Windows Defender Detects PWS:HTML/Phish.RA!MTB, Remediation Incomplete

March 24, 2022

Whats up,

I simply realized 2 weeks after Home windows Defender detected this risk that it had been really been detected on my system. I had not acquired any notification from Home windows {that a} risk had been detected. I solely realized it as a result of it looks as if a couple of websites like eBay, House depot, and many others. had began blocking my residence community ip tackle and after I had contacted my ISP they’d indicated that it was being blocked due to potential malware on my system which I did not fairly consider at first as a result of I assumed my system had a great quantity of safety. I first scanned with Malwarebytes first which detected nothing. Then I seen in my safety historical past of Home windows Defender that it had detected this risk (PWS:HTML/Phish.RA!MTB) on the ninth of March however states the the remediation was incomplete? A full Home windows Defender scan has detected nothing however I am uncertain I am totally clear as a result of my ISP said (earlier than I began investigating) that it has detected assaults coming from my system which is why some websites are blocking my IP tackle. That is on a Dell XPS Laptop computer. Can somebody please advise?

Listed here are the requested FRST and ADDITION txts. Have additionally pasted a screenshot of the Safety Historical past from Home windows Defender

protection-history.png 78.58KB
0 downloads

================================================================================================

Scan results of Farbar Restoration Scan Software (FRST) (x64) Model: 24-03-2022

Ran by Jerry (administrator) on LAPTOP-91KH6GB2 (Dell Inc. XPS 13 9360) (24-03-2022 07:46:04)

Operating from C:UsersDellDropboxPCDownloads

Loaded Profiles: Jerry

Platform: Microsoft Home windows 10 House Model 21H1 19043.1586 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Regular

==================== Processes (Whitelisted) =================

(If an entry is included within the fixlist, the method will likely be closed. The file is not going to be moved.)

(C:Program Recordsdata (x86)EnounceMySpeedMySpeed.exe ->) (Enounce -> Enounce Integrated) C:Program Recordsdata (x86)EnounceMySpeedMySpeedx64.exe

(C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32cmd.exe

(C:Program FilesDellDellWirelessMonitorWidockService.exe ->) (Screenovate Applied sciences Ltd. -> Screenovate Applied sciences Ltd.) C:Program FilesDellDellWirelessMonitorConnectClient.exe

(C:Program FilesLogitechLogiOptionsLogiOptions.exe ->) (Logitech Inc -> Logitech) C:ProgramDataLogishrdLogiOptionsSoftwareCurrentLogiOverlay.exe

(C:Program FilesLogitechLogiOptionsLogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:ProgramDataLogishrdLogiOptionsSoftwareCurrentLogiOptionsMgr.exe

(C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(C:Program FilesRealtekAudioHDARtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe <2>

(C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbweHxTsr.exe ->) (Piriform Software program Ltd -> Piriform Software program) C:Program Recordsdata (x86)CCleaner BrowserUpdate1.8.1187.1CCleanerBrowserCrashHandler.exe

(C:Program FilesWindowsAppsMicrosoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbweYourPhoneServerYourPhoneServer.exe ->) (Microsoft Company) C:Program FilesWindowsAppsMicrosoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbweYourPhoneAppProxyYourPhoneAppProxy.exe

(C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MsMpEng.exe ->) (Microsoft Home windows Writer -> Microsoft Company) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MpCopyAccelerator.exe

(cmd.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMbamBgNativeMsg.exe

(DriverStoreFileRepositorycui_dch.inf_amd64_7208949846a9b9dcigfxCUIService.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_7208949846a9b9dcigfxEM.exe

(explorer.exe ->) (Enounce -> Enounce Integrated) C:Program Recordsdata (x86)EnounceMySpeedMySpeed.exe

(explorer.exe ->) (F.lux Software program LLC -> f.lux Software program LLC) C:UsersDellAppDataLocalFluxSoftwareFluxflux.exe

(explorer.exe ->) (Google LLC -> ) C:Program FilesGoogleDrive File Stream55.0.3.0crashpad_handler.exe

(explorer.exe ->) (Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe <23>

(explorer.exe ->) (INTEL CORP) C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6cttGCP.ML.BackgroundSysTrayIGCCTray.exe

(explorer.exe ->) (Logitech Inc -> Logitech) C:Program FilesLogiLogiBoltLogiBolt.exe

(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:Program FilesLogitechLogiOptionsLogiOptions.exe

(explorer.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32rundll32.exe

(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe

(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:Program FilesWavesMaxxAudioWavesSvc64.exe

(Intel® Fast Storage Expertise -> Intel Company) C:Program FilesIntelIntel® Fast Storage TechnologyIAStorIcon.exe

(Intel® System Utilization Report -> ) C:Program FilesIntelSURQUEENCREEKx64esrv.exe

(IntelDPTFesif_uf.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32IntelDPTFdptf_helper.exe

(OOO “XMAC” -> ) C:UsersDellAppDataRoamingHoneygainHoneygain.exe

(companies.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program Recordsdata (x86)Frequent FilesAdobeARM1.0armsvc.exe

(companies.exe ->) (Dell Inc -> ) C:Program Recordsdata (x86)DellUpdateServiceServiceShell.exe

(companies.exe ->) (Dell Inc -> Dell INC.) C:Program FilesDellSARemediationagentDellSupportAssistRemedationService.exe

(companies.exe ->) (Dell Inc -> Dell Inc.) C:Program FilesDellSupportAssistAgentbinSupportAssistAgent.exe

(companies.exe ->) (Dell Applied sciences Inc. -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultDDVCollectorSvcApi.exe

(companies.exe ->) (Dell Applied sciences Inc. -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultDDVDataCollector.exe

(companies.exe ->) (Dell Applied sciences Inc. -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultDDVRulesProcessor.exe

(companies.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:WindowsSystem32DbxSvc.exe

(companies.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_7208949846a9b9dcigfxCUIService.exe

(companies.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_9cf4db1a1fd1b22dOneApp.IGCC.WinService.exe

(companies.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_91e2144e79bce669IntelCpHDCPSvc.exe

(companies.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_91e2144e79bce669IntelCpHeciSvc.exe

(companies.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32IntelDPTFesif_uf.exe

(companies.exe ->) (Intel Company -> Intel® Company) C:WindowsSysWOW64XtuService.exe

(companies.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:Program Recordsdata (x86)IntelIntel® Administration Engine ComponentsDALjhi_service.exe

(companies.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:Program Recordsdata (x86)IntelIntel® Administration Engine ComponentsLMSLMS.exe

(companies.exe ->) (Intel® Fast Storage Expertise -> Intel Company) C:Program FilesIntelIntel® Fast Storage TechnologyIAStorDataMgrSvc.exe

(companies.exe ->) (Intel® Fast Storage Expertise -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiastorac.inf_amd64_ecb9604542bb4ba6RstMwService.exe

(companies.exe ->) (Intel® System Utilization Report -> ) C:Program FilesIntelSURQUEENCREEKSurSvc.exe

(companies.exe ->) (Intel® System Utilization Report -> ) C:Program FilesIntelSURQUEENCREEKx64esrv_svc.exe

(companies.exe ->) (Logitech Inc -> Logitech) C:Program FilesLogitechCollaborationServicesVideoServiceLayer.exe

(companies.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(companies.exe ->) (Microsoft Company -> Microsoft Company) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(companies.exe ->) (Microsoft Company -> Microsoft Company) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(companies.exe ->) (Microsoft Home windows {Hardware} Compatibility Writer -> Home windows ® Win 7 DDK supplier) C:WindowsSystem32driversAdminService.exe

(companies.exe ->) (Microsoft Home windows Writer -> Microsoft Company) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MsMpEng.exe

(companies.exe ->) (Microsoft Home windows Writer -> Microsoft Company) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0NisSrv.exe

(companies.exe ->) (Novawave Inc. -> Novawave Inc.) C:Program FilesNovawaveNovabenchNovabenchService.exe

(companies.exe ->) (PC-Physician, Inc. -> PC-Physician, Inc.) C:Program FilesDellSupportAssistAgentPCDSupportAssistDsapi.exe

(companies.exe ->) (Qualcomm Atheros, Inc. -> ) C:WindowsSystem32driversQcomWlanSrvx64.exe

(companies.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe

(companies.exe ->) (Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerAnalyticsService.exe

(companies.exe ->) (Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerNetworkService.exe

(companies.exe ->) (Screenovate Applied sciences Ltd. -> Screenovate Applied sciences Ltd.) C:Program FilesDellDellWirelessMonitorWidockService.exe

(companies.exe ->) (Waves Inc -> Waves Audio Ltd.) C:Program FilesWavesMaxxAudioWavesSysSvc64.exe

(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe

(svchost.exe ->) (INTEL CORP) C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6cttIGCC.exe

(svchost.exe ->) (Intel® System Utilization Report -> Intel Company) C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe

(svchost.exe ->) (Microsoft Company -> Microsoft Company) C:Program Recordsdata (x86)Microsoft OfficerootOffice16SDXHelper.exe

(svchost.exe ->) (Microsoft Company) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbweCortana.exe

(svchost.exe ->) (Microsoft Company) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(svchost.exe ->) (Microsoft Company) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbweHxOutlook.exe

(svchost.exe ->) (Microsoft Company) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbweHxTsr.exe

(svchost.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe <3>

(svchost.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32smartscreen.exe

(svchost.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32wscript.exe

==================== Registry (Whitelisted) ===================

(If an entry is included within the fixlist, the registry merchandise will likely be restored to default or eliminated. The file is not going to be moved.)

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [RtHDVBg_PushButton] => C:Program FilesRealtekAudioHDARAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Fast Storage TechnologyIAStorIcon.exe [320056 2019-08-13] (Intel® Fast Storage Expertise -> Intel Company)

HKLM…Run: [WavesSvc] => C:Program FilesWavesMaxxAudioWavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)

HKLM…Run: [Logitech Download Assistant] => C:WindowsSystem32LogiLDA.dll [3831808 2021-08-30] (Microsoft Home windows {Hardware} Compatibility Writer -> Logitech)

HKLM…Run: [LogiOptions] => C:Program FilesLogitechLogiOptionsLogiOptions.exe [1687616 2022-02-21] (Logitech Inc -> Logitech, Inc.)

HKLM…Run: [LogiBolt] => C:Program FilesLogiLogiBoltLogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)

HKLM-x32…Run: [Dropbox] => C:Program Recordsdata (x86)DropboxClientDropbox.exe [10585376 2022-03-15] (Dropbox, Inc -> Dropbox, Inc.)

HKUS-1-5-19…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream55.0.3.0GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)

HKUS-1-5-20…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream55.0.3.0GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35320448 2022-01-25] (Piriform Software program Ltd -> Piriform Software program Ltd)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…Run: [f.lux] => C:UsersDellAppDataLocalFluxSoftwareFluxflux.exe [1515848 2021-06-17] (F.lux Software program LLC -> f.lux Software program LLC)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…Run: [Google Update] => C:UsersDellAppDataLocalGoogleUpdate1.3.36.122GoogleUpdateCore.exe [223816 2022-01-21] (Google LLC -> Google LLC)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…Run: [3xAV] => C:Program Recordsdata (x86)EnounceMySpeedMySpeed.exe [1511104 2019-10-31] (Enounce -> Enounce Integrated)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream55.0.3.0GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…Run: [LogiBolt] => C:Program FilesLogiLogiBoltLogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)

HKUS-1-5-21-1743731231-2579300660-3002394936-1001…RunOnce: [Application Restart #0] => C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe –disable-features=AudioServiceOutOfProcess –flag-switches-begin –enable-smooth-scrolling –flag-switches-end –enable-audio-service-sand (the information entry has 73 extra characters).

HKUS-1-5-18…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream55.0.3.0GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)

HKLM…Home windows x64Print ProcessorsCanon MG2100 collection Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDAQ.DLL [30208 2012-03-14] (Microsoft Home windows {Hardware} Compatibility Writer -> CANON INC.)

HKLM…PrintMonitorsCanon BJ Language Monitor MG2100 collection: C:WINDOWSsystem32CNMLMAQ.DLL [385024 2012-03-14] (Microsoft Home windows {Hardware} Compatibility Writer -> CANON INC.)

HKLMSoftwareMicrosoftActive SetupInstalled Parts: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:Program Recordsdata (x86)CCleaner BrowserApplication99.0.14741.54Installerchrmstp.exe [2022-03-22] (Piriform Software program Ltd -> Piriform Software program)

HKLMSoftwareMicrosoftActive SetupInstalled Parts: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Recordsdata (x86)GoogleChromeApplication99.0.4844.82Installerchrmstp.exe [2022-03-22] (Google LLC -> Google LLC)

Startup: C:UsersDellAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupHoneygainUpdater.lnk [2021-06-04]

ShortcutTarget: HoneygainUpdater.lnk -> C:UsersDellAppDataRoamingHoneygainHoneygainUpdater.exe (OOO “XMAC” -> Honeygain)

GroupPolicy: Restriction ? <==== ATTENTION

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

HKLMSOFTWAREPoliciesMicrosoftEdge: Restriction <==== ATTENTION

==================== Scheduled Duties (Whitelisted) ============

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved except listed individually.)

Activity: {00D767D1-E92E-44A5-AC66-984A9FE5E24D} – System32TasksUSER_ESRV_SVC_QUEENCREEK => “C:WINDOWSSystem32Wscript.exe” //B //NoLogo “C:Program FilesIntelSURQUEENCREEKx64task.vbs”

Activity: {0DE2E057-66C3-4603-98D0-82B1DA4ADC00} – System32TasksGoogleUpdateTaskUserS-1-5-21-1743731231-2579300660-3002394936-1001UA => C:UsersDellAppDataLocalGoogleUpdateGoogleUpdate.exe [154920 2019-08-06] (Google Inc -> Google LLC)

Activity: {0F9822F2-426C-4474-B0DD-3EF60DAB870B} – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Recordsdata (x86)IntelIntel® Replace Managerbiniumsvc.exe –automatic (No File)

Activity: {110F1CBD-3405-4DA3-85EF-19EE837F81C3} – System32TasksGoogleUpdateTaskMachineCore => C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe [153168 2018-04-20] (Google Inc -> Google Inc.)

Activity: {16A46A4F-2C67-4D35-9F1E-7B2A4D27C991} – System32TasksDropboxUpdateTaskMachineCore1d7910859573084 => C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)

Activity: {25CF08FC-6EA3-4A95-97B9-854ACC2B557B} – System32TasksMicrosoftOfficeOffice Characteristic Updates Logon => C:Program Recordsdata (x86)Microsoft OfficerootOffice16sdxhelper.exe [110968 2022-03-12] (Microsoft Company -> Microsoft Company)

Activity: {27AC9CA5-B4CE-4AB8-8D7F-DFD0F0FA758A} – System32TasksAdobe Acrobat Replace Activity => C:Program Recordsdata (x86)Frequent FilesAdobeARM1.0AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)

Activity: {2D58C35E-1AFE-44B1-A8F8-357C5C475DBC} – System32TasksGoogleUpdateTaskMachineUA => C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe [153168 2018-04-20] (Google Inc -> Google Inc.)

Activity: {2F5E951E-6C51-466B-92C2-1580139AA789} – System32TasksIntelThunderboltStart Thunderbolt service on boot if driver is up => C:Program Recordsdata (x86)IntelThunderbolt Softwaretbtsvc.exe [2302168 2018-12-25] (Intel® Shopper Connectivity Division SW -> Intel Company)

Activity: {3614A475-32E3-49B7-9DB1-62064A8AD139} – System32TasksMicrosoftOfficeOffice Computerized Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22580696 2022-03-12] (Microsoft Company -> Microsoft Company)

Activity: {4498C469-EEAF-4714-9E06-65EDA3641EB9} – System32TasksIntelIntel Telemetry 2 (x86) => C:Program Recordsdata (x86)IntelTelemetry 2.0lrio.exe [1652536 2018-11-05] (Intel® Software program -> Intel Company)

Activity: {52F1F75A-17C8-4531-98D1-15AE7C4A163E} – System32TasksAvast SoftwareOverseer => C:Program FilesCommon FilesAVAST SoftwareOverseeroverseer.exe [2296088 2022-03-07] (Avast Software program s.r.o. -> Avast Software program)

Activity: {54E9D264-04BB-4467-A12A-672373D8EABF} – System32TasksIntelThunderboltStart Thunderbolt utility when {hardware} is detected => C:Program Recordsdata (x86)IntelThunderbolt SoftwareConditionalAppStarter.exe [226008 2018-12-25] (Intel® Shopper Connectivity Division SW -> Intel Company)

Activity: {61E80557-83F7-4E03-97CF-E668963200D5} – System32TasksIntelThunderboltStart Thunderbolt utility on login if service is up => C:Program Recordsdata (x86)IntelThunderbolt SoftwareConditionalAppStarter.exe [226008 2018-12-25] (Intel® Shopper Connectivity Division SW -> Intel Company)

Activity: {6B65D88E-DC8F-4888-A9D8-E2AA87845608} – System32TasksCCleanerSkipUAC – Jerry => C:Program FilesCCleanerCCleaner.exe [29453952 2022-01-25] (Piriform Software program Ltd -> Piriform Software program Ltd)

Activity: {6BF2774A-A1C3-4F26-933C-28FD438566FE} – System32TasksIntelSURQC-Improve-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel® System Utilization Report -> Intel Company)

Activity: {793C8C5E-980A-4E24-8E88-A344A93B45B3} – System32TasksCCleaner Browser Heartbeat Activity (Logon) => C:Program Recordsdata (x86)CCleaner BrowserApplicationCCleanerBrowser.exe [2743568 2022-03-03] (Piriform Software program Ltd -> Piriform Software program)

Activity: {7BA30996-3F5D-498C-9C35-6FD1F249418E} – System32TasksMicrosoftOfficeOffice Characteristic Updates => C:Program Recordsdata (x86)Microsoft OfficerootOffice16sdxhelper.exe [110968 2022-03-12] (Microsoft Company -> Microsoft Company)

Activity: {9130E514-1B9B-4B13-8EF3-3697B0EC5198} – System32TasksG2MUploadTask-S-1-5-21-1743731231-2579300660-3002394936-1001 => C:UsersDellAppDataLocalGoToMeeting19932g2mupload.exe [31176 2021-11-17] (LogMeIn, Inc. -> LogMeIn, Inc.)

Activity: {914E2852-FC8F-4B80-BA8C-BC13B023FFA7} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Upkeep => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MpCmdRun.exe [979568 2022-03-14] (Microsoft Home windows Writer -> Microsoft Company)

Activity: {98D43F83-3330-4FC9-9CC6-46ABE32E00C4} – System32TasksDropboxUpdateTaskMachineUA => C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)

Activity: {9EDF32B8-882B-49E1-9B0E-EF2D43E4BB88} – System32TasksDell SupportAssistAgent AutoUpdate => C:Program FilesDellSupportAssistAgentbinSupportAssistInstaller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)

Activity: {A46B5A56-FECE-4D77-AA17-566620757F2E} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22580696 2022-03-12] (Microsoft Company -> Microsoft Company)

Activity: {A53D63F3-5E2E-4C51-908A-0EA647432762} – System32TasksIntelThunderboltStart Thunderbolt utility on swap consumer if service is up => C:Program Recordsdata (x86)IntelThunderbolt SoftwareConditionalAppStarter.exe [226008 2018-12-25] (Intel® Shopper Connectivity Division SW -> Intel Company)

Activity: {A6B46F95-18B9-432B-8657-58E01E4D41C6} – System32TasksIntelThunderboltStart Thunderbolt service when {hardware} is detected => sc.exe begin ThunderboltService

Activity: {AA9A6962-73BD-461D-8223-E5F02BAE033E} – System32TasksGoogleUpdateTaskUserS-1-5-21-1743731231-2579300660-3002394936-1001Core => C:UsersDellAppDataLocalGoogleUpdateGoogleUpdate.exe [154920 2019-08-06] (Google Inc -> Google LLC)

Activity: {B51511D0-2E27-44F4-AF3C-99D977F39C86} – System32TasksDropboxUpdateTaskMachineCore => C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)

Activity: {B55C7F1F-1E25-4613-8A36-AC32B8D2155C} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MpCmdRun.exe [979568 2022-03-14] (Microsoft Home windows Writer -> Microsoft Company)

Activity: {B5F3B82B-9DEE-46A8-8877-34B27FB4EDE1} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MpCmdRun.exe [979568 2022-03-14] (Microsoft Home windows Writer -> Microsoft Company)

Activity: {BAEB0203-3FA2-4AE8-A53C-9FAF6BA6B535} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MpCmdRun.exe [979568 2022-03-14] (Microsoft Home windows Writer -> Microsoft Company)

Activity: {CC4B2535-4AAA-43D9-8D10-5875251688D7} – System32TasksDell Cleanup => c:windowssystem32oemstartmenufix.vbs [1595 2016-09-14] () [File not signed]

Activity: {D01BEAB8-8CD7-46B4-9E57-04C58DF51D3F} – System32TasksG2MUpdateTask-S-1-5-21-1743731231-2579300660-3002394936-1001 => C:UsersDellAppDataLocalGoToMeeting19932g2mupdate.exe [31176 2021-11-17] (LogMeIn, Inc. -> LogMeIn, Inc.)

Activity: {D627475E-CF53-49E9-850E-05FFC39D9FB6} – System32TasksIntelSURQC-Improve-86621605-2a0b-4128-8ffc-15514c247132 => C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel® System Utilization Report -> Intel Company)

Activity: {D73F856B-2BDD-4756-A8B8-48316592F402} – System32TasksMozillaFirefox Background Replace 308046B0AF4A39CB => C:Program FilesMozilla Firefoxfirefox.exe –MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 –MOZ_LOG_FILE C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38updates308046B0AF4A39CBbackgroundupdate.moz_log –backgroundtask backgroundupdate

Activity: {DE156291-76A9-4C3C-A6AF-4C606E10A3EE} – System32TasksCCleaner Browser Heartbeat Activity (Hourly) => C:Program Recordsdata (x86)CCleaner BrowserApplicationCCleanerBrowser.exe [2743568 2022-03-03] (Piriform Software program Ltd -> Piriform Software program)

Activity: {E2F51B4A-0644-49E1-B2AB-2126E5C622D2} – System32TasksCCleanerUpdateTaskMachineCore => C:Program Recordsdata (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [200600 2021-10-15] (Piriform Software program Ltd -> Piriform Software program)

Activity: {E8D2A006-6993-4CB0-A34A-574ADD4B5F93} – System32TasksCCleanerUpdateTaskMachineUA => C:Program Recordsdata (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [200600 2021-10-15] (Piriform Software program Ltd -> Piriform Software program)

Activity: {F3697F9D-3F93-42B4-8981-29C37659B484} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe do-task “308046B0AF4A39CB”

Activity: {FB98C805-3AC0-4B60-B962-7C9C6DEC9B7A} – System32TasksCCleaner Replace => C:Program FilesCCleanerCCUpdate.exe [684976 2022-01-25] (Piriform Software program Ltd -> Piriform)

(If an entry is included within the fixlist, the duty (.job) file will likely be moved. The file which is working by the duty is not going to be moved.)

Activity: C:WINDOWSTasksDropboxUpdateTaskMachineCore1d7910859573084.job => C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe

Activity: C:WINDOWSTasksDropboxUpdateTaskMachineUA.job => C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe

Activity: C:WINDOWSTasksG2MUpdateTask-S-1-5-21-1743731231-2579300660-3002394936-1001.job => C:UsersDellAppDataLocalGoToMeeting19932g2mupdate.exe

Activity: C:WINDOWSTasksG2MUploadTask-S-1-5-21-1743731231-2579300660-3002394936-1001.job => C:UsersDellAppDataLocalGoToMeeting19932g2mupload.exe

==================== Web (Whitelisted) ====================

(If an merchandise is included within the fixlist, if it’s a registry merchandise it is going to be eliminated or restored to default.)

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{488339b7-45cc-4e83-90ed-daf046df7f72}: [DhcpNameServer] 192.168.1.1

Edge:

=======

DownloadDir: C:UsersDellDownloads

Edge Session Restore: HKUS-1-5-21-1743731231-2579300660-3002394936-1001 -> is enabled.

Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:Program FilesWindowsAppsEyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2021-05-16]

Edge Extension: (No Title) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Title) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Title) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Title) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:UsersDellAppDataLocalMicrosoftEdgeUser DataDefault [2022-03-23]

Edge DownloadDir: Default -> C:UsersDellDownloads

Edge Extension: (Adblock Plus – free advert blocker) – C:UsersDellAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsgmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-23]

Edge Extension: (Malwarebytes Browser Guard) – C:UsersDellAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2022-03-20]

Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:

========

FF DefaultProfile: jxcfxuuv.default

FF ProfilePath: C:UsersDellAppDataRoamingMozillaFirefoxProfilesjxcfxuuv.default [2022-03-23]

FF Session Restore: MozillaFirefoxProfilesjxcfxuuv.default -> is enabled.

FF Notifications: MozillaFirefoxProfilesjxcfxuuv.default -> hxxps://www.youtube.com; hxxps://www.fb.com; hxxps://www.mylanguageexchange.com

FF Extension: (Malwarebytes Browser Guard) – C:UsersDellAppDataRoamingMozillaFirefoxProfilesjxcfxuuv.defaultExtensions{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-03-23]

FF Extension: (Adblock Plus – free advert blocker) – C:UsersDellAppDataRoamingMozillaFirefoxProfilesjxcfxuuv.defaultExtensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-02-27]

FF Plugin: @videolan.org/vlc,model=3.0.14 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,model=3.0.16 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,model=3.0.6 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,model=3.0.7.1 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,model=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/SharePoint,model=14.0 -> C:Program Recordsdata (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2022-03-07] (Microsoft Company -> Microsoft Company)

FF Plugin-x32: @replace.ccleanerbrowser.com/CCleaner Browser;model=3 -> C:Program Recordsdata (x86)CCleaner BrowserUpdate1.8.1187.1npCCleanerBrowserUpdate3.dll [2021-10-15] (Piriform Software program Ltd -> Piriform Software program)

FF Plugin-x32: @replace.ccleanerbrowser.com/CCleaner Browser;model=9 -> C:Program Recordsdata (x86)CCleaner BrowserUpdate1.8.1187.1npCCleanerBrowserUpdate3.dll [2021-10-15] (Piriform Software program Ltd -> Piriform Software program)

FF Plugin-x32: Adobe Reader -> C:Program Recordsdata (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Techniques Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR Profile: C:UsersDellAppDataLocalGoogleChromeUser DataDefault [2022-03-24]

CHR Notifications: Default -> hxxps://159834228771104.webpush.freshchat.com; hxxps://adverts.google.com; hxxps://calendar.google.com; hxxps://champringsusa.myshopify.com; hxxps://discoverus.webpush.us2.freshchat.com; hxxps://drive.google.com; hxxps://gcx.aliexpress.com; hxxps://irestorelaser.pushcrew.com; hxxps://mail.google.com; hxxps://mail.zoho.com; hxxps://member.angieslist.com; hxxps://ocsnext.ebay.com; hxxps://images.google.com; hxxps://voice.google.com; hxxps://internet.skype.com; hxxps://internet.whatsapp.com; hxxps://www.fb.com; hxxps://www.google.com; hxxps://www.hitsteps.com; hxxps://www.mercari.com; hxxps://www.youtube.com

CHR NewTab: Default -> Lively:”chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html”

CHR Session Restore: Default -> is enabled.

CHR Extension: (Slides) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-04-20]

CHR Extension: (Docs) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2018-04-20]

CHR Extension: (Google Drive) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-28]

CHR Extension: (YouTube) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-20]

CHR Extension: (Slinky Elegant) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsbmanlajnpdncmhfkiccmbgeocgbncfln [2021-11-22]

CHR Extension: (Pushbullet) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionschlffgpmiacpedhhbkiomidkjlcfhogd [2021-03-25]

CHR Extension: (Adobe Acrobat: PDF edit, convert, signal instruments) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]

CHR Extension: (Sheets) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-04-20]

CHR Extension: (Google Docs Offline) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]

CHR Extension: (AdBlock — finest advert blocker) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2022-03-09]

CHR Extension: (Key phrases In all places – Key phrase Software) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionshbapdpeemoojbophdfndmlgdhppljgmp [2022-02-12]

CHR Extension: (Malwarebytes Browser Guard) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2022-03-17]

CHR Extension: (EPUBReader) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsjhhclmfgfllimlhabjkgkeebkbiadflb [2020-11-16]

CHR Extension: (Momentum) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionslaookkfknpbbblfpciffpaejjkokdgca [2022-03-23]

CHR Extension: (Free VPN for Chrome – VPN Proxy VeePN) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsmajdfhpaihoncoakbjgbdhglocklcgno [2022-03-21]

CHR Extension: (Screencastify – Display Video Recorder) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsmmeijimgabbpbgpdklnllpncmdofkcpn [2022-03-15]

CHR Extension: (Google Hangouts) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsnckgahadagoaajjgafhacjanaoiihapd [2022-01-25]

CHR Extension: (E mail Tracker for Gmail – Mailtrack) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsndnaehgpjlnokgebbaldlmgkapkpjkkb [2022-03-23]

CHR Extension: (Capital One Procuring: Add to Chrome for Free) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsnenlahapcbofgnanklpelkaejcehkggg [2022-03-23]

CHR Extension: (A Bit Higher Mint) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsnmcngapjgfglappdmacpaooicikdcpbb [2019-04-07]

CHR Extension: (Chrome Net Retailer Funds) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Chrome Shut Lock) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsplcabbfeeokakkmdecdccmibahigjkno [2021-07-12]

CHR Extension: (RightToCopy) – C:UsersDellAppDataLocalGoogleChromeUser DataDefaultExtensionsplmcimdddlobkphnofejmeidjblideca [2018-04-25]

CHR Profile: C:UsersDellAppDataLocalGoogleChromeUser DataGuest Profile [2019-08-15]

CHR Profile: C:UsersDellAppDataLocalGoogleChromeUser DataSystem Profile [2019-08-15]

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Providers (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved except listed individually.)

R2 AdobeARMservice; C:Program Recordsdata (x86)Frequent FilesAdobeARM1.0armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)

S2 ccleaner; C:Program Recordsdata (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [200600 2021-10-15] (Piriform Software program Ltd -> Piriform Software program)

S3 CCleanerBrowserElevationService; C:Program Recordsdata (x86)CCleaner BrowserApplication99.0.14741.54elevation_service.exe [1877344 2022-03-03] (Piriform Software program Ltd -> Piriform Software program)

S3 ccleanerm; C:Program Recordsdata (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [200600 2021-10-15] (Piriform Software program Ltd -> Piriform Software program)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11649952 2022-03-07] (Microsoft Company -> Microsoft Company)

S2 dbupdate; C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:Program Recordsdata (x86)DropboxUpdateDropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:WINDOWSsystem32DbxSvc.exe [44328 2022-03-15] (Dropbox, Inc -> Dropbox, Inc.)

S3 dcpm-notify; C:Program FilesDellCommandPowerManagerNotifyService.exe [315008 2021-08-23] (Dell Inc -> Dell Inc.)

R2 DDVCollectorSvcApi; C:Program FilesDellDellDataVaultDDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Applied sciences Inc. -> Dell Applied sciences Inc.)

R2 DDVDataCollector; C:Program FilesDellDellDataVaultDDVDataCollector.exe [3847712 2021-09-29] (Dell Applied sciences Inc. -> Dell Applied sciences Inc.)

R2 DDVRulesProcessor; C:Program FilesDellDellDataVaultDDVRulesProcessor.exe [462880 2021-09-29] (Dell Applied sciences Inc. -> Dell Applied sciences Inc.)

R2 Dell {Hardware} Help; C:Program FilesDellSupportAssistAgentPCDSupportAssistDsapi.exe [1024680 2021-09-02] (PC-Physician, Inc. -> PC-Physician, Inc.)

R2 Dell SupportAssist Remediation; C:Program FilesDellSARemediationagentDellSupportAssistRemedationService.exe [19128 2021-11-22] (Dell Inc -> Dell INC.)

R2 Dell Wi-fi Monitor Service; C:Program FilesDellDellWirelessMonitorWidockService.exe [491000 2016-06-13] (Screenovate Applied sciences Ltd. -> Screenovate Applied sciences Ltd.)

S3 Dell.CommandPowerManager.Service; C:WINDOWSsystem32dllhost.exe /Processid:{F0F39401-D79A-492D-9604-31A1169DC844} [21312 2021-03-11] (Microsoft Home windows -> Microsoft Company)

R2 DellClientManagementService; C:Program Recordsdata (x86)DellUpdateServiceServiceShell.exe [38600 2021-11-12] (Dell Inc -> )

S3 KAPSService; C:WINDOWSSystem32driversRivetNetworksKillerKAPSService.exe [73480 2021-05-31] (Rivet Networks LLC -> Rivet Networks, LLC.)

R2 Killer Analytics Service; C:WINDOWSSystem32driversRivetNetworksKillerKillerAnalyticsService.exe [1775392 2021-05-31] (Rivet Networks LLC -> Rivet Networks)

R2 Killer Community Service; C:WINDOWSSystem32driversRivetNetworksKillerKillerNetworkService.exe [2663208 2021-05-31] (Rivet Networks LLC -> Rivet Networks)

S3 KNDBWM; C:WINDOWSSystem32driversRivetNetworksKillerKNDBWMService.exe [73496 2021-05-31] (Rivet Networks LLC -> Rivet Networks, LLC.)

R3 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [8022200 2022-03-23] (Malwarebytes Inc -> Malwarebytes)

R2 nebula; C:Program FilesLogitechCollaborationServicesVideoServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech)

R2 NovabenchService; C:Program FilesNovawaveNovabenchNovabenchService.exe [323560 2018-03-28] (Novawave Inc. -> Novawave Inc.)

R2 QcomWlanSrv; C:WINDOWSSystem32driversQcomWlanSrvx64.exe [197336 2021-06-15] (Qualcomm Atheros, Inc. -> )

S3 ss_conn_launcher_service; C:WINDOWSSystem32SamsungEasySetupss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R2 SupportAssistAgent; C:Program FilesDellSupportAssistAgentbinSupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0NisSrv.exe [3046608 2022-03-14] (Microsoft Home windows Writer -> Microsoft Company)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MsMpEng.exe [132504 2022-03-14] (Microsoft Home windows Writer -> Microsoft Company)

===================== Drivers (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved except listed individually.)

R3 DDDriver; C:WINDOWSSystem32driversdddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Home windows {Hardware} Compatibility Writer -> Dell Applied sciences)

S3 DellProf; C:WINDOWSsystem32driversDellProf.sys [41208 2018-05-08] (Techporch Integrated -> Dell Laptop Company)

S3 DroidCam; C:WINDOWSsystem32DRIVERSdroidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)

S3 DroidCamVideo; C:WINDOWSsystem32DRIVERSdroidcamvideo.sys [230712 2015-05-24] (DEV47 APPS -> Home windows ® Win 7 DDK supplier)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [160176 2021-11-16] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)

R1 googledrivefs3688; C:WINDOWSSystem32DRIVERSgoogledrivefs3688.sys [381456 2021-12-14] (Microsoft Home windows {Hardware} Compatibility Writer -> Google, Inc.)

R3 KfeCoSvc; C:WINDOWSSystem32driversRivetNetworksKillerKfeCo10X64.sys [184400 2021-05-31] (Rivet Networks LLC -> Rivet Networks, LLC.)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [223688 2022-03-23] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-01-29] (Microsoft Home windows Early Launch Anti-malware Writer -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [195024 2022-03-23] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [69040 2022-03-23] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-06-19] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [157816 2022-03-23] (Malwarebytes Inc -> Malwarebytes)

S3 mosuport; C:WINDOWSSystem32driversmosuport.sys [367744 2016-12-22] (WDKTestCert Alex,130940336584439605 -> ASIX Electronics Company)

R3 MpKsl52a69b47; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{293E0B20-0387-4E69-8CD0-B5EBC075C417}MpKslDrv.sys [137464 2022-03-23] (Microsoft Home windows -> Microsoft Company)

R3 NovabenchDriver; C:Program FilesNovawaveNovabenchNovabenchDriverWin10.sys [28216 2018-03-28] (Microsoft Home windows {Hardware} Compatibility Writer -> )

R3 rtump64x64; C:WINDOWSSystem32driversrtump64x64.sys [962600 2021-09-22] (Realtek Semiconductor Corp. -> Realtek Company)

S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 ss_conn_usb_driver2; C:WINDOWSSystem32Driversss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [49600 2022-03-14] (Microsoft Home windows Early Launch Anti-malware Writer -> Microsoft Company)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [439544 2022-03-14] (Microsoft Home windows -> Microsoft Company)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [90360 2022-03-14] (Microsoft Home windows -> Microsoft Company)

S4 DBUtilDrv2; SystemRootSystem32driversDBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved except listed individually.)

==================== One month (created) (Whitelisted) =========

(If an entry is included within the fixlist, the file/folder will likely be moved.)

2022-03-24 07:46 – 2022-03-24 07:46 – 000042754 _____ C:UsersDellDownloadsFRST.txt

2022-03-24 07:45 – 2022-03-24 07:46 – 000000000 ____D C:FRST

2022-03-24 07:45 – 2022-03-24 07:45 – 002365440 _____ (Farbar) C:UsersDellDownloadsFRST64 (1).exe

2022-03-24 07:42 – 2022-03-24 07:42 – 002365440 _____ (Farbar) C:UsersDellDownloadsFRST64.exe

2022-03-24 06:07 – 2022-03-24 06:07 – 002023440 _____ C:UsersDellDownloadsdixmlsetup.exe

2022-03-23 16:41 – 2022-03-23 16:41 – 102236160 _____ C:WINDOWSsystem32configSOFTWARE

2022-03-23 16:37 – 2022-03-23 16:41 – 000000000 ____D C:WINDOWSMicrosoft Antimalware

2022-03-23 15:00 – 2022-03-23 15:00 – 000001352 _____ C:UsersDellAppDataRoamingMicrosoftWindowsStart MenuProgramsPC Well being Examine.lnk

2022-03-23 15:00 – 2022-03-23 15:00 – 000000000 ____D C:UsersDellAppDataLocalPCHealthCheck

2022-03-23 14:59 – 2022-03-23 15:00 – 014233600 _____ C:UsersDellDownloadsWindowsPCHealthCheckSetup (1).msi

2022-03-23 14:44 – 2022-03-23 14:44 – 000195024 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2022-03-23 14:44 – 2022-03-23 14:44 – 000157816 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2022-03-23 14:44 – 2022-03-23 14:44 – 000069040 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2022-03-23 12:36 – 2022-03-23 13:23 – 000000000 ____D C:Program Recordsdata (x86)SpywareBlaster

2022-03-23 12:36 – 2022-03-23 12:36 – 004432744 _____ (BrightFort LLC ) C:UsersDellDownloadsspywareblastersetup60.exe

2022-03-23 12:36 – 2022-03-23 12:36 – 000001164 _____ C:UsersPublicDesktopSpywareBlaster.lnk

2022-03-23 12:36 – 2022-03-23 12:36 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpywareBlaster

2022-03-23 12:34 – 2022-03-23 14:11 – 000000000 ____D C:ProgramDataWinZip

2022-03-23 12:33 – 2022-03-23 12:33 – 001016656 _____ (WinZip Computing) C:UsersDellDownloadswinzip26-p014.exe

2022-03-23 12:19 – 2022-03-23 13:20 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGridinSoft Anti-Malware

2022-03-23 12:19 – 2022-03-23 12:19 – 000000000 ____D C:ProgramDataGridinSoft

2022-03-23 12:18 – 2022-03-23 12:18 – 000989584 _____ (GridinSoft LLC) C:UsersDellDownloadsinstall-antimalware-gslb.exe

2022-03-23 12:18 – 2022-03-23 12:18 – 000989584 _____ (GridinSoft LLC) C:UsersDellDownloadsinstall-antimalware-gslb (1).exe

2022-03-23 11:57 – 2022-03-23 11:58 – 006705440 _____ (EnigmaSoft Restricted) C:UsersDellDownloadsSpyHunter-Installer.exe

2022-03-23 11:36 – 2022-03-23 11:36 – 000000000 _____ C:WINDOWSinvcol.tmp

2022-03-23 11:15 – 2022-03-23 11:15 – 000223688 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2022-03-23 11:15 – 2022-03-23 11:15 – 000001981 _____ C:UsersPublicDesktopMalwarebytes.lnk

2022-03-22 09:37 – 2022-03-22 09:37 – 000000073 _____ C:UsersDellDesktopJASONS DELI REWARDS.txt

2022-03-22 08:41 – 2022-03-22 08:41 – 000000021 _____ C:UsersDellDesktopCHASE CC INFO.txt

2022-03-20 08:43 – 2022-03-20 08:43 – 000307886 _____ C:UsersDellDownloadsFBLU504.pdf

2022-03-17 10:05 – 2022-03-17 10:05 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDropbox

2022-03-15 06:58 – 2022-03-24 01:16 – 000000000 ____D C:Program FilesMozilla Firefox

2022-03-15 01:36 – 2022-03-15 01:36 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-stable.sys

2022-03-15 01:36 – 2022-03-15 01:36 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-dev.sys

2022-03-15 01:36 – 2022-03-15 01:36 – 000047600 _____ (Dropbox, Inc.) C:WINDOWSsystem32Driversdbx-canary.sys

2022-03-15 01:36 – 2022-03-15 01:36 – 000044328 _____ (Dropbox, Inc.) C:WINDOWSsystem32DbxSvc.exe

2022-03-12 00:39 – 2022-03-12 00:39 – 000003380 _____ C:WINDOWSsystem32TasksOneDrive Standalone Replace Activity-S-1-5-21-1743731231-2579300660-3002394936-1001

2022-03-12 00:39 – 2022-03-12 00:39 – 000002380 _____ C:UsersDellAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2022-03-11 04:51 – 2022-03-11 04:51 – 000002144 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

2022-03-09 23:05 – 2022-03-09 23:05 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2022-03-09 23:05 – 2022-03-09 23:05 – 002254336 _____ C:WINDOWSsystem32dwmscene.dll

2022-03-09 23:05 – 2022-03-09 23:05 – 000272896 _____ C:WINDOWSsystem32TpmTool.exe

2022-03-09 23:05 – 2022-03-09 23:05 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2022-03-09 23:05 – 2022-03-09 23:05 – 000011911 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2022-03-09 22:59 – 2022-03-09 22:59 – 000000000 ___HD C:$WinREAgent

2022-03-07 16:40 – 2022-03-07 16:40 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLogitech

2022-02-28 14:08 – 2022-03-23 13:42 – 000008192 ___SH C:DumpStack.log.tmp

2022-02-27 14:13 – 2022-03-23 15:13 – 000000000 ____D C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

2022-02-27 06:21 – 2022-02-27 06:21 – 000000000 ____D C:WINDOWSsystem32TasksAgent Activation Runtime

2022-02-23 17:53 – 2022-02-23 17:53 – 000831007 _____ C:UsersDellDownloadsResidential Lease – 1_1_16.pdf

==================== One month (modified) ==================

(If an entry is included within the fixlist, the file/folder will likely be moved.)

2022-03-24 07:40 – 2019-01-25 17:38 – 000000335 _____ C:UsersDellDesktopComputer.lnk

2022-03-24 07:35 – 2020-12-11 15:07 – 000000000 ____D C:ProgramDataTemp

2022-03-24 07:32 – 2018-04-20 17:01 – 000000000 ____D C:Program Recordsdata (x86)Google

2022-03-24 07:28 – 2019-12-07 04:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2022-03-24 05:32 – 2021-03-11 19:29 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2022-03-24 03:03 – 2020-02-14 17:15 – 000000000 ____D C:UsersDellAppDataLocalLowIGDump

2022-03-24 02:43 – 2020-01-30 11:47 – 000000000 ____D C:UsersDellAppDataRoamingMessenger

2022-03-24 01:16 – 2019-08-06 22:47 – 000002551 _____ C:UsersDellAppDataRoamingMicrosoftWindowsStart MenuProgramsGoogle Chrome Canary.lnk

2022-03-24 01:11 – 2018-06-01 09:55 – 000000000 ____D C:Program FilesCCleaner

2022-03-23 14:46 – 2019-12-07 04:03 – 000000000 ____D C:WINDOWSCbsTemp

2022-03-23 13:47 – 2021-03-11 19:35 – 000842546 _____ C:WINDOWSsystem32PerfStringBackup.INI

2022-03-23 13:47 – 2019-12-07 04:13 – 000000000 ____D C:WINDOWSINF

2022-03-23 13:43 – 2021-12-06 10:52 – 000000000 ____D C:UsersDellAppDataLocalLogiBolt

2022-03-23 13:42 – 2021-03-11 19:37 – 000000006 ____H C:WINDOWSTasksSA.DAT

2022-03-23 13:42 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSServiceState

2022-03-23 13:42 – 2018-04-16 18:58 – 000000000 ___HD C:Intel

2022-03-23 13:36 – 2021-03-11 19:31 – 000000000 ____D C:UsersDell

2022-03-23 13:36 – 2019-12-07 04:03 – 001048576 _____ C:WINDOWSsystem32configBBI

2022-03-23 13:10 – 2018-05-21 00:30 – 000000000 ____D C:UsersDellAppDataLocalD3DSCache

2022-03-23 12:38 – 2018-04-16 18:53 – 000000000 ___HD C:WINDOWSsystem32GroupPolicy

2022-03-23 12:37 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicy

2022-03-23 11:24 – 2021-05-01 00:42 – 000000000 ____D C:WINDOWSMinidump

2022-03-23 11:24 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSLiveKernelReports

2022-03-23 11:24 – 2019-01-10 20:04 – 000000000 ____D C:UsersDellAppDataLocalCrashDumps

2022-03-23 11:16 – 2021-09-06 04:08 – 000000000 ____D C:WINDOWSsystem32TasksMozilla

2022-03-23 11:15 – 2020-10-03 17:46 – 000001993 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2022-03-23 11:14 – 2018-04-20 21:02 – 000000000 ____D C:ProgramDataMalwarebytes

2022-03-23 11:14 – 2018-04-20 21:02 – 000000000 ____D C:Program FilesMalwarebytes

2022-03-23 02:58 – 2019-12-07 04:14 – 000000000 ___HD C:Program FilesWindowsApps

2022-03-23 02:58 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSAppReadiness

2022-03-22 03:41 – 2021-10-15 03:34 – 000002403 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner Browser.lnk

2022-03-22 03:41 – 2021-10-15 03:34 – 000002368 _____ C:UsersPublicDesktopCCleaner Browser.lnk

2022-03-22 03:41 – 2021-10-15 03:34 – 000000000 ____D C:Program Recordsdata (x86)CCleaner Browser

2022-03-22 03:32 – 2018-04-20 17:06 – 000002348 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2022-03-22 03:32 – 2018-04-20 17:06 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2022-03-20 07:55 – 2019-04-16 21:58 – 000000000 ____D C:UsersDellAppDataRoamingvlc

2022-03-20 07:51 – 2018-04-27 17:13 – 000000000 ____D C:UsersDellAppDataLocalDropbox

2022-03-18 17:54 – 2020-05-22 19:21 – 000002440 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2022-03-18 17:54 – 2020-05-22 19:21 – 000002278 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2022-03-17 10:06 – 2018-04-27 17:13 – 000000000 ____D C:Program Recordsdata (x86)Dropbox

2022-03-17 03:38 – 2019-01-07 22:11 – 000000000 ____D C:Program Recordsdata (x86)Mozilla Upkeep Service

2022-03-15 17:01 – 2019-01-07 22:11 – 000000971 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk

2022-03-14 16:14 – 2018-04-20 20:24 – 000000000 ____D C:WINDOWSsystem32Driverswd

2022-03-14 16:03 – 2021-08-14 07:31 – 000000944 _____ C:WINDOWSTasksDropboxUpdateTaskMachineCore1d7910859573084.job

2022-03-14 16:03 – 2018-04-27 17:13 – 000000938 _____ C:WINDOWSTasksDropboxUpdateTaskMachineUA.job

2022-03-12 04:16 – 2017-04-01 16:45 – 000000000 ____D C:Program Recordsdata (x86)Microsoft Workplace

2022-03-12 00:39 – 2021-12-13 15:01 – 000003592 _____ C:WINDOWSsystem32TasksOneDrive Reporting Activity-S-1-5-21-1743731231-2579300660-3002394936-1001

2022-03-11 04:10 – 2021-08-14 16:41 – 000003704 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskMachineCore1d7910859573084

2022-03-11 04:10 – 2021-03-11 19:37 – 000003896 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskMachineUA

2022-03-11 04:07 – 2022-01-09 04:35 – 000257824 _____ C:WINDOWSsystem32FNTCACHE.DAT

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSystemResources

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32oobe

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32migwiz

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2022-03-11 04:07 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSbcastdvr

2022-03-11 04:07 – 2019-12-07 04:03 – 000000000 ____D C:WINDOWSservicing

2022-03-09 23:07 – 2020-10-02 20:19 – 000000000 ____D C:Program FilesMicrosoft Replace Well being Instruments

2022-03-09 23:05 – 2021-03-11 19:31 – 002877952 _____ (Microsoft Company) C:WINDOWSSysWOW64PrintConfig.dll

2022-03-09 22:59 – 2018-04-20 18:23 – 000000000 ____D C:WINDOWSsystem32MRT

2022-03-09 22:55 – 2018-04-20 18:23 – 145666720 ____C (Microsoft Company) C:WINDOWSsystem32MRT.exe

2022-03-09 20:49 – 2021-04-26 12:27 – 000003386 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d716d7a23d1fc1

2022-03-09 20:49 – 2021-03-11 19:37 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2022-03-08 05:22 – 2018-04-27 17:19 – 000000000 ____D C:UsersDellDropbox

2022-03-08 05:22 – 2018-04-17 12:28 – 000000000 ___RD C:UsersDellDropboxPCDocumentsDocuments_old

2022-03-07 16:41 – 2021-12-06 10:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLogi

2022-03-07 16:40 – 2021-05-05 04:25 – 000000000 ____D C:UsersDellAppDataLocalDeployment

2022-03-07 16:39 – 2020-12-15 19:12 – 000000000 ____D C:Program FilesLogitech

==================== Recordsdata within the root of some directories ========

2019-04-05 11:05 – 2019-04-05 11:05 – 000000070 _____ () C:UsersDellAppDataLocalKakaUSBSecurity

2018-10-31 14:23 – 2018-10-31 14:23 – 000000017 _____ () C:UsersDellAppDataLocalresmon.resmoncfg

==================== SigCheck ============================

(There is no such thing as a computerized repair for recordsdata that don’t go verification.)

==================== Finish of FRST.txt ========================Scan results of Farbar Restoration Scan Software (FRST) (x64) Model: 24-03-2022