View Single Post
  #20  
Old February 22nd, 2021, 11:58 PM
gaesilva's Avatar
gaesilva gaesilva is offline
Senior Member
 
Join Date: Oct 2004
O/S: Windows 10 Home
Location: Naples, FL
Age: 77
Posts: 159
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2021
Ran by gaele (22-02-2021 17:50:09)
Running from C:\Users\gaele\Desktop
Windows 10 Home Version 1909 18363.1379 (X64) (2020-04-14 19:36:49)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-3842255837-3436847461-3918225103-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3842255837-3436847461-3918225103-503 - Limited - Disabled)
gaele (S-1-5-21-3842255837-3436847461-3918225103-1001 - Administrator - Enabled) => C:\Users\gaele
Guest (S-1-5-21-3842255837-3436847461-3918225103-501 - Limited - Disabled)
Visitor (S-1-5-21-3842255837-3436847461-3918225103-1002 - Limited - Enabled) => C:\Users\Visitor
WDAGUtilityAccount (S-1-5-21-3842255837-3436847461-3918225103-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 88.1.8016.153 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{81C48559-E2EB-4F18-9854-51331B9DB552}) (Version: 4.0.70.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{4674F112-9AB7-4701-AEC0-C1FD1FE7CD4E}) (Version: 2.0.8401 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{EC45CAE6-9000-43EC-B7BA-54D3D654BF21}) (Version: 5.3.2.13868 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{26e99410-cf21-40aa-9a6e-75bdd110d349}) (Version: 5.3.2.13868 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.1.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{437102ED-22A2-4C3D-BA6B-E5ECAE798DFA}) (Version: 1.0.3.0 - DELL)
Dynamic Application Loader Host Interface Service (HKLM\...\{ECFC785A-9107-4259-9288-0ABC86C0F6AB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Google Photos Backup (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Java(TM) SE Development Kit 15.0.2 (64-bit) (HKLM\...\{2041CF7D-1F63-5C58-9F35-C445251E39C9}) (Version: 15.0.2.0 - Oracle Corporation)
LastPass (HKLM-x32\...\{E7A548B6-D49C-4A10-8EDF-BC6379E5CA9A}) (Version: 4.64.0.1986 - LogMeIn)
MakeMKV v1.15.4 (HKLM-x32\...\MakeMKV) (Version: v1.15.4 - GuinpinSoft inc)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Neat (HKLM-x32\...\Neat) (Version: 5.1.31.16 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.2 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (HKLM-x32\...\{99432E4C-1189-4887-9D75-DAA796015FFD}) (Version: 5.1.31.16 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Obsidian 0.9.20 (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 0.9.20 - Obsidian)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9018.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.17763.20082 - Realtek Semiconductor Corp.)
Republic Anywhere (HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\republicanywhere) (Version: 2.5.12 - Republic Wireless, Inc.)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wondershare TunesGo ( Version 9.6.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.6.0 - Wondershare)
YI Home (HKLM-x32\...\YI Home) (Version: 1.0.0.0_202003271500 - XiaoYi)

Packages:
=========
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0 _x64__htrsf667h5kn2 [2020-04-14] (Dell Inc)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor _2.2.22.0_x64__2dgmkzkw4h30c [2020-09-15] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2. 45.0_x64__htrsf667h5kn2 [2020-07-22] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0. 70.0_x64__htrsf667h5kn2 [2021-01-19] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.2.9771.0_x64__0vhbc3ng4wbp0 [2021-01-25] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_ 3.8.10.0_x64__htrsf667h5kn2 [2021-01-17] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.1.15.0_x86_ _htrsf667h5kn2 [2021-02-03] (Dell Inc)
Desktop Live Wallpapers -> C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktop Wallpapers_1.2.17.0_neutral__agy8jafheqhng [2020-10-10] (Ambient Software) [Startup Task]
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64 __xbfy0k16fey96 [2020-04-14] (Dropbox Inc.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6 mqt6hf9g46tw [2020-04-15] (Fitbit)
GMX Mail -> C:\Program Files\WindowsApps\4659BB81.GMXMail_3.33.8.0_x64__9 r8rjdwa12808 [2020-09-06] (1&1 Mail & Media GmbH)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3282.0_x64__8j3eq9eme6ctt [2020-12-29] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_ 3.3.0.0_x64__8j3eq9eme6ctt [2020-04-14] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorag eManagement_18.0.1017.0_x64__8j3eq9eme6ctt [2020-11-25] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
LastPass for Windows Desktop -> C:\Program Files\WindowsApps\LastPass.LastPass_4.5.1.0_x64__s bg7naapqq8fj [2021-02-06] (LastPass)
Match 3D - Matching Puzzle Game -> C:\Program Files\WindowsApps\23385HappyFamilyGames.Match3D-MatchingPuzzleGame_1.1.0.0_x64__pbwsxs408fxew [2021-01-04] (Happy Family Games)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1. 0.22661.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.7.25.0_x64__htr sf667h5kn2 [2020-12-11] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64_ _mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-11-09] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2020-08-26] (Microsoft Corporation)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_6.1 .2.0_x64__dggz0n4pnn0ge [2021-01-12] (IYIA)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.958. 0_x64__rh07ty8m5nkag [2021-01-13] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0 _x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell20 19_2.0.54.0_x64__fh4rh281wavaa [2020-04-08] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wav esapo8de.inf_amd64_7c85c995bf1fb3d8\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\gaele\AppData\Local\Google\Update\1.3.36. 72\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dl l [2021-02-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\gaele\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi

==================== Loaded Modules (Whitelisted) =============

2020-04-23 11:40 - 2009-02-27 15:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-11-19 13:12 - 2020-11-19 13:12 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2020-04-23 11:41 - 2005-04-21 23:36 - 000143360 ____R () [File not signed] C:\Windows\system32\BrSNMP64.dll
2020-04-21 13:20 - 2013-02-04 12:00 - 000054784 _____ () [File not signed] C:\Windows\System32\sdtnpm.dll
2005-09-07 13:03 - 2005-09-07 13:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2020-04-23 11:41 - 2012-07-13 12:09 - 000385024 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2020-04-23 11:41 - 2010-09-29 16:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2020-04-23 11:41 - 2011-02-28 10:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2020-04-23 11:41 - 2012-11-29 18:04 - 002040832 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2020-04-23 11:41 - 2013-01-30 14:17 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2020-04-23 11:41 - 2012-12-21 11:31 - 000078848 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2020-04-23 11:41 - 2012-12-21 11:31 - 017666560 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2020-04-23 11:41 - 2013-01-18 13:31 - 000074240 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2020-04-23 11:41 - 2012-10-19 07:02 - 000087040 ____R (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Inter op.dll
2013-02-23 00:11 - 2013-02-23 00:11 - 000090112 _____ (The Neat Company) [File not signed] [File is in use] C:\Program Files (x86)\Neat\exec\NeatCompany.Common.dll
2013-02-23 00:12 - 2013-02-23 00:12 - 000029696 _____ (The Neat Company) [File not signed] [File is in use] C:\Program Files (x86)\Neat\exec\NeatCompany.NeatWorks.Interop.dll
2013-02-23 00:11 - 2013-02-23 00:11 - 000038400 _____ (The Neat Company) [File not signed] [File is in use] C:\Program Files (x86)\Neat\exec\NeatCompany.NeatWorks.Logging.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=DCTE
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=DCTE
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> DefaultScope {2FD7D2FD-D155-4799-A076-B1F10B3316D9} URL = hxxp://www.bing.com/search?FORM=U220DF&PC=U220&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> {2FD7D2FD-D155-4799-A076-B1F10B3316D9} URL = hxxp://www.bing.com/search?FORM=U220DF&PC=U220&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3842255837-3436847461-3918225103-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2021-02-01] (LogMeIn, Inc. -> LastPass)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2021-02-01] (LogMeIn, Inc. -> LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2021-02-01] (LogMeIn, Inc. -> LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2021-02-01] (LogMeIn, Inc. -> LastPass)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-18 23:49 - 2021-02-22 16:30 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-07-11 20:46 - 2020-07-11 20:46 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;% SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT %\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\Sy stem32\OpenSSH\;C:\Program Files\Common Files\NeatReceipts\Drivers\M12\
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gaele\AppData\Local\Microsoft\Windows\The mes\RoamedThemeFiles\DesktopBackground\venice 6.jpg
HKU\S-1-5-21-3842255837-3436847461-3918225103-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3842255837-3436847461-3918225103-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{933E377D-ABC5-468B-93AC-DADE6B2C54BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4007F4FA-2B3E-4A5A-84A4-367775D3F9A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EFBFF624-85EA-4EB4-B0CB-AE2E7E1EE095}C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe] => (Allow) C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe (Shanghai Xiaoyi Technology Co., Ltd. -> Shanghai Xiaoyi Technology Co., Ltd.)
FirewallRules: [UDP Query User{48709466-9B36-434E-AEA0-0DF45B9BFC97}C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe] => (Allow) C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe (Shanghai Xiaoyi Technology Co., Ltd. -> Shanghai Xiaoyi Technology Co., Ltd.)
FirewallRules: [{35FF8A67-A859-4F1B-BCA9-2133A1C71A89}] => (Block) C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe (Shanghai Xiaoyi Technology Co., Ltd. -> Shanghai Xiaoyi Technology Co., Ltd.)
FirewallRules: [{40998A15-BA9B-4E37-85C8-B0426E88DB7A}] => (Block) C:\program files (x86)\yihomepcclientintl\yihomepcclientintl.exe (Shanghai Xiaoyi Technology Co., Ltd. -> Shanghai Xiaoyi Technology Co., Ltd.)
FirewallRules: [{C29E846E-8040-4D80-A2D3-86D5506B3F46}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FEFD4A0D-25F6-41D2-89B9-864A7C3A14D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AACD10F-9026-4A7C-AB25-197715BB546D}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{F9D2C818-0C21-4893-BF55-A8FCAF167251}] => (Allow) LPort=54925
FirewallRules: [{8F31D18F-892E-4920-8A2F-42B9EFBBFA46}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3A5DB7A7-7521-48B5-8D7B-D5FB4430C09F}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EAFF5570-08C7-4A05-B17F-CAECBB4F0D3B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9431988-EDB0-40C2-9979-5B54897119E6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7DD7E813-1748-4667-A103-DE84AD2AFD89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96333CCA-5F54-4992-96B1-1F18585B516C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{57A4C315-A5E4-44B9-88A5-F8DB5C3EC717}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProces s.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{818528C3-03C8-4847-B22A-71EA3C97FD7A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProces s.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2A9FCF11-2197-41D0-BBC6-0956451FD72B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProces s.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B82E6AF9-975E-4593-A9D4-833FC57D2B19}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0 _x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProces s.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F6B47270-71B0-4C97-979D-39C6CF1AD07F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C8173A4-6328-4A59-970B-04CF1E652BE8}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.2.9771.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{12B89BA1-FAAC-4661-83D5-CFC1A1D43747}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.2.9771.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{B4FA3753-669E-4ED1-98DF-517B1B9F8A46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{023100BA-02F8-41E1-965F-17C149DF3B8D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FD2A7FE-B5CA-4B8E-9F66-3837A078EFF4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{705E3EF7-1C40-486F-B0F3-D1CE672D83B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF23AED6-4563-4FBF-98C2-6DE1C5163175}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D85F2B87-A5CF-401F-917D-A617A3A71183}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D478E6D9-0EDF-47AC-B9B2-F2926999B93E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82ACEA06-C493-4A0A-92CF-5277B7BD6B62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DA36B8F-B188-411D-9791-73C3822FE8C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B16D44A-5A35-46FE-9AC5-B25CEBD38FF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8FD2D89F-AED4-42CA-B684-CADC09696277}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D854C8F7-E898-4028-8534-B4747B482413}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A01845C3-8ADB-4369-82DB-247CF6C4C23E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{68D1D445-492C-4A62-B4AD-AE1AFAF0E4E7}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

19-02-2021 07:18:34 Scheduled Checkpoint
20-02-2021 08:12:47 click on a link on a webpage and another page opens
22-02-2021 14:53:26 AdwCleaner_BeforeCleaning_22/02/2021_14:53:26

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2021 05:40:07 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {128a4bab-5f6d-4c49-b3e3-c14eab86d2a7}

Error: (02/22/2021 05:38:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {128a4bab-5f6d-4c49-b3e3-c14eab86d2a7}

Error: (02/22/2021 04:27:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {52094832-517d-47e3-afca-2d6e3c95bc55}

Error: (02/22/2021 04:25:58 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (02/22/2021 02:24:34 PM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: DESKTOP-BMEMOL4)
Description: Failed to update 1 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.

Error: (02/22/2021 04:36:10 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 16048 and the required size was 40032.

Error: (02/21/2021 11:24:34 PM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: DESKTOP-BMEMOL4)
Description: Failed to update 1 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.

Error: (02/21/2021 04:24:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {52094832-517d-47e3-afca-2d6e3c95bc55}


System errors:
=============
Error: (02/22/2021 05:02:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BMEMOL4)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!A pp.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (02/22/2021 04:32:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BMEMOL4)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!A pp.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (02/22/2021 04:32:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RAPSService service failed to start due to the following error:
The system cannot find the file specified.

Error: (02/22/2021 04:32:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmartByte Network Service x64 service failed to start due to the following error:
The system cannot find the file specified.

Error: (02/22/2021 04:31:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelIHVRouter08.dll

Error: (02/22/2021 04:31:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelIHVRouter08.dll

Error: (02/22/2021 04:31:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelIHVRouter08.dll

Error: (02/22/2021 02:53:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmartByte Network Service service failed to start due to the following error:
The system cannot find the file specified.


Windows Defender:
================
Date: 2020-09-10 22:33:57.576
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-10 22:33:55.713
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-10 22:33:55.553
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-10 22:33:55.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-10 22:33:55.471
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-10 22:33:55.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-10 22:33:55.380
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-07 18:03:04.380
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-07 18:03:02.416
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-07 18:03:02.152
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Event[10]:

Date: 2020-09-07 18:03:02.124
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Event[11]:

Date: 2020-09-07 18:03:02.093
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-20 23:18:34.712
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-19 21:18:34.355
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-16 15:45:10.462
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-15 14:21:58.742
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-14 13:10:55.006
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: Dell Inc. 1.8.0 12/09/2020
Motherboard: Dell Inc. 0FK9H3
Processor: Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz
Percentage of memory in use: 41%
Total physical RAM: 16211.9 MB
Available physical RAM: 9500.42 MB
Total Virtual: 18643.9 MB
Available Virtual: 10855.56 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:461.33 GB) (Free:347.37 GB) (Protected) NTFS

\\?\Volume{8e2bc93f-dd12-4ff5-b42e-0fc3bade6af7}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS
\\?\Volume{d0b37552-bf1b-4b39-ad62-86292094221c}\ (Image) (Fixed) (Total:12.89 GB) (Free:0.16 GB) NTFS
\\?\Volume{4988a97e-9505-4118-b14c-3180736c6216}\ (DELLSUPPORT) (Fixed) (Total:1.47 GB) (Free:0.61 GB) NTFS
\\?\Volume{7fca93ed-3a6a-4a78-a866-f52509a16548}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 476.9 GB) (Disk ID: E68B182D)

Partition: GPT.

==================== End of Addition.txt =======================
Reply With Quote