenter
[2015/01/30 13:13:20 | 000,000,000 | R--D | C] -- D:\Izi\Documents\Scanned Documents
[2015/01/30 13:13:20 | 000,000,000 | ---D | C] -- D:\Izi\Documents\samsung
[2015/01/30 13:13:20 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Replay Telecorder
[2015/01/30 13:13:20 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Reflect
[2015/01/30 13:13:20 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Recordpad
[2015/01/30 13:13:19 | 000,000,000 | ---D | C] -- D:\Izi\Documents\PrintScreen Files
[2015/01/30 13:13:19 | 000,000,000 | ---D | C] -- D:\Izi\Documents\PresentationCD
[2015/01/30 13:12:59 | 000,000,000 | R--D | C] -- D:\Izi\Documents\Pictures
[2015/01/30 13:12:59 | 000,000,000 | ---D | C] -- D:\Izi\Documents\Patch and key I7
[2015/01/27 00:23:46 | 000,014,464 | ---- | C] (Western Digital Technologies) -- C:\Windows\SysNative\drivers\wdcsam64.sys
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/22 13:25:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/22 13:15:30 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/22 13:15:30 | 000,722,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/22 13:15:30 | 000,135,394 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/22 12:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/22 12:52:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001UA.job
[2015/02/22 07:02:02 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/22 03:52:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001Core.job
[2015/02/22 03:14:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/22 03:12:38 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/22 03:12:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/02/22 03:12:11 | 3366,440,960 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/22 03:02:27 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
[2015/02/22 02:45:43 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/02/21 23:00:13 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\Uninstaller_SkipUac_Izi.job
[2015/02/21 10:52:14 | 000,001,321 | ---- | M] () -- C:\Users\Public\Desktop\Replay Media Catcher 6.lnk
[2015/02/20 13:52:54 | 000,002,406 | ---- | M] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/02/20 13:26:13 | 000,002,197 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/02/20 08:09:24 | 002,510,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/19 22:09:20 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 10.lnk
[2015/02/17 06:56:19 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\Replay Converter 4.lnk
[2015/02/17 06:52:06 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Replay Music 7.lnk
[2015/02/17 06:51:40 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Replay Video Capture 7.lnk
[2015/02/17 00:10:25 | 000,002,087 | ---- | M] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Applian Director.lnk
[2015/02/17 00:10:25 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\Applian Director.lnk
[2015/02/11 21:48:53 | 000,000,084 | ---- | M] () -- D:\Izi\Documents\PDVD_MediaDisc.PlayList
[2015/02/09 18:32:25 | 000,001,098 | ---- | M] () -- D:\Izi\Desktop\AML Free Registry Cleaner.lnk
[2015/02/08 12:47:03 | 000,001,207 | ---- | M] () -- D:\Izi\Desktop\CyberLink PowerDVD.lnk
[2015/02/08 12:39:34 | 000,000,604 | ---- | M] () -- C:\Users\Public\Desktop\עסקית.lnk
[2015/02/08 10:24:23 | 386,018,217 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/02/07 18:25:20 | 000,002,166 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015/02/07 18:24:14 | 000,874,712 | ---- | M] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2015/02/07 18:22:17 | 000,017,074 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2015/02/07 18:22:15 | 000,009,728 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2015/02/07 18:22:13 | 000,099,328 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2015/02/07 18:22:13 | 000,078,848 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2015/02/07 18:18:20 | 000,518,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015/02/07 18:18:20 | 000,211,184 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015/02/07 18:18:20 | 000,198,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015/02/07 18:18:20 | 000,155,888 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015/02/07 18:18:17 | 001,443,340 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015/02/07 18:18:17 | 000,375,128 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015/02/07 18:18:17 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015/02/07 18:18:17 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015/02/07 18:18:17 | 000,204,120 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015/02/07 18:18:17 | 000,101,208 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015/02/07 18:18:17 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015/02/07 18:18:15 | 002,041,432 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015/02/07 18:18:15 | 000,318,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015/02/07 18:18:13 | 002,770,976 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015/02/07 18:18:12 | 000,113,576 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015/02/07 18:15:43 | 000,026,528 | ---- | M] (REALiX™) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015/02/07 18:15:27 | 000,001,248 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2015/02/07 18:15:14 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\ASC8_SkipUac_Izi.job
[2015/02/05 14:02:48 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\RecordPad Sound Recorder.lnk
[2015/02/04 13:02:30 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk
[2015/02/02 16:32:21 | 000,001,565 | ---- | M] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\4Videosoft HD Converter.lnk
[2015/02/02 16:32:21 | 000,001,541 | ---- | M] () -- C:\Users\Public\Desktop\4Videosoft HD Converter.lnk
[2015/02/02 16:26:22 | 000,002,527 | ---- | M] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\4Videosoft Video to Audio Converter.lnk
[2015/02/02 16:09:54 | 000,001,454 | ---- | M] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk
[2015/02/02 16:09:54 | 000,001,261 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2015/02/01 16:15:54 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Express Rip CD Ripper Software.lnk
[2015/02/01 16:15:51 | 000,001,348 | ---- | M] () -- C:\Users\Public\Desktop\NCH Suite.lnk
[2015/02/01 16:15:51 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk
[2015/02/01 16:15:31 | 000,033,488 | ---- | M] () -- C:\Windows\SysNative\drivers\stdriverx64.sys
[2015/02/01 16:15:31 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\SoundTap Streaming Audio Recorder.lnk
[2015/02/01 15:16:59 | 000,002,054 | ---- | M] () -- D:\Izi\Desktop\Focus CD DVD Ripper.lnk
[2015/02/01 03:12:17 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\Polar WebSync.lnk
[2015/01/31 08:03:00 | 000,000,979 | ---- | M] () -- D:\Izi\Desktop\VVEngine Home.lnk
[2015/01/30 23:23:31 | 000,000,864 | ---- | M] () -- D:\Izi\Desktop\ViceVersa PRO.lnk
[2015/01/30 23:00:48 | 000,001,345 | ---- | M] () -- C:\Users\Public\Desktop\FLV and Media Player.lnk
[2015/01/30 22:53:20 | 000,001,017 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2015/01/30 22:49:42 | 000,001,121 | ---- | M] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2015/01/30 22:47:00 | 000,002,862 | ---- | M] () -- D:\Izi\Desktop\Outlook 2013.lnk
[2015/01/30 22:39:38 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/01/30 22:37:37 | 000,001,440 | ---- | M] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/01/30 22:37:19 | 000,002,766 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2015/01/30 22:34:09 | 000,002,259 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015/01/30 22:33:48 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2015/01/30 22:31:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2015/01/30 22:26:14 | 000,001,549 | ---- | M] () -- D:\Izi\Desktop\iexplore - Shortcut.lnk
[2015/01/30 22:20:26 | 000,000,620 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2015/01/30 22:20:26 | 000,000,620 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2015/01/30 18:13:00 | 000,000,682 | ---- | M] () -- C:\Users\Public\Desktop\Keyboard LEDs.lnk
[2015/01/30 14:42:14 | 000,001,321 | ---- | M] () -- C:\Users\Public\Desktop\Replay Media Catcher 5.lnk
[2015/01/30 14:08:44 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\Copernic Desktop Search - Professional.lnk
[2015/01/30 13:20:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015/01/30 13:16:16 | 000,004,608 | ---- | M] () -- C:\Windows\SECOH-QAD.exe
[2015/01/30 13:16:16 | 000,003,584 | ---- | M] () -- C:\Windows\SECOH-QAD.dll
[2015/01/27 00:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) -- C:\Windows\SysNative\drivers\wdcsam64.sys
 
========== Files Created - No Company Name ==========
 
[2015/02/22 03:08:43 | 000,000,698 | ---- | C] () -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner_4.lnk
[2015/02/22 02:45:43 | 000,001,175 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/02/22 02:45:43 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/02/17 06:56:19 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\Replay Converter 4.lnk
[2015/02/17 06:52:06 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Replay Music 7.lnk
[2015/02/17 06:51:40 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Replay Video Capture 7.lnk
[2015/02/17 00:10:25 | 000,002,087 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Applian Director.lnk
[2015/02/17 00:10:25 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\Applian Director.lnk
[2015/02/15 09:05:54 | 000,391,526 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015/02/14 20:05:18 | 000,001,321 | ---- | C] () -- C:\Users\Public\Desktop\Replay Media Catcher 6.lnk
[2015/02/09 21:20:41 | 000,002,197 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/02/09 21:20:19 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/09 21:20:19 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/09 18:32:25 | 000,001,098 | ---- | C] () -- D:\Izi\Desktop\AML Free Registry Cleaner.lnk
[2015/02/08 13:56:11 | 000,000,084 | ---- | C] () -- D:\Izi\Documents\PDVD_MediaDisc.PlayList
[2015/02/08 12:47:03 | 000,001,207 | ---- | C] () -- D:\Izi\Desktop\CyberLink PowerDVD.lnk
[2015/02/08 12:39:40 | 000,007,549 | ---- | C] () -- C:\Windows\SysNative\novak7.ctm
[2015/02/08 12:39:34 | 000,000,604 | ---- | C] () -- C:\Users\Public\Desktop\עסקית.lnk
[2015/02/08 11:11:23 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/08 10:24:23 | 386,018,217 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015/02/08 02:52:32 | 000,142,848 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2015/02/08 02:52:32 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015/02/08 02:52:25 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\BthpanContextHandler.dll
[2015/02/08 02:52:15 | 000,053,248 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll
[2015/02/08 02:52:15 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2015/02/08 02:51:46 | 000,002,412 | ---- | C] () -- C:\Windows\SysNative\KeyboardFilterShim.sdb
[2015/02/08 02:43:02 | 000,050,745 | ---- | C] () -- C:\Windows\SysNative\srms.dat
[2015/02/07 18:22:17 | 000,017,074 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2015/02/07 18:22:15 | 000,009,728 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2015/02/07 18:22:13 | 000,099,328 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2015/02/07 18:22:13 | 000,078,848 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2015/02/07 18:18:17 | 001,443,340 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015/02/07 18:15:42 | 000,002,166 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015/02/07 17:44:33 | 000,139,600 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2015/02/07 17:44:01 | 000,262,335 | ---- | C] () -- C:\Windows\SysNative\dfpinc.dat
[2015/02/07 17:43:43 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2015/02/07 17:43:43 | 000,002,255 | ---- | C] () -- C:\Windows\SysNative\WimBootCompress.ini
[2015/02/07 17:43:39 | 000,100,197 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2015/02/07 17:43:39 | 000,100,197 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2015/02/07 17:43:39 | 000,007,762 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-suggestions.searchconnector-ms
[2015/02/07 17:43:39 | 000,007,762 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-suggestions.searchconnector-ms
[2015/02/07 17:43:39 | 000,007,130 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-zeroinput.searchconnector-ms
[2015/02/07 17:43:39 | 000,007,130 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-zeroinput.searchconnector-ms
[2015/02/07 17:43:38 | 000,011,109 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-results.searchconnector-ms
[2015/02/07 17:43:38 | 000,011,109 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-results.searchconnector-ms
[2015/02/07 17:43:38 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2015/02/05 14:02:48 | 000,001,182 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecordPad Sound Recorder.lnk
[2015/02/05 14:02:48 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\RecordPad Sound Recorder.lnk
[2015/02/02 16:32:21 | 000,001,565 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\4Videosoft HD Converter.lnk
[2015/02/02 16:32:21 | 000,001,541 | ---- | C] () -- C:\Users\Public\Desktop\4Videosoft HD Converter.lnk
[2015/02/02 16:26:22 | 000,002,527 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\4Videosoft Video to Audio Converter.lnk
[2015/02/02 16:09:54 | 000,001,454 | ---- | C] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk
[2015/02/02 16:09:54 | 000,001,261 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2015/02/01 17:28:35 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk
[2015/02/01 16:15:54 | 000,001,204 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Rip CD Ripper Software.lnk
[2015/02/01 16:15:54 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Express Rip CD Ripper Software.lnk
[2015/02/01 16:15:51 | 000,001,348 | ---- | C] () -- C:\Users\Public\Desktop\NCH Suite.lnk
[2015/02/01 16:15:51 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk
[2015/02/01 16:15:51 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk
[2015/02/01 16:15:31 | 000,033,488 | ---- | C] () -- C:\Windows\SysNative\drivers\stdriverx64.sys
[2015/02/01 16:15:31 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundTap Streaming Audio Recorder.lnk
[2015/02/01 16:15:31 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\SoundTap Streaming Audio Recorder.lnk
[2015/02/01 15:19:28 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk
[2015/02/01 15:16:59 | 000,002,054 | ---- | C] () -- D:\Izi\Desktop\Focus CD DVD Ripper.lnk
[2015/02/01 15:16:58 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2015/02/01 15:16:58 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2015/02/01 15:16:52 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2015/02/01 03:12:17 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\Polar WebSync.lnk
[2015/01/31 22:54:00 | 000,000,983 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
[2015/01/31 22:54:00 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 10.lnk
[2015/01/31 08:03:00 | 000,000,979 | ---- | C] () -- D:\Izi\Desktop\VVEngine Home.lnk
[2015/01/30 23:23:31 | 000,000,864 | ---- | C] () -- D:\Izi\Desktop\ViceVersa PRO.lnk
[2015/01/30 23:06:27 | 004,100,117 | ---- | C] () -- D:\Izi\Documents\תמר-IMG_0930.MOV
[2015/01/30 23:06:27 | 000,456,962 | ---- | C] () -- D:\Izi\Documents\תמר-הקלטה 007.m4a
[2015/01/30 23:06:23 | 029,284,798 | ---- | C] () -- D:\Izi\Documents\רביעיית איילון-בת הכותן.wav
[2015/01/30 23:06:23 | 006,111,843 | ---- | C] () -- D:\Izi\Documents\רבינה-פיליפקו_ארנון מגן בית ופזמון נחומי הרציון 3 בתים_רודיגין-איזי הוד.mp3
[2015/01/30 23:06:23 | 004,431,406 | ---- | C] () -- D:\Izi\Documents\קטע אנונימי.wav
[2015/01/30 23:06:23 | 000,191,602 | ---- | C] () -- D:\Izi\Documents\פרוספקט לשון מירי .pdf
[2015/01/30 23:06:23 | 000,172,895 | ---- | C] () -- D:\Izi\Documents\פרח אור-דודו זכאי.wma
[2015/01/30 23:06:23 | 000,152,765 | ---- | C] () -- D:\Izi\Documents\פרח של אור-יוסיף רובזון.wma
[2015/01/30 23:06:22 | 000,701,367 | ---- | C] () -- D:\Izi\Documents\כשהיא מתחממת-עממי רוסי_לא ידוע-דורי גלבוע+יוסי כפרי+דרור סנדלון.mp3
[2015/01/30 23:06:22 | 000,248,472 | ---- | C] () -- D:\Izi\Documents\מכתב ילדים-כנרת-ישראל שוורצמן.pdf
[2015/01/30 23:06:22 | 000,067,198 | ---- | C] () -- D:\Izi\Documents\מכתב התראה מיום 10.1.12.pdf
[2015/01/30 23:06:06 | 007,882,956 | ---- | C] () -- D:\Izi\Documents\יהודה שרת.mp3
[2015/01/30 23:06:06 | 002,529,280 | ---- | C] () -- D:\Izi\Documents\יא מיין ליבע טאכטער-בארי שוועסטערן.mp3
[2015/01/30 23:06:06 | 000,364,696 | ---- | C] () -- D:\Izi\Documents\יבצ-קיץ סתיו 2012.veg
[2015/01/30 23:06:06 | 000,345,080 | ---- | C] () -- D:\Izi\Documents\יבצ-קיץ סתיו 2012.veg.bak
[2015/01/30 23:06:06 | 000,166,008 | ---- | C] () -- D:\Izi\Documents\יבצ-ספטמבר 2012.veg
[2015/01/30 23:06:05 | 006,005,048 | ---- | C] () -- D:\Izi\Documents\טהורים יאבדו.mp3
[2015/01/30 23:06:05 | 000,545,552 | ---- | C] () -- D:\Izi\Documents\הקלטות יבצ-יוני 2012.veg
[2015/01/30 23:06:05 | 000,356,984 | ---- | C] () -- D:\Izi\Documents\הקלטות יבצ-אפריל מאי 2012.veg
[2015/01/30 23:06:05 | 000,320,000 | ---- | C] () -- D:\Izi\Documents\הקלטות יבצ-אוגוסט ספטמבר 2012.veg
[2015/01/30 23:06:05 | 000,293,856 | ---- | C] () -- D:\Izi\Documents\הקלטות יבצ-אפריל מאי 2012.veg.bak
[2015/01/30 23:06:05 | 000,229,392 | ---- | C] () -- D:\Izi\Documents\הקלטות יבצ-אוגוסט ספטמבר 2012.veg.bak
[2015/01/30 23:06:05 | 000,181,327 | ---- | C] () -- D:\Izi\Documents\חשבונית.pdf
[2015/01/30 23:06:05 | 000,066,288 | ---- | C] () -- D:\Izi\Documents\חשבונית 100328
[2015/01/30 23:06:04 | 004,161,202 | ---- | C] () -- D:\Izi\Documents\דונה גרציה.mp3
[2015/01/30 23:06:04 | 001,004,850 | ---- | C] () -- D:\Izi\Documents\הו שיטה מסולסלת-פיליפנקו_לא ידוע-רודיגין-עמוס גלעד.mp3
[2015/01/30 23:06:04 | 000,684,198 | ---- | C] () -- D:\Izi\Documents\גלם-ענן אום.mp3
[2015/01/30 23:06:04 | 000,572,603 | ---- | C] () -- D:\Izi\Documents\ד-18.06-הצלה רשתות.mp3
[2015/01/30 23:06:04 | 000,193,332 | ---- | C] () -- D:\Izi\Documents\הזמנה לכנס הפורום לשימור.pdf
[2015/01/30 23:06:03 | 004,837,376 | ---- | C] () -- D:\Izi\Documents\בני תורה אנחנו-שולמית אזרחי-רודיגין-בני ישיבת מאורות רפאל בהדרכת דב קוק.mp3
[2015/01/30 23:06:03 | 002,383,620 | ---- | C] () -- D:\Izi\Documents\ב-28.11-שיר הקורפורל.mp3
[2015/01/30 23:06:03 | 000,382,431 | ---- | C] () -- D:\Izi\Documents\גלם - אשכול - הפנקס.mp3
[2015/01/30 23:06:03 | 000,057,156 | ---- | C] () -- D:\Izi\Documents\אישורי יציאה בתפקיד.pdf
[2015/01/30 23:06:02 | 002,250,752 | ---- | C] () -- D:\Izi\Documents\yes my darling daughter-jack laurence-ukr. folk-dinah shore.mp3
[2015/01/30 23:06:02 | 001,781,385 | ---- | C] () -- D:\Izi\Documents\yes my darling daughter-jack laurence-ukr. folk-eydie gorme.mp3.mp3
[2015/01/30 23:06:01 | 022,259,528 | ---- | C] () -- D:\Izi\Documents\vlc-2.0.1-win32.exe
[2015/01/30 23:05:59 | 014,384,878 | ---- | C] () -- D:\Izi\Documents\Track36.wav
[2015/01/30 23:05:59 | 000,018,728 | ---- | C] () -- D:\Izi\Documents\Untitled.veg
[2015/01/30 23:05:57 | 019,279,390 | ---- | C] () -- D:\Izi\Documents\Track35.wav
[2015/01/30 23:05:57 | 010,003,102 | ---- | C] () -- D:\Izi\Documents\Track34.wav
[2015/01/30 23:05:54 | 031,507,438 | ---- | C] () -- D:\Izi\Documents\Track33.wav
[2015/01/30 23:05:54 | 011,651,854 | ---- | C] () -- D:\Izi\Documents\Track30.wav
[2015/01/30 23:05:54 | 010,555,822 | ---- | C] () -- D:\Izi\Documents\Track31.wav
[2015/01/30 23:05:54 | 003,965,518 | ---- | C] () -- D:\Izi\Documents\Track32.wav
[2015/01/30 23:05:53 | 013,187,710 | ---- | C] () -- D:\Izi\Documents\Track28.wav
[2015/01/30 23:05:53 | 013,117,150 | ---- | C] () -- D:\Izi\Documents\Track29.wav
[2015/01/30 23:05:52 | 011,226,142 | ---- | C] () -- D:\Izi\Documents\Track27.wav
[2015/01/30 23:05:52 | 009,191,662 | ---- | C] () -- D:\Izi\Documents\Track26.wav
[2015/01/30 23:05:49 | 030,406,702 | ---- | C] () -- D:\Izi\Documents\Track25.wav
[2015/01/30 23:05:49 | 008,321,422 | ---- | C] () -- D:\Izi\Documents\Track24.wav
[2015/01/30 23:05:48 | 021,316,222 | ---- | C] () -- D:\Izi\Documents\Track23.wav
[2015/01/30 23:05:47 | 014,850,574 | ---- | C] () -- D:\Izi\Documents\Track22.wav
[2015/01/30 23:05:47 | 006,910,222 | ---- | C] () -- D:\Izi\Documents\Track21.wav
[2015/01/30 23:05:47 | 005,259,118 | ---- | C] () -- D:\Izi\Documents\Track20.wav
[2015/01/30 23:05:46 | 010,979,182 | ---- | C] () -- D:\Izi\Documents\Track17.wav
[2015/01/30 23:05:46 | 006,846,718 | ---- | C] () -- D:\Izi\Documents\Track18.wav
[2015/01/30 23:05:46 | 004,958,062 | ---- | C] () -- D:\Izi\Documents\Track19.wav
[2015/01/30 23:05:45 | 012,202,222 | ---- | C] () -- D:\Izi\Documents\Track16.wav
[2015/01/30 23:05:45 | 007,335,934 | ---- | C] () -- D:\Izi\Documents\Track14.wav
[2015/01/30 23:05:45 | 006,430,414 | ---- | C] () -- D:\Izi\Documents\Track15.wav
[2015/01/30 23:05:44 | 010,440,574 | ---- | C] () -- D:\Izi\Documents\Track12.wav
[2015/01/30 23:05:44 | 009,960,766 | ---- | C] () -- D:\Izi\Documents\Track11.wav
[2015/01/30 23:05:44 | 004,833,406 | ---- | C] () -- D:\Izi\Documents\Track13.wav
[2015/01/30 23:05:43 | 012,658,510 | ---- | C] () -- D:\Izi\Documents\Track09.wav
[2015/01/30 23:05:43 | 011,757,694 | ---- | C] () -- D:\Izi\Documents\Track10.wav
[2015/01/30 23:05:43 | 005,701,294 | ---- | C] () -- D:\Izi\Documents\Track08.wav
[2015/01/30 23:05:42 | 012,094,030 | ---- | C] () -- D:\Izi\Documents\Track07.wav
[2015/01/30 23:05:42 | 011,367,262 | ---- | C] () -- D:\Izi\Documents\Track05.wav
[2015/01/30 23:05:42 | 010,743,982 | ---- | C] () -- D:\Izi\Documents\Track06.wav
[2015/01/30 23:05:41 | 015,346,846 | ---- | C] () -- D:\Izi\Documents\Track04.wav
[2015/01/30 23:05:41 | 011,402,542 | ---- | C] () -- D:\Izi\Documents\Track03.wav
[2015/01/30 23:05:40 | 012,764,350 | ---- | C] () -- D:\Izi\Documents\Track02.wav
[2015/01/30 23:05:40 | 012,315,118 | ---- | C] () -- D:\Izi\Documents\Track01.wav
[2015/01/30 23:05:39 | 009,241,088 | ---- | C] () -- D:\Izi\Documents\Track 2 Recording 1.wav
[2015/01/30 23:05:39 | 007,003,558 | ---- | C] () -- D:\Izi\Documents\Track 2 Recording 2.wav
[2015/01/30 23:05:24 | 000,007,226 | ---- | C] () -- D:\Izi\Desktop\שונות.rar
[2015/01/30 23:04:28 | 646,915,510 | ---- | C] () -- D:\Izi\Desktop\1234.rar
[2015/01/30 23:04:16 | 1431,244,582 | ---- | C] () -- D:\Izi\Documents\Track 2 - 7.wav
[2015/01/30 23:04:06 | 151,252,330 | ---- | C] () -- D:\Izi\Documents\Track 2 - 5.wav
[2015/01/30 23:04:05 | 001,885,518 | ---- | C] () -- D:\Izi\Documents\Track 2 - 4.wav
[2015/01/30 23:04:01 | 063,718,434 | ---- | C] () -- D:\Izi\Documents\Track 2 - 3.wav
[2015/01/30 23:03:59 | 029,065,714 | ---- | C] () -- D:\Izi\Documents\Track 2 - 2.wav
[2015/01/30 23:03:58 | 003,108,670 | ---- | C] () -- D:\Izi\Documents\Track 2 - 1.wav
[2015/01/30 23:03:58 | 001,557,310 | ---- | C] () -- D:\Izi\Documents\Track 1 Recording 1.wav
[2015/01/30 23:03:58 | 000,012,232 | ---- | C] () -- D:\Izi\Documents\Track 1 Recording 1.sfk
[2015/01/30 23:03:47 | 156,529,546 | ---- | C] () -- D:\Izi\Documents\Track 1 - 12.wav
[2015/01/30 23:03:03 | 642,367,266 | ---- | C] () -- D:\Izi\Documents\Track 1 - 11.wav
[2015/01/30 23:03:01 | 019,241,154 | ---- | C] () -- D:\Izi\Documents\Track 1 - 10.wav
[2015/01/30 23:03:01 | 001,439,902 | ---- | C] () -- D:\Izi\Documents\Track 1 - 9.wav
[2015/01/30 23:02:40 | 311,427,546 | ---- | C] () -- D:\Izi\Documents\Track 1 - 8.wav
[2015/01/30 23:02:39 | 007,331,198 | ---- | C] () -- D:\Izi\Documents\Track 1 - 7.wav
[2015/01/30 23:02:18 | 1924,916,746 | ---- | C] () -- D:\Izi\Desktop\123.rar
[2015/01/30 23:02:09 | 580,842,214 | ---- | C] () -- D:\Izi\Documents\Track 1 - 6.wav
[2015/01/30 23:01:33 | 555,310,182 | ---- | C] () -- D:\Izi\Documents\Track 1 - 5.wav
[2015/01/30 23:01:32 | 009,608,298 | ---- | C] () -- D:\Izi\Documents\Track 1 - 3.wav
[2015/01/30 23:01:32 | 002,310,542 | ---- | C] () -- D:\Izi\Documents\Track 1 - 2.wav
[2015/01/30 23:01:32 | 001,701,138 | ---- | C] () -- D:\Izi\Documents\Track 1 - 4.wav
[2015/01/30 23:01:29 | 029,065,714 | ---- | C] () -- D:\Izi\Documents\Track 1 - 1.wav
[2015/01/30 23:01:29 | 000,577,104 | ---- | C] () -- D:\Izi\Documents\Scan0006.jpg
[2015/01/30 23:01:29 | 000,347,621 | ---- | C] () -- D:\Izi\Documents\Scan0004.jpg
[2015/01/30 23:01:29 | 000,265,254 | ---- | C] () -- D:\Izi\Documents\Scan0001.jpg
[2015/01/30 23:01:29 | 000,203,080 | ---- | C] () -- D:\Izi\Documents\Scan0007.jpg
[2015/01/30 23:01:29 | 000,183,330 | ---- | C] () -- D:\Izi\Documents\Scan0005.jpg
[2015/01/30 23:01:29 | 000,174,756 | ---- | C] () -- D:\Izi\Documents\Scan0003.jpg
[2015/01/30 23:01:29 | 000,168,103 | ---- | C] () -- D:\Izi\Documents\Scan0002.jpg
[2015/01/30 23:01:29 | 000,090,920 | ---- | C] () -- D:\Izi\Documents\thaurh jupav.pdf
[2015/01/30 23:01:28 | 003,369,370 | ---- | C] () -- D:\Izi\Documents\oy ne khody hrichyu-ukr. narod-david medof.mp3
[2015/01/30 23:01:28 | 003,301,376 | ---- | C] () -- D:\Izi\Documents\oy ne khody hrichu-yes my darling daughter-שיר הקורפורל-ukr narod-maria mikolaychuk.mp3
[2015/01/30 23:01:28 | 000,002,560 | ---- | C] () -- D:\Izi\Documents\Register Vegas Pro.htm
[2015/01/30 23:01:27 | 002,647,246 | ---- | C] () -- D:\Izi\Documents\lyoshinka-tamanov-chernienko-Nekhama HENDEL ליושינקה.wma
[2015/01/30 23:01:27 | 002,142,336 | ---- | C] () -- D:\Izi\Documents\lyoshinka-tamanov-chernienko-Zikina ליושינקה.mp3
[2015/01/30 23:01:24 | 040,184,619 | ---- | C] () -- D:\Izi\Documents\goldman2.wmv
[2015/01/30 23:01:22 | 038,783,251 | ---- | C] () -- D:\Izi\Documents\goldman1.wmv
[2015/01/30 23:01:19 | 035,970,092 | ---- | C] () -- D:\Izi\Documents\dolina-ט לה לה לה עם קלינה מיא-narod-boris rubashkin.wav
[2015/01/30 23:01:19 | 000,001,242 | ---- | C] () -- D:\Izi\Documents\cc_20110311_144211.reg
[2015/01/30 23:01:18 | 000,082,264 | ---- | C] () -- D:\Izi\Documents\bb.veg.bak
[2015/01/30 23:01:18 | 000,081,152 | ---- | C] () -- D:\Izi\Documents\bb.veg
[2015/01/30 23:01:18 | 000,004,819 | ---- | C] () -- D:\Izi\Documents\bookmark.htm
[2015/01/30 23:01:04 | 197,095,470 | ---- | C] () -- D:\Izi\Documents\Bar Asher.wav
[2015/01/30 23:01:04 | 001,762,683 | ---- | C] () -- D:\Izi\Documents\2011.pdf
[2015/01/30 23:01:04 | 000,042,624 | ---- | C] () -- D:\Izi\Documents\35559_שבשבת_ירח.jpg
[2015/01/30 23:01:04 | 000,032,694 | ---- | C] () -- D:\Izi\Documents\111.htm
[2015/01/30 23:01:04 | 000,001,764 | ---- | C] () -- D:\Izi\Documents\Avast Premier 1 year 1 user.avastlic
[2015/01/30 23:01:04 | 000,000,192 | ---- | C] () -- D:\Izi\Documents\1111
[2015/01/30 23:01:03 | 007,278,362 | ---- | C] () -- D:\Izi\Documents\05 רצועה 5.wma
[2015/01/30 23:01:03 | 006,154,874 | ---- | C] () -- D:\Izi\Documents\11 רצועה 11.wma
[2015/01/30 23:01:03 | 002,945,762 | ---- | C] () -- D:\Izi\Documents\14 רצועה 14.wma
[2015/01/30 23:01:03 | 002,013,506 | ---- | C] () -- D:\Izi\Documents\19 רצועה 19.wma
[2015/01/30 23:01:03 | 000,034,363 | ---- | C] () -- D:\Izi\Documents\11.htm
[2015/01/30 23:01:02 | 000,076,271 | ---- | C] () -- D:\Izi\Documents\1-Donia.wma
[2015/01/30 23:00:48 | 000,001,345 | ---- | C] () -- C:\Users\Public\Desktop\FLV and Media Player.lnk
[2015/01/30 22:53:20 | 000,001,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2015/01/30 22:49:42 | 000,001,121 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2015/01/30 22:47:00 | 000,002,862 | ---- | C] () -- D:\Izi\Desktop\Outlook 2013.lnk
[2015/01/30 22:38:39 | 000,001,248 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2015/01/30 22:38:39 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\Uninstaller_SkipUac_Izi.job
[2015/01/30 22:37:37 | 000,001,440 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/01/30 22:37:19 | 000,002,766 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2015/01/30 22:36:48 | 000,002,406 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/30 22:36:26 | 000,000,944 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001UA.job
[2015/01/30 22:36:26 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001Core.job
[2015/01/30 22:34:09 | 000,002,259 | ---- | C] () -- C:\Windows\epplauncher.mif
[2015/01/30 22:34:04 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2015/01/30 22:34:02 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2015/01/30 22:34:02 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm
[2015/01/30 22:34:01 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2015/01/30 22:34:01 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2015/01/30 22:34:00 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2015/01/30 22:33:55 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/01/30 22:33:48 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2015/01/30 22:33:48 | 000,002,034 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2015/01/30 22:33:43 | 000,000,252 | ---- | C] () -- C:\Windows\tasks\ASC8_SkipUac_Izi.job
[2015/01/30 22:33:42 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
[2015/01/30 22:31:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2015/01/30 22:26:14 | 000,001,549 | ---- | C] () -- D:\Izi\Desktop\iexplore - Shortcut.lnk
[2015/01/30 22:22:51 | 000,001,446 | ---- | C] () -- C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015/01/30 22:22:50 | 000,000,352 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2015/01/30 22:22:50 | 000,000,334 | ---- | C] () -- C:\Users\Izi\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2015/01/30 22:20:46 | 3366,440,960 | -HS- | C] () -- C:\hiberfil.sys
[2015/01/30 22:19:58 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2015/01/30 18:13:00 | 000,000,682 | ---- | C] () -- C:\Users\Public\Desktop\Keyboard LEDs.lnk
[2015/01/30 14:42:14 | 000,001,321 | ---- | C] () -- C:\Users\Public\Desktop\Replay Media Catcher 5.lnk
[2015/01/30 14:07:15 | 000,001,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search - Professional.lnk
[2015/01/30 14:07:15 | 000,001,197 | ---- | C] () -- C:\Users\Public\Desktop\Copernic Desktop Search - Professional.lnk
[2015/01/30 13:20:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015/01/30 13:16:16 | 000,004,608 | ---- | C] () -- C:\Windows\SECOH-QAD.exe
[2015/01/30 13:16:16 | 000,003,584 | ---- | C] () -- C:\Windows\SECOH-QAD.dll
[2014/01/30 09:02:42 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2014/01/30 09:02:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/03/01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2015/02/02 16:09:56 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/11/11 02:39:20 | 022,290,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/11/11 02:17:34 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015/02/22 02:40:25 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\ClassicShell
[2015/02/02 16:09:58 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\DVDVideoSoft
[2015/02/22 13:12:26 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\FLV and Media Player
[2015/02/07 18:15:43 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\IObit
[2015/02/01 15:18:52 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\NCH Swift Sound
[2015/02/02 16:11:18 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Opera Software
[2015/02/01 09:20:38 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Polar WebSync
[2015/01/30 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\ProductData
[2015/01/30 13:49:25 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Publish Providers
[2015/02/05 14:02:48 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Recordpad
[2015/01/30 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Replay Media Catcher 5
[2015/02/14 20:08:42 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Replay Media Catcher 6
[2015/02/18 19:37:46 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Replay Music 7
[2015/02/20 14:00:10 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Replay Radio 9
[2015/02/08 12:39:41 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Softland
[2015/02/08 21:20:52 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\Sony
[2015/02/01 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\TeamViewer
[2015/02/04 16:21:51 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\TeraCopy
[2015/02/02 16:13:27 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\TuneUp Software
[2015/02/22 13:25:23 | 000,000,000 | ---D | M] -- C:\Users\Izi\AppData\Roaming\VVEngine
 
========== Purity Check ==========
 
 

< End of report >


  • 0

Advertisements

#2
Metallica
Posted 22 February 2015 - 06:26 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
How to change the Homepage and organize the search providers in Firefox

Click the Firefox button and choose "Options" > "Options"

FirefoxSettings.png

On the "General" tab under "Startup" use one of the buttons or manually change the URL in the "HomePage" field. Click OK.

FirefoxSP.png

The next bit is a bit tricky, so follow the instructions carefully.
In Firefox type "about:config" in the addres bar. Ignore the warning for this time. In the resulting page do a search for "default-search.net"

FirefoxSE.png

Change the URL for the entries that point to "default-search.net" by rightlicking them and choose "Modify"

FirefoxSE2.png

My guess is you want them to point to Google

One other thing in your log I was wondering about and couldn't find any information is the proxy settings in Internet Explorer.


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = https=127.0.0.1:64191
Was this set by yourself or so we need to look into that?
  • 0

#3
MalwareDetective
Posted 22 February 2015 - 07:08 AM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

Hello,

Thank you for your fast reply.

I tried to change the homepage in firefox (both in option and in about:config)... I closed firefox and opened it again but default-search.com is still here..

 

About the proxy, It was not set by me and It actually promotes an error in chorme and in internet explorer which prevents surfing so I have to go and manually change the proxy settings in IE settings...

 

Thanks


  • 0

#4
Metallica
Posted 22 February 2015 - 09:56 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Although I don't suspect IObit to be responsible for this I would advise you to uninstall it.

Then copy the text below in the Custom Scans/Fixes textbox.

:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O18 - Protocol\Handler\ms-help - No CLSID value found:files
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyServer"=-
:commands
[emptytemp]
After doing that click on Run Fix
You will be prompted to reboot your computer. Please do so.
After the reboot the computer will open with a log file.
Please post the content of that log file and let me know how your browsers are behaving.
  • 0

#5
MalwareDetective
Posted 22 February 2015 - 11:00 AM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found:files not found.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\"ProxyEnable"|0 /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Izi
->Temp folder emptied: 131998830 bytes
->Temporary Internet Files folder emptied: 781034628 bytes
->FireFox cache emptied: 20414407 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1370 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27404737 bytes
RecycleBin emptied: 149601536515 bytes
 
Total Files Cleaned = 143,587.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 02222015_185121
 
Files\Folders moved on Reboot...
C:\Users\Izi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Izi\AppData\Local\Microsoft\Windows\INetCache\IE\7S4XEA8I\OTL.exe moved successfully.
File move failed. C:\Users\Izi\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
 
------
 
I'll update you in few hours if indeed all the browsers are OK.
Thanks :)

  • 0

#6
Metallica
Posted 22 February 2015 - 01:19 PM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
OK :)
  • 0

#7
MalwareDetective
Posted 22 February 2015 - 02:20 PM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

Hi,

The default-search.net is still here, unfortunately :no:  :headscratch:

 Any Ideas?

 

Thanks


  • 0

#8
Metallica
Posted 22 February 2015 - 02:54 PM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Sure.

Please download Shortcut Cleaner from here:
http://www.bleepingc...ortcut-cleaner/

Run the tool, follow the instructions and attach the created log here.
  • 0

#9
MalwareDetective
Posted 23 February 2015 - 07:32 AM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

Hi,

Here's Shortcut Cleaner log:

 

Shortcut Cleaner 1.3.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 http://www.bleepingc...ortcut-cleaner/

Windows Version: Windows 8.1 Pro
Program started at: 02/23/2015 03:31:34 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Izi\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Izi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching D:\Izi\Desktop

0 bad shortcuts found.

Program finished at: 02/23/2015 03:31:35 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

 

 

Thanks :)


  • 0

#10
Metallica
Posted 23 February 2015 - 08:18 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
So that wasn't it either.
I take it the proxy problem is solved now?
 
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :regfind 
default-search
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

It will take a few minutes for the search to complete!
  • 0

Advertisements

#11
MalwareDetective
Posted 23 February 2015 - 08:58 AM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

SystemLook 30.07.11 by jpshortstuff
Log created at 16:55 on 23/02/2015 by Izi
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== regfind ==========

Searching for "default-search"
No data found.

-= EOF =-

 

It looks like the proxy problem is OK now.

Thanks..


  • 0

#12
Metallica
Posted 23 February 2015 - 11:16 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
That's weird. It should at least have found the Startpage.

Can you tell me when and how default-search.net shows up?
Which browser, how you open it etc. Any detail that you think could be important.
  • 0

#13
MalwareDetective
Posted 23 February 2015 - 12:25 PM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

The defualt-search opens as the main homepage only on Firefox. 

I open Firefox from the shortcut on the desktop and from the start button.

Now, when I change the homepage in Firefox options I can't find a trace of default-search.net in the about:config but when I exit firefox (of course after clicking OK on the firefox options) and open it again, the homepage is default-search.net...

 

Thank you!!


  • 0

#14
Metallica
Posted 23 February 2015 - 03:30 PM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Logic dictates that there is something actively changing that.
But I see no sign of it.
I will have to do some more research.

I will have to ask you to make another log.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#15
MalwareDetective
Posted 24 February 2015 - 06:26 AM

MalwareDetective

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

Hi,

I know you asked to copy and paste but for some reason I can't.

The two logs are attached.

Thanks

Attached Files


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP