View Single Post
  #18  
Old February 22nd, 2021, 11:55 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
This is the 1st part of FRST. Had to split into 2 sections due to restrictions on much I can put on this message.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2021
Ran by gaele (administrator) on DESKTOP-BMEMOL4 (Dell Inc. Inspiron 5490 AIO) (22-02-2021 17:49:25)
Running from C:\Users\gaele\Desktop
Loaded Profiles: gaele & Visitor
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe
() [File not signed] C:\Program Files (x86)\Dell\DELLOSD\MediaButtons.exe
(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Ambient Software) C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktop Wallpapers_1.2.17.0_neutral__agy8jafheqhng\LiveWal lpaper\LiveWallpaper.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProces s.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <40>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.e xe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64 .exe
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_c0fd909ca6e7d672\LMS.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_5b19dfe7970a7139\OneApp.IGCC.WinSe rvice.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_cb5b3ac4d6a4f65a\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_cb5b3ac4d6a4f65a\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_6f434727639750b3\IntelCpHDCPSvc.ex e
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_6f434727639750b3\IntelCpHeciSvc.ex e
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ias torac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.52 1.2012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.52 1.2012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7240.285\DSAPI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHand ler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHand ler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(The Neat Company) [File not signed] C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Two Pilots) [File not signed] C:\Windows\VPDAgent_x64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_f9e3e5f664173b9e\WavesSysSvc64. exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-03] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConn ectWelcome.exe [345848 2019-06-20] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-30] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [31048 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Google Update] => C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 72\GoogleUpdateCore.exe [216392 2021-02-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\gaele\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Opera Browser Assistant] => C:\Users\gaele\AppData\Local\Programs\Opera\assist ant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [GoogleChromeAutoLaunch_346B33A8A6A436AE5B8CF58AA44 48B06] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {1067b956-92b4-11ea-9428-84c5a6b2f281} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3842255837-3436847461-3918225103-1002\...\Run: [033C58EC75C39EFAEF85CCD0D5647A974F26D65B._service_ run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-3842255837-3436847461-3918225103-1002\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\sdtnm: C:\Windows\system32\sdtnpm.dll [54784 2013-02-04] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [Neat ADF Scanner 2008] -> reg copy "HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [Send To Neat] -> reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\88.1.8016.153\Installer\chrmst p.exe [2021-02-22] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Inst aller\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2021-02-03]
ShortcutTarget: Update UWP App.lnk -> C:\Program Files (x86)\LastPass\lpwinmetro\AppxUpgradeUwp.exe (LogMeIn, Inc. -> )
Startup: C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Republic Anywhere.lnk [2020-05-24]
ShortcutTarget: Republic Anywhere.lnk -> C:\Users\gaele\AppData\Local\republicanywhere\Repu blic Anywhere.exe (Republic Wireless) [File not signed]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0285E833-D864-456E-8EFC-3E7229EA4F93} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [1311896 2021-02-01] (LogMeIn, Inc. -> )
Task: {2217CCEB-545B-4453-90F5-022FB2F10607} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {232F261F-0912-4C66-8D77-5A64D4646754} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-10] (Google LLC -> Google LLC)
Task: {27C02305-36DB-4BCA-81E1-7611DB32ECC4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {48FEC2CC-E892-45B4-9827-8CACD998C055} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001UA => C:\Users\gaele\AppData\Local\Google\Update\GoogleU pdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {4FD375BF-A56F-4C39-BB02-6FCB9E7D7554} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-10] (Google LLC -> Google LLC)
Task: {5DB44407-F1BF-41C8-B3AF-90AB4BAAC954} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2212528 2021-02-09] (Piriform Software Ltd -> Piriform Software)
Task: {6A0F5864-404C-4355-B3C3-4AC0FAAD43AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A915A96-F5DE-4D08-A9CF-FF168A316838} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001Core => C:\Users\gaele\AppData\Local\Google\Update\GoogleU pdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {6ABD9897-6129-45EB-BC90-107D3E39DDC3} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {7A34AA52-6105-43EF-85A8-F9E0C581CBBF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D2D2F59-060F-403A-870A-19ED98466BEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BB5647F-36DD-487A-9611-885768699D58} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A53EC253-657F-44F2-B822-BE6849BB28B3} - System32\Tasks\Opera scheduled Autoupdate 1586963616 => C:\Users\gaele\AppData\Local\Programs\Opera\launch er.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {B25CB064-CDB6-4162-866A-3D97B72B8C39} - System32\Tasks\Opera scheduled assistant Autoupdate 1586963619 => C:\Users\gaele\AppData\Local\Programs\Opera\launch er.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gaele\AppData\Local\Programs\Opera\ assistant" $(Arg0)
Task: {C46DBE07-CFD4-41DF-B8D0-2AC3368B9084} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C87F6FE0-FBB0-428F-84FD-D9DFFC063CF1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2212528 2021-02-09] (Piriform Software Ltd -> Piriform Software)
Task: {CF2004DE-56B5-439A-BEEC-A85E33238735} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
Task: {D5CF7EEE-7717-4533-8308-85369472AE28} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe
Task: {DA422CCE-5080-463C-9DA8-E0BE04D941F2} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
Task: {F28937E0-D1F5-43CD-8E37-464A6E1A6CCD} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2856304 2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE6F7A2B-E738-4945-9B48-850427C2ACDE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{a7d613dd-68ec-4097-9f3c-c61be58faf6c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{c76d63f1-4c67-40db-af51-2ccd243db0e6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c852c696-7e4e-4fc8-8a69-c1e46d51141f}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fdbe0fd9-069b-4bed-ba02-d532ed97c19f}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Notifications: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> hxxps://www.facebook.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-22]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=DCTE
Edge Extension: (Google Translate) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2020-07-04]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmm ooekmp [2021-02-16]
Edge Extension: (Gmail Screenshot by cloudHQ) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\boepdnhlmfleonjnaoaemgcggp poikog [2020-12-25]
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblc afcmpi [2020-07-04]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2020-09-21]
Edge Extension: (Google Calendar) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmh kjfich [2021-01-15]
Edge Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmmlpenookphoknnpfilofakgh emolmg [2021-02-03]
Edge Extension: (Mileage Calculator by wheretocredit.com) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gomddcmabinakjildbgfoabbia kfkkfk [2020-12-25]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjj edodee [2021-02-03]
Edge Extension: (Organize Downloads by Date) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ipjljbilkibpncgnagphiamkkd ilbbki [2020-07-04]
Edge Extension: (Pinterest Save Button) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggne giphhh [2020-07-04]
Edge Extension: (RetailMeNot Deal Finder™️) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jjfblogammkiefalfpafidabbn amoknm [2021-02-17]
Edge Extension: (Capital One Shopping: Save in seconds) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikf cefljn [2021-02-18]
Edge Extension: (Copy me that!) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lkmcogbnaohagegccoghdcjmgd ibjfig [2020-07-04]
Edge Extension: (RSS Subscription Extension (by Google)) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmm mcbfjd [2020-07-26]
Edge Extension: (Twinword Finder) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npghlhgagddknpcccbgncondbk dpehof [2020-07-04]
Edge Extension: (Click to start / stop recording) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pjnefijmagpdjfhhkpljicbbpi celgko [2020-12-02]
Edge Extension: (Password Checkup extension) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijc lecjno [2020-09-21]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3 .dll [2021-01-26] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3 .dll [2021-01-26] (Piriform Software Ltd -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default [2021-02-22]
CHR Notifications: Default -> hxxps://calendar.google.com
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.ighome.com/?t=429193"
CHR NewTab: Default -> Not-active:"chrome-extension://conoiojhfhpoboccndegeemkpgkcnkoe/new-tab.html"
CHR DefaultSearchURL: Default -> hxxps://weather.srch0.com/?q={searchTerms}&a=gsb_mka_00_00
CHR DefaultSearchKeyword: Default -> accuweather
CHR DefaultSuggestURL: Default -> hxxps://weather.srch0.com/suggest?q={searchTerms}&a=gsb_mka_00_00
CHR Extension: (Google Translate) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2020-04-14]
CHR Extension: (Slides) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2020-04-14]
CHR Extension: (Docs) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2020-04-14]
CHR Extension: (Google Drive) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2020-04-14]
CHR Extension: (Gmail Screenshot by cloudHQ) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\boepdnhlmfleonjnaoaemgcggp poikog [2020-12-06]
CHR Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfco pglcmi [2021-02-22]
CHR Extension: (EnoŽ from Capital OneŽ) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbcli hgmdje [2021-02-04]
CHR Extension: (Accuweather) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\conoiojhfhpoboccndegeemkpg kcnkoe [2020-11-17]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblc afcmpi [2020-04-14]
CHR Extension: (Google Play Music) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgp gfmobi [2020-11-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2020-09-15]
CHR Extension: (Sheets) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2020-04-14]
CHR Extension: (Google Docs Offline) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2020-11-18]
CHR Extension: (The Camelizer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbam fndblo [2020-11-18]
CHR Extension: (Google Calendar) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmh kjfich [2021-01-09]
CHR Extension: (SwagButton) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjl fgdemm [2021-02-22]
CHR Extension: (Pinterest Save Button) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmk opogic [2020-12-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegep lioahd [2021-02-10]
CHR Extension: (mysms - SMS from Computer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnoko lhblgb [2020-04-14]
CHR Extension: (Kindle Cloud Reader) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjj eneebd [2020-04-14]
CHR Extension: (Google Play Music) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcf okfdhg [2020-04-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjj edodee [2021-02-02]
CHR Extension: (Organize Downloads by Date) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjljbilkibpncgnagphiamkkd ilbbki [2020-04-14]
CHR Extension: (Pacman) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcecjlbneginpknnnfkfijdfha edihll [2020-04-14]
CHR Extension: (Track My Package) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjgaepllcmpdbeigmojjipkffa coongo [2021-02-16]
CHR Extension: (Grammarly for Chrome) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2021-02-15]
CHR Extension: (Copy me that!) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjinjcobiflbbnhenlfkcjpee acklfl [2020-11-08]
CHR Extension: (Classic Blue Theme) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\maejegjiekmgjakcgkdkjgjoif hihekp [2021-02-17]
CHR Extension: (Flash Player for Web) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcakfkioeanhfiojkchcndahga gcidbd [2020-11-06]
CHR Extension: (ZIP Extractor) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfcakoljjhncfphlflcedhgog fhpbcd [2020-04-14]
CHR Extension: (Capital One Shopping: Save in seconds) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejc ehkggg [2021-02-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-01-28]
CHR Extension: (Password Alert) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhf klnnep [2020-11-08]
CHR Extension: (Switch to Classic design on Facebook™) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\oancckmjgaoejmbedngcoiakbl hacbog [2021-01-27]
CHR Extension: (Click&Clean App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidf mibmhp [2020-04-14]
CHR Extension: (Gmail) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-22]
CHR Extension: (Click to start / stop recording) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnefijmagpdjfhhkpljicbbpi celgko [2020-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2021-01-26]
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-18]
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-18]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
Reply With Quote