View Single Post
  #5  
Old May 11th, 2022, 02:44 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Quote:
Originally Posted by MishY View Post
Let's take a look.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
PART 1 -
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2022
Ran by gaele (administrator) on DESKTOP-BMEMOL4 (Dell Inc. Inspiron 5490 AIO) (11-05-2022 09:36:04)
Running from C:\Users\gaele\Desktop
Loaded Profiles: gaele & Visitor
Platform: Microsoft Windows 10 Home Version 21H2 19044.1645 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\MediaButtons.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Users\gaele\AppData\Roaming\Zoom\bin\Zoom.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\gaele\AppData\Local\Zoom\plugin\cef_x86\z CefAgent.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208 949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\gaele\AppData\Local\Amazon Drive\AmazonPhotos.exe
(explorer.exe ->) (Ambient Software) C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktop Wallpapers_1.2.17.0_neutral__agy8jafheqhng\LiveWal lpaper\LiveWallpaper.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(explorer.exe ->) (Krisp Technologies, Inc -> Krisp) C:\Program Files\Krisp\Krisp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler. exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler6 4.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHand ler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHand ler64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ias torac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinSe rvice.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_1840c0e85c622882\IntelCpHDCPSvc.ex e
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_1840c0e85c622882\IntelCpHeciSvc.ex e
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_f629911085770af0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mew miprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationS ervice.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Ds api.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (The Neat Company) [File not signed] C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(services.exe ->) (Two Pilots) [File not signed] C:\Windows\VPDAgent_x64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_f9e3e5f664173b9e\WavesSysSvc64. exe
(sihost.exe ->) (Screenovate Technologies) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\app\De llMobileConnectClient.exe
(svchost.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0 _x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.72 2.3302.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.72 2.3302.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Screenovate Technologies) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMo bileConnect.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\gaele\AppData\Roaming\Zoom\bin\Zoom.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-03] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2021-12-10] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (No File)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (No File)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2635160 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Google Update] => C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 132\GoogleUpdateCore.exe [227512 2022-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\gaele\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Krisp] => C:\Program Files\Krisp\Krisp.exe [3352504 2021-06-22] (Krisp Technologies, Inc -> Krisp)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Amazon Photos] => C:\Users\gaele\AppData\Local\Amazon Drive\AmazonPhotos.exe [10327240 2022-01-20] (Amazon.com Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7097112 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Opera Browser Assistant] => C:\Users\gaele\AppData\Local\Programs\Opera\assist ant\browser_assistant.exe [4110592 2022-04-20] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {1067b956-92b4-11ea-9428-84c5a6b2f281} - "D:\LaunchU3.exe" -a
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {17398b76-8304-11ea-9420-84c5a6b2f281} - "D:\setup.EXE" /AUTORUN
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {37dbd510-fc3f-11eb-9492-84c5a6b2f281} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-3842255837-3436847461-3918225103-1002\...\Run: [033C58EC75C39EFAEF85CCD0D5647A974F26D65B._service_ run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [3547048 2022-05-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\sdtnm: C:\WINDOWS\system32\sdtnpm.dll [54784 2013-02-04] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [Neat ADF Scanner 2008] -> reg copy "HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [Send To Neat] -> reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\101.0.16113.44\Installer\chrms tp.exe [2022-05-10] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.54\Inst aller\chrmstp.exe [2022-05-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2022-05-02]
ShortcutTarget: Update UWP App.lnk -> C:\Program Files (x86)\LastPass\lpwinmetro\AppxUpgradeUwp.exe (LogMeIn, Inc. -> )
Startup: C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Republic Anywhere.lnk [2020-05-24]
ShortcutTarget: Republic Anywhere.lnk -> C:\Users\gaele\AppData\Local\republicanywhere\Repu blic Anywhere.exe (Republic Wireless) [File not signed]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {071FF7B0-75C1-4E73-A4D5-E6559D4A9F29} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6536184 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {140042C6-485E-4D3D-B3D2-42B9256B3EF3} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gaele\Downloads\esetonlinescanner.exe [11697056 2021-06-06] (ESET, spol. s r.o. -> ESET)
Task: {193A1FE5-8B1A-4AB7-989B-C474F7640AE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28B2E10E-4E19-4626-A979-9E1652D8353D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3842255837-3436847461-3918225103-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2989EC73-62F6-45E6-ACBB-3180B9E78493} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {300A6F8F-FD0A-4F4B-AFBE-10AF194413AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {35C90220-133F-4080-AFBC-5D660BE0C255} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gaele\Downloads\esetonlinescanner.exe [11697056 2021-06-06] (ESET, spol. s r.o. -> ESET)
Task: {38159DC9-D15F-4DE3-B8D8-6132B713EB7E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)
Task: {39CD3066-2610-421A-B41B-49AB870DE27C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {44E2F933-06AC-4681-8A57-C2967CB6BE14} - System32\Tasks\CCleanerSkipUAC - gaele => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {47977D70-AB0B-4BC5-8E92-8BB22FF6EB63} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {48FEC2CC-E892-45B4-9827-8CACD998C055} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001UA => C:\Users\gaele\AppData\Local\Google\Update\GoogleU pdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {51E8284C-F301-418B-8395-15994067FE00} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask backgroundupdate
Task: {54CA0972-781C-4A09-AB2D-496E68DF4E8F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3842255837-3436847461-3918225103-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {55905C05-EE81-44D6-B484-8A0082615187} - System32\Tasks\Opera scheduled Autoupdate 1586963616 => C:\Users\gaele\AppData\Local\Programs\Opera\launch er.exe [2469120 2022-04-20] (Opera Software AS -> Opera Software)
Task: {5689F437-3FD0-47C3-92C5-7FA7CBC2EED1} - System32\Tasks\Opera scheduled assistant Autoupdate 1586963619 => C:\Users\gaele\AppData\Local\Programs\Opera\launch er.exe [2469120 2022-04-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gaele\AppData\Local\Programs\Opera\ assistant" $(Arg0)
Task: {5DB44407-F1BF-41C8-B3AF-90AB4BAAC954} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2739448 2022-04-28] (Piriform Software Ltd -> Piriform Software)
Task: {5DE3D262-4A5A-4C96-9997-05CA4A9F9C90} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {66F179C9-920D-452F-AE35-A3C4666E3738} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A915A96-F5DE-4D08-A9CF-FF168A316838} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001Core => C:\Users\gaele\AppData\Local\Google\Update\GoogleU pdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {6C7277B4-29FF-4768-9E24-FEFED26F5953} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [1320368 2022-04-25] (LogMeIn, Inc. -> GoTo Group, Inc.)
Task: {6EF05B7D-C297-4031-9F2F-E55A508EF9B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {72D88666-425B-42CE-93C0-6FF0F2044BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8DC86279-4544-4321-B078-BB3BCE0E9AB2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6536184 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {93F77276-237A-40BF-B145-C09DDD608701} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BB0358E-AC96-4E58-B2C0-65ED168892F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {A7A07E99-66B5-44A8-A634-1AACA7F5FE13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C87F6FE0-FBB0-428F-84FD-D9DFFC063CF1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2739448 2022-04-28] (Piriform Software Ltd -> Piriform Software)
Task: {C9D2BFCB-ADE2-4393-9CD9-A74D6B2657F9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF2004DE-56B5-439A-BEEC-A85E33238735} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
Task: {D5CF7EEE-7717-4533-8308-85369472AE28} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe (No File)
Task: {DA422CCE-5080-463C-9DA8-E0BE04D941F2} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
Task: {F88B98AB-461F-449D-8D4C-E0B9C129E56D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB569A8D-BA18-4691-8DEE-ACA92D5D6813} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{00af1d19-8f28-4723-aabb-684a1ece069a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bc274815-8383-4178-bd1b-0564b27b8909}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{c76d63f1-4c67-40db-af51-2ccd243db0e6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c852c696-7e4e-4fc8-8a69-c1e46d51141f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ce176eb1-a74e-47db-b73f-91de6149e012}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f35b614b-bdda-47ee-a4f9-0b9a4001aa31}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fdbe0fd9-069b-4bed-ba02-d532ed97c19f}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Notifications: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> hxxps://www.facebook.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-11]
Edge HomePage: Default -> hxxp://www.google.com/
Edge Extension: (Google Translate) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2022-03-10]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmm ooekmp [2022-05-07]
Edge Extension: (Gmail Screenshot by cloudHQ) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\boepdnhlmfleonjnaoaemgcggp poikog [2022-03-30]
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblc afcmpi [2020-07-04]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2021-07-20]
Edge Extension: (Google Calendar) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmh kjfich [2021-01-15]
Edge Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmmlpenookphoknnpfilofakgh emolmg [2022-05-07]
Edge Extension: (Mileage Calculator by wheretocredit.com) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gomddcmabinakjildbgfoabbia kfkkfk [2020-12-25]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjj edodee [2022-05-09]
Edge Extension: (Organize Downloads by Date) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ipjljbilkibpncgnagphiamkkd ilbbki [2020-07-04]
Edge Extension: (Pinterest Save Button) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggne giphhh [2020-07-04]
Edge Extension: (RetailMeNot Deal Finder™️) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jjfblogammkiefalfpafidabbn amoknm [2022-05-07]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikf cefljn [2022-05-07]
Edge Extension: (Copy me that!) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lkmcogbnaohagegccoghdcjmgd ibjfig [2020-07-04]
Edge Extension: (RSS Subscription Extension (by Google)) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmm mcbfjd [2020-07-26]
Edge Extension: (Twinword Finder) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npghlhgagddknpcccbgncondbk dpehof [2020-07-04]
Edge Extension: (Click to start / stop recording) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pjnefijmagpdjfhhkpljicbbpi celgko [2022-05-09]
Edge Extension: (Password Checkup extension) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijc lecjno [2020-09-21]

FireFox:
========
FF DefaultProfile: lj4dlij7.default
FF ProfilePath: C:\Users\gaele\AppData\Roaming\Mozilla\Firefox\Pro files\lj4dlij7.default [2021-09-17]
FF ProfilePath: C:\Users\gaele\AppData\Roaming\Mozilla\Firefox\Pro files\96r68ffi.default-release [2022-05-11]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3 .dll [2021-01-26] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3 .dll [2021-01-26] (Piriform Software Ltd -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default [2022-05-11]
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.ighome.com/"
CHR Extension: (Google Translate) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2022-04-06]
CHR Extension: (Old Layout for Facebook) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaeg aeagge [2022-04-06]
CHR Extension: (Search With Incognito) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegpbigghghmkomaolphakjjpp nebdhb [2022-04-06]
CHR Extension: (Earth View from Google Earth) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdo fhnnoh [2022-04-24]
CHR Extension: (DuckDuckGo) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggd iikppg [2022-04-26]
CHR Extension: (Gmail Screenshot by cloudHQ) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\boepdnhlmfleonjnaoaemgcggp poikog [2022-04-06]
CHR Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfco pglcmi [2022-04-25]
CHR Extension: (EnoŽ from Capital OneŽ) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbcli hgmdje [2022-05-04]
CHR Extension: (AARP Perks) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmjclkcjkglbgooclepleooaod gjfhik [2022-04-27]
CHR Extension: (Accuweather) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\conoiojhfhpoboccndegeemkpg kcnkoe [2022-04-06]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefi ndmkaj [2022-04-26]
CHR Extension: (Google Play Music) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgp gfmobi [2021-02-24]
CHR Extension: (Online Manuals App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnocjfjcbbminbfklpioinjjo fkobom [2022-04-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2022-04-06]
CHR Extension: (Total Adblock - Ad Blocker) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekdekpbfehejjiecgonmgmepb dnaggp [2022-04-25]
CHR Extension: (The Camelizer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbam fndblo [2022-04-06]
CHR Extension: (Google Calendar) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmh kjfich [2021-02-24]
CHR Extension: (SwagButton) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjl fgdemm [2022-04-06]
CHR Extension: (Pinterest Save Button) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmk opogic [2022-04-13]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegep lioahd [2022-04-28]
CHR Extension: (mysms - SMS from Computer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnoko lhblgb [2022-04-06]
CHR Extension: (Kindle Cloud Reader) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjj eneebd [2022-04-06]
CHR Extension: (Google Play Music) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcf okfdhg [2021-02-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjj edodee [2022-05-09]
CHR Extension: (Organize Downloads by Date) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjljbilkibpncgnagphiamkkd ilbbki [2022-04-06]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2022-05-10]
CHR Extension: (Copy me that!) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjinjcobiflbbnhenlfkcjpee acklfl [2022-04-06]
CHR Extension: (Social tools) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbdoljkknpjgfcnbnoiehjcga ncpjmd [2022-04-06]
CHR Extension: (Classic Blue Theme) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\maejegjiekmgjakcgkdkjgjoif hihekp [2022-04-06]
CHR Extension: (ShopSavvy) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\megchchilhekbbnfcklodmndef bhkbco [2022-04-06]
CHR Extension: (Ibotta: Cash back made easy) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaedmjlefifhnhpgipjjiiekc haimpk [2022-05-05]
CHR Extension: (ZIP Extractor) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfcakoljjhncfphlflcedhgog fhpbcd [2022-04-06]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjceg oiijjo [2022-04-06]
CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejc ehkggg [2022-05-07]
CHR Extension: (YouTube NonStop) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbk bnocid [2022-04-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2022-04-06]
CHR Extension: (Password Alert) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhf klnnep [2022-04-06]
CHR Extension: (Switch to Classic design on Facebook™) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\oancckmjgaoejmbedngcoiakbl hacbog [2022-04-13]
CHR Extension: (Click&Clean App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidf mibmhp [2022-04-06]
CHR Extension: (Chrome Piano) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjafcgbpdclmdeiipolenjgkik eldljl [2022-05-11]
CHR Extension: (Click to start / stop recording) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnefijmagpdjfhhkpljicbbpi celgko [2022-05-08]
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-24]
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
Reply With Quote