Jump to content

rt2011

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Kevin, Is this step are urgent? I just reinstall malwarebytes and I will not be next to the pc for the next days. Regards, Roy
  2. Thanks a lot for your help! Windows successfully loaded but there is anything I need to do for prevent future problems? Regards, Roy
  3. Hi, Search.txt -> Farbar Recovery Scan Tool (x64) Version: 05-05-2017 02 Ran by SYSTEM (07-05-2017 23:48:15) Running from f:\ Boot Mode: Recovery ================== Search Files: "mbamswissarmy.sys" ============= C:\Windows\System32\drivers\MBAMSwissArmy.sys [2017-04-14 11:51][2017-04-28 00:47] 0000000 _____ () ====== End of Search ======
  4. Hi Kevin, Thanks for your reply. I tried and still the same error about mbamswissarmy.sys. Fixlog.txt -> Fix result of Farbar Recovery Scan Tool (x64) Version: 05-05-2017 02 Ran by SYSTEM (07-05-2017 18:38:31) Run:1 Running from f:\ Boot Mode: Recovery ============================================== fixlist content: ***************** Start LastRegBack: 2017-04-20 15:43 end ***************** DEFAULT => copied successfully to System32\config\HiveBackup DEFAULT => restored successfully from registry back up SAM => copied successfully to System32\config\HiveBackup SAM => restored successfully from registry back up SECURITY => copied successfully to System32\config\HiveBackup SECURITY => restored successfully from registry back up SOFTWARE => Could not copy SOFTWARE => restored successfully from registry back up SYSTEM => Could not copy SYSTEM => restored successfully from registry back up ==== End of Fixlog 18:38:35 ====
  5. attached FRST.txt output : Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-05-2017 02 Ran by SYSTEM on MININT-O3K6P8F (06-05-2017 14:06:39) Running from f:\ Platform: Windows 8.1 Pro (Update) (X64) Language: עברית (ישראל)‏ Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521968 2015-08-05] (Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-07] (Charity Engine) HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\charityengine.exe [3757712 2014-03-07] (Charity Engine) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2017-03-10] () HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\AllMyTube\DelayPluginI.exe [1969888 2017-03-29] () Startup: C:\Users\פטל\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-04-03] ShortcutTarget: MEGAsync.lnk -> C:\windows\system32\config\systemprofile\AppData\Local\MEGAsync\MEGAsync.exe (No File) Startup: C:\Users\פטל\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\גוזר מסך של OneNote 2007 ו- Launcher.lnk [2016-06-06] ShortcutTarget: גוזר מסך של OneNote 2007 ו- Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated) S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [1490592 2016-06-07] () S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.) S2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.) S2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-03-10] (Freemake) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.) S3 mi-raysat_3dsmax2017_64; E:\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-09-08] (CyberLink) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.) S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] () S1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.) S0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.) S0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.) S0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software) S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software) S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software) S0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software) S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software) S0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. ) S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] () S3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37672 2015-07-31] (Intel) S3 LifeCamTrueColor; C:\Windows\system32\DRIVERS\LifeCamTrueColor.sys [37936 2016-07-27] (Microsoft Corporation) S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-04-14] (Malwarebytes) S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-27] (Malwarebytes) S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [0 2017-04-28] () <==== ATTENTION (zero byte File/Folder) S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [0 2017-04-28] () <==== ATTENTION (zero byte File/Folder) S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) S1 NEOFLTR_812_35781; C:\Windows\system32\Drivers\NEOFLTR_812_35781.SYS [108344 2015-04-13] (Pulse Secure, LLC) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-06 14:06 - 2017-05-06 14:06 - 00000000 ____D C:\FRST 2017-04-28 10:47 - 2017-04-28 10:47 - 00000000 _____ C:\Windows\System32\Drivers\29404693.sys 2017-04-27 23:27 - 2017-04-27 23:27 - 00000000 _____ C:\Windows\System32\Drivers\12763DB0.sys 2017-04-27 19:27 - 2017-04-27 19:29 - 00000095 _____ C:\Users\פטל\Desktop\קרן.vbs 2017-04-27 19:26 - 2017-04-27 19:27 - 00000094 _____ C:\Users\פטל\Desktop\KEREN.vbs 2017-04-27 19:21 - 2017-04-27 19:21 - 00000326 _____ C:\Users\פטל\Desktop\וירוס בשביל הצחוק.vbs 2017-04-27 16:26 - 2017-04-27 16:31 - 00000000 ____D C:\Users\פטל\Desktop\ווגס 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\fr 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\FileIO Plug-Ins 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\External Control Drivers 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\es 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\de 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\bdmux 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\Audio Hardware Drivers 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\2fca99749fdb49aeb121a5b63ef568f7 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\Desktop\15dd936825ad475ea34e35f3f54217a6 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\Users\פטל\AppData\Local\VEGAS 2017-04-27 16:26 - 2017-04-27 16:26 - 00000000 ____D C:\ProgramData\VEGAS 2017-04-27 16:19 - 2017-04-27 16:19 - 00000000 ____D C:\Users\פטל\Documents\MAGIX Downloads 2017-04-27 16:19 - 2017-04-27 16:19 - 00000000 ____D C:\Users\פטל\AppData\Roaming\MAGIX 2017-04-27 15:58 - 2017-04-27 15:58 - 00000000 ____D C:\Program Files\Sony 2017-04-27 15:14 - 2017-04-27 15:19 - 00000000 ____D C:\Users\פטל\AppData\Local\Sony 2017-04-27 15:14 - 2017-04-27 15:14 - 00000000 ____D C:\ProgramData\Sony 2017-04-27 15:14 - 2017-04-27 15:14 - 00000000 ____D C:\Program Files (x86)\Sony 2017-04-27 14:54 - 2017-04-27 16:31 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Sony 2017-04-27 13:43 - 2017-04-27 13:43 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-04-26 18:52 - 2017-04-27 13:31 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-04-26 18:48 - 2017-04-26 18:48 - 00000000 ____D C:\Users\Public\Documents\Adobe 2017-04-26 18:37 - 2017-04-26 18:37 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs 2017-04-26 18:19 - 2017-04-27 19:24 - 00000000 ____D C:\Users\פטל\Desktop\YO Gaming 2017-04-26 14:30 - 2017-04-26 14:30 - 00898337 _____ C:\Users\פטל\Desktop\קוד מגדרה.2png 2017-04-26 14:09 - 2017-04-28 10:46 - 00000000 ____D C:\Users\פטל\AppData\Local\Adobe 2017-04-26 14:09 - 2017-04-26 18:57 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Adobe 2017-04-26 14:09 - 2017-04-26 18:37 - 00000000 ____D C:\ProgramData\Adobe 2017-04-25 14:04 - 2017-04-26 18:22 - 00000000 ____D C:\Users\פטל\AppData\Local\Mirillis 2017-04-25 14:04 - 2017-04-25 14:04 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Mirillis 2017-04-25 14:04 - 2017-04-25 14:04 - 00000000 ____D C:\ProgramData\Mirillis 2017-04-25 14:04 - 2017-04-25 14:04 - 00000000 ____D C:\Action! 2017-04-25 14:02 - 2017-04-25 14:02 - 00002015 _____ C:\Users\Public\Desktop\Action!.lnk 2017-04-25 14:02 - 2017-04-25 14:02 - 00000000 ____D C:\Program Files (x86)\Mirillis 2017-04-22 20:49 - 2017-04-22 20:49 - 00749612 _____ C:\Users\פטל\Desktop\מה קורה.wav 2017-04-22 20:01 - 2017-04-22 20:01 - 05040684 _____ C:\Users\פטל\Desktop\ליהלי.wav 2017-04-22 19:56 - 2017-04-22 19:56 - 00002671 _____ C:\Users\פטל\Desktop\ליהלי.aup 2017-04-22 19:56 - 2017-04-22 19:56 - 00000000 ____D C:\Users\פטל\Desktop\ליהלי_data 2017-04-22 13:22 - 2017-04-25 19:56 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Audacity 2017-04-21 13:38 - 2017-04-21 13:38 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Wondershare AllMyTube 2017-04-21 13:36 - 2017-04-21 13:44 - 00000000 ____D C:\ProgramData\Wondershare AllMyTube 2017-04-21 13:36 - 2017-04-21 13:36 - 00000000 ____D C:\ProgramData\Wondershare Application Common Data 2017-04-21 13:36 - 2017-04-21 13:36 - 00000000 ____D C:\Program Files (x86)\Wondershare 2017-04-19 17:50 - 2017-04-19 17:50 - 00002721 _____ C:\Users\Public\Desktop\Skype.lnk 2017-04-19 17:50 - 2017-04-19 17:50 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-04-19 17:50 - 2017-04-19 17:50 - 00000000 ____D C:\Users\פטל\Tracing 2017-04-19 17:50 - 2017-04-19 17:50 - 00000000 ____D C:\ProgramData\Skype 2017-04-19 17:49 - 2017-04-19 17:49 - 00003166 _____ C:\Windows\System32\Tasks\{42BDAC5C-90FE-4642-8C54-2146C7512568} 2017-04-18 16:20 - 2017-04-18 19:37 - 00000000 ____D C:\Users\פטל\Desktop\למצגת חלבונים 2017-04-18 15:11 - 2017-04-18 23:03 - 02745793 _____ C:\Users\פטל\Desktop\חלבונים.pptx 2017-04-18 14:42 - 2017-04-18 14:42 - 00053416 _____ C:\Users\פטל\Desktop\עבודה במדעים - מישל (2).pptx 2017-04-18 14:17 - 2017-04-18 14:16 - 00053176 _____ C:\Users\פטל\Documents\עבודה במדעים - מישל.pptx 2017-04-18 10:51 - 2017-04-18 14:51 - 00000000 ____D C:\Users\פטל\Documents\SugerLand 2017-04-18 10:51 - 2017-04-18 10:51 - 00000000 ____D C:\Users\פטל\AppData\LocalLow\DefaultCompany 2017-04-18 10:43 - 2017-04-18 10:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity 2017-04-18 10:41 - 2017-04-18 10:41 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2017-04-18 10:41 - 2017-04-18 10:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2017-04-18 10:38 - 2017-04-18 10:51 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Unity 2017-04-18 10:38 - 2017-04-18 10:51 - 00000000 ____D C:\Users\פטל\AppData\LocalLow\Unity 2017-04-18 10:38 - 2017-04-18 10:51 - 00000000 ____D C:\ProgramData\Unity 2017-04-18 10:38 - 2017-04-18 10:38 - 00000000 ____D C:\Users\פטל\AppData\Roaming\vstelemetry 2017-04-18 10:38 - 2017-04-18 10:38 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Visual Studio Setup 2017-04-18 10:38 - 2017-04-18 10:38 - 00000000 ____D C:\Users\פטל\AppData\Local\Unity 2017-04-18 10:38 - 2017-04-18 10:38 - 00000000 ____D C:\Users\פטל\AppData\Local\ServiceHub 2017-04-18 10:31 - 2017-04-18 10:31 - 00000000 ____D C:\Program Files (x86)\GtkSharp 2017-04-16 15:24 - 2017-04-16 22:44 - 434759857 _____ C:\Users\פטל\Desktop\Artemis_v2_by_d6rrien.psd 2017-04-16 15:03 - 2017-04-20 18:09 - 00531716 _____ C:\Users\פטל\Desktop\לופה הפלגה.epb 2017-04-16 15:03 - 2017-04-20 18:07 - 00000000 ___HD C:\Users\פטל\Desktop\לופה הפלגה Files 2017-04-15 15:25 - 2017-04-15 15:25 - 00000112 ____H C:\63D57C9C0BA5 2017-04-15 11:14 - 2017-04-15 21:52 - 01227966 _____ C:\Users\פטל\Documents\למישמה החודשית.pptx 2017-04-14 22:57 - 2017-04-15 09:11 - 00000000 ___RD C:\Users\פטל\Creative Cloud Files 2017-04-14 22:56 - 2017-04-26 18:57 - 00000000 ____D C:\Users\פטל\Documents\Adobe 2017-04-14 22:43 - 2017-04-26 18:48 - 00000000 ____D C:\Program Files\Common Files\Adobe 2017-04-14 22:42 - 2017-04-27 13:36 - 00000000 ____D C:\Program Files\Adobe 2017-04-14 22:40 - 2017-04-14 22:40 - 00001193 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2017-04-14 21:51 - 2017-04-28 10:47 - 00000000 _____ C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2017-04-14 21:51 - 2017-04-28 10:47 - 00000000 _____ C:\Windows\System32\Drivers\mbam.sys 2017-04-14 21:51 - 2017-04-27 23:27 - 00111544 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys 2017-04-14 21:51 - 2017-04-15 09:47 - 00092096 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys 2017-04-14 21:51 - 2017-04-14 21:51 - 00186304 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys 2017-04-14 21:51 - 2017-04-14 21:51 - 00001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-04-14 21:51 - 2017-04-14 21:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-14 21:51 - 2017-04-14 21:51 - 00000000 ____D C:\Program Files\Malwarebytes 2017-04-14 21:51 - 2017-03-22 10:02 - 00077440 _____ C:\Windows\System32\Drivers\mbae64.sys 2017-04-14 18:04 - 2017-04-21 12:03 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable 2017-04-14 18:04 - 2017-04-16 12:10 - 00000000 ____D C:\ProgramData\Adobe-BackupByPhotoshopCS6Portable 2017-04-14 18:04 - 2017-04-15 21:52 - 00000000 ____D C:\Users\פטל\AppData\Local\Adobe-BackupByPhotoshopCS6Portable 2017-04-12 19:14 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-04-12 19:14 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-04-12 19:14 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-04-12 19:14 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-04-12 19:14 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-04-12 19:14 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-04-12 19:14 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-04-12 19:14 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2017-04-12 19:14 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2017-04-12 19:14 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2017-04-12 19:14 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-04-12 19:14 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll 2017-04-12 19:14 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2017-04-12 19:13 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-04-12 19:13 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-04-12 19:13 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-04-12 19:13 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-04-12 19:13 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-04-12 19:13 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-04-12 19:13 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-04-12 19:13 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-04-12 19:13 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-04-12 19:13 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-04-12 19:13 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-04-12 19:13 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-04-12 19:13 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-04-12 19:13 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-04-12 19:13 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-04-12 19:13 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-04-12 19:13 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2017-04-12 19:13 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2017-04-12 19:13 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2017-04-12 19:13 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2017-04-12 19:13 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2017-04-12 19:13 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2017-04-12 19:13 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2017-04-12 19:13 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2017-04-12 19:13 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2017-04-12 19:10 - 2017-01-12 17:03 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storvsp.sys 2017-04-12 19:10 - 2017-01-12 17:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vpcivsp.sys 2017-04-12 19:10 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\System32\winshfhc.dll 2017-04-12 19:09 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2017-04-12 19:09 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2017-04-12 19:09 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2017-04-12 19:09 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2017-04-12 19:09 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll 2017-04-12 19:09 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2017-04-12 19:09 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2017-04-12 19:09 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2017-04-12 19:09 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2017-04-12 19:09 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2017-04-12 19:09 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2017-04-12 19:09 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2017-04-12 19:09 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2017-04-12 19:09 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2017-04-12 19:09 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2017-04-12 19:09 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll 2017-04-12 19:09 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2017-04-12 19:09 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2017-04-12 19:09 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2017-04-12 19:09 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2017-04-12 19:09 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2017-04-12 19:09 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll 2017-04-12 19:09 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll 2017-04-12 19:09 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2017-04-12 19:09 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\System32\mfmjpegdec.dll 2017-04-12 19:09 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\puiobj.dll 2017-04-12 19:09 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2017-04-12 19:09 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\System32\DafPrintProvider.dll 2017-04-12 19:09 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys 2017-04-12 19:09 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys 2017-04-12 19:09 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys 2017-04-12 19:09 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys 2017-04-12 19:09 - 2017-01-21 21:22 - 00559104 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys 2017-04-12 19:09 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys 2017-04-12 19:09 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll 2017-04-12 19:09 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\System32\ApnDatabase.xml 2017-04-12 19:09 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys 2017-04-12 19:09 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys 2017-04-12 19:09 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\SessEnv.dll 2017-04-12 19:09 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys 2017-04-12 19:09 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\System32\netlogon.dll 2017-04-12 19:09 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll 2017-04-12 19:09 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\System32\storagewmi.dll 2017-04-12 19:09 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys 2017-04-12 19:09 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll 2017-04-12 19:09 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\certprop.dll 2017-04-12 19:09 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\System32\ScDeviceEnum.dll 2017-04-12 19:09 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys 2017-04-12 19:08 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2017-04-12 19:08 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2017-04-12 19:08 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2017-04-12 19:08 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2017-04-12 19:08 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2017-04-12 19:08 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2017-04-12 19:08 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll 2017-04-12 19:08 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll 2017-04-12 19:08 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll 2017-04-12 19:08 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll 2017-04-12 19:08 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll 2017-04-12 19:08 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll 2017-04-12 19:08 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys 2017-04-12 19:08 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys 2017-04-12 19:07 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys 2017-04-12 18:16 - 2017-04-12 18:16 - 00030912 _____ (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll 2017-04-12 18:16 - 2017-04-12 18:16 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2017-04-12 18:16 - 2017-04-12 18:16 - 00018600 _____ (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll 2017-04-12 18:16 - 2017-04-12 18:16 - 00018592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2017-04-09 07:23 - 2017-04-21 00:10 - 699101291 _____ C:\Users\פטל\Desktop\PACK GFX CLASH ROYALE.psd 2017-04-08 18:28 - 2017-04-08 18:28 - 00000000 ___HD C:\$AV_ASW 2017-04-08 14:01 - 2017-04-08 14:01 - 84720431 _____ C:\Users\פטל\Desktop\Pack CR Dias Gamer.zip 2017-04-08 07:53 - 2017-04-27 16:10 - 00000000 ____D C:\Users\פטל\Desktop\New folder (2) 2017-04-06 17:17 - 2017-04-21 18:37 - 00000000 ____D C:\Users\פטל\Desktop\עיצובים ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-28 10:53 - 2016-10-26 20:23 - 00000000 ____D C:\Users\פטל\AppData\Roaming\Skype 2017-04-28 10:46 - 2016-10-03 10:40 - 00000000 ____D C:\ProgramData\BOINC 2017-04-28 00:01 - 2016-06-05 19:14 - 00000000 ____D C:\Users\פטל\AppData\Roaming\ClassicShell 2017-04-28 00:01 - 2016-06-05 18:43 - 00000000 ____D C:\users\פטל 2017-04-27 16:36 - 2016-06-05 18:48 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2842843405-2964105787-4272361244-1001 2017-04-27 16:30 - 2017-03-18 10:43 - 00000000 ____D C:\Users\פטל\AppData\Local\CrashDumps 2017-04-27 16:26 - 2016-06-05 19:51 - 08063488 ___SH C:\Users\פטל\Desktop\Thumbs.db 2017-04-27 15:29 - 2017-01-23 16:18 - 00002243 _____ C:\Users\פטל\Desktop\Gmail.lnk 2017-04-27 15:29 - 2016-07-06 05:54 - 00001351 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2017-04-27 15:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-04-27 14:58 - 2016-10-26 20:23 - 00000000 ____D C:\Users\פטל\AppData\Roaming\MPC-HC 2017-04-27 13:34 - 2016-06-05 18:48 - 00865068 _____ C:\Windows\System32\PerfStringBackup.INI 2017-04-27 13:34 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-04-27 13:28 - 2017-03-10 16:39 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-04-27 13:28 - 2016-06-25 19:28 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat 2017-04-27 13:28 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-27 13:28 - 2013-08-22 16:44 - 00580000 _____ C:\Windows\System32\FNTCACHE.DAT 2017-04-26 19:06 - 2017-03-04 09:17 - 00000000 ____D C:\Users\פטל\AppData\Roaming\WhatsApp 2017-04-26 14:31 - 2017-04-04 17:05 - 00000132 _____ C:\Users\פטל\AppData\Roaming\Adobe PNG Format CS6 Prefs 2017-04-25 15:12 - 2017-01-01 18:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2017-04-25 15:11 - 2017-01-01 18:03 - 00000552 _____ C:\Users\פטל\AppData\Local\TroubleshooterConfig.json 2017-04-23 16:10 - 2017-01-01 18:18 - 00000000 ____D C:\Users\פטל\AppData\Local\Troubleshooter 2017-04-21 13:43 - 2017-03-10 16:21 - 00005234 _____ C:\Users\פטל\Documents\starburn.txt 2017-04-21 13:36 - 2017-03-10 16:21 - 00000000 ____D C:\ProgramData\Wondershare 2017-04-21 13:36 - 2017-03-10 15:52 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2017-04-21 13:26 - 2016-11-05 09:14 - 00000000 ____D C:\Users\פטל\Documents\Bandicam 2017-04-20 19:08 - 2016-10-26 20:02 - 00015872 _____ C:\Users\פטל\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-04-20 17:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\System32\FxsTmp 2017-04-18 21:00 - 2013-08-22 17:36 - 00000000 ___SD C:\Windows\Downloaded Program Files 2017-04-18 16:18 - 2017-03-04 09:29 - 00035840 ___SH C:\Users\פטל\Documents\Thumbs.db 2017-04-18 15:27 - 2016-10-25 14:15 - 00158312 _____ C:\Users\פטל\AppData\Local\GDIPFONTCACHEV1.DAT 2017-04-18 10:43 - 2016-10-25 12:16 - 00000000 ____D C:\Users\פטל\AppData\Local\VirtualStore 2017-04-18 10:42 - 2016-06-05 18:49 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-18 10:41 - 2016-06-05 19:13 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-04-18 10:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-18 10:39 - 2016-06-05 19:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2017-04-18 10:30 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2017-04-15 09:20 - 2017-03-10 16:16 - 00002493 _____ C:\Users\פטל\Desktop\My Movie.wlmp 2017-04-14 22:57 - 2017-03-18 10:45 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-04-14 22:39 - 2017-04-04 07:57 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-04-14 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-04-13 20:22 - 2017-02-14 19:37 - 03344493 _____ C:\Users\פטל\Desktop\לוגו ליהלי.pptx 2017-04-13 08:51 - 2016-07-04 20:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-13 08:51 - 2016-07-04 20:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-12 22:40 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2017-04-12 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2017-04-12 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-12 22:40 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\System32\config\BBI 2017-04-12 18:56 - 2016-06-07 13:24 - 00000000 ____D C:\Windows\System32\MRT 2017-04-12 18:55 - 2016-06-07 13:24 - 148601744 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2017-04-11 22:27 - 2016-11-18 15:34 - 00010240 ___SH C:\Users\פטל\Thumbs.db 2017-04-11 22:14 - 2016-06-05 19:21 - 00003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-11 22:14 - 2016-06-05 19:21 - 00003232 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-10 11:44 - 2016-12-31 20:15 - 00150528 _____ C:\Users\פטל\Desktop\תשלום יפה ספטמבר.xls 2017-04-09 07:08 - 2017-03-22 20:02 - 00000000 ____D C:\Users\פטל\Desktop\חולצה 2017-04-09 06:43 - 2016-12-10 10:32 - 00003162 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-09 06:43 - 2016-10-03 10:48 - 00003170 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2842843405-2964105787-4272361244-1001 2017-04-07 17:35 - 2016-07-06 05:54 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1467777295 2017-04-06 23:51 - 2017-04-01 12:05 - 01158836 _____ C:\Users\פטל\Desktop\gucsv 1.pptx 2017-04-06 16:27 - 2016-06-05 19:25 - 00000000 ____D C:\ProgramData\AVAST Software ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 10% Total physical RAM: 8119.7 MB Available physical RAM: 7253.86 MB Total Virtual: 8119.7 MB Available Virtual: 7331.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.45 GB) (Free:0.02 GB) NTFS Drive d: (‏‏שמור על-ידי המערכת) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: () (Fixed) (Total:931.51 GB) (Free:686.85 GB) NTFS Drive f: (ESD-USB) (Removable) (Total:7.22 GB) (Free:3.95 GB) FAT32 Drive h: () (Fixed) (Total:244.04 GB) (Free:118.01 GB) NTFS Drive i: () (Fixed) (Total:221.62 GB) (Free:178.75 GB) NTFS Drive j: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 383E486D) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D0BCA43F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9FF9A5B4) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 7.2 GB) (Disk ID: 00000000) Partition: GPT. LastRegBack: 2017-04-20 15:43 ==================== End of FRST.txt ============================
  6. Hello, My windows 8.1 cannot start and shows up error message with blue screen about: mbamswissarmy.sys is missing. I can't succeed enter to windows also with safe mode can I run FRST64 and send the logs here? Thanks. Roy
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.