Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old May 8th, 2022, 07:33 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Unhappy Perhaps malware on my PC

I've had a problem with Chrome for quite a while. When I would open the IGhome page, I would get a pop-up box that said" Profile error occcurred:
Your preferences can not be read.

Some features may be unavailable and changes to preferences won't be saved.

If I tried to open Google Photos...I found Google Photos was no longer there.

Well, I've ignored that kept on using my pc. Then I started having problems on facebook with some Slingo games.
Well, today I thought well, I'll just delete Chrome and reinstall it. I have opened a problem now and I cannot download Chrome. It says it will harm my computer if I do so. I have no idea how to fix this problem.
If you could help me, I would greatly appreciate it.
Thank you,
Gae
Reply With Quote
  #2  
Old May 8th, 2022, 08:13 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Hi Gae,

I do the malware help here, but I'm in the hospital right now and just checking in on my phone. I can't provide you with the scans I want from my phone but I expect to be released tomorrow and we'll do that then, okay?
Reply With Quote
  #3  
Old May 8th, 2022, 08:40 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Quote:
Originally Posted by Jintan View Post
Hi Gae,

I do the malware help here, but I'm in the hospital right now and just checking in on my phone. I can't provide you with the scans I want from my phone but I expect to be released tomorrow and we'll do that then, okay?
Of course, I'm so sorry to hear you're in the hospital. Hope you feel better soon.
Reply With Quote
  #4  
Old May 9th, 2022, 05:34 PM
MishY's Avatar
MishY MishY is offline
Cyber Tech Help Administrator
 
Join Date: Sep 2000
O/S: Linux
Location: England
Age: 46
Posts: 9,287
Let's take a look.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Reply With Quote
  #5  
Old May 11th, 2022, 02:44 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Quote:
Originally Posted by MishY View Post
Let's take a look.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
PART 1 -
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2022
Ran by gaele (administrator) on DESKTOP-BMEMOL4 (Dell Inc. Inspiron 5490 AIO) (11-05-2022 09:36:04)
Running from C:\Users\gaele\Desktop
Loaded Profiles: gaele & Visitor
Platform: Microsoft Windows 10 Home Version 21H2 19044.1645 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\MediaButtons.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Users\gaele\AppData\Roaming\Zoom\bin\Zoom.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\gaele\AppData\Local\Zoom\plugin\cef_x86\z CefAgent.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208 949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\gaele\AppData\Local\Amazon Drive\AmazonPhotos.exe
(explorer.exe ->) (Ambient Software) C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktop Wallpapers_1.2.17.0_neutral__agy8jafheqhng\LiveWal lpaper\LiveWallpaper.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(explorer.exe ->) (Krisp Technologies, Inc -> Krisp) C:\Program Files\Krisp\Krisp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler. exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler6 4.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHand ler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHand ler64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ias torac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinSe rvice.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_1840c0e85c622882\IntelCpHDCPSvc.ex e
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_1840c0e85c622882\IntelCpHeciSvc.ex e
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_f629911085770af0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mew miprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationS ervice.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Ds api.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (The Neat Company) [File not signed] C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(services.exe ->) (Two Pilots) [File not signed] C:\Windows\VPDAgent_x64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_f9e3e5f664173b9e\WavesSysSvc64. exe
(sihost.exe ->) (Screenovate Technologies) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\app\De llMobileConnectClient.exe
(svchost.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0 _x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.72 2.3302.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.72 2.3302.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Screenovate Technologies) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMo bileConnect.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\gaele\AppData\Roaming\Zoom\bin\Zoom.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-03] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2021-12-10] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (No File)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (No File)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2635160 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Google Update] => C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 132\GoogleUpdateCore.exe [227512 2022-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\gaele\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Krisp] => C:\Program Files\Krisp\Krisp.exe [3352504 2021-06-22] (Krisp Technologies, Inc -> Krisp)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Amazon Photos] => C:\Users\gaele\AppData\Local\Amazon Drive\AmazonPhotos.exe [10327240 2022-01-20] (Amazon.com Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7097112 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Run: [Opera Browser Assistant] => C:\Users\gaele\AppData\Local\Programs\Opera\assist ant\browser_assistant.exe [4110592 2022-04-20] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {1067b956-92b4-11ea-9428-84c5a6b2f281} - "D:\LaunchU3.exe" -a
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {17398b76-8304-11ea-9420-84c5a6b2f281} - "D:\setup.EXE" /AUTORUN
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\MountPoints2: {37dbd510-fc3f-11eb-9492-84c5a6b2f281} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-3842255837-3436847461-3918225103-1002\...\Run: [033C58EC75C39EFAEF85CCD0D5647A974F26D65B._service_ run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [3547048 2022-05-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\sdtnm: C:\WINDOWS\system32\sdtnpm.dll [54784 2013-02-04] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [Neat ADF Scanner 2008] -> reg copy "HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [Send To Neat] -> reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\101.0.16113.44\Installer\chrms tp.exe [2022-05-10] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.54\Inst aller\chrmstp.exe [2022-05-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2022-05-02]
ShortcutTarget: Update UWP App.lnk -> C:\Program Files (x86)\LastPass\lpwinmetro\AppxUpgradeUwp.exe (LogMeIn, Inc. -> )
Startup: C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Republic Anywhere.lnk [2020-05-24]
ShortcutTarget: Republic Anywhere.lnk -> C:\Users\gaele\AppData\Local\republicanywhere\Repu blic Anywhere.exe (Republic Wireless) [File not signed]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {071FF7B0-75C1-4E73-A4D5-E6559D4A9F29} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6536184 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {140042C6-485E-4D3D-B3D2-42B9256B3EF3} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gaele\Downloads\esetonlinescanner.exe [11697056 2021-06-06] (ESET, spol. s r.o. -> ESET)
Task: {193A1FE5-8B1A-4AB7-989B-C474F7640AE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28B2E10E-4E19-4626-A979-9E1652D8353D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3842255837-3436847461-3918225103-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2989EC73-62F6-45E6-ACBB-3180B9E78493} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {300A6F8F-FD0A-4F4B-AFBE-10AF194413AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {35C90220-133F-4080-AFBC-5D660BE0C255} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gaele\Downloads\esetonlinescanner.exe [11697056 2021-06-06] (ESET, spol. s r.o. -> ESET)
Task: {38159DC9-D15F-4DE3-B8D8-6132B713EB7E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)
Task: {39CD3066-2610-421A-B41B-49AB870DE27C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {44E2F933-06AC-4681-8A57-C2967CB6BE14} - System32\Tasks\CCleanerSkipUAC - gaele => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {47977D70-AB0B-4BC5-8E92-8BB22FF6EB63} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {48FEC2CC-E892-45B4-9827-8CACD998C055} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001UA => C:\Users\gaele\AppData\Local\Google\Update\GoogleU pdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {51E8284C-F301-418B-8395-15994067FE00} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask backgroundupdate
Task: {54CA0972-781C-4A09-AB2D-496E68DF4E8F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3842255837-3436847461-3918225103-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {55905C05-EE81-44D6-B484-8A0082615187} - System32\Tasks\Opera scheduled Autoupdate 1586963616 => C:\Users\gaele\AppData\Local\Programs\Opera\launch er.exe [2469120 2022-04-20] (Opera Software AS -> Opera Software)
Task: {5689F437-3FD0-47C3-92C5-7FA7CBC2EED1} - System32\Tasks\Opera scheduled assistant Autoupdate 1586963619 => C:\Users\gaele\AppData\Local\Programs\Opera\launch er.exe [2469120 2022-04-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gaele\AppData\Local\Programs\Opera\ assistant" $(Arg0)
Task: {5DB44407-F1BF-41C8-B3AF-90AB4BAAC954} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2739448 2022-04-28] (Piriform Software Ltd -> Piriform Software)
Task: {5DE3D262-4A5A-4C96-9997-05CA4A9F9C90} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {66F179C9-920D-452F-AE35-A3C4666E3738} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A915A96-F5DE-4D08-A9CF-FF168A316838} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001Core => C:\Users\gaele\AppData\Local\Google\Update\GoogleU pdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {6C7277B4-29FF-4768-9E24-FEFED26F5953} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [1320368 2022-04-25] (LogMeIn, Inc. -> GoTo Group, Inc.)
Task: {6EF05B7D-C297-4031-9F2F-E55A508EF9B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {72D88666-425B-42CE-93C0-6FF0F2044BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8DC86279-4544-4321-B078-BB3BCE0E9AB2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6536184 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {93F77276-237A-40BF-B145-C09DDD608701} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BB0358E-AC96-4E58-B2C0-65ED168892F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {A7A07E99-66B5-44A8-A634-1AACA7F5FE13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C87F6FE0-FBB0-428F-84FD-D9DFFC063CF1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2739448 2022-04-28] (Piriform Software Ltd -> Piriform Software)
Task: {C9D2BFCB-ADE2-4393-9CD9-A74D6B2657F9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF2004DE-56B5-439A-BEEC-A85E33238735} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
Task: {D5CF7EEE-7717-4533-8308-85369472AE28} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe (No File)
Task: {DA422CCE-5080-463C-9DA8-E0BE04D941F2} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
Task: {F88B98AB-461F-449D-8D4C-E0B9C129E56D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB569A8D-BA18-4691-8DEE-ACA92D5D6813} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{00af1d19-8f28-4723-aabb-684a1ece069a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bc274815-8383-4178-bd1b-0564b27b8909}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{c76d63f1-4c67-40db-af51-2ccd243db0e6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c852c696-7e4e-4fc8-8a69-c1e46d51141f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ce176eb1-a74e-47db-b73f-91de6149e012}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f35b614b-bdda-47ee-a4f9-0b9a4001aa31}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fdbe0fd9-069b-4bed-ba02-d532ed97c19f}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Notifications: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> hxxps://www.facebook.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-11]
Edge HomePage: Default -> hxxp://www.google.com/
Edge Extension: (Google Translate) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2022-03-10]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmm ooekmp [2022-05-07]
Edge Extension: (Gmail Screenshot by cloudHQ) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\boepdnhlmfleonjnaoaemgcggp poikog [2022-03-30]
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblc afcmpi [2020-07-04]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2021-07-20]
Edge Extension: (Google Calendar) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmh kjfich [2021-01-15]
Edge Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmmlpenookphoknnpfilofakgh emolmg [2022-05-07]
Edge Extension: (Mileage Calculator by wheretocredit.com) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gomddcmabinakjildbgfoabbia kfkkfk [2020-12-25]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjj edodee [2022-05-09]
Edge Extension: (Organize Downloads by Date) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ipjljbilkibpncgnagphiamkkd ilbbki [2020-07-04]
Edge Extension: (Pinterest Save Button) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggne giphhh [2020-07-04]
Edge Extension: (RetailMeNot Deal Finder™️) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jjfblogammkiefalfpafidabbn amoknm [2022-05-07]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikf cefljn [2022-05-07]
Edge Extension: (Copy me that!) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lkmcogbnaohagegccoghdcjmgd ibjfig [2020-07-04]
Edge Extension: (RSS Subscription Extension (by Google)) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmm mcbfjd [2020-07-26]
Edge Extension: (Twinword Finder) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npghlhgagddknpcccbgncondbk dpehof [2020-07-04]
Edge Extension: (Click to start / stop recording) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pjnefijmagpdjfhhkpljicbbpi celgko [2022-05-09]
Edge Extension: (Password Checkup extension) - C:\Users\gaele\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijc lecjno [2020-09-21]

FireFox:
========
FF DefaultProfile: lj4dlij7.default
FF ProfilePath: C:\Users\gaele\AppData\Roaming\Mozilla\Firefox\Pro files\lj4dlij7.default [2021-09-17]
FF ProfilePath: C:\Users\gaele\AppData\Roaming\Mozilla\Firefox\Pro files\96r68ffi.default-release [2022-05-11]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3 .dll [2021-01-26] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3 .dll [2021-01-26] (Piriform Software Ltd -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default [2022-05-11]
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.ighome.com/"
CHR Extension: (Google Translate) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2022-04-06]
CHR Extension: (Old Layout for Facebook) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaeg aeagge [2022-04-06]
CHR Extension: (Search With Incognito) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegpbigghghmkomaolphakjjpp nebdhb [2022-04-06]
CHR Extension: (Earth View from Google Earth) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdo fhnnoh [2022-04-24]
CHR Extension: (DuckDuckGo) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggd iikppg [2022-04-26]
CHR Extension: (Gmail Screenshot by cloudHQ) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\boepdnhlmfleonjnaoaemgcggp poikog [2022-04-06]
CHR Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfco pglcmi [2022-04-25]
CHR Extension: (Eno® from Capital One®) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbcli hgmdje [2022-05-04]
CHR Extension: (AARP Perks) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmjclkcjkglbgooclepleooaod gjfhik [2022-04-27]
CHR Extension: (Accuweather) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\conoiojhfhpoboccndegeemkpg kcnkoe [2022-04-06]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefi ndmkaj [2022-04-26]
CHR Extension: (Google Play Music) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgp gfmobi [2021-02-24]
CHR Extension: (Online Manuals App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnocjfjcbbminbfklpioinjjo fkobom [2022-04-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2022-04-06]
CHR Extension: (Total Adblock - Ad Blocker) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekdekpbfehejjiecgonmgmepb dnaggp [2022-04-25]
CHR Extension: (The Camelizer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbam fndblo [2022-04-06]
CHR Extension: (Google Calendar) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmh kjfich [2021-02-24]
CHR Extension: (SwagButton) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjl fgdemm [2022-04-06]
CHR Extension: (Pinterest Save Button) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmk opogic [2022-04-13]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegep lioahd [2022-04-28]
CHR Extension: (mysms - SMS from Computer) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnoko lhblgb [2022-04-06]
CHR Extension: (Kindle Cloud Reader) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjj eneebd [2022-04-06]
CHR Extension: (Google Play Music) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcf okfdhg [2021-02-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjj edodee [2022-05-09]
CHR Extension: (Organize Downloads by Date) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjljbilkibpncgnagphiamkkd ilbbki [2022-04-06]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2022-05-10]
CHR Extension: (Copy me that!) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjinjcobiflbbnhenlfkcjpee acklfl [2022-04-06]
CHR Extension: (Social tools) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbdoljkknpjgfcnbnoiehjcga ncpjmd [2022-04-06]
CHR Extension: (Classic Blue Theme) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\maejegjiekmgjakcgkdkjgjoif hihekp [2022-04-06]
CHR Extension: (ShopSavvy) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\megchchilhekbbnfcklodmndef bhkbco [2022-04-06]
CHR Extension: (Ibotta: Cash back made easy) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaedmjlefifhnhpgipjjiiekc haimpk [2022-05-05]
CHR Extension: (ZIP Extractor) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfcakoljjhncfphlflcedhgog fhpbcd [2022-04-06]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjceg oiijjo [2022-04-06]
CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejc ehkggg [2022-05-07]
CHR Extension: (YouTube NonStop) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbk bnocid [2022-04-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2022-04-06]
CHR Extension: (Password Alert) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhf klnnep [2022-04-06]
CHR Extension: (Switch to Classic design on Facebook™) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\oancckmjgaoejmbedngcoiakbl hacbog [2022-04-13]
CHR Extension: (Click&Clean App) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidf mibmhp [2022-04-06]
CHR Extension: (Chrome Piano) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjafcgbpdclmdeiipolenjgkik eldljl [2022-05-11]
CHR Extension: (Click to start / stop recording) - C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnefijmagpdjfhhkpljicbbpi celgko [2022-05-08]
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-24]
CHR Profile: C:\Users\gaele\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
Reply With Quote
  #6  
Old May 11th, 2022, 02:45 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Part 2 -
Opera:
=======
OPR Profile: C:\Users\gaele\AppData\Roaming\Opera Software\Opera Stable [2022-05-09]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncod ing}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\gaele\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-20]
OPR Extension: (Opera Crypto Wallet) - C:\Users\gaele\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-05-08]
OPR Extension: (LastPass: Free Password Manager) - C:\Users\gaele\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2022-05-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\gaele\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\gaele\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-07-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-02-04] (Two Pilots) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2021-12-06] (Brother Industries, Ltd.) [File not signed]
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\101.0.16113.44\elevation_servi ce.exe [1982744 2022-04-28] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-26] (Piriform Software Ltd -> Piriform Software)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-02-06] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11758536 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Ds api.exe [1024680 2021-09-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
R2 Dell WMI Service; C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe [118784 2019-10-08] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44328 2022-03-16] (Dell Inc -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncHelper.exe [3399584 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8347832 2022-04-21] (Malwarebytes Inc -> Malwarebytes)
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [5632 2013-02-23] (The Neat Company) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.077.0410.0007\OneDriveUpdaterService.e xe [3847072 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\WINDOWS\System32\DriverStore\FileRepository\mew miprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationS ervice.exe [538736 2021-07-25] (Intel Corporation -> Intel Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 KrispSimple; C:\WINDOWS\System32\drivers\KrispVad.sys [48104 2021-04-22] (Krisp Technologies, Inc -> Krisp Technologies, Inc)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslaad493fa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F76298AF-43EB-46ED-BA2D-5749CEF1C69A}\MpKslDrv.sys [137464 2022-05-11] (Microsoft Windows -> Microsoft Corporation)
R3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-11 09:36 - 2022-05-11 09:36 - 000045245 _____ C:\Users\gaele\Desktop\FRST.txt
2022-05-11 09:30 - 2022-05-11 09:31 - 002366976 _____ (Farbar) C:\Users\gaele\Desktop\FRST64.exe
2022-05-11 08:07 - 2022-05-11 08:07 - 001376737 _____ C:\Users\gaele\Downloads\zipper-opening-template.cdr.pdf
2022-05-11 08:01 - 2022-05-11 08:01 - 006481877 _____ C:\Users\gaele\Downloads\BedShare.MP4
2022-05-11 05:28 - 2022-05-11 05:28 - 000000000 ___HD C:\$WinREAgent
2022-05-10 19:14 - 2022-05-11 09:36 - 000000000 ____D C:\FRST
2022-05-10 11:39 - 2022-05-10 11:39 - 000018888 _____ C:\Users\gaele\Documents\TABOR CONSTRUCTION CORP. __ Florida (US) __ OpenCorporates.html
2022-05-10 11:39 - 2022-05-10 11:39 - 000000000 ____D C:\Users\gaele\Documents\TABOR CONSTRUCTION CORP. __ Florida (US) __ OpenCorporates_files
2022-05-10 10:13 - 2022-05-10 10:13 - 000001933 _____ C:\Users\gaele\Desktop\Zoom.lnk
2022-05-10 10:13 - 2022-05-10 10:13 - 000000000 ____D C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Zoom
2022-05-10 10:13 - 2022-05-10 10:13 - 000000000 ____D C:\Users\gaele\AppData\Local\Zoom
2022-05-10 10:13 - 2022-05-10 10:13 - 000000000 _____ C:\WINDOWS\invcol.tmp
2022-05-09 17:49 - 2022-05-09 17:49 - 000025484 _____ C:\Users\gaele\Documents\cc_20220509_174938.reg
2022-05-08 15:46 - 2022-05-08 15:46 - 000002327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-08 15:46 - 2022-05-08 15:46 - 000002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-05-08 15:45 - 2022-05-08 15:45 - 001414600 _____ (Google LLC) C:\Users\gaele\Downloads\ChromeSetup(5).exe
2022-05-08 15:45 - 2022-05-08 15:45 - 001414600 _____ (Google LLC) C:\Users\gaele\Downloads\ChromeSetup(4).exe
2022-05-08 15:44 - 2022-05-08 15:44 - 001414600 _____ (Google LLC) C:\Users\gaele\Downloads\ChromeSetup(3).exe
2022-05-08 15:44 - 2022-05-08 15:44 - 001414600 _____ (Google LLC) C:\Users\gaele\Downloads\ChromeSetup(2).exe
2022-05-08 15:44 - 2022-05-08 15:44 - 001414600 _____ (Google LLC) C:\Users\gaele\Downloads\ChromeSetup(1).exe
2022-05-08 15:43 - 2022-05-08 15:43 - 000005700 _____ C:\Users\gaele\Documents\cc_20220508_154335.reg
2022-05-08 14:49 - 2022-05-08 14:49 - 000000000 ____D C:\Users\gaele\AppData\Local\FastStone
2022-05-08 09:22 - 2022-05-08 09:22 - 000003456 _____ C:\Users\gaele\Documents\cc_20220508_092207.reg
2022-05-08 09:22 - 2022-05-08 09:22 - 000001184 _____ C:\Users\gaele\Documents\cc_20220508_092230.reg
2022-05-06 22:28 - 2022-05-06 22:28 - 002915157 _____ C:\Users\gaele\Downloads\Une-batterie-de-trottinette-electrique1111111.mp4
2022-05-06 22:19 - 2022-05-06 22:19 - 009071256 _____ C:\Users\gaele\Downloads\HOW'S YOUR DAY GOING (2).mp4
2022-05-05 20:10 - 2022-05-05 20:10 - 000371096 _____ C:\Users\gaele\Downloads\Illegal dumping - Collier County, FL.pdf
2022-05-05 13:47 - 2022-05-05 13:47 - 011190136 _____ C:\Users\gaele\Downloads\UPDATED BUILDING CODE.MP4
2022-05-04 18:22 - 2022-05-04 18:22 - 000256447 _____ C:\Users\gaele\Downloads\NPL-Policy19_04_18_2022 12_52_16 PM.pdf
2022-05-03 21:03 - 2022-05-03 21:03 - 014506723 _____ C:\Users\gaele\Downloads\AA-The Young Zoo-keeper of 60 Lions-VIDEO-2021-11-17-10-24-27.mp4
2022-05-03 21:00 - 2022-05-03 21:00 - 005537264 _____ C:\Users\gaele\Downloads\ed_1.mp4
2022-05-03 13:08 - 2022-05-03 13:08 - 003551206 _____ C:\Users\gaele\Downloads\How To Make An Adorable Fabric Bag With Face Mask Elastic.pdf
2022-05-03 13:06 - 2022-05-03 13:06 - 000439463 _____ C:\Users\gaele\Downloads\Start Here_ Cutie Pie Pouches _ Lazy Girl.html
2022-05-03 13:06 - 2022-05-03 13:06 - 000000000 ____D C:\Users\gaele\Downloads\Start Here_ Cutie Pie Pouches _ Lazy Girl_files
2022-05-03 13:03 - 2022-05-03 13:03 - 005678610 _____ C:\Users\gaele\Downloads\Cutie Pie Pouches Class Pattern.pdf
2022-05-03 12:18 - 2022-05-03 12:19 - 000000000 ____D C:\Users\gaele\Downloads\embroidery designs
2022-05-02 17:46 - 2022-05-02 17:46 - 000674897 _____ C:\Users\gaele\Downloads\ChristmasDoggie (free) (2).zip
2022-05-02 17:46 - 2022-05-02 17:46 - 000000000 ____D C:\Users\gaele\Downloads\ChristmasDoggie (free) (2)
2022-05-02 12:31 - 2022-05-02 12:31 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-05-02 12:31 - 2022-05-02 12:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-02 11:20 - 2022-05-02 11:20 - 000282691 _____ C:\Users\gaele\Downloads\Gmail Shortcuts Cheatsheet - Make Tech Easier.pdf
2022-05-02 10:02 - 2022-05-02 10:02 - 000003790 _____ C:\WINDOWS\system32\Tasks\LastPassUpdater
2022-05-02 10:02 - 2022-05-02 10:02 - 000001108 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2022-05-02 10:02 - 2022-05-02 10:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2022-05-01 15:03 - 2022-05-01 15:03 - 000000000 ____D C:\Users\gaele\AppData\LocalLow\Oracle
2022-05-01 14:42 - 2022-05-01 14:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-05-01 14:42 - 2022-05-01 14:42 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-05-01 14:42 - 2022-05-01 14:42 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-05-01 11:14 - 2022-05-01 11:14 - 005766742 _____ C:\Users\gaele\Downloads\Dog and Biden.mov
2022-05-01 11:05 - 2022-05-01 11:05 - 020412086 _____ C:\Users\gaele\Downloads\Master Sergeant Roy Benavidez Message To America.mp4
2022-05-01 11:00 - 2022-05-01 11:00 - 257493308 _____ C:\Users\gaele\Downloads\FitNice-Top-It-Off_eBook_eVersion (1).pdf
2022-05-01 10:50 - 2022-05-01 10:52 - 061731125 _____ C:\Users\gaele\Desktop\Fit Nice Simple Solutions.pdf
2022-04-29 18:13 - 2022-05-05 18:23 - 000000000 ____D C:\Users\gaele\Documents\My Kindle Content
2022-04-29 18:13 - 2022-04-29 18:13 - 061455128 _____ (Amazon.com) C:\Users\gaele\Downloads\KindleForPC-installer-1.36.65107.exe
2022-04-29 18:13 - 2022-04-29 18:13 - 000002300 _____ C:\Users\gaele\Desktop\Kindle.lnk
2022-04-29 18:13 - 2022-04-29 18:13 - 000000000 ____D C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Amazon
2022-04-29 18:13 - 2022-04-29 18:13 - 000000000 ____D C:\Users\gaele\AppData\Local\Amazon
2022-04-29 16:09 - 2022-04-29 16:09 - 001431129 _____ C:\Users\gaele\Downloads\Midnight on the Water - Robert Lane.mobi
2022-04-29 11:14 - 2022-04-29 11:14 - 022084780 _____ C:\Users\gaele\Downloads\FitNice-Simple_Sewlutions-Book (1).pdf
2022-04-29 11:03 - 2022-04-29 11:03 - 003141853 _____ C:\Users\gaele\Downloads\Spoofing.mp4
2022-04-29 09:37 - 2022-04-29 09:37 - 000098954 _____ C:\Users\gaele\Downloads\MeetingMinutes17-Mar-2022draft.pdf
2022-04-29 09:36 - 2022-04-29 09:36 - 000121750 _____ C:\Users\gaele\Downloads\Agenda.pdf
2022-04-28 21:50 - 2022-04-28 21:50 - 010945003 _____ C:\Users\gaele\Downloads\VID-20220116-WA0015.mp4
2022-04-28 06:07 - 2022-04-28 06:07 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-28 06:07 - 2022-04-28 06:07 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-27 17:13 - 2022-04-27 17:13 - 001459659 _____ C:\Users\gaele\Downloads\Submittal 3 - PUD doc strikethrough underline 4-7-22 - Prepared (4).pdf
2022-04-27 16:23 - 2022-04-27 16:23 - 000007631 _____ C:\Users\gaele\Downloads\RLS1.pdf
2022-04-27 11:26 - 2022-04-27 11:26 - 009981117 _____ C:\Users\gaele\Downloads\Blackness Fatigue.mp4
2022-04-27 11:22 - 2022-04-27 11:22 - 004226783 _____ C:\Users\gaele\Downloads\If I were the devil remastered audio Paul Harvey.mp4
2022-04-27 10:50 - 2022-04-27 10:50 - 002082707 _____ C:\Users\gaele\Downloads\WACKY WEDNESDAY...Decorative Stitch host Judy for four day classes - gaelennox@gmail.com - Gmail.html
2022-04-27 10:50 - 2022-04-27 10:50 - 000000000 ____D C:\Users\gaele\Downloads\WACKY WEDNESDAY...Decorative Stitch host Judy for four day classes - gaelennox@gmail.com - Gmail_files
2022-04-25 10:37 - 2022-04-25 10:37 - 001459659 _____ C:\Users\gaele\Downloads\Submittal 3 - PUD doc strikethrough underline 4-7-22 - Prepared (3).pdf
2022-04-25 10:10 - 2022-04-25 10:11 - 006182703 _____ C:\Users\gaele\Downloads\PetiteStitchery_Womens_Sw ankyTank.pdf
2022-04-24 19:14 - 2022-04-24 19:14 - 014881409 _____ C:\Users\gaele\Documents\One Naples, Many View Points - Gulfshore Business.pdf
2022-04-24 12:01 - 2022-04-24 12:01 - 257493308 _____ C:\Users\gaele\Downloads\FitNice-Top-It-Off_eBook_eVersion.pdf
2022-04-24 11:49 - 2022-04-24 11:49 - 006547231 _____ C:\Users\gaele\Downloads\21-22 Candidate Handbook.pdf
2022-04-24 10:51 - 2022-04-24 10:51 - 000026137 _____ C:\Users\gaele\Downloads\LelyPres2022 (1).xlsx
2022-04-23 10:00 - 2022-04-23 10:00 - 000231175 _____ C:\Users\gaele\Downloads\accordionwallet_sewingtim es.pdf
2022-04-23 09:57 - 2022-04-23 09:57 - 000930359 _____ C:\Users\gaele\Downloads\buckethat_sewingtimes.pdf
2022-04-22 15:20 - 2022-04-22 15:20 - 022073497 _____ C:\Users\gaele\Downloads\FitNice-Simple_Sewlutions-Book1.pdf
2022-04-21 10:07 - 2022-04-21 10:07 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-21 10:07 - 2022-04-21 10:07 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-21 10:07 - 2022-04-21 10:07 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-21 09:25 - 2022-04-21 09:25 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1586963619
2022-04-21 07:18 - 2022-04-21 07:18 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1586963616
2022-04-21 07:18 - 2022-04-21 07:18 - 000001411 _____ C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Opera Browser.lnk
2022-04-20 15:46 - 2022-04-20 15:46 - 002034633 _____ C:\Users\gaele\Downloads\Uploaded 4-7-22Submittal 3 - NIM Summary (6).pdf
2022-04-20 15:45 - 2022-04-20 15:46 - 007815959 _____ C:\Users\gaele\Downloads\Uploaded 4-7-2022.pdf
2022-04-20 15:45 - 2022-04-20 15:45 - 001459659 _____ C:\Users\gaele\Downloads\Uploaded 4--13-2022 Submittal 3 - PUD doc strikethrough underline 4-7-22 - Prepared (3).pdf
2022-04-20 14:30 - 2022-04-20 14:30 - 000000061 _____ C:\Users\gaele\Downloads\ParcelAddresses.csv
2022-04-20 13:14 - 2022-04-20 13:14 - 025266392 _____ C:\Users\gaele\Downloads\VisionPRO® 8000 with RedLINK.pdf
2022-04-20 13:12 - 2022-04-20 13:12 - 025176788 _____ C:\Users\gaele\Downloads\68-0312.pdf
2022-04-19 16:50 - 2022-04-19 16:50 - 002292048 _____ C:\Users\gaele\Downloads\Making connections between computers and monitors @ AskWoody.pdf
2022-04-19 09:51 - 2022-04-19 09:51 - 014887725 _____ C:\Users\gaele\Downloads\Cake.mp4
2022-04-19 07:25 - 2022-04-19 07:25 - 011409237 _____ C:\Users\gaele\Downloads\Cricut Blades Differences Guide – Everything you need to know – Daydream Into Reality.pdf
2022-04-19 07:02 - 2022-04-19 07:03 - 007388062 _____ C:\Users\gaele\Downloads\monter-100-marches-en-50-secondes-134314.mp4
2022-04-19 07:00 - 2022-04-19 07:00 - 006373623 _____ C:\Users\gaele\Downloads\CheerYouUp4sure.mp4
2022-04-19 06:55 - 2022-04-19 06:55 - 016641091 _____ C:\Users\gaele\Downloads\MindBlowingTrick.mp4
2022-04-19 06:11 - 2022-04-19 06:12 - 000018752 _____ C:\Users\gaele\Desktop\Verandas 3 Direct_not for distrib_041022.xlsx
2022-04-18 11:26 - 2022-04-18 11:26 - 001815627 _____ C:\Users\gaele\Downloads\DIY Reusable Produce Bags - FREE Pattern + VIDEO Tutorial ⋆ Hello Sewing.pdf
2022-04-18 11:25 - 2022-04-18 11:25 - 004399854 _____ C:\Users\gaele\Downloads\Sewing Tutorial_ Cropped Ruffle Tube Top _ elle & ish.pdf
2022-04-18 11:25 - 2022-04-18 11:25 - 002291155 _____ C:\Users\gaele\Downloads\20+ Free Sewing Patterns For Women's Tops (Just Gorgeous!) ⋆ Hello Sewing.pdf
2022-04-18 07:56 - 2022-04-18 07:56 - 022084780 _____ C:\Users\gaele\Downloads\FitNice-Simple_Sewlutions-Book.pdf
2022-04-16 23:49 - 2022-04-16 23:49 - 001358275 _____ C:\Users\gaele\Downloads\Dog from the hood.mp4
2022-04-16 23:46 - 2022-04-16 23:46 - 012436723 _____ C:\Users\gaele\Downloads\VIDEO-2021-11-20-14-13-12.mp4
2022-04-16 12:12 - 2022-04-16 12:12 - 007553481 _____ C:\Users\gaele\Downloads\Why Golf Takes Longer in Australia.mp4
2022-04-16 11:59 - 2022-04-16 12:02 - 000466984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-16 09:05 - 2022-04-16 09:05 - 008326258 _____ C:\Users\gaele\Downloads\DIY Circle Top and Skirt Set _ Collective Gen.pdf
2022-04-15 12:54 - 2022-04-15 12:54 - 000752391 _____ C:\Users\gaele\Downloads\Submittal 1 - Current Master Plan (Ord_ 15-39) - Prepared (Received) (3).pdf
2022-04-15 12:54 - 2022-04-15 12:54 - 000471304 _____ C:\Users\gaele\Downloads\Submittal 1 - Application - Prepared (Received) (6).pdf
2022-04-15 08:44 - 2022-04-15 08:44 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2022-04-14 22:10 - 2022-04-14 22:10 - 002552892 _____ C:\Users\gaele\Downloads\swiabag.tml.html
2022-04-14 22:10 - 2022-04-14 22:10 - 000000000 ____D C:\Users\gaele\Downloads\swiabag.tml_files
2022-04-14 21:40 - 2022-04-14 21:40 - 010644746 _____ C:\Users\gaele\Downloads\VIDEO-2021-07-19-12-53-09.mp4
2022-04-14 17:49 - 2022-04-14 17:49 - 000100659 _____ C:\Users\gaele\Downloads\closing list for snowbirds.pdf
2022-04-14 16:30 - 2022-04-14 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
2022-04-14 16:29 - 2022-04-14 16:30 - 000000000 ____D C:\Program Files (x86)\Inkscape
2022-04-14 16:27 - 2022-04-14 16:27 - 000001093 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-04-14 16:27 - 2022-04-14 16:27 - 000000867 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-04-14 16:27 - 2022-04-14 16:27 - 000000855 _____ C:\Users\Public\Desktop\Audacity.lnk
2022-04-14 16:27 - 2022-04-14 16:27 - 000000000 ____D C:\Program Files\Audacity
2022-04-14 16:25 - 2022-04-14 16:25 - 003165776 _____ (Patch My PC, LLC) C:\Users\gaele\Downloads\PatchMyPC.exe
2022-04-14 16:25 - 2022-04-14 16:25 - 000000000 ____D C:\Users\gaele\AppData\Local\Patch_My_PC,_LLC
2022-04-14 15:26 - 2022-04-14 15:26 - 002034633 _____ C:\Users\gaele\Downloads\Submittal 3 - NIM Summary (5).pdf
2022-04-14 15:25 - 2022-04-14 15:25 - 002034633 _____ C:\Users\gaele\Downloads\Submittal 3 - NIM Summary (4).pdf
2022-04-14 15:24 - 2022-04-14 15:24 - 002034633 _____ C:\Users\gaele\Downloads\Submittal 3 - NIM Summary (3).pdf
2022-04-14 15:21 - 2022-04-14 15:21 - 007815959 _____ C:\Users\gaele\Downloads\Submittal 3 - Lely Resort - Traffic Study_March 2022 (1).pdf
2022-04-14 15:20 - 2022-04-14 15:20 - 002034633 _____ C:\Users\gaele\Downloads\Submittal 3 - NIM Summary (2).pdf
2022-04-14 15:08 - 2022-04-14 15:08 - 001459659 _____ C:\Users\gaele\Downloads\Submittal 3 - PUD doc strikethrough underline 4-7-22 - Prepared (2).pdf
2022-04-14 15:04 - 2022-04-14 15:04 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-14 15:04 - 2022-04-14 15:04 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-14 15:04 - 2022-04-14 15:04 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-14 15:03 - 2022-04-14 15:03 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-14 14:57 - 2022-04-14 14:57 - 001459659 _____ C:\Users\gaele\Downloads\Submittal 3 - PUD doc strikethrough underline 4-7-22 - Prepared (1).pdf
2022-04-14 13:57 - 2022-04-14 13:58 - 001459659 _____ C:\Users\gaele\Downloads\Submittal 3 - PUD doc strikethrough underline 4-7-22 - Prepared.pdf
2022-04-13 13:18 - 2022-04-13 13:18 - 003446982 _____ C:\Users\gaele\Downloads\married 1-7-30 years.MP4
2022-04-13 10:24 - 2022-04-13 10:24 - 000297887 _____ C:\Users\gaele\Documents\duplicate.txt
2022-04-13 09:58 - 2022-04-13 09:58 - 000026014 _____ C:\Users\gaele\Downloads\LelyPres2022.xlsx
2022-04-12 20:20 - 2022-04-12 20:21 - 000000000 ____D C:\Users\gaele\Downloads\Verandas III bank statements
2022-04-12 19:04 - 2022-05-06 23:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-12 17:30 - 2022-04-12 17:30 - 015960018 _____ C:\Users\gaele\Downloads\PL20210001505 ZLTR Lely PUD Final.pdf
2022-04-12 17:29 - 2022-04-12 17:29 - 000314103 _____ C:\Users\gaele\Downloads\Zoning Verification Letter Application- Lely Resort - Prepared (Received).pdf
2022-04-12 17:28 - 2022-04-12 17:28 - 000131770 _____ C:\Users\gaele\Downloads\Zoning Verification Letter Request - Prepared (Received) (1).pdf
2022-04-12 17:27 - 2022-04-12 17:28 - 000131770 _____ C:\Users\gaele\Downloads\Zoning Verification Letter Request - Prepared (Received).pdf
2022-04-12 16:57 - 2022-04-12 16:57 - 000559769 _____ C:\Users\gaele\Downloads\ArbitratorsDecision122420 1 (1).pdf
2022-04-12 16:43 - 2022-04-12 16:43 - 000471304 _____ C:\Users\gaele\Downloads\Submittal 1 - Application - Prepared (Received) (5).pdf
2022-04-12 16:00 - 2022-04-12 16:00 - 007815959 _____ C:\Users\gaele\Downloads\Submittal 3 - Lely Resort - Traffic Study_March 2022 (2).pdf
2022-04-12 15:28 - 2022-04-12 15:28 - 002034633 _____ C:\Users\gaele\Downloads\Submittal 3 - NIM Summary (1).pdf
2022-04-12 15:14 - 2022-04-12 15:14 - 001534138 _____ C:\Users\gaele\Downloads\Submittal 3 - PUD doc strikethrough underline 4-7-22 (1).pdf
2022-04-12 15:14 - 2022-04-12 15:14 - 000226459 _____ C:\Users\gaele\Downloads\Submittal 2 - Comment Response Letter (6).pdf
2022-04-12 15:12 - 2022-04-12 15:12 - 000007638 _____ C:\Users\gaele\Downloads\RLS0 (1).pdf
2022-04-12 14:31 - 2022-04-12 14:31 - 000517880 _____ C:\Users\gaele\Downloads\GIS Processing Request - NIM (2).pdf
2022-04-12 14:13 - 2022-04-12 14:13 - 000008945 _____ C:\Users\gaele\Downloads\Receipt (10).pdf
2022-04-12 14:11 - 2022-04-12 14:12 - 000008945 _____ C:\Users\gaele\Downloads\Receipt (9).pdf
2022-04-12 14:11 - 2022-04-12 14:11 - 000009762 _____ C:\Users\gaele\Downloads\Receipt (8).pdf
2022-04-12 14:10 - 2022-04-12 14:10 - 000012810 _____ C:\Users\gaele\Downloads\PL Payment Slip Email0 (1).pdf
2022-04-12 14:08 - 2022-04-12 14:08 - 000009135 _____ C:\Users\gaele\Downloads\Receipt (7).pdf
2022-04-12 14:07 - 2022-04-12 14:07 - 000013069 _____ C:\Users\gaele\Downloads\PL Payment Slip (1).pdf
2022-04-12 14:06 - 2022-04-12 14:06 - 000039500 _____ C:\Users\gaele\Downloads\Incomplete Submittal Letter (INC) (2).pdf
2022-04-12 14:04 - 2022-04-12 14:04 - 000143754 _____ C:\Users\gaele\Downloads\Submittal 2 - Property Disclosure - Stock Development (3).pdf
2022-04-12 14:00 - 2022-04-12 14:00 - 000471304 _____ C:\Users\gaele\Downloads\Submittal 1 - Application - Prepared (Received) (4).pdf
2022-04-12 13:59 - 2022-04-12 13:59 - 000330987 _____ C:\Users\gaele\Downloads\Submittal 1 - Request Narrative - Prepared (Received) (2).pdf
2022-04-12 13:52 - 2022-04-12 13:53 - 000870864 _____ C:\Users\gaele\Downloads\Submittal 1 - Proposed Master Plan - Prepared (Received) (1).pdf
2022-04-12 13:52 - 2022-04-12 13:52 - 001597458 _____ C:\Users\gaele\Downloads\Submittal 1 - Fees (3).pdf
2022-04-12 13:47 - 2022-04-12 13:47 - 000148339 _____ C:\Users\gaele\Downloads\pUD doc strikethrough underline 12-14-21 (2).pdf
2022-04-12 13:45 - 2022-04-12 13:45 - 000215851 _____ C:\Users\gaele\Downloads\Submittal 1 - Detail by Entity Name (Received) (2).pdf
2022-04-12 13:42 - 2022-04-12 13:42 - 000086067 _____ C:\Users\gaele\Downloads\Submittal 1 - Affidavit (EXECUTED) (Received) (2).pdf
2022-04-12 13:41 - 2022-04-12 13:42 - 000493986 _____ C:\Users\gaele\Downloads\Submittal 1 - Addressing Checklist (3).pdf
2022-04-12 13:24 - 2022-04-12 13:24 - 013482329 _____ C:\Users\gaele\Downloads\Submittal 1 - Pre-App NOTES to be submitted with Submittal (5).pdf
2022-04-12 13:11 - 2022-04-12 13:11 - 000224521 _____ C:\Users\gaele\Downloads\Submittal 1 - SchoolConcurrency.pdf
2022-04-12 13:05 - 2022-04-12 13:06 - 001184194 _____ C:\Users\gaele\Downloads\Submittal 1 - warranty_deed.pdf
2022-04-12 12:11 - 2022-04-12 12:11 - 029523677 _____ C:\Users\gaele\Downloads\Pre-App Application Form & Staff Research NOT submitted with Submittal (5).pdf
2022-04-12 12:00 - 2022-04-12 12:00 - 000008917 _____ C:\Users\gaele\Downloads\Receipt (6).pdf
2022-04-12 11:45 - 2022-04-12 11:45 - 013480690 _____ C:\Users\gaele\Downloads\Pre-App NOTES to be submitted with Submittal (3).pdf
2022-04-12 11:45 - 2022-04-12 11:45 - 000008917 _____ C:\Users\gaele\Downloads\Receipt (5).pdf
2022-04-12 11:07 - 2022-04-12 11:07 - 013482329 _____ C:\Users\gaele\Downloads\Submittal 1 - Pre-App NOTES to be submitted with Submittal (4).pdf
2022-04-12 11:05 - 2022-04-12 11:05 - 029523677 _____ C:\Users\gaele\Downloads\Pre-App Application Form & Staff Research NOT submitted with Submittal (4).pdf
2022-04-12 10:58 - 2022-04-12 10:58 - 013480690 _____ C:\Users\gaele\Downloads\Pre-App NOTES to be submitted with Submittal (1).pdf
2022-04-12 10:51 - 2022-04-12 10:51 - 001776907 _____ C:\Users\gaele\Downloads\ORDINANCE NO.pdf
2022-04-12 10:37 - 2022-04-12 10:37 - 001819679 _____ C:\Users\gaele\Downloads\Administrative Code for Land Development.pdf
2022-04-12 10:04 - 2022-04-12 10:04 - 009799351 _____ C:\Users\gaele\Downloads\April meeting.jpeg.pdf
2022-04-12 09:22 - 2022-04-12 09:22 - 015960018 _____ C:\Users\gaele\Downloads\Submittal 1 - Copy of ZVL.pdf
2022-04-12 09:18 - 2022-04-12 09:18 - 000148339 _____ C:\Users\gaele\Downloads\2nd submittal pUD doc strikethrough underline 12-14-21 (2).pdf
2022-04-12 08:59 - 2022-04-12 08:59 - 004940568 _____ C:\Users\gaele\Downloads\untitled.mp4
2022-04-12 08:41 - 2022-04-12 08:41 - 001279993 _____ C:\Users\gaele\Downloads\Residential Guide to Waste Disposal and Recycling.pdf
2022-04-11 18:26 - 2022-04-11 18:26 - 002684641 _____ C:\Users\gaele\Downloads\Ken Annalysis ....pdf
2022-04-11 18:21 - 2022-04-11 18:21 - 001012092 _____ C:\Users\gaele\Downloads\Submittal 2 - Revised PUD Doc - Prepared (2).pdf
2022-04-11 12:02 - 2022-04-11 12:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-11 09:36 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-11 09:12 - 2020-04-14 14:05 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-11 08:38 - 2021-03-01 14:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-11 08:07 - 2020-04-23 12:41 - 000023709 _____ C:\WINDOWS\BRRBCOM.INI
2022-05-11 07:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-05-11 06:44 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-11 06:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-11 05:35 - 2021-09-17 11:12 - 000000000 ____D C:\Users\gaele\AppData\LocalLow\Mozilla
2022-05-11 03:51 - 2021-03-01 14:07 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{648796D0-ED1A-486C-A1A0-F2DCA8991F2A}
2022-05-11 00:02 - 2020-04-14 17:21 - 000000000 ____D C:\Program Files\CCleaner
2022-05-10 21:14 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-10 13:59 - 2020-04-08 05:00 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2022-05-10 11:11 - 2021-05-21 13:34 - 000000000 ____D C:\Users\gaele\AppData\Roaming\Zoom
2022-05-10 10:29 - 2020-05-01 15:18 - 000002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-05-10 10:29 - 2020-05-01 15:18 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-05-10 10:15 - 2020-04-23 12:11 - 000000000 ____D C:\Users\gaele\AppData\Local\D3DSCache
2022-05-10 09:48 - 2022-02-09 03:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-05-08 15:46 - 2021-02-24 10:14 - 000000000 ____D C:\Program Files\Google
2022-05-08 13:54 - 2020-05-24 08:29 - 000000000 ____D C:\Users\gaele\AppData\Roaming\Republic Anywhere
2022-05-08 13:46 - 2021-03-01 14:10 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-08 13:42 - 2021-07-24 11:29 - 000001245 _____ C:\Users\gaele\Desktop\Amazon Backup.lnk
2022-05-08 13:42 - 2021-06-24 08:56 - 000000000 ____D C:\Users\gaele\AppData\Local\Krisp
2022-05-08 13:42 - 2020-04-14 13:55 - 000000000 __SHD C:\Users\gaele\IntelGraphicsProfiles
2022-05-08 13:41 - 2021-03-01 14:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-08 13:41 - 2021-03-01 14:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-08 13:41 - 2020-04-08 04:54 - 000000000 ____D C:\Intel
2022-05-08 13:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-05-08 13:41 - 2019-12-07 05:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-05-08 09:20 - 2020-08-08 11:39 - 000000000 ____D C:\Users\gaele\AppData\Local\CrashDumps
2022-05-06 23:03 - 2021-09-17 11:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-05-06 23:03 - 2021-06-17 00:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-05-06 21:02 - 2020-06-19 17:34 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-06 21:02 - 2020-06-19 17:34 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-05-05 18:10 - 2020-04-14 13:58 - 000000000 ___RD C:\Users\gaele\OneDrive
2022-05-03 22:35 - 2021-10-05 15:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-05-03 22:35 - 2021-09-17 11:12 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-05-02 12:31 - 2021-12-12 15:40 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3842255837-3436847461-3918225103-1002
2022-05-02 12:31 - 2021-12-12 15:40 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3842255837-3436847461-3918225103-1001
2022-05-02 10:02 - 2020-05-23 11:01 - 000000000 ____D C:\Program Files (x86)\LastPass
2022-04-29 13:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-29 13:49 - 2021-03-01 13:30 - 000000000 ____D C:\Users\gaele
2022-04-29 13:47 - 2020-05-25 09:50 - 000000000 ____D C:\Users\gaele\AppData\Local\ElevatedDiagnostics
2022-04-29 13:01 - 2020-04-14 14:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-28 20:56 - 2021-03-03 21:56 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore1d70ec5c476702a
2022-04-28 20:56 - 2021-03-01 14:07 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2022-04-27 14:58 - 2020-04-14 13:55 - 000000000 ____D C:\Users\gaele\AppData\Local\Packages
2022-04-24 12:53 - 2021-08-25 09:19 - 000000000 ____D C:\Program Files (x86)\AntiTwin
2022-04-21 10:07 - 2021-02-22 17:36 - 000103888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-21 10:07 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-20 00:28 - 2021-03-01 14:07 - 000003684 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001UA
2022-04-20 00:28 - 2021-03-01 14:07 - 000003416 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3842255837-3436847461-3918225103-1001Core
2022-04-19 21:07 - 2021-03-01 14:07 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2022-04-19 21:07 - 2021-03-01 14:07 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-16 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 10:00 - 2020-04-14 16:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-15 09:54 - 2020-04-14 16:59 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-15 08:44 - 2020-11-25 16:49 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72}
2022-04-15 08:44 - 2020-11-25 16:49 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2022-04-15 08:44 - 2020-11-25 16:49 - 000000000 ____D C:\ProgramData\Intel Package Cache {29d6077f-6adb-42de-abac-1c60aeb0e237}
2022-04-15 08:44 - 2020-11-25 16:49 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-04-15 08:44 - 2020-04-08 04:58 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-15 08:43 - 2021-03-01 12:44 - 000000000 ___DC C:\WINDOWS\Panther
2022-04-14 16:27 - 2020-10-14 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-04-14 16:27 - 2020-04-14 18:35 - 000001198 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2022-04-14 15:06 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 09:52 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-11 12:02 - 2020-04-14 17:21 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk

==================== Files in the root of some directories ========

2021-10-31 13:31 - 2021-10-31 13:37 - 000054849 _____ () C:\Users\gaele\AppData\Local\PlariumPlay.log
2021-12-02 11:07 - 2021-12-02 11:07 - 000000218 _____ () C:\Users\gaele\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #7  
Old May 11th, 2022, 02:50 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Additional.txt

part 1
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2022
Ran by gaele (11-05-2022 09:38:03)
Running from C:\Users\gaele\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1645 (X64) (2021-03-01 18:08:04)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3842255837-3436847461-3918225103-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3842255837-3436847461-3918225103-503 - Limited - Disabled)
gaele (S-1-5-21-3842255837-3436847461-3918225103-1001 - Administrator - Enabled) => C:\Users\gaele
Guest (S-1-5-21-3842255837-3436847461-3918225103-501 - Limited - Disabled)
Visitor (S-1-5-21-3842255837-3436847461-3918225103-1002 - Limited - Enabled) => C:\Users\Visitor
WDAGUtilityAccount (S-1-5-21-3842255837-3436847461-3918225103-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
Amazon Kindle (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Amazon Kindle) (Version: 1.36.0.65107 - Amazon)
Amazon Photos (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Amazon Photos) (Version: 7.19.0 - Amazon.com, Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audacity 3.1.3 (64-bit) (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{931EF4E8-D267-4504-A5E9-5DE70B9712E9}) (Version: 4.5.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{437102ED-22A2-4C3D-BA6B-E5ECAE798DFA}) (Version: 1.0.3.0 - DELL)
Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FastStone Image Viewer 7.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.6 - FastStone Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.54 - Google LLC)
Google Photos Backup (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.2- - Inkscape)
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Krisp (HKLM\...\{1B7B634E-8BFC-441E-A0D4-53BC8C0C7C6A}) (Version: 1.26.1 - Krisp Technologies, Inc)
LastPass (HKLM-x32\...\{17177CD4-048F-4E19-B8BB-CC929BBEF302}) (Version: 4.94.0.2478 - GoTo Group, Inc.)
MakeMKV v1.15.4 (HKLM-x32\...\MakeMKV) (Version: v1.15.4 - GuinpinSoft inc)
Malwarebytes version 4.5.8.191 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.8.191 - Malwarebytes)
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM-x32\...\{3c001ec7-478b-4d22-8d92-a6561d20091f}) (Version: 5.0.14.30907 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.15128.20178 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.077.0410.0007 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 100.0 (x64 en-US)) (Version: 100.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8625 - MyHeritage.com)
Neat (HKLM-x32\...\Neat) (Version: 5.1.31.16 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.2 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (HKLM-x32\...\{99432E4C-1189-4887-9D75-DAA796015FFD}) (Version: 5.1.31.16 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Obsidian 0.9.20 (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 0.9.20 - Obsidian)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15128.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Opera Stable 85.0.4341.75 (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Opera 85.0.4341.75) (Version: 85.0.4341.75 - Opera Software)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plane9 v2.5.1.3 (HKLM-x32\...\Plane9) (Version: v2.5.1.3 - Joakim Dahl / Planestate Software)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9018.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.17763.20082 - Realtek Semiconductor Corp.)
Republic Anywhere (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\republicanywhere) (Version: 2.5.12 - Republic Wireless, Inc.)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Wondershare TunesGo ( Version 9.6.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.6.0 - Wondershare)
YI Home (HKLM-x32\...\YI Home) (Version: 1.0.0.0_202003271500 - XiaoYi)
Zoom (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\ZoomUMX) (Version: 5.9.7 (3931) - Zoom Video Communications, Inc.)

Packages:
=========
Any DVD -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3. 2.6.0_x64__y5c4dfz5b21fm [2022-01-18] (Any DVD &amp; Office App)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0 _x64__htrsf667h5kn2 [2020-04-14] (Dell Inc)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor _2.4.50.0_x64__2dgmkzkw4h30c [2022-05-01] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3. 5.0_x64__htrsf667h5kn2 [2021-11-21] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0. 92.0_x64__htrsf667h5kn2 [2021-09-14] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2022-01-01] (Screenovate Technologies)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-21] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_ 3.10.7.0_x64__htrsf667h5kn2 [2022-05-01] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.5.23.0_x86_ _htrsf667h5kn2 [2022-04-07] (Dell Inc)
Desktop Live Wallpapers -> C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktop Wallpapers_1.2.17.0_neutral__agy8jafheqhng [2020-10-10] (Ambient Software) [Startup Task]
DreamPlan Home Design Software Free -> C:\Program Files\WindowsApps\NCHSoftware.DreamPlanFree_7.3.8. 0_x86__7kedsbyvzns34 [2022-04-28] (NCH Software)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64 __xbfy0k16fey96 [2022-03-30] (Dropbox Inc.)
DVD Player - FREE -> C:\Program Files\WindowsApps\21336V3TApps.DVDPlayer-FREE_1.2.2.0_x86__bzg06mxvgh4fa [2022-03-18] (V3TApps)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6 mqt6hf9g46tw [2020-04-15] (Fitbit)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3408.0_x64__8j3eq9eme6ctt [2022-04-21] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_ 3.3.0.0_x64__8j3eq9eme6ctt [2020-04-14] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorag eManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa [2022-03-11] (Apple Inc.) [Startup Task]
LastPass for Windows Desktop -> C:\Program Files\WindowsApps\LastPass.LastPass_4.8.0.0_x64__s bg7naapqq8fj [2022-04-27] (LastPass)
Match 3D - Matching Puzzle Game -> C:\Program Files\WindowsApps\23385HappyFamilyGames.Match3D-MatchingPuzzleGame_1.1.0.0_x64__pbwsxs408fxew [2021-01-04] (Happy Family Games)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2021-03-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2021-03-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.70.51191.0_x64 __8wekyb3d8bbwe [2022-05-11] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.37 4.0_x64__8wekyb3d8bbwe [2022-04-07] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1. 0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.0.30.0_x64__htr sf667h5kn2 [2022-04-17] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64 __mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-03-14] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2022-03-14] (Microsoft Corporation)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_7.7 .2.0_x64__dggz0n4pnn0ge [2022-02-20] (IYIA)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0 _x86__e1rzdqpraam7r [2021-12-16] (Adobe Systems Incorporated)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001 .0_x64__rh07ty8m5nkag [2021-10-29] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0 [2022-05-01] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0 _x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell20 19_2.0.54.0_x64__fh4rh281wavaa [2020-04-08] (Waves Audio)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6 .1.0_x64__gs5k5vmxr2ste [2021-11-15] (Matt Hafner)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 132\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\ias torpinningcomponent.inf_amd64_59691a4ee8d947dd\Opt aneShellExt.dll [2021-10-12] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\ias torpinningcomponent.inf_amd64_59691a4ee8d947dd\Opt aneShellExt.dll [2021-10-12] (Intel Corporation -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-12-06 19:42 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2022-03-26 10:48 - 2021-12-06 11:05 - 000542720 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2022-03-26 10:48 - 2021-10-25 12:39 - 000180224 _____ () [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2022-03-26 10:48 - 2021-12-06 11:05 - 000208896 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2022-03-26 10:48 - 2021-12-10 14:49 - 001859584 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2022-02-06 11:03 - 2019-07-26 09:53 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2022-02-06 11:03 - 2017-08-18 12:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2022-02-06 11:03 - 2017-08-18 12:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2022-02-06 11:03 - 2018-04-27 10:16 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2022-02-06 11:03 - 2019-07-26 09:54 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2019-07-04 18:16 - 2019-07-04 18:16 - 001748992 _____ () [File not signed] C:\Program Files\Krisp\libsndfile-1.dll
2021-09-05 11:59 - 2021-09-05 11:59 - 001469440 _____ () [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\e_sqli te3.dll
2022-01-01 10:05 - 2022-01-01 10:05 - 000458240 _____ () [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\Micros oft.Scripting.dll
2022-01-01 10:05 - 2022-01-01 10:05 - 009192448 _____ () [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\Micros oft.WinRTC.WebRtcWrapper.dll
2022-01-20 22:38 - 2022-01-20 22:38 - 000799744 _____ () [File not signed] C:\Users\gaele\AppData\Local\Amazon Drive\sqlite3.dll
2020-04-23 12:41 - 2005-04-22 00:36 - 000143360 ____R () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2020-04-21 14:20 - 2013-02-04 13:00 - 000054784 _____ () [File not signed] C:\WINDOWS\System32\sdtnpm.dll
2005-09-07 13:03 - 2005-09-07 13:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2021-12-06 21:33 - 2012-10-19 08:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-07-01 15:08 - 2019-07-01 15:08 - 000332288 _____ (Home) [File not signed] C:\Program Files\Krisp\P7x64.dll
2021-06-01 23:00 - 2021-06-01 23:00 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Inter op.dll
2022-01-20 22:38 - 2022-01-20 22:38 - 000125952 _____ (Robert Vazan) [File not signed] C:\Users\gaele\AppData\Local\Amazon Drive\crc32c.dll
2022-01-01 10:05 - 2022-01-01 10:05 - 004158464 _____ (Screenovate Technologies Ltd.) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\core.p wa.dll
2022-01-01 10:05 - 2022-01-01 10:05 - 053414400 _____ (Screenovate Technologies Ltd.) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMo bileConnect.dll
2013-02-23 01:11 - 2013-02-23 01:11 - 000090112 _____ (The Neat Company) [File not signed] [File is in use] C:\Program Files (x86)\Neat\exec\NeatCompany.Common.dll
2013-02-23 01:12 - 2013-02-23 01:12 - 000029696 _____ (The Neat Company) [File not signed] [File is in use] C:\Program Files (x86)\Neat\exec\NeatCompany.NeatWorks.Interop.dll
2013-02-23 01:11 - 2013-02-23 01:11 - 000038400 _____ (The Neat Company) [File not signed] [File is in use] C:\Program Files (x86)\Neat\exec\NeatCompany.NeatWorks.Logging.dll

==================== Alternate Data Streams (Whitelisted) ========
Reply With Quote
  #8  
Old May 11th, 2022, 02:53 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Additional.txt

Additional txt Part II -
==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-04-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2022-04-25] (LogMeIn, Inc. -> LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2021-05-01] (Google Inc -> Google Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2022-04-25] (LogMeIn, Inc. -> LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2021-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2021-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2022-04-25] (LogMeIn, Inc. -> LastPass)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2021-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2022-04-25] (LogMeIn, Inc. -> LastPass)
Toolbar: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2021-05-01] (Google Inc -> Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-02-24 09:46 - 2021-02-24 09:46 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\Control Panel\Desktop\\Wallpaper -> c:\users\gaele\appdata\local\microsoft\windows\the mes\roamedthemefiles\desktopbackground\venice 6.jpg
HKU\S-1-5-21-3842255837-3436847461-3918225103-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A28B1CB-B26C-44C3-BCC9-D7CE5E00ED9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E200DE6-FDA9-4859-BAD2-BF5E2A6AD162}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A94C5B9C-013C-4219-8539-93527AF858E5}C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe] => (Allow) C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe (Shanghai Xiaoyi Technology Co., Ltd. -> Shanghai Xiaoyi Technology Co., Ltd.)
FirewallRules: [UDP Query User{62B52153-E2C4-4465-844B-F4C4093E42D0}C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe] => (Allow) C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe (Shanghai Xiaoyi Technology Co., Ltd. -> Shanghai Xiaoyi Technology Co., Ltd.)
FirewallRules: [{15477BC9-DEA6-47C3-AF0E-F866F1BD5254}] => (Allow) C:\Users\gaele\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{34334324-D95C-47AC-A68E-97C6DFEB026B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D93E9CF4-3FD0-41AB-AD88-9A1CD137A551}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AC588D91-D469-4D47-90E8-B568D516D4FD}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{3F267B2A-4D5D-4425-B533-16B198F2C231}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{B76BA867-9DA4-4E9D-ABF1-029893725930}] => (Allow) C:\Users\gaele\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{500C11AD-A43B-469D-B5FD-E3046E3D2E57}] => (Allow) C:\Users\gaele\AppData\Roaming\Zoom\bin\airhost.ex e (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{59939929-1C9A-4948-BF5C-911EEC99B51A}] => (Allow) C:\Users\gaele\AppData\Roaming\Zoom\bin\airhost.ex e (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4A1CCF83-DE59-4BF0-881D-9F6547B18DCD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{B43A4962-782E-4C62-B917-B298DF466E45}] => (Allow) LPort=54925
FirewallRules: [{B51A9E68-DE5C-4ED9-A05C-100DFEE3454E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMo bileConnect.exe (Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{8DEEE635-3B1E-4DB1-8C83-5882B746A685}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMo bileConnect.exe (Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{E4AFA020-18E5-4739-84F2-F6F1D6668229}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{638075B1-8788-441E-9C9E-AAC94B5908BF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{560C2EFC-5EB4-4798-9809-5D715C45B4A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{519C8500-6CBD-4928-9242-1B053EE80FF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B4F8D07-7D94-4BF3-987A-EC758AC05756}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F2F9B65-814C-4908-AED7-524554708EAB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E6DC8748-8887-424E-B306-B6F236152366}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{905B6490-D600-4A4E-997B-661E7648E178}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{037C74D3-48F0-43DC-951A-AE3B018589A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26505ACB-F74B-465A-832C-1652495F567C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D3F4FCF-A6E5-416D-9830-FEF83F0AF282}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8ABEADA1-D900-49DE-99A5-3CE0A7F980B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1020DB83-A909-4EBA-A086-6714AF55D01D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFA5B476-8147-4FAA-9243-E023B0626044}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{579B44B4-7F1E-41B7-AF91-5F33174D28D7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E975FB7-DC98-4EA2-8002-D558B85035D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01EB7588-A1EA-4A1D-9FE7-CFFF8D2821A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA72562F-BCA2-44F1-B8E2-AE87382C4830}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE153621-518C-4868-A067-7241CFCFCE42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3289FA8E-99DA-4575-8E8F-232C1DA62D1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1ACCE54F-18FA-49B2-A37C-66D353AD3C59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A13D6AB8-7287-461E-AB23-EB0749A423C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9731D190-E057-4D25-BDC1-60D93B83A3E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0EEAC7B3-0CE0-485A-A44F-62F8E8F63993}C:\users\gaele\appdata\local\programs \opera\opera.exe] => (Block) C:\users\gaele\appdata\local\programs\opera\opera. exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{BD3A355E-A78D-41FE-B90D-B83DF3F57D27}C:\users\gaele\appdata\local\programs \opera\opera.exe] => (Block) C:\users\gaele\appdata\local\programs\opera\opera. exe (Opera Software AS -> Opera Software)
FirewallRules: [{7E565303-AC70-4972-A36A-5997738C5178}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8B728FD8-3824-463B-8B05-03019716ADA4}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

06-05-2022 14:48:03 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/11/2022 07:55:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {429aab44-4cf8-46e8-a9e9-50ac00569ff4}

Error: (05/11/2022 07:48:39 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {429aab44-4cf8-46e8-a9e9-50ac00569ff4}

Error: (05/10/2022 07:47:46 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {429aab44-4cf8-46e8-a9e9-50ac00569ff4}

Error: (05/10/2022 07:41:03 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {429aab44-4cf8-46e8-a9e9-50ac00569ff4}

Error: (05/10/2022 06:37:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS (E because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/10/2022 06:36:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on RECOVERY (D because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/10/2022 01:40:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {429aab44-4cf8-46e8-a9e9-50ac00569ff4}

Error: (05/10/2022 01:34:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {429aab44-4cf8-46e8-a9e9-50ac00569ff4}


System errors:
=============
Error: (05/11/2022 09:10:51 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:51 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:46 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:46 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:41 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:41 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:36 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.

Error: (05/11/2022 09:10:36 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000010b) failed due to a hardware error.


Windows Defender:
================
Date: 2022-05-10 13:42:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-09 13:42:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-08 14:09:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-08 14:01:42
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?lin...0&enterprise=0
Name: PUABundler:Win32/PiriformBundler
Severity: Low
Category: Potentially Unwanted Software
Path: containerfile:_C:\Users\gaele\Downloads\2020\6\ccs etup568.exe; containerfile:_C:\Users\gaele\Downloads\2020\6\sea tac.exe; file:_C:\Users\gaele\Downloads\2020\6\ccsetup568.e xe; file:_C:\Users\gaele\Downloads\2020\6\ccsetup568.e xe->(nsis-instdata); file:_C:\Users\gaele\Downloads\2020\6\seatac.exe; file:_C:\Users\gaele\Downloads\2020\6\seatac.exe->(nsis-instdata)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\gaele\AppData\Local\ESET\ESETOnlineScanne r\ESETOnlineScanner.exe
Security intelligence Version: AV: 1.363.1629.0, AS: 1.363.1629.0, NIS: 1.363.1629.0
Engine Version: AM: 1.1.19200.5, NIS: 1.1.19200.5

Date: 2022-05-07 17:03:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-05-11 05:38:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Win dows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverSto re\FileRepository\iigd_dch.inf_amd64_1840c0e85c622 882\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-05-08 14:53:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Win dows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.13.0 12/06/2021
Motherboard: Dell Inc. 0FK9H3
Processor: Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz
Percentage of memory in use: 58%
Total physical RAM: 16215.92 MB
Available physical RAM: 6770.48 MB
Total Virtual: 18647.92 MB
Available Virtual: 4964.35 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:461.33 GB) (Free:248.76 GB) (Protected) NTFS

\\?\Volume{8e2bc93f-dd12-4ff5-b42e-0fc3bade6af7}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.29 GB) NTFS
\\?\Volume{d0b37552-bf1b-4b39-ad62-86292094221c}\ (Image) (Fixed) (Total:12.89 GB) (Free:0.16 GB) NTFS
\\?\Volume{4988a97e-9505-4118-b14c-3180736c6216}\ (DELLSUPPORT) (Fixed) (Total:1.47 GB) (Free:0.61 GB) NTFS
\\?\Volume{7fca93ed-3a6a-4a78-a866-f52509a16548}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 476.9 GB) (Disk ID: E68B182D)

Partition: GPT.

==================== End of Addition.txt =======================
Reply With Quote
  #9  
Old May 12th, 2022, 08:33 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Hi Gae,

Sorry I took so long. But much better now.

The scan logs show no malware there. Google shows as installed. I see all your installer downloads but were you able to reinstall it?
Reply With Quote
  #10  
Old May 14th, 2022, 03:28 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
I'm so glad you feeling better Jintan! That is good news.
I have google photos backup but no google photo. When I click on google photo backup, I get google photos. I click continue, then I get "There was a problem authenticating your account."
I can go to google photos separately on another tab though with my same google account.

Last edited by gaesilva; May 14th, 2022 at 03:30 PM. Reason: adding sentence
Reply With Quote
  #11  
Old May 16th, 2022, 04:54 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Sorry I took so long. Really doubting this is a malware issue, and I'm no Google pro, so suggest you open a new thread here in the Internet / Browsers forum.
Reply With Quote
  #12  
Old May 16th, 2022, 06:00 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Talking

Thank you so much. Feel better!!!!
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Can Malwarebytes Anti Malware actually get rid of malware such as Windows System? dwilliams1578 Malware Removal 2 June 4th, 2011 09:39 AM
AVG keeps blocking "UK9.exe" malware, Firefox keeps redirecting to malware. Vulpix Malware Removal 5 March 2nd, 2010 03:00 AM
Malware? Bremang Malware Removal 1 October 16th, 2008 08:12 PM
Possible Malware bkbigshow Malware Removal 21 October 5th, 2008 04:15 AM
new malware j Bmxrider Malware Removal 1 May 28th, 2008 01:09 PM


All times are GMT +1. The time now is 12:44 AM.