My problem is that my laptop can't access the internet.
I don't have any internet at home; I take my laptop to a public Wifi when I need a connection. About two weeks ago, I installed a parental control sifting service in my laptop, provided by InternetRimon. This is a very popular and highly trusted service in my community. They use VPN to install it and to provide service. At the time of the installation, I had both Avast and McAffee, although both were expired. I used to have K9, a different parental control software that worked without VPN.
Avast gave warnings that the VPN could be malware, so InternetRimon made exceptions for their files. They couldn't access the definitions for McAfee, so we deletedit. We couldn't figure out how to delete the McAfee site advisor, so it is deactivated. We also deleted K9 because it is known to conflict with InternetRimon. We had recurrent problems installingInternetRimon, so they recommended replacing the expired Avast with Microsoft Security Essentials instead. We deleted Avast, and I installed Microsoft Security Essentials immediately afterwards.I did a complete scan the day I installed the new antivirus. It found no problems.
The service by InternetRimon can only be made once there is an actual internet connection in effect.Whenever this occurs, the software installed in my computer makes a VPN connection to InternetRimon, and prevents internet access until this is accomplished. After initial difficulties getting it installed, the system worked well.
About a week later, my daughter asked me to try to fix her USB, which had gotten a virus in school. I ran a scan on it with Microsoft security essentials, found a few worms, and deleted them.
The next day, I noticed that my computer was losing its connection to Wifi more and more often, but I was usually able to reconnect, but it was time consuming, since I had to reconnect to my parental control software as well each time I lost the Wifi connection. Then the computer got very slow, it totally lost the ability to make an internet connection, noneof the Microsoft Word files opened, although acrobat and other programs did. I could "connect" to Wifi but without access to internet.
I deleted every file and program that I no longer needed, emptied the recycle bin, and ran the defragmentation utility. I ran a quick scan with Microsoft Security essentials, found and removed a Trojan.This also removed the icon for InternetRimon, but Word was still not working. A full scan identified nothing else, but I noticed there were thousands of temporary internet files. I downloaded Malwarebytes (using another computer), installed it in my computer, and ran it in safe mode.Malwarebytesdidn't reportany other malware.
At some point of these efforts, Word came back, the computer speeded up, and the InternetRimon icon reappeared. However, the control panel's internet network center reported that I had a connection to Wifi but without access to internet. The control panel's problem solver did not solve anything, just said I had DNS or IP problems. InternetRimon also gave messages about trying and failing to connect, sayingthat I had no internet connection.
I did a search for other solutions and found a suggestion to enter command prompt:
netshintip reset reset.log then tap enter
netshwinsock reset catalog then tap enter
exit then tap enter. Re-boot.
That command prompt enabled a cable connection, but no wifi. The next day I found that I couldn't even use a cable connection. Re-doing the above command prompt did not help.
Another command prompt,sfc /scannow ,found no problems.
In my computer's start menu search box, I typed in DEVMGMT.MSC. In the View menu,I clicked Show hidden devices, double-clicked Non-Plug and Play drivers section, double-click the entry AFD, "Ancillary Function Driver for winsock" and clicked the Driver tab. It was already enabled. So were NetIO legacy TDI support driver, TCP/IP Protocol Driver and .NSI (Network Store Interface) proxy service driver.
I understand I ought to back up all my files, but I dread this. I don't own a device large enough to store all my files. One post gave a link for how to do a backup:http://support.microsoft.com/kb/310994. Unfortunately, this link was for XP, and I have Windows 7. I looked for something similar on the Microsoft site for Windows 7, but didn't find it. I'd appreciate a link to an appropriate free utility if one exists.
I ran TSG SysInfo,HijackThis, DDS by sUBs, and GMER - all of them offline, not in proximity of a public wifi connection.
Although Library E:\trojan fix\SysInfo.exe
was marked (*** suspicious ***) by GMER, I suspect this is just because it doesn't like the name of the file. Trojan fix is what I called the folder in my USB where I saved downloads of all the utilities you recommended that I run on my computer. This particular .exe file is what you provided to make attachments to posts, meaning it got into my USB after the problem developed, and can't be the cause.
Please note that the following logs include non-English character sets because my operating system is in Hebrew. Some of this log appears on my computer in Hebrew characters, but some of it is in a character set I don't know how to read. (It looks like Cyrillic.) In the attached logs, I drew lines through characters which appear on my computer in Hebrew, and next to them I wrote translations in square brackets (for everything except the username). Next to the characters I couldn't read, I put a question mark in square brackets.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014
Ran by חנהכצמאן at 2014-03-06 21:07:31
Running from E:\trojan fix
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AnotopenDirector 1.4.0.0 (HKLM-x32\...\Anoto_penDirector) (Version: 1.4.0.0 - Anoto AB)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.4 - Dell Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
iLivid (HKLM-x32\...\iLivid) (Version: 1.92 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogiManange (HKLM-x32\...\{3E2FCD31-BF44-49F5-B16B-97A455637909}) (Version: 1.8 - Logipen)
Malwarebytes Anti-Malware גירסה 1.75.0.1300[version] (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - עברית[Hebrew] (HKLM-x32\...\{90140011-0066-040D-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 'לחץוהפעל' 2010[push and activate] (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 'לחץוהפעל' 2010[push and activate] (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-040D-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox 27.0.1 (x86 he) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 he)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyScriptAnotoInkRetriever 1.0 (HKLM-x32\...\MyScriptAnotoInkRetriever 1.0_is1) (Version: 1.0.0.8 - Vision Objects)
MyScript Studio he_IL pack 1.2 (HKLM-x32\...\MyScript Studio he_IL pack 1.2_is1) (Version: 1.2.0.200 - Vision Objects)
MyScript Studio Notes Edition 1.2 (HKLM-x32\...\MyScript Studio 1.2_is1) (Version: 1.2.1.465 - Vision Objects)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
penDirectorMergeModules (x32 Version: 1.4.0.0 - Anoto AB) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Skype 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speaking Clock Deluxe 3.52 (HKLM-x32\...\Speaking Clock Deluxe_is1) (Version: - Lux Aeterna)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - КорпорацияМайкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WOT for Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)
Основныекомпоненты[?]Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта[?]Windows Live (x32 Version: 15.4.3502.0922 - КорпорацияМайкрософт) Hidden
Фотоальбом[?]Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элементуправления[?]Windows Live Mesh ActiveX дляудаленныхподключений[?](HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
ארכיונר[archiver] WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
גלרייתהתמונותשל [picture gallery of]Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד[commander] ActiveX של[of] Windows Live Meshעבורחיבורמרוחקים[for remote connections] (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
תורתאמת - 352[Torah of truth] (HKLM-x32\...\תורתאמת - 352 [Torah of truth]) (Version: - )
תחזוקהשל[maintenance of] Samsung ML-1660 Series (HKLM-x32\...\Samsung ML-1660 Series) (Version: - Samsung Electronics Co., Ltd.)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-02-17 19:51 - 00000845 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {142C74F6-921E-4A61-A48F-C8F27E942865} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24] (Adobe Systems Incorporated)
Task: {57848DE7-9691-4A80-ACCA-33D58C13CF2E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {6A0F25A0-F40B-4455-99BF-89FAE98605C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22] (Google Inc.)
Task: {8EBE8FA2-B2F0-4B63-9917-EDFBF56FB127} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22] (Google Inc.)
Task: {B02DE3D0-34CD-4E72-867F-CE67274E455E} - System32\Tasks\{C40020C4-69D0-445D-B89C-F00E4B644F54} => C:\Users\חנהכצמאן\Downloads\DW1704_W7_A00_Setup-F042R_ZPE.exe
Task: {BF10BE7F-1765-45C8-9C72-2757DDC64E12} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BF7D6565-0420-4FA3-964F-CE6A8914EA3E} - System32\Tasks\{D7A0F630-7E70-49D5-A878-E970E150F277} => Firefox.exe http://www.skype.com/go/downloading?...mp;LastError=0
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\windows\System32\ssp7ml6.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-07-12 00:20 - 2011-08-18 18:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-04-22 19:03 - 2011-08-05 16:20 - 02033152 _____ () C:\Program Files (x86)\iLivid\ilivid.exe
2010-02-28 01:33 - 2010-02-28 01:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2011-08-07 07:08 - 2011-06-22 06:48 - 00826880 _____ () C:\Windows\System32\spool\drivers\x64\3\ssp7mdu.dll
2003-02-17 19:11 - 2003-02-17 19:11 - 00312832 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\timer.dll
2002-06-02 16:05 - 2002-06-02 16:05 - 00038912 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\spcl01.dll
2003-02-16 20:28 - 2003-02-16 20:28 - 00257536 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\voice\American English (male).dll
2014-02-25 12:43 - 2014-02-25 12:43 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918 e7215d97c63e957d\IsdiInterop.ni.dll
2011-07-11 23:43 - 2011-01-13 00:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-22 19:03 - 2011-05-16 13:31 - 02555392 _____ () C:\Program Files (x86)\iLivid\QtCore4.dll
2012-04-22 19:03 - 2009-01-10 12:32 - 00011362 _____ () C:\Program Files (x86)\iLivid\mingwm10.dll
2012-04-22 19:03 - 2009-06-22 20:42 - 00043008 _____ () C:\Program Files (x86)\iLivid\libgcc_s_dw2-1.dll
2012-04-22 19:03 - 2011-03-30 08:30 - 09913344 _____ () C:\Program Files (x86)\iLivid\QtGui4.dll
2012-04-22 19:03 - 2011-03-30 08:00 - 01209344 _____ () C:\Program Files (x86)\iLivid\QtNetwork4.dll
2012-04-22 19:03 - 2011-03-30 09:15 - 02177024 _____ () C:\Program Files (x86)\iLivid\QtScript4.dll
2012-04-22 19:03 - 2011-03-30 11:59 - 17315328 _____ () C:\Program Files (x86)\iLivid\QtWebKit4.dll
2012-04-22 19:03 - 2011-03-30 08:59 - 00344576 _____ () C:\Program Files (x86)\iLivid\phonon4.dll
2012-04-22 19:03 - 2009-11-25 21:38 - 00078848 _____ () C:\Program Files (x86)\iLivid\imageformats\qgif4.dll
2012-04-22 19:03 - 2009-11-25 21:38 - 00193536 _____ () C:\Program Files (x86)\iLivid\imageformats\qjpeg4.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^penDirector.lnk => C:\windows\pss\penDirector.lnk.CommonStartup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RUNNFSERV => C:\InternetRimon\nfserv.exe
MSCONFIG\startupreg: RUNSVCHOST => C:\InternetRimon\nfwd.exe
MSCONFIG\startupreg: Samsung PanelMgr => C:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2014 09:02:46 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/06/2014 07:09:02 PM) (Source: CVHSVC) (User: )
Description: מידעבלבד. [information only]
(Patch task for {90140011-0066-040D-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (03/06/2014 04:57:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage> 990x80041003
Error: (03/06/2014 07:34:34 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC) (User: )
Description: מידעבלבד. [information only]
Error: invalid descriptor, filepath = C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml Type: 45::InvalidMetadataFile.
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC) (User: )
Description: מידעבלבד. [information only]
Error: XML document load failed for file: C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml HResult: 0x1. OException caught while loading the descriptor xml
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[skip over: verification] Eap method DLL path נכשל. שגיאה [failed. error]: typeId=26, authorId=0, vendorId=0, vendorType=0
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[skip over: verification] Eap method DLL path נכשל. שגיאה[failed. error]: typeId=25, authorId=0, vendorId=0, vendorType=0
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[skip over: verification] Eap method DLL path נכשל. שגיאה [failed. error]: typeId=13, authorId=0, vendorId=0, vendorType=0
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[failed. error]Eap method DLL path נכשל. שגיאה[failed. error]: typeId=43, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (03/06/2014 07:14:23 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:11:36 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:11:29 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:10:06 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:09:54 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:09:54 PM) (Source: DCOM) (User: )
Description: 2McAfee SiteAdvisorService{5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
Error: (03/06/2014 04:57:02 PM) (Source: DCOM) (User: )
Description: C:\Users\חנהכצמאן\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay -Embedding193{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
Error: (03/06/2014 04:56:24 PM) (Source: Service Control Manager) (User: )
Description:המערכתהגיעהלפרקזמןקצוב(30000 אלפיותשניה)טרנזקציהמשירות[the system reached a time limit of 30,000 milliseconds transaction of service] SftService.
Error: (03/06/2014 04:55:31 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] SSPORT נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 04:55:28 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Microsoft Office Sessions:
=========================
Error: (03/06/2014 09:02:46 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/06/2014 07:09:02 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-040D-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (03/06/2014 04:57:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage> 990x80041003
Error: (03/06/2014 07:34:34 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC)(User: )
Description: Error: invalid descriptor, filepath = C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml Type: 45::InvalidMetadataFile.
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC)(User: )
Description: Error: XML document load failed for file: C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml HResult: 0x1. OException caught while loading the descriptor xml
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path26000
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path25000
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path13000
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path43900
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 3894.68 MB
Available physical RAM: 2432.5 MB
Total Pagefile: 7787.55 MB
Available Pagefile: 5977.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:527.19 GB) NTFS
Drive e: (חנהכצמאן) (Removable) (Total:7.49 GB) (Free:4.37 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 18AB57C9)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
==================== End Of Log ============================.
I don't have any internet at home; I take my laptop to a public Wifi when I need a connection. About two weeks ago, I installed a parental control sifting service in my laptop, provided by InternetRimon. This is a very popular and highly trusted service in my community. They use VPN to install it and to provide service. At the time of the installation, I had both Avast and McAffee, although both were expired. I used to have K9, a different parental control software that worked without VPN.
Avast gave warnings that the VPN could be malware, so InternetRimon made exceptions for their files. They couldn't access the definitions for McAfee, so we deletedit. We couldn't figure out how to delete the McAfee site advisor, so it is deactivated. We also deleted K9 because it is known to conflict with InternetRimon. We had recurrent problems installingInternetRimon, so they recommended replacing the expired Avast with Microsoft Security Essentials instead. We deleted Avast, and I installed Microsoft Security Essentials immediately afterwards.I did a complete scan the day I installed the new antivirus. It found no problems.
The service by InternetRimon can only be made once there is an actual internet connection in effect.Whenever this occurs, the software installed in my computer makes a VPN connection to InternetRimon, and prevents internet access until this is accomplished. After initial difficulties getting it installed, the system worked well.
About a week later, my daughter asked me to try to fix her USB, which had gotten a virus in school. I ran a scan on it with Microsoft security essentials, found a few worms, and deleted them.
The next day, I noticed that my computer was losing its connection to Wifi more and more often, but I was usually able to reconnect, but it was time consuming, since I had to reconnect to my parental control software as well each time I lost the Wifi connection. Then the computer got very slow, it totally lost the ability to make an internet connection, noneof the Microsoft Word files opened, although acrobat and other programs did. I could "connect" to Wifi but without access to internet.
I deleted every file and program that I no longer needed, emptied the recycle bin, and ran the defragmentation utility. I ran a quick scan with Microsoft Security essentials, found and removed a Trojan.This also removed the icon for InternetRimon, but Word was still not working. A full scan identified nothing else, but I noticed there were thousands of temporary internet files. I downloaded Malwarebytes (using another computer), installed it in my computer, and ran it in safe mode.Malwarebytesdidn't reportany other malware.
At some point of these efforts, Word came back, the computer speeded up, and the InternetRimon icon reappeared. However, the control panel's internet network center reported that I had a connection to Wifi but without access to internet. The control panel's problem solver did not solve anything, just said I had DNS or IP problems. InternetRimon also gave messages about trying and failing to connect, sayingthat I had no internet connection.
I did a search for other solutions and found a suggestion to enter command prompt:
netshintip reset reset.log then tap enter
netshwinsock reset catalog then tap enter
exit then tap enter. Re-boot.
That command prompt enabled a cable connection, but no wifi. The next day I found that I couldn't even use a cable connection. Re-doing the above command prompt did not help.
Another command prompt,sfc /scannow ,found no problems.
In my computer's start menu search box, I typed in DEVMGMT.MSC. In the View menu,I clicked Show hidden devices, double-clicked Non-Plug and Play drivers section, double-click the entry AFD, "Ancillary Function Driver for winsock" and clicked the Driver tab. It was already enabled. So were NetIO legacy TDI support driver, TCP/IP Protocol Driver and .NSI (Network Store Interface) proxy service driver.
I understand I ought to back up all my files, but I dread this. I don't own a device large enough to store all my files. One post gave a link for how to do a backup:http://support.microsoft.com/kb/310994. Unfortunately, this link was for XP, and I have Windows 7. I looked for something similar on the Microsoft site for Windows 7, but didn't find it. I'd appreciate a link to an appropriate free utility if one exists.
I ran TSG SysInfo,HijackThis, DDS by sUBs, and GMER - all of them offline, not in proximity of a public wifi connection.
Although Library E:\trojan fix\SysInfo.exe
was marked (*** suspicious ***) by GMER, I suspect this is just because it doesn't like the name of the file. Trojan fix is what I called the folder in my USB where I saved downloads of all the utilities you recommended that I run on my computer. This particular .exe file is what you provided to make attachments to posts, meaning it got into my USB after the problem developed, and can't be the cause.
Please note that the following logs include non-English character sets because my operating system is in Hebrew. Some of this log appears on my computer in Hebrew characters, but some of it is in a character set I don't know how to read. (It looks like Cyrillic.) In the attached logs, I drew lines through characters which appear on my computer in Hebrew, and next to them I wrote translations in square brackets (for everything except the username). Next to the characters I couldn't read, I put a question mark in square brackets.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014
Ran by חנהכצמאן at 2014-03-06 21:07:31
Running from E:\trojan fix
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AnotopenDirector 1.4.0.0 (HKLM-x32\...\Anoto_penDirector) (Version: 1.4.0.0 - Anoto AB)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.4 - Dell Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
iLivid (HKLM-x32\...\iLivid) (Version: 1.92 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogiManange (HKLM-x32\...\{3E2FCD31-BF44-49F5-B16B-97A455637909}) (Version: 1.8 - Logipen)
Malwarebytes Anti-Malware גירסה 1.75.0.1300[version] (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - עברית[Hebrew] (HKLM-x32\...\{90140011-0066-040D-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 'לחץוהפעל' 2010[push and activate] (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 'לחץוהפעל' 2010[push and activate] (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-040D-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox 27.0.1 (x86 he) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 he)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyScriptAnotoInkRetriever 1.0 (HKLM-x32\...\MyScriptAnotoInkRetriever 1.0_is1) (Version: 1.0.0.8 - Vision Objects)
MyScript Studio he_IL pack 1.2 (HKLM-x32\...\MyScript Studio he_IL pack 1.2_is1) (Version: 1.2.0.200 - Vision Objects)
MyScript Studio Notes Edition 1.2 (HKLM-x32\...\MyScript Studio 1.2_is1) (Version: 1.2.1.465 - Vision Objects)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
penDirectorMergeModules (x32 Version: 1.4.0.0 - Anoto AB) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Skype 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speaking Clock Deluxe 3.52 (HKLM-x32\...\Speaking Clock Deluxe_is1) (Version: - Lux Aeterna)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - КорпорацияМайкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WOT for Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)
Основныекомпоненты[?]Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта[?]Windows Live (x32 Version: 15.4.3502.0922 - КорпорацияМайкрософт) Hidden
Фотоальбом[?]Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элементуправления[?]Windows Live Mesh ActiveX дляудаленныхподключений[?](HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
ארכיונר[archiver] WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
גלרייתהתמונותשל [picture gallery of]Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד[commander] ActiveX של[of] Windows Live Meshעבורחיבורמרוחקים[for remote connections] (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
תורתאמת - 352[Torah of truth] (HKLM-x32\...\תורתאמת - 352 [Torah of truth]) (Version: - )
תחזוקהשל[maintenance of] Samsung ML-1660 Series (HKLM-x32\...\Samsung ML-1660 Series) (Version: - Samsung Electronics Co., Ltd.)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-02-17 19:51 - 00000845 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {142C74F6-921E-4A61-A48F-C8F27E942865} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24] (Adobe Systems Incorporated)
Task: {57848DE7-9691-4A80-ACCA-33D58C13CF2E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {6A0F25A0-F40B-4455-99BF-89FAE98605C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22] (Google Inc.)
Task: {8EBE8FA2-B2F0-4B63-9917-EDFBF56FB127} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22] (Google Inc.)
Task: {B02DE3D0-34CD-4E72-867F-CE67274E455E} - System32\Tasks\{C40020C4-69D0-445D-B89C-F00E4B644F54} => C:\Users\חנהכצמאן\Downloads\DW1704_W7_A00_Setup-F042R_ZPE.exe
Task: {BF10BE7F-1765-45C8-9C72-2757DDC64E12} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BF7D6565-0420-4FA3-964F-CE6A8914EA3E} - System32\Tasks\{D7A0F630-7E70-49D5-A878-E970E150F277} => Firefox.exe http://www.skype.com/go/downloading?...mp;LastError=0
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\windows\System32\ssp7ml6.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-07-12 00:20 - 2011-08-18 18:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-04-22 19:03 - 2011-08-05 16:20 - 02033152 _____ () C:\Program Files (x86)\iLivid\ilivid.exe
2010-02-28 01:33 - 2010-02-28 01:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2011-08-07 07:08 - 2011-06-22 06:48 - 00826880 _____ () C:\Windows\System32\spool\drivers\x64\3\ssp7mdu.dll
2003-02-17 19:11 - 2003-02-17 19:11 - 00312832 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\timer.dll
2002-06-02 16:05 - 2002-06-02 16:05 - 00038912 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\spcl01.dll
2003-02-16 20:28 - 2003-02-16 20:28 - 00257536 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\voice\American English (male).dll
2014-02-25 12:43 - 2014-02-25 12:43 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918 e7215d97c63e957d\IsdiInterop.ni.dll
2011-07-11 23:43 - 2011-01-13 00:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-22 19:03 - 2011-05-16 13:31 - 02555392 _____ () C:\Program Files (x86)\iLivid\QtCore4.dll
2012-04-22 19:03 - 2009-01-10 12:32 - 00011362 _____ () C:\Program Files (x86)\iLivid\mingwm10.dll
2012-04-22 19:03 - 2009-06-22 20:42 - 00043008 _____ () C:\Program Files (x86)\iLivid\libgcc_s_dw2-1.dll
2012-04-22 19:03 - 2011-03-30 08:30 - 09913344 _____ () C:\Program Files (x86)\iLivid\QtGui4.dll
2012-04-22 19:03 - 2011-03-30 08:00 - 01209344 _____ () C:\Program Files (x86)\iLivid\QtNetwork4.dll
2012-04-22 19:03 - 2011-03-30 09:15 - 02177024 _____ () C:\Program Files (x86)\iLivid\QtScript4.dll
2012-04-22 19:03 - 2011-03-30 11:59 - 17315328 _____ () C:\Program Files (x86)\iLivid\QtWebKit4.dll
2012-04-22 19:03 - 2011-03-30 08:59 - 00344576 _____ () C:\Program Files (x86)\iLivid\phonon4.dll
2012-04-22 19:03 - 2009-11-25 21:38 - 00078848 _____ () C:\Program Files (x86)\iLivid\imageformats\qgif4.dll
2012-04-22 19:03 - 2009-11-25 21:38 - 00193536 _____ () C:\Program Files (x86)\iLivid\imageformats\qjpeg4.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^penDirector.lnk => C:\windows\pss\penDirector.lnk.CommonStartup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RUNNFSERV => C:\InternetRimon\nfserv.exe
MSCONFIG\startupreg: RUNSVCHOST => C:\InternetRimon\nfwd.exe
MSCONFIG\startupreg: Samsung PanelMgr => C:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2014 09:02:46 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/06/2014 07:09:02 PM) (Source: CVHSVC) (User: )
Description: מידעבלבד. [information only]
(Patch task for {90140011-0066-040D-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (03/06/2014 04:57:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage> 990x80041003
Error: (03/06/2014 07:34:34 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC) (User: )
Description: מידעבלבד. [information only]
Error: invalid descriptor, filepath = C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml Type: 45::InvalidMetadataFile.
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC) (User: )
Description: מידעבלבד. [information only]
Error: XML document load failed for file: C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml HResult: 0x1. OException caught while loading the descriptor xml
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[skip over: verification] Eap method DLL path נכשל. שגיאה [failed. error]: typeId=26, authorId=0, vendorId=0, vendorType=0
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[skip over: verification] Eap method DLL path נכשל. שגיאה[failed. error]: typeId=25, authorId=0, vendorId=0, vendorType=0
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[skip over: verification] Eap method DLL path נכשל. שגיאה [failed. error]: typeId=13, authorId=0, vendorId=0, vendorType=0
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost) (User: WIN-7Q1REKTT9RA)
Description: מדלג: אימות[failed. error]Eap method DLL path נכשל. שגיאה[failed. error]: typeId=43, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (03/06/2014 07:14:23 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:11:36 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:11:29 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:10:06 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:09:54 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 07:09:54 PM) (Source: DCOM) (User: )
Description: 2McAfee SiteAdvisorService{5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
Error: (03/06/2014 04:57:02 PM) (Source: DCOM) (User: )
Description: C:\Users\חנהכצמאן\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay -Embedding193{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
Error: (03/06/2014 04:56:24 PM) (Source: Service Control Manager) (User: )
Description:המערכתהגיעהלפרקזמןקצוב(30000 אלפיותשניה)טרנזקציהמשירות[the system reached a time limit of 30,000 milliseconds transaction of service] SftService.
Error: (03/06/2014 04:55:31 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] SSPORT נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Error: (03/06/2014 04:55:28 PM) (Source: Service Control Manager) (User: )
Description: הפעלתהשירות[service activation] McAfee SiteAdvisor Service נכשלהבשלהשגיאההבאה [failed due to following error]:
%%2
Microsoft Office Sessions:
=========================
Error: (03/06/2014 09:02:46 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/06/2014 07:09:02 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-040D-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (03/06/2014 04:57:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage> 990x80041003
Error: (03/06/2014 07:34:34 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC)(User: )
Description: Error: invalid descriptor, filepath = C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml Type: 45::InvalidMetadataFile.
Error: (03/05/2014 07:40:16 PM) (Source: CVHSVC)(User: )
Description: Error: XML document load failed for file: C:\ProgramData\VirtualizedApplications\Patch_working\{90140011-0066-040D-0000-0000000FF1CE}\descriptor.xml HResult: 0x1. OException caught while loading the descriptor xml
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path26000
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path25000
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path13000
Error: (03/05/2014 07:32:02 PM) (Source: Microsoft-Windows-EapHost)(User: WIN-7Q1REKTT9RA)
Description: Eap method DLL path43900
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 3894.68 MB
Available physical RAM: 2432.5 MB
Total Pagefile: 7787.55 MB
Available Pagefile: 5977.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:527.19 GB) NTFS
Drive e: (חנהכצמאן) (Removable) (Total:7.49 GB) (Free:4.37 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 18AB57C9)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
==================== End Of Log ============================.