Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.02.2019 01
Ran by Tal Oren (administrator) on TALPC (27-02-2019 00:11:27)
Running from C:\Users\Tal Oren\Desktop
Loaded Profiles: Tal Oren (Available Profiles: Tal Oren)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: עברית (ישראל)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPNetworkCommunicatorCom.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1164664 2017-09-12] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-10] (Valve -> Valve Corporation)
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\Run: [HP OfficeJet Pro 8720 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe [3770504 2018-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [36864 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-26] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.60.0.1
Tcpip\..\Interfaces\{2ca00fbf-afd7-44e0-93c6-1466603501b2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f9a1362a-e065-47ea-a177-decdf7c64baf}: [DhcpNameServer] 10.60.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4065107873-1078513731-456442432-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc -> Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default [2019-02-27]
CHR Extension: (Slides) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (כונן Google) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-06]
CHR Extension: (YouTube) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-06]
CHR Extension: (Sheets) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs במצב לא מקוון) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Tal Oren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-09-12] (FUTUREMARK INC -> Futuremark)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183480 2017-08-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2017-04-23] (Intel® pGFX -> Intel Corporation)
S4 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG -> Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-24] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-30] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-30] (Disc Soft Ltd -> Disc Soft Ltd)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232976 2017-08-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_4ac467e10bf8b71c\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2016-06-16] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-24] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-27 00:09 - 2019-02-27 00:10 - 002433536 _____ (Farbar) C:\Users\Tal Oren\Desktop\FRST64.exe
2019-02-24 09:44 - 2019-02-24 09:44 - 000000000 ____D C:\Users\Tal Oren\Documents\תבניות מותאמות אישית של Office
2019-02-24 00:18 - 2019-02-24 00:19 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Tal Oren\Downloads\esetonlinescanner_enu (2).exe
2019-02-24 00:14 - 2019-02-24 00:15 - 007316688 _____ (Malwarebytes) C:\Users\Tal Oren\Desktop\adwcleaner_7.2.7.0.exe
2019-02-15 19:09 - 2019-02-15 19:09 - 000000173 _____ C:\Users\Tal Oren\Downloads\play_chord.mid
2019-02-12 21:09 - 2019-02-06 09:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-12 21:09 - 2019-02-06 09:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-12 21:09 - 2019-02-06 09:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-12 21:09 - 2019-02-06 09:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-12 21:09 - 2019-02-06 09:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-12 21:09 - 2019-02-06 09:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-12 21:09 - 2019-02-06 09:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-12 21:09 - 2019-02-06 09:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-12 21:09 - 2019-02-06 08:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-12 21:09 - 2019-02-06 08:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-12 21:09 - 2019-02-06 08:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-12 21:09 - 2019-02-06 08:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-12 21:09 - 2019-02-06 05:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-12 21:09 - 2019-02-06 05:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-12 21:09 - 2019-02-06 05:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-12 21:09 - 2019-02-06 05:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-12 21:09 - 2019-02-06 05:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-12 21:09 - 2019-02-06 05:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-12 21:09 - 2019-02-06 05:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-12 21:09 - 2019-02-06 05:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-12 21:09 - 2019-02-06 05:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-12 21:09 - 2019-02-06 05:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-12 21:09 - 2019-02-06 05:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-12 21:09 - 2019-02-06 05:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-12 21:09 - 2019-02-06 05:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-12 21:09 - 2019-02-06 05:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-12 21:09 - 2019-02-06 05:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-12 21:09 - 2019-02-06 05:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-12 21:09 - 2019-02-06 05:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-12 21:09 - 2019-02-06 05:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-12 21:09 - 2019-02-06 04:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-12 21:09 - 2019-02-06 04:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-12 21:09 - 2019-02-06 04:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-12 21:09 - 2019-02-06 04:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-12 21:09 - 2019-02-06 04:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-12 21:09 - 2019-02-06 04:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-12 21:09 - 2019-02-06 04:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-12 21:09 - 2019-02-06 04:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-12 21:09 - 2019-02-06 04:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-12 21:09 - 2019-02-06 04:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-12 21:09 - 2019-02-06 04:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-12 21:09 - 2019-02-06 04:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-12 21:09 - 2019-02-06 04:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-12 21:09 - 2019-02-06 04:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-12 21:09 - 2019-02-06 04:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-12 21:09 - 2019-02-06 04:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-12 21:09 - 2019-02-06 04:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-12 21:09 - 2019-02-06 04:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-12 21:09 - 2019-02-06 04:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-12 21:09 - 2019-02-06 04:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-12 21:09 - 2019-02-06 04:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-12 21:09 - 2019-02-06 04:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-12 21:09 - 2019-02-06 04:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-12 21:09 - 2019-02-06 04:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-12 21:09 - 2019-02-06 04:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-12 21:09 - 2019-02-06 04:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-12 21:09 - 2019-02-06 04:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-12 21:09 - 2019-02-06 04:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-12 21:09 - 2019-02-06 04:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-12 21:09 - 2019-02-06 04:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-12 21:09 - 2019-02-06 04:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-12 21:09 - 2019-02-06 04:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-12 21:09 - 2019-02-06 04:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-12 21:09 - 2019-02-06 04:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-12 21:09 - 2019-02-06 04:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-12 21:09 - 2019-02-06 04:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-12 21:09 - 2019-02-06 03:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-12 21:09 - 2019-01-12 10:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-12 21:09 - 2019-01-12 04:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-12 21:09 - 2019-01-09 20:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-12 21:09 - 2019-01-09 19:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-12 21:09 - 2019-01-09 19:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-12 21:09 - 2019-01-09 19:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-12 21:09 - 2019-01-09 19:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-12 21:09 - 2019-01-09 19:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-12 21:09 - 2019-01-09 19:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-12 21:09 - 2019-01-09 19:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-12 21:09 - 2019-01-09 12:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-12 21:09 - 2019-01-09 11:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-12 21:09 - 2019-01-09 11:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-12 21:09 - 2019-01-09 10:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-12 21:09 - 2019-01-09 10:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-12 21:09 - 2019-01-09 07:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-12 21:09 - 2019-01-09 07:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-12 21:09 - 2019-01-09 07:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-12 21:09 - 2019-01-09 07:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-12 21:09 - 2019-01-09 07:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-12 21:09 - 2019-01-09 07:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-12 21:09 - 2019-01-09 07:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-12 21:09 - 2019-01-09 07:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-12 21:09 - 2019-01-09 07:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-12 21:09 - 2019-01-09 07:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-12 21:09 - 2019-01-09 07:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-12 21:09 - 2019-01-09 07:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-12 21:09 - 2019-01-09 07:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-12 21:09 - 2019-01-09 07:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-12 21:09 - 2019-01-09 07:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-12 21:09 - 2019-01-09 07:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-12 21:09 - 2019-01-09 07:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-12 21:09 - 2019-01-09 07:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-12 21:09 - 2019-01-09 07:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-12 21:09 - 2019-01-09 07:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-12 21:09 - 2019-01-09 07:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-12 21:09 - 2019-01-09 07:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-12 21:09 - 2019-01-09 07:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-12 21:09 - 2019-01-09 07:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-12 21:09 - 2019-01-09 07:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-12 21:09 - 2019-01-09 07:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-12 21:09 - 2019-01-09 07:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 21:09 - 2019-01-09 07:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-12 21:09 - 2019-01-09 07:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-12 21:09 - 2019-01-09 07:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-12 21:09 - 2019-01-09 07:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 21:09 - 2019-01-09 07:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-12 21:09 - 2019-01-09 07:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-12 21:09 - 2019-01-09 07:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-12 21:09 - 2019-01-09 07:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-12 21:09 - 2019-01-09 07:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-12 21:09 - 2019-01-09 07:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-12 21:09 - 2019-01-09 07:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-12 21:09 - 2019-01-09 07:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-12 21:09 - 2019-01-09 07:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-12 21:09 - 2019-01-09 06:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-12 21:09 - 2019-01-09 06:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-12 21:09 - 2019-01-08 11:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-12 21:09 - 2019-01-08 05:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-12 21:09 - 2019-01-08 05:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-12 21:09 - 2019-01-08 05:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-12 21:00 - 2018-09-20 06:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-27 00:12 - 2018-10-22 23:24 - 000026250 _____ C:\Users\Tal Oren\Desktop\FRST.txt
2019-02-27 00:11 - 2018-10-22 23:23 - 000000000 ____D C:\FRST
2019-02-27 00:11 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-26 23:46 - 2018-05-17 20:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-26 21:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-26 21:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-26 20:14 - 2018-05-17 20:53 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5116ED39-7B50-4833-80DF-FBE596FAD4FE}
2019-02-26 13:36 - 2017-10-06 21:52 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-26 13:34 - 2017-10-06 21:38 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-26 13:34 - 2017-10-06 21:38 - 000002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-24 16:12 - 2017-12-22 22:36 - 000000000 ____D C:\Users\Tal Oren\AppData\Local\Packages
2019-02-24 10:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-24 03:01 - 2017-10-06 22:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-24 03:01 - 2015-02-12 06:57 - 000000000 __SHD C:\Users\Tal Oren\IntelGraphicsProfiles
2019-02-24 00:16 - 2017-10-06 22:19 - 000000000 ____D C:\Users\Tal Oren\AppData\Roaming\Origin
2019-02-24 00:16 - 2017-10-06 22:17 - 000000000 ____D C:\ProgramData\Origin
2019-02-24 00:14 - 2018-02-14 22:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-20 20:04 - 2018-10-13 22:05 - 000000686 _____ C:\Users\Public\Desktop\FIFA 19.lnk
2019-02-18 20:26 - 2017-10-06 22:35 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-15 19:38 - 2018-07-13 14:02 - 000000000 ____D C:\Users\Public\Ticket
2019-02-15 19:06 - 2018-11-17 18:57 - 000000000 ____D C:\Program Files\rempl
2019-02-13 18:34 - 2018-05-17 20:48 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-13 18:34 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-13 18:27 - 2018-05-17 20:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-13 18:26 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-13 14:08 - 2017-10-23 00:07 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-13 13:43 - 2018-05-17 20:30 - 000449776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-12 23:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-12 23:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-12 23:20 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-12 23:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-12 23:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-12 23:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-12 21:20 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-12 21:19 - 2017-10-07 00:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-12 21:17 - 2017-10-07 00:39 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-10 20:03 - 2018-05-17 20:53 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4065107873-1078513731-456442432-1001
2019-02-10 20:03 - 2018-05-17 20:37 - 000002332 _____ C:\Users\Tal Oren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-10 20:03 - 2017-10-06 20:54 - 000000000 ___RD C:\Users\Tal Oren\OneDrive
2019-02-08 14:20 - 2018-06-21 15:00 - 000000000 ____D C:\ProgramData\Packages
2019-02-03 00:53 - 2018-11-16 19:11 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-03 00:53 - 2018-11-16 19:11 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-01 18:29 - 2015-02-13 04:43 - 000000000 ____D C:\Users\Tal Oren\Documents\FIFA 15
2019-01-29 21:58 - 2017-10-06 22:18 - 000000000 ____D C:\Program Files (x86)\Origin
==================== Files in the root of some directories =======
2018-09-27 21:33 - 2018-09-27 21:33 - 000000000 _____ () C:\Users\Tal Oren\AppData\Local\oobelibMkey.log
Some files in TEMP:
====================
2019-02-24 02:39 - 2019-01-09 12:14 - 000607744 _____ (Microsoft Corporation) C:\Users\Tal Oren\AppData\Local\Temp\kernel32.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-17 20:30
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01
Ran by Tal Oren (27-02-2019 00:12:41)
Running from C:\Users\Tal Oren\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-17 18:54:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4065107873-1078513731-456442432-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4065107873-1078513731-456442432-503 - Limited - Disabled)
Guest (S-1-5-21-4065107873-1078513731-456442432-501 - Limited - Disabled)
Tal Oren (S-1-5-21-4065107873-1078513731-456442432-1001 - Administrator - Enabled) => C:\Users\Tal Oren
WDAGUtilityAccount (S-1-5-21-4065107873-1078513731-456442432-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
AmpliTube 3.11.2 (HKLM-x32\...\AMP3112_is1) (Version: - IK Multimedia)
ARIA Engine v1.9.0.1 (HKLM\...\ARIA Engine_is1) (Version: v1.9.0.1 - Plogue Art et Technologie, Inc)
Band-in-a-Box 2018 (Build 516) (HKLM-x32\...\BB_is1) (Version: - PG Music Inc.)
Call of Duty: WWII (HKLM\...\Y2FsbG9mZHV0eXd3aWk_is1) (Version: 1 - )
Command & Conquer Generals 1.08 And Zero Hour 1.04 (HKLM-x32\...\Command & Conquer Generals And Zero Hour_is1) (Version: - HWMasters.com)
CoyoteWT 1.1 (HKLM-x32\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - שם החברה שלכם)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0333 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.59.41332 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{80DAA2DD-18D3-4C18-927E-8D150C112912}) (Version: 5.2.624.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{AF6E94A6-FE1D-439F-978E-FA9F374AFF56}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{0C62E06A-8EE4-4202-B89A-C6C37BF66474}) (Version: 36.0.41.58587 - HP)
HP OfficeJet Pro 8720 עזרה (HKLM-x32\...\{950AFDD5-BD1F-4578-A0B4-07B233FBA1EC}) (Version: 38.0.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{A206EE44-0799-4AAF-AB54-ED26F93EE251}) (Version: 12.3.7.0 - HP)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
Nero 2018 (HKLM-x32\...\{5637174D-25C6-4815-93CD-AD18561D4E7C}) (Version: 19.0.07300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA מנהל ההתקן עבור 3D Vision 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.82 - NVIDIA Corporation)
NVIDIA מנהל התקן עבור נתונים גרפיים 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
NVIDIA תכנת PhysX מערכת 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.)
Plogue sforzando v1.901 (HKLM\...\__ARIA_1014___is1) (Version: v1.901 - Plogue)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Transcribe! 8.71 (HKLM-x32\...\com.seventhstring.Transcribe_is1) (Version: 8.71 - Seventh String Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
WinRAR 5.50 (64-סיביות) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
לוח הבקרה של NVIDIA 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.82 - NVIDIA Corporation) Hidden
מחקר לשיפור המוצרים של HP OfficeJet Pro 8720 (HKLM\...\{6DC0C9E7-DF1D-46AB-9139-F512E5006F45}) (Version: 40.12.1161.1896 - HP Inc.)
עדכוני NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
תוכנת התקן בסיסי מסוג HP OfficeJet Pro 8720 (HKLM\...\{A3C8DC7D-551E-4765-A00B-B3FA20ACD287}) (Version: 40.12.1161.1896 - HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4065107873-1078513731-456442432-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4065107873-1078513731-456442432-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D1F49EE2D8AE}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4065107873-1078513731-456442432-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {016D4E5C-11BC-4EB8-AC41-08CD4384F79E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11FA83EE-1A32-48F9-AC78-C6EFFF8E7400} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20DE251C-A367-49C9-97BC-EE20BC030478} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {26942CFF-84C2-4DF1-A287-C7ACB7C83505} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2D9FACC7-FEA3-4BA9-AE7F-570956E1208D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F012AB4-C3DB-479C-A558-DCB1C73525BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {47524CD0-BC29-4B0F-A864-75BEF0DF4210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4CA43291-AAC7-48B4-825A-E1EF94979DAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {516630CE-D9A6-4974-BAC7-6DC38EB3EDA5} - System32\Tasks\AdobeAAMUpdater-1.0-TalPc-Tal Oren => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {544FA718-E1DE-475B-84D8-00D72FB0D536} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {55F5B0DC-70AE-405A-886C-64C1BD380551} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {685DC2E5-0BBD-4D4B-BC7A-262DCDDEE9FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {78780A0F-4A4E-4751-9679-79366B91DFF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7F298D16-17B7-494D-AE42-30BBDDCD0A39} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {92DEDE00-41D9-4B03-94B6-CF1F580248BE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A10190E1-5F10-4DAF-8229-59339E08ED92} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 8720 => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {A6B47E34-52A8-4785-B120-C69DE2D098CC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BCE5EC3F-F4C6-4AA3-9758-BBA07A158B12} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C18D390F-C925-4C9F-BD92-F2A42C629C00} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe (Nero AG -> Nero AG)
Task: {E021FB8E-058C-4C92-BD25-0F4DE8568EBB} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E595C4AC-D100-476C-9D47-4B6DB607CDD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E999DD58-1936-42C6-8DFD-16F9BDEC2DAB} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB1D447C-EF62-490F-A2A7-0087E89AEE78} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBCAFB95-2B9D-4CA3-89B7-928488FD2772} - System32\Tasks\AdobeGCInvoker-1.0-TalPc-Tal Oren => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-10-12 12:34 - 2019-01-17 22:40 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-10-12 12:34 - 2019-01-17 22:40 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-10-12 12:34 - 2019-01-17 22:40 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-10-12 12:34 - 2019-01-17 22:40 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-10-12 12:34 - 2019-01-17 22:40 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-10-06 22:18 - 2019-01-17 22:40 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-10-12 12:34 - 2019-01-17 22:40 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-10-12 12:34 - 2019-01-17 22:40 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tal Oren\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.60.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4065107873-1078513731-456442432-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{0D48131E-B594-4A20-9161-4FB9A469EE47}D:\program files (x86)\cnc generals\zerohour\game.dat] => (Allow) D:\program files (x86)\cnc generals\zerohour\game.dat () [File not signed]
FirewallRules: [TCP Query User{37335B1F-ED7A-41DD-9004-FD5F53D4044D}D:\program files (x86)\cnc generals\zerohour\game.dat] => (Allow) D:\program files (x86)\cnc generals\zerohour\game.dat () [File not signed]
FirewallRules: [{0BD53D21-ADB2-4D1C-B7A9-8051F48BFB9E}] => (Block) %ProgramFiles% (x86)\Nero\Nero 2018\Nero Launcher\NeroLauncher.exe No File
FirewallRules: [{0ED4FFB4-B434-484C-ACF8-45AE87140446}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{0AEDE4BB-60B5-4AAC-963F-9B37E63B2D96}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{CB475272-FE5C-4277-9BFC-7554C9B6DB41}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{90CB3556-C9AD-40FE-9A1E-4D7088620836}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{134ED4D1-63BB-4765-BF60-1E541372AAB0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{4E6E8D5A-E03B-4E5A-9B27-09F2A9DBEB25}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{8DCBD0A5-30EA-43CA-BFBB-35BE658D3609}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53D311BB-7119-4042-8528-8C7CBF8F8695}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F6DD2E8-B1BC-47DB-9674-3832343EE272}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F61CA10-26A3-40E8-8A20-B55CF455B92E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A68456FD-1B69-487E-AED1-3D94CBAD0758}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd)
FirewallRules: [UDP Query User{4ED5D681-EAA4-45D5-AF54-0A05FA734BB8}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A3034D49-B995-43BB-9262-71FE5500C70B}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{39A55A1B-E771-4FA7-8053-4ABD0CDFAEF8}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{9BD87BD2-799C-4FC3-8E33-8AD3212EA5A4}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{C86F0DAC-07BA-4497-BFFC-4E68C552089D}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [UDP Query User{1E54917F-55BD-43B6-9ADE-C68884ADD2CD}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{4A807FBE-AD9E-4AAE-85D1-081A2336418D}C:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe No File
FirewallRules: [UDP Query User{86AD51EA-FD36-4A1D-94C0-7E7C62C1C4AC}C:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe No File
FirewallRules: [TCP Query User{DAEE9E68-7311-4839-99C2-597CFCD520D1}C:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) C:\program files (x86)\origin games\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{3634B3F2-5D30-42A1-88B8-2EF830F3BFE3}C:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) C:\program files (x86)\origin games\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{B20044CA-41AA-4A6A-BD83-A509C3016947}C:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) C:\program files (x86)\origin games\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{70FF1A35-E375-4A00-AE78-E71D71EE176B}C:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) C:\program files (x86)\origin games\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{63073858-9C0A-4A8E-B654-6B387EA861AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CEFE4B2A-CF10-49E6-AA56-4A633EBA7F54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B3B45430-4C13-4609-A4E6-0F63A3FD10D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{50518DDE-531B-40E5-97CB-A24BFF393D3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D45750B4-45B7-4466-A492-67995C7352FE}] => (Allow) D:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{A5E21F7A-485B-46F0-A2B6-2BD041F6464A}] => (Allow) D:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{826A76B4-391B-43A3-BFE7-13E82EF10550}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9999A2CE-A312-4A71-AFD3-360FECD61F12}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{4B1FC34A-E962-4B55-9ED4-5B6F41C64EA4}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{07A59ED3-7CB8-45F6-B358-7ED6593C2C79}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{55DA9394-B97D-4C9B-911E-D44CC291B7E4}] => (Allow) D:\SteamLibrary\steamapps\common\NBA 2K17\NBA2K17.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{C3ACE2E9-BDAA-48B2-A1D4-0C45AC2350E0}] => (Allow) D:\SteamLibrary\steamapps\common\NBA 2K17\NBA2K17.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{DC26389D-CDB9-4A19-87F8-F50042CAC0EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA71FBED-0D2F-47D4-B9DF-767848B71FA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{969BE42F-28CE-4F41-A5A8-D846BF898C29}] => (Allow) D:\SteamLibrary\steamapps\common\WormsWorldParty\w2.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{0E6C60A0-146B-4870-AA3C-B38DF994E041}] => (Allow) D:\SteamLibrary\steamapps\common\WormsWorldParty\w2.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{AECC52FD-FD3B-4DE0-8480-A366CEC2A249}] => (Allow) C:\Users\Tal Oren\AppData\Local\Temp\7zS1127\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F01FCB82-8307-4E2B-A66D-BB7143C95FA8}] => (Allow) C:\Users\Tal Oren\AppData\Local\Temp\7zS1127\HPDiagnosticCoreUI.exe No File
FirewallRules: [{39F93643-C064-4744-96BA-45207BC7AB77}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A6A4AFEC-EDF7-461B-95F3-D2AF35041EDD}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{139F3AB0-DF61-4164-85E9-9887A3A81EA3}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{6684228F-BA25-4F17-9366-4070009F3563}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CC7BF701-09F2-4C58-B3C4-CB3C8E168780}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{FADCE30F-CE14-42D7-93A7-47A1AB8C755F}] => (Allow) LPort=5357
FirewallRules: [{6D1BA6E7-41FC-4B1B-919B-DDD8AE2E368F}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E83CC220-78DB-4C04-9139-030E2FCBB0AE}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{787E881E-8788-42B2-8C08-4EF812A462FA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{55CD455F-AA60-4191-B55A-455223763C83}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9A790FC-5798-47E4-A0ED-299E1441F723}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{66939A4C-2914-4467-91A6-D6D6CF01AA66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{02D78C86-6EA4-45AB-9DD8-E10F7195FA5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C367101-1C2F-44C5-899E-B8FB87CF70A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C847B39-B992-41EA-B42E-F2DB2B1C88A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{862F0332-5B00-4AD6-BB5A-210FE79D975E}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{AC77CFCE-CC6D-4F41-A176-133C5C5CD13E}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C6BEF8E4-419F-46CC-91F6-50F898434CBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AEA05770-A952-46A1-ADF0-4316FF15441C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5B11BF07-3C63-4FA2-BE74-AA7F106149DC}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{46EDCB18-7057-4623-8604-CCFB3C5EB7B2}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B5A08DB5-4E14-4D70-B5DC-5A10EF577DEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
10-02-2019 21:06:46 Scheduled Checkpoint
13-02-2019 14:29:55 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
20-02-2019 20:02:33 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/26/2019 11:47:12 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (4048,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).
Error: (02/26/2019 11:47:12 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (4048,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).
Error: (02/26/2019 11:47:12 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (4048,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).
Error: (02/26/2019 11:47:12 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (4048,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).
Error: (02/26/2019 11:47:12 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (4048,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).
Error: (02/26/2019 11:47:11 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (4048,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {7ACBBAA3-D029-4BE4-9A7A-0885927F1D8F} is corrupted (0).
Error: (02/26/2019 11:47:11 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (4048,D,23) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 39, PgnoRoot: 273) of database C:\WINDOWS\system32\SRU\SRUDB.dat (273 => 3234, 39).
Error: (02/26/2019 11:47:11 PM) (Source: ESENT) (EventID: 544) (User: )
Description: svchost (4048,D,29) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 643072 (0x000000000009d000) (database page 156 (0x9C)) for 4096 (0x00001000) bytes failed verification due to a persisted lost flush detection timestamp mismatch. The read operation will fail with error -1119 (0xfffffba1).
The flush state on database page 156 (0x9C) was 2 while the flush state on flush map page 0 (0x0) was 1.
If this condition persists, restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
System errors:
=============
Error: (02/26/2019 09:20:35 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2019 08:11:38 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2019 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2019 01:36:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2019 01:34:02 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (02/25/2019 03:37:44 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/25/2019 02:02:06 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/25/2019 02:01:07 PM) (Source: DCOM) (EventID: 10016) (User: TalPc)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user TalPc\Tal Oren SID (S-1-5-21-4065107873-1078513731-456442432-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-02-22 17:07:49.282
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {05AFE203-3760-4BAE-8C57-ED26D2101C35}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-02-10 13:43:41.891
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E711E2E3-DDBC-4672-BFD5-BD169D6337C4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-02-10 13:30:58.892
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B42E8B2A-86C9-4A00-8A00-BC8EC4F8CC02}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-25 17:23:26.102
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {36EE7B68-32BF-494F-895C-7B46D58D1C52}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-01-19 00:12:16.037
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {92CE123C-73F3-47FC-892E-4D2759F93514}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-02-24 00:13:54.272
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.287.533.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15700.8
Error code: 0x80240016
Error description: אירעה בעיה לא צפויה במהלך חיפוש עדכונים. לקבלת מידע אודות התקנה או פתרון בעיות של עדכונים, ראה עזרה ותמיכה.
Date: 2019-02-13 18:37:42.744
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.285.1495.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15600.4
Error code: 0x80240438
Error description: אירעה בעיה לא צפויה במהלך חיפוש עדכונים. לקבלת מידע אודות התקנה או פתרון בעיות של עדכונים, ראה עזרה ותמיכה.
Date: 2019-01-17 17:34:05.234
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.3065.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072f8f
Error description: A security error occurred
==================== Memory info ===========================
Processor: Intel® Core i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 16300.36 MB
Available physical RAM: 11439.86 MB
Total Virtual: 18732.36 MB
Available Virtual: 13725.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.74 GB) (Free:269.09 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:465.99 GB) (Free:189.48 GB) NTFS
\\?\Volume{d1452f02-b264-11e4-824f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
\\?\Volume{a0eda13c-0000-0000-0000-404574000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A0EDA13C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Thank you very much for your attention!!