The Pop-Ups Got Me

Status
Not open for further replies.

sschube

New Member
Thread author
Jun 17, 2021
1
Hello Friends,

Thank you for being awesome and helping the masses navigate computer bugs and whatnot. I appreciate it!

Today, I went to a website that had a weird robot picture that said "please click allow to continue so we know you aren't a robot." I clicked. I got a bunch of pop-up ads. And now I have learned!

I tried the malwarebytes that you suggested and that didn't work so I did the Farbar report which I am going to share in this email.

Thanks for your help, guys.

Best,
Stephanie

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2021
Ran by 15108 (administrator) on STEFUNKY (Dell Inc. Latitude 5490) (17-06-2021 11:50:28)
Running from C:\Users\15108\Downloads
Loaded Profiles: 15108 & crdsecagent$admin
Platform: Windows 10 Pro Version 1909 18363.1556 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\RemoteComponents\UPI\ExManCoreLib\AdobeExtensionsService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> ) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Encryption\CMGShieldSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Encryption\EmsService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Encryption\EmsServiceHelper.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe
(Dell Inc -> Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Console.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Discord Inc. -> Discord Inc.) C:\Users\15108\AppData\Local\Discord\app-0.0.308\Discord.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\124.4.4912\QtWebEngineProcess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_45855586d601d062\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_45855586d601d062\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_45855586d601d062\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_45855586d601d062\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\15108\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1555_none_16e7312f2a3a7b19\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1213736 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [LocalSecurityAgent] => C:\Program Files\Dell\Dell Data Protection\Encryption\Local Console\CmgSysTray.exe [42208 2019-04-23] (Dell Inc -> Dell Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TrayAppExe] => C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Console.exe [562512 2019-04-24] (Dell Inc -> Dell, Inc.)
HKLM\...\Run: [EmsService] => C:\Program Files\Dell\Dell Data Protection\Encryption\EmsServiceHelper.exe [3578592 2019-04-23] (Dell Inc -> Dell Inc.)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-06-02] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172320 2021-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-04] (Adobe Inc. -> )
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680776 2021-06-10] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\Run: [Google Update] => C:\Users\15108\AppData\Local\Google\Update\1.3.36.82\GoogleUpdateCore.exe [217432 2021-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\Run: [Discord] => C:\Users\15108\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\Run: [Spotify] => C:\Users\15108\AppData\Roaming\Spotify\Spotify.exe [23976064 2021-06-03] (Spotify AB -> Spotify Ltd) <==== ATTENTION
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-06-02] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\MountPoints2: {22669427-ac5c-11eb-8afc-c8f7506d9ad4} - "E:\LaunchU3.exe" -a
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{05102259-6b83-447a-b5f0-5bf949283a12}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProvider.dll [2019-04-24] (Dell Inc -> Dell Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{0528589e-4107-4900-832f-15fba63714ef}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProviderOU.dll [2019-04-24] (Dell Inc -> Dell Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{05a5ed6c-fd84-43dd-86e7-658afd5bd929}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProviderSC.dll [2019-04-24] (Dell Inc -> Dell Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{05102259-6b83-447a-b5f0-5bf949283a12}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProvider.dll [2019-04-24] (Dell Inc -> Dell Inc.)
Startup: C:\Users\15108\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-10-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3EA020F4-5656-4B9E-B2CE-1FE917F32B4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-10] (Google Inc -> Google LLC)
Task: {3F92CA0F-EA77-4816-814B-F22B5E4EAEE7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2350946974-1997739354-3516677893-1001Core => C:\Users\15108\AppData\Local\Google\Update\GoogleUpdate.exe [154920 2019-09-12] (Google Inc -> Google LLC)
Task: {669E8F1F-CB91-453C-869C-3EEEE9000CC0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D2A03F3-2B3C-4EDD-B849-71359AFE943F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {7D40CD95-7D68-42D2-8C9F-27501A7E35EE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7E2EDB6B-D84C-4C6E-B794-8F5E65423177} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F47B8FA-1D04-4ECF-B5EE-0B43E19D48F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {8F5ACD49-3FB7-4769-9A3E-43D35836EB4A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-15108127989 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B50EF0AC-144B-4D52-A90B-9EC776AF3207} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-10] (Google Inc -> Google LLC)
Task: {BDC6F0C9-D91E-4E39-970C-744EF1C11563} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2350946974-1997739354-3516677893-1001UA => C:\Users\15108\AppData\Local\Google\Update\GoogleUpdate.exe [154920 2019-09-12] (Google Inc -> Google LLC)
Task: {D46A5E8C-9C33-4C1F-B416-349C4593A45C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D918A166-2033-4D72-B5F0-B02E97D5FDBD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {DA4677CF-03D3-4F31-BFC5-86B4DD36777A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DA6E0097-8E10-4D35-AF8F-8E93D4999F48} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-05-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {E832D709-31F1-4A73-BF2B-F6F76C581E7D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059872 2021-05-24] (Dell Inc -> Dell Inc.)
Task: {F003AB8E-90D5-4A27-AF48-C553C4D756F3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7b7d35f2-0106-49fe-adf3-168f6f7742bf}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\15108\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\15108\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: ox6gekyi.default
FF ProfilePath: C:\Users\15108\AppData\Roaming\Mozilla\Firefox\Profiles\ox6gekyi.default [2019-09-10]
FF ProfilePath: C:\Users\15108\AppData\Roaming\Mozilla\Firefox\Profiles\qjecs30f.default-release [2021-06-17]
FF Notifications: Mozilla\Firefox\Profiles\qjecs30f.default-release -> hxxps://meet.google.com; hxxps://otter.ai
FF Extension: (Grammarly for Firefox) - C:\Users\15108\AppData\Roaming\Mozilla\Firefox\Profiles\qjecs30f.default-release\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2019-12-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\15108\AppData\Roaming\Mozilla\Firefox\Profiles\qjecs30f.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-06-02] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-06-02] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default [2021-06-17]
CHR Notifications: Default -> hxxps://a.top-captcharesolver.com; hxxps://hey-brazil.net; hxxps://otter.ai; hxxps://time4news.net; hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-10]
CHR Extension: (Docs) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-10]
CHR Extension: (Google Drive) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-10]
CHR Extension: (Adobe Acrobat) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Sheets) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-01-22]
CHR Extension: (Facebook Screen Sharing) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfpggehkhmjpdjpefomjchjafhmbnai [2020-01-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\15108\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
CHR Profile: C:\Users\15108\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-01]
CHR Profile: C:\Users\15108\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-06-02] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Windows\system32\DellTPad\HidMonitorSvc.exe [894848 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe [71280 2021-04-14] (Google LLC -> Google LLC)
R2 CMGShield; C:\Program Files\Dell\Dell Data Protection\Encryption\CmgShieldSvc.exe [10345696 2019-04-23] (Dell Inc -> Dell Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44328 2021-06-09] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313488 2019-06-24] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422128 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3975712 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [48832 2020-11-19] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1009264 2021-03-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{BEFA8CE9-A3D3-4946-96F8-E934C7A0388B} [21304 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S4 DellAuthService.exe; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellAuthService.exe [2579792 2019-04-24] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-06] (Dell Inc -> )
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe [23888 2019-04-24] (Dell Inc -> )
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe [42320 2019-04-24] (Dell Inc -> Dell Inc.)
R3 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe [54096 2019-04-24] (Dell Inc -> Dell)
S3 EmbeddedServer; C:\Program Files\Dell\Dell Data Protection\Encryption\LMS\Credant.Server.Embedded.WindowsService.exe [317656 2019-04-23] (Dell Inc -> Dell Inc.)
R2 EMS; C:\Program Files\Dell\Dell Data Protection\Encryption\EMSService.exe [2164440 2019-04-23] (Dell Inc -> Dell Inc.)
R2 hostcontrolsvc; C:\Windows\System32\HostControlService.exe [815616 2019-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\Windows\System32\HostStorageService.exe [161280 2019-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6517736 2021-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-05-24] (Dell Inc -> Dell Inc.)
R2 ushupgradesvc; C:\Windows\System32\UshUpgradeService.exe [265728 2019-03-15] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltrSW.sys [372384 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 CmgPassThrough; C:\Windows\System32\DRIVERS\CmgShPT.sys [33288 2019-04-23] (Dell Inc -> Dell Inc.)
R0 CmgPCS; C:\Windows\System32\DRIVERS\CmgPCS.sys [189448 2019-04-23] (Dell Inc -> Dell Inc.)
R0 CmgShieldFFE; C:\Windows\System32\DRIVERS\CmgFFE.sys [630280 2019-04-23] (Dell Inc -> Dell Inc.)
R1 CMGShieldReg; C:\Windows\system32\DRIVERS\CmgShREG.sys [152072 2019-04-23] (Dell Inc -> Dell Inc.)
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [199128 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198888 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [156880 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R0 SEDFilter; C:\Windows\System32\DRIVERS\SEDFilter.sys [236000 2019-04-24] (Dell Inc -> Dell Inc.)
S3 SnapCameraVirtualDevice; C:\Windows\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-03-21] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425184 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-17 11:50 - 2021-06-17 11:51 - 000033173 _____ C:\Users\15108\Downloads\FRST.txt
2021-06-17 11:48 - 2021-06-17 11:50 - 000000000 ____D C:\FRST
2021-06-17 11:48 - 2021-06-17 11:48 - 002300416 _____ (Farbar) C:\Users\15108\Downloads\FRST64.exe
2021-06-17 11:47 - 2021-06-17 11:47 - 002013184 _____ (Farbar) C:\Users\15108\Downloads\FRST (1).exe
2021-06-17 11:45 - 2021-06-17 11:45 - 002013184 _____ (Farbar) C:\Users\15108\Downloads\FRST.exe
2021-06-17 11:32 - 2021-06-17 11:32 - 000198888 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-06-17 11:32 - 2021-06-17 11:32 - 000156880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-06-17 11:32 - 2021-06-17 11:32 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-06-17 11:06 - 2021-06-17 11:06 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-06-17 11:06 - 2021-06-17 11:06 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-06-17 11:06 - 2021-06-17 11:06 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-17 11:06 - 2021-06-17 11:06 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-17 11:06 - 2021-06-17 11:06 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-17 11:06 - 2021-06-17 11:06 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-06-17 11:06 - 2021-06-17 11:06 - 000000000 ____D C:\Users\15108\AppData\Local\mbam
2021-06-17 11:06 - 2021-06-17 11:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-17 11:06 - 2021-06-17 11:05 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-06-17 11:06 - 2021-06-17 11:05 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-06-17 11:05 - 2021-06-17 11:05 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-17 11:03 - 2021-06-17 11:03 - 002094168 _____ (Malwarebytes) C:\Users\15108\Downloads\MBSetup.exe
2021-06-10 14:11 - 2021-06-10 14:11 - 050268516 _____ C:\Users\15108\Downloads\SIPSSUDSSMOKES052821H1_20210528.mp2
2021-06-10 12:28 - 2021-06-10 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-06-09 17:37 - 2021-06-09 17:37 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-06-09 17:37 - 2021-06-09 17:37 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-06-09 17:37 - 2021-06-09 17:37 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-06-09 17:37 - 2021-06-09 17:37 - 000044328 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-06-03 11:58 - 2021-06-17 11:33 - 000000000 ____D C:\Users\15108\AppData\Local\Spotify
2021-06-03 11:58 - 2021-06-17 11:32 - 000000000 ____D C:\Users\15108\AppData\Roaming\Spotify
2021-06-03 11:58 - 2021-06-03 11:58 - 000898280 _____ (Spotify Ltd) C:\Users\15108\Downloads\SpotifySetup.exe
2021-06-03 11:58 - 2021-06-03 11:58 - 000001852 _____ C:\Users\15108\Desktop\Spotify.lnk
2021-06-03 11:58 - 2021-06-03 11:58 - 000001838 _____ C:\Users\15108\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-05-25 10:30 - 2021-05-25 10:30 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-05-25 10:30 - 2021-05-25 10:30 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-05-25 10:30 - 2021-05-25 10:30 - 000140800 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2021-05-25 10:30 - 2021-05-25 10:30 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-17 11:49 - 2019-08-20 12:38 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-06-17 11:46 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-17 11:44 - 2019-10-01 10:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-17 11:44 - 2019-10-01 10:11 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-06-17 11:36 - 2019-08-20 12:32 - 000797808 _____ C:\Windows\system32\PerfStringBackup.INI
2021-06-17 11:36 - 2019-03-18 23:50 - 000000000 ____D C:\Windows\INF
2021-06-17 11:33 - 2020-10-01 12:12 - 000000000 ___RD C:\Users\15108\Creative Cloud Files
2021-06-17 11:32 - 2019-09-10 13:01 - 000000000 __SHD C:\Users\15108\IntelGraphicsProfiles
2021-06-17 11:32 - 2019-08-20 12:36 - 000097100 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2021-06-17 11:32 - 2019-08-20 12:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-17 11:32 - 2019-08-20 12:28 - 000000000 ____D C:\Intel
2021-06-17 11:31 - 2020-05-06 15:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-17 11:31 - 2019-09-10 13:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-17 11:31 - 2019-03-18 23:37 - 000786432 _____ C:\Windows\system32\config\BBI
2021-06-17 11:08 - 2019-09-10 13:05 - 000000000 ____D C:\Users\15108\AppData\LocalLow\Mozilla
2021-06-17 11:06 - 2019-09-10 13:05 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-17 11:06 - 2019-03-18 23:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-17 10:15 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-17 10:15 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\AppReadiness
2021-06-17 10:14 - 2019-12-04 18:11 - 000004168 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{B383D153-ADE7-462E-AE84-72206F0CFA65}
2021-06-16 13:10 - 2019-08-20 12:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-06-16 10:29 - 2019-12-07 06:09 - 000000000 ___HD C:\$WINDOWS.~BT
2021-06-16 10:28 - 2019-08-20 13:01 - 000000000 ____D C:\Windows\Panther
2021-06-15 10:12 - 2019-09-10 13:05 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-15 10:12 - 2019-09-10 13:05 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-15 10:12 - 2019-09-10 13:05 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-06-14 13:10 - 2019-09-10 13:01 - 000000000 ____D C:\Users\15108\AppData\Local\Packages
2021-06-14 10:11 - 2020-09-30 23:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-14 10:02 - 2019-08-20 12:28 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-13 10:57 - 2019-10-08 11:06 - 000000000 ____D C:\Users\15108\Documents\ZOOM
2021-06-12 15:16 - 2020-08-24 00:07 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-12 15:16 - 2020-08-24 00:07 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-12 15:16 - 2020-08-24 00:07 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-11 11:38 - 2020-05-16 12:56 - 000000078 _____ C:\Users\15108\Documents\tempFolderPath.dat
2021-06-10 14:56 - 2021-01-12 15:32 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-10 12:29 - 2020-03-30 16:35 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-06-10 11:36 - 2019-09-10 13:03 - 000003366 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2350946974-1997739354-3516677893-1001
2021-06-10 11:36 - 2019-09-10 13:03 - 000000000 ___RD C:\Users\15108\OneDrive
2021-06-10 11:36 - 2019-09-10 12:55 - 000002385 _____ C:\Users\15108\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-10 11:28 - 2019-09-10 15:53 - 000000000 ____D C:\Program Files\Adobe
2021-06-09 11:31 - 2019-09-10 16:00 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-09 10:47 - 2019-09-11 10:11 - 000000000 ____D C:\Windows\system32\MRT
2021-06-09 10:44 - 2019-09-11 10:11 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-06-07 11:43 - 2020-03-05 12:12 - 000000000 ____D C:\Users\15108\Desktop\WORK FORMS
2021-06-02 10:45 - 2019-09-10 13:21 - 000001388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-06-02 10:45 - 2019-09-10 13:21 - 000001358 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-06-02 10:45 - 2019-09-10 13:21 - 000001358 _____ C:\ProgramData\Desktop\Adobe Creative Cloud.lnk
2021-06-02 10:45 - 2019-09-10 13:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-02 10:43 - 2019-09-10 13:01 - 000000000 ___RD C:\Users\15108\3D Objects
2021-06-02 10:43 - 2019-08-20 13:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-02 10:41 - 2020-03-30 16:35 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-06-02 10:41 - 2020-03-30 16:35 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2021-06-02 10:41 - 2019-08-20 12:28 - 000438952 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-02 10:40 - 2019-08-20 13:02 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ___RD C:\Windows\PrintDialog
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\TextInput
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SystemResources
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\setup
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\lt-LT
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\Dism
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\ShellExperiences
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\Provisioning
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\DiagTrack
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\bcastdvr
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-06-02 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-06-02 10:40 - 2019-03-18 23:37 - 000000000 ____D C:\Windows\servicing
2021-06-02 10:31 - 2021-04-27 14:58 - 000000000 ____D C:\Users\15108\AppData\Local\ElevatedDiagnostics
2021-06-01 10:15 - 2019-08-20 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-06-01 10:14 - 2019-09-11 13:35 - 000003912 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-05-31 08:09 - 2020-09-30 23:47 - 000914760 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2021-05-31 08:09 - 2020-09-30 23:47 - 000437064 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2021-05-27 14:12 - 2019-08-20 12:33 - 000000000 ____D C:\ProgramData\Dell
2021-05-26 14:05 - 2019-09-11 10:46 - 000000000 ____D C:\Users\15108\AppData\Roaming\audacity
2021-05-25 10:34 - 2019-03-18 23:37 - 000000000 ____D C:\Windows\CbsTemp

==================== Files in the root of some directories ========

2019-09-10 13:21 - 2019-09-10 13:21 - 000000410 _____ () C:\Users\15108\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2021
Ran by 15108 (17-06-2021 11:51:33)
Running from C:\Users\15108\Downloads
Windows 10 Pro Version 1909 18363.1556 (X64) (2019-09-10 18:32:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

15108 (S-1-5-21-2350946974-1997739354-3516677893-1001 - Administrator - Enabled) => C:\Users\15108
Administrator (S-1-5-21-2350946974-1997739354-3516677893-500 - Administrator - Disabled)
crdsecagent$admin (S-1-5-21-2350946974-1997739354-3516677893-1002 - Administrator - Enabled) => C:\Users\crdsecagent$admin
DefaultAccount (S-1-5-21-2350946974-1997739354-3516677893-503 - Limited - Disabled)
Guest (S-1-5-21-2350946974-1997739354-3516677893-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2350946974-1997739354-3516677893-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K YouTube to MP3 3.10 (HKLM\...\{C6C89131-2764-42F3-9821-A40B39831DB5}) (Version: 3.10.1.3255 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Rush (HKLM-x32\...\RUSH_1_2) (Version: 1.2 - Adobe Systems Incorporated)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Canon D530/D560 (HKLM\...\{50D00125-863A-47ee-BB02-9CB950BEDE16}) (Version: 4.1.0.1 - CANON INC.)
Chrome Remote Desktop Host (HKLM-x32\...\{536BCB9B-9D3F-493F-9236-8D50A93B70F9}) (Version: 91.0.4472.10 - Google LLC)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.2.1 - Dell Inc.)
Dell Command | Update for Windows 10 (HKLM\...\{5669AB71-1302-4412-8DA1-CB69CD7B7324}) (Version: 3.0.1 - Dell, Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{D978DB43-A838-46F9-B3AD-A17120C4BF2B}) (Version: 4.10.12.13 - Broadcom Limited)
Dell Data Security (HKLM-x32\...\{4BD6339D-77DF-4AD3-94C2-9E9305DD9A60}) (Version: 10.3.0.2 - Dell, Inc.) Hidden
Dell Data Security (HKLM-x32\...\InstallShield_{4BD6339D-77DF-4AD3-94C2-9E9305DD9A60}) (Version: 10.3.0.2 - Dell, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{81C48559-E2EB-4F18-9854-51331B9DB552}) (Version: 4.0.70.0 - Dell Inc.)
Dell Encryption Management Agent - x64 (HKLM\...\{04938362-0A2A-4ED4-804D-74B0698365B6}) (Version: 10.3.0.2 - Dell, Inc.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.4.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A3E44B1D-1AC1-414F-A7D4-0824E0A49F3A}) (Version: 3.9.1.245 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 124.4.4912 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC)
Google Video Support Plugin (HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9669.4 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.48 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D06A5649-3BDB-4F2C-9C38-AB25CD5102E2}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 en-US) (HKLM\...\Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10500 - Qualcomm)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8622 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.208 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\Spotify) (Version: 1.1.60.672.g6ad9c215 - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0083 - ST Microelectronics)
Zoom (HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-10-01] (Adobe Systems Incorporated)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.59.1.0_x86__kgqvnymyfvs32 [2021-06-04] (king.com)
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_3.0.160.0_x64__htrsf667h5kn2 [2019-08-20] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.90.0_x64__htrsf667h5kn2 [2021-05-27] (Dell Inc)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.9.11.0_x64__htrsf667h5kn2 [2021-05-26] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.9.13.0_x64__htrsf667h5kn2 [2021-06-01] (Dell Inc)
Dell Touchpad Assistant -> C:\Program Files\WindowsApps\C1E561A0.DellTouchpadAssistant_1.1.9.0_x64__ay1pycd334gd6 [2019-09-18] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.60.1.0_x86__kgqvnymyfvs32 [2021-06-04] (king.com)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-09-18] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-07] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-58857610439E} -> [Creative Cloud Files] => C:\Users\15108\Creative Cloud Files [2020-10-01 12:12]
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\15108\Dropbox [2020-03-30 16:37]
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\15108\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ CmgEncOverlay] -> {7B0F6726-38DD-49DD-8A5E-02EFED6EEDA4} => C:\Program Files\Dell\Dell Data Protection\Encryption\Local Console\CmgShellExt.dll [2019-04-23] (Dell Inc -> Dell Inc.)
ShellIconOverlayIdentifiers: [ CmgGhostOverlay] -> {74CD2AE0-8208-424C-8A4B-6670FE358620} => C:\Program Files\Dell\Dell Data Protection\Encryption\Local Console\CmgShellExt.dll [2019-04-23] (Dell Inc -> Dell Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-09] (Adobe Inc. -> )
ContextMenuHandlers1: [CmgExt] -> {FA8A00B3-4CAC-4B08-8BE2-52FA1257C875} => C:\Program Files\Dell\Dell Data Protection\Encryption\Local Console\CmgShellExt.dll [2019-04-23] (Dell Inc -> Dell Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [EmsBkgndExtension] -> {53BAE32F-BD17-4ba6-B975-C01FAF3CE476} => C:\Program Files\Dell\Dell Data Protection\Encryption\EmsExt.dll [2019-04-23] (Dell Inc -> Dell Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_45855586d601d062\igfxDTCM.dll [2021-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-09] (Adobe Inc. -> )
ContextMenuHandlers6: [CmgExt] -> {FA8A00B3-4CAC-4B08-8BE2-52FA1257C875} => C:\Program Files\Dell\Dell Data Protection\Encryption\Local Console\CmgShellExt.dll [2019-04-23] (Dell Inc -> Dell Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-17] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-19 14:12 - 2020-11-19 14:12 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CMGShield => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2350946974-1997739354-3516677893-1001 -> DefaultScope {69C52C05-8BF3-4844-9327-275C9B25E801} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2350946974-1997739354-3516677893-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\15108\Desktop\doxie.jpg
HKU\S-1-5-21-2350946974-1997739354-3516677893-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{14991041-44FE-40E3-A84C-F9BDB7C2188F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{28E83E4B-B072-4E73-B300-CDE714470EF9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{69E83D17-154F-4CA4-9D19-8F0AB977A0EC}] => (Allow) C:\Users\15108\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7C5395EB-5EB0-42BD-AC13-3468A4992A3F}] => (Allow) C:\Users\15108\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{7F635075-188F-442D-B4BA-6997E187A26C}C:\users\15108\appdata\roaming\zoom\bin_00\airhost.exe] => (Allow) C:\users\15108\appdata\roaming\zoom\bin_00\airhost.exe => No File
FirewallRules: [UDP Query User{0C943A6D-E5FB-453F-92DE-E149C0BE2022}C:\users\15108\appdata\roaming\zoom\bin_00\airhost.exe] => (Allow) C:\users\15108\appdata\roaming\zoom\bin_00\airhost.exe => No File
FirewallRules: [{3733CF8B-6D13-4E1D-91A0-FDA97B7CAB56}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{96DA7169-8011-4E3B-9B93-80A3100A8672}C:\users\15108\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\15108\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{45BAF82C-D1C8-461E-B351-472FF78E346E}C:\users\15108\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\15108\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{687DEA9B-494B-4DBE-A923-57C7E623142B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{93EE2989-3AC5-4CEE-840A-B2179645A6E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:117.98 GB) (Free:18.52 GB) (16%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/17/2021 10:14:55 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/16/2021 10:46:32 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 14640 and the required size was 44632.

Error: (06/16/2021 10:04:30 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/15/2021 10:26:47 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 14640 and the required size was 45000.

Error: (06/15/2021 10:11:07 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/14/2021 10:16:55 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 14640 and the required size was 45000.

Error: (06/14/2021 10:02:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/13/2021 10:42:53 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (06/17/2021 11:31:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The EMS service did not shut down properly after receiving a preshutdown control.

Error: (06/17/2021 11:31:01 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (06/17/2021 11:31:01 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (06/17/2021 11:31:01 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (06/17/2021 11:30:54 AM) (Source: DCOM) (EventID: 10010) (User: STEFUNKY)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/17/2021 11:30:54 AM) (Source: DCOM) (EventID: 10010) (User: STEFUNKY)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/17/2021 11:30:54 AM) (Source: DCOM) (EventID: 10010) (User: STEFUNKY)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/17/2021 11:30:54 AM) (Source: DCOM) (EventID: 10010) (User: STEFUNKY)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2021-06-17 10:44:11.023
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-16 10:18:32.304
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-15 11:16:16.455
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-13 12:05:57.437
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-10 17:15:05.400
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-04 11:17:20.957
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.54.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 11:17:20.956
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.54.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 11:17:20.955
Description:
Windows Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 11:13:28.625
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.54.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 11:13:28.623
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.54.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

==================== Memory info ===========================

BIOS: Dell Inc. 1.9.0 05/08/2019
Motherboard: Dell Inc. 0C08DH
Processor: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
Percentage of memory in use: 69%
Total physical RAM: 8051.3 MB
Available physical RAM: 2419.21 MB
Total Virtual: 14963.3 MB
Available Virtual: 7834.23 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:117.98 GB) (Free:18.52 GB) NTFS

\\?\Volume{bcc1d6ae-fda9-4270-acf1-8734fde60c50}\ (WINRETOOLS) (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{a07c4fef-7495-4fe0-a8f6-59c3b24b56db}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.59 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6F29CAC1)

Partition: GPT.

==================== End of Addition.txt =======================
 

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,425
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Decide if you want to keep it. It can be uninstall via the Control Panel > Programs > Programs and Features...
Adobe Flash Player is officially dead
<<<>>>

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and Chrome is Synced with other Devices reset it.



Execute the suggested fix.

Restart the computer normally.
===========

Please post the Fixlog.txt and let me know what problem persists.
 

Attachments

  • fixlist.txt
    3.9 KB · Views: 14
  • Like
Reactions: upnorth
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top