wired4tech
Posts: 137 +1
Hi there,
Appreciate any help/advice to determine if my computer is infected.
Windows Security identified this a few minutes ago.
HackTool:Win32/Mailpassview
I have since removed it using Windows Security's options.
I'm posting my Addition.txt logs for review.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2020
Ran by JPDELL (06-12-2020 18:17:51)
Running from C:\Users\JPDELL\Desktop
Windows 10 Pro Version 1909 18363.1198 (X64) (2019-10-05 21:10:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1826214958-772042235-2865425336-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1826214958-772042235-2865425336-503 - Limited - Disabled)
Guest (S-1-5-21-1826214958-772042235-2865425336-501 - Limited - Disabled)
JPDELL (S-1-5-21-1826214958-772042235-2865425336-1001 - Administrator - Enabled) => C:\Users\JPDELL
WDAGUtilityAccount (S-1-5-21-1826214958-772042235-2865425336-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat 2017 (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0E1108756300}) (Version: 17.011.30180 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Evernote v. 6.25.1 (HKLM-x32\...\{CA92FF58-B652-11EA-A23A-42010A401FD0}) (Version: 6.25.1.9091 - Evernote Corp.)
FileZilla Client 3.46.3 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
FileZilla Client 3.46.3 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 44.0.12.0 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Kobo (HKLM-x32\...\Kobo) (Version: 4.24.13786 - Rakuten Kobo Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Standard 2019 - en-us (HKLM\...\Standard2019Volume - en-us) (Version: 16.0.10368.20035 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.9.0 - Mozilla)
Mozilla Thunderbird 68.9.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 68.9.0 (x86 en-US)) (Version: 68.9.0 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Node.js (HKLM\...\{F62C0E94-FBB4-4009-9941-6271BD2EBCEF}) (Version: 12.13.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 5.0.6c - NGWIN)
PowerENGAGE (HKLM-x32\...\{400A01BF-E908-4393-BD39-31E386377BDA}) (Version: 3.2.16 - Aviata, Inc.) Hidden
ProtonVPN (HKLM-x32\...\{074CACAD-CAB4-42A5-9C13-D1245FA9D6D6}) (Version: 1.17.4 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.4) (Version: 1.17.4 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Slack (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\slack) (Version: 4.11.3 - Slack Technologies Inc.)
Slack (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\slack) (Version: 4.11.3 - Slack Technologies Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TurboTax 2019 (HKLM-x32\...\{176AF9FD-3AF6-4C10-9F68-A3AA455B3D51}) (Version: 1.00.0000 - Intuit Canada)
UFile 2019 (HKLM-x32\...\{D910E42E-320F-45DE-A3F1-BAB394C07133}) (Version: 23.21.0000 - Thomson Reuters DT Tax and Accounting Inc.)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vistaprint.ca Photo Books (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\{083552E6-919F-4871-A642-BEBC2544C246}_is1) (Version: 20.1.2.5553 - Vistaprint)
Vistaprint.ca Photo Books (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{083552E6-919F-4871-A642-BEBC2544C246}_is1) (Version: 20.1.2.5553 - Vistaprint)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSee (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\VSee) (Version: 4.8.1.41094 - VSee Lab Inc)
VSee (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\VSee) (Version: 4.8.1.41094 - VSee Lab Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\WinDirStat) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version: - )
YNAB 4 version 4.3.543 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.543 - YouNeedABudget.com)
Zoom (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{53B2AC1B-7B81-47FC-8D3B-595CDE21D0BA}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Apps\Evernote\Evernote\EvernoteCCx64.dll (Evernote Corporation -> Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{93c503ec-b307-4339-bca2-37fe3b4836e8}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Apps\Evernote\Evernote\EvernoteOLShim64.dll (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\JPDELL\Dropbox [2019-10-07 20:56]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat Elements\ContextMenuShim64.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat Elements\ContextMenuShim64.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\JPDELL\Desktop\Chungi.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JP @ infoloud.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JP @ SC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JphilipSC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JPTech250.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d842922bcf93161\TiddlyDesktop.lnk -> C:\Users\JPDELL\Documents\TiddlyDesktop\TiddlyDesktop-win64-v0.0.13\nw.exe (The NWJS Community) -> --user-data-dir="C:\Users\JPDELL\AppData\Local\TiddlyDesktop\User Data" --profile-directory=Default --app-id=bpdeplafbjkfabcdjdbibppeobkefplc
==================== Loaded Modules (Whitelisted) =============
2020-06-16 12:31 - 2020-05-07 20:34 - 000278528 _____ () [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\vseeCryptoppEnc.DLL
2019-10-28 05:33 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2019-10-28 05:33 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-12-08 12:57 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-07-15 09:20 - 2019-07-15 09:20 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qgif.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000034304 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qicns.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qico.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000365056 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qjpeg.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qsvg.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000020480 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qtga.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qtiff.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qwbmp.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000418816 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qwebp.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 001172992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\platforms\qwindows.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 005138944 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Core.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 005322240 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Gui.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000265216 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Svg.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 004572160 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Widgets.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000147968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Xml.dll
2013-05-10 22:47 - 2013-05-10 22:47 - 000061440 _____ (VMProtect Software) [File not signed] C:\Program Files (x86)\PicPick\ppkgr.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\x64\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\x64\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\x64\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: intu-tt2019 - {F526FF07-B913-4B56-85DC-D7014178A5B4} - C:\Program Files (x86)\TurboTax 2019\ic2019pp.dll [2020-05-21] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\sharepoint.com -> hxxps://drphilip-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sharepoint.com -> hxxps://drphilip-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-10-05 16:51 - 2019-10-05 16:50 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\Control Panel\Desktop\\Wallpaper -> c:\users\jpdell\dropbox\wallpapers\world-map-with-time-zones.jpg
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\jpdell\dropbox\wallpapers\world-map-with-time-zones.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{91CE00A7-1930-449C-A365-5002159DF482}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{15315D00-1EFE-47B7-8456-816E98C30F98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6E37DCC-117A-4C9C-BAF3-E1C07FE914B8}] => (Allow) C:\Users\JPDELL\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2EA37F03-FA2B-47C0-A340-AD58203822CD}] => (Allow) C:\Users\JPDELL\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{0802C77B-B935-402A-8C5A-90B9688FD2ED}] => (Allow) LPort=54925
FirewallRules: [{7B9E7AD0-6CEF-4D85-934C-65A63E087AAE}] => (Allow) LPort=54950
FirewallRules: [{3E27A806-3BBE-4E2B-ADF3-95453319E2D5}] => (Allow) LPort=54955
FirewallRules: [TCP Query User{2E342CA8-A46D-4D75-8480-961E8857F224}C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe] => (Allow) C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe => No File
FirewallRules: [UDP Query User{8F462529-872A-46D4-987A-3E4F93CADE77}C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe] => (Allow) C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe => No File
FirewallRules: [TCP Query User{FA683DAC-A4FC-435C-A86F-21239B5FBDF3}C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [UDP Query User{66742814-1841-4DE0-A0C6-A929903870E0}C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [{7E4D3C60-0A28-465D-BF5C-9AACBC11D08F}] => (Block) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [{8D2AD010-9A8D-463E-9312-8DD1F8436941}] => (Block) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [TCP Query User{4AF45D77-2D0D-475B-9161-5B4D57EF9A27}C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{86532533-7C64-466F-83AC-CA2497FC32B9}C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D492F470-142F-45F9-AF72-89B54AD8F48A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{835D725F-CBCA-48FA-890A-FAAFA93A70C3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
21-11-2020 23:58:12 Windows Update
27-11-2020 23:05:10 Installed Microsoft Project Professional 2013
==================== Faulty Device Manager Devices ============
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/06/2020 05:24:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/05/2020 11:01:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/05/2020 10:59:14 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.10
System errors:
=============
Error: (12/05/2020 10:58:21 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (12/05/2020 10:58:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:39:29 PM on 2020-12-04 was unexpected.
Error: (12/04/2020 09:39:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:59:34 PM on 2020-12-04 was unexpected.
Error: (12/04/2020 09:39:17 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2020-12-06 18:03:20.719
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Mailpassview
ID: 2147571412
Severity: High
Category: Tool
Path: file:_C:\Users\JPDELL\AppData\Local\Google\DriveFS\am9obkBpbmZvbG91ZC5jb20\content_cache\d20\d86\132211
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Google\Drive File Stream\44.0.12.0\GoogleDriveFS.exe
Security intelligence Version: AV: 1.327.2176.0, AS: 1.327.2176.0, NIS: 1.327.2176.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2020-12-06 12:58:43.418
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {763AEB62-4553-4F3D-8D3E-E34798CA268F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-03 23:58:26.165
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D560F124-4175-4822-A72B-A7D2419E313E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-02 21:58:26.195
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A309CA5E-AC0D-4C62-B8A7-D6A9EFEF0DA1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-11-30 19:26:57.697
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {84D7C6A2-645B-45F7-934B-9F24EBE47EE3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-12-05 10:58:46.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-12-04 21:39:35.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-12-04 06:39:38.577
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-30 21:58:28.991
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-29 09:19:34.208
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-28 16:06:49.203
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-27 23:08:54.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-27 07:47:13.585
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A21 05/16/2019
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 43%
Total physical RAM: 16256.38 MB
Available physical RAM: 9258.73 MB
Total Virtual: 18688.38 MB
Available Virtual: 10765.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:164.6 GB) (Free:63.09 GB) NTFS
Drive g: (Google Drive File Stream) (Fixed) (Total:130 GB) (Free:59.93 GB) FAT32
Drive j: () (Fixed) (Total:931.51 GB) (Free:498.51 GB) NTFS
\\?\Volume{1ab06779-5349-4e84-bf62-4312ecd64854}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{5b89a5b0-c17a-4e75-ae60-ec4afce19a4b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Appreciate any help/advice to determine if my computer is infected.
Windows Security identified this a few minutes ago.
HackTool:Win32/Mailpassview
I have since removed it using Windows Security's options.
I'm posting my Addition.txt logs for review.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2020
Ran by JPDELL (06-12-2020 18:17:51)
Running from C:\Users\JPDELL\Desktop
Windows 10 Pro Version 1909 18363.1198 (X64) (2019-10-05 21:10:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1826214958-772042235-2865425336-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1826214958-772042235-2865425336-503 - Limited - Disabled)
Guest (S-1-5-21-1826214958-772042235-2865425336-501 - Limited - Disabled)
JPDELL (S-1-5-21-1826214958-772042235-2865425336-1001 - Administrator - Enabled) => C:\Users\JPDELL
WDAGUtilityAccount (S-1-5-21-1826214958-772042235-2865425336-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat 2017 (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0E1108756300}) (Version: 17.011.30180 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Evernote v. 6.25.1 (HKLM-x32\...\{CA92FF58-B652-11EA-A23A-42010A401FD0}) (Version: 6.25.1.9091 - Evernote Corp.)
FileZilla Client 3.46.3 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
FileZilla Client 3.46.3 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 44.0.12.0 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Kobo (HKLM-x32\...\Kobo) (Version: 4.24.13786 - Rakuten Kobo Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Standard 2019 - en-us (HKLM\...\Standard2019Volume - en-us) (Version: 16.0.10368.20035 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.9.0 - Mozilla)
Mozilla Thunderbird 68.9.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 68.9.0 (x86 en-US)) (Version: 68.9.0 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Node.js (HKLM\...\{F62C0E94-FBB4-4009-9941-6271BD2EBCEF}) (Version: 12.13.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10368.20035 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 5.0.6c - NGWIN)
PowerENGAGE (HKLM-x32\...\{400A01BF-E908-4393-BD39-31E386377BDA}) (Version: 3.2.16 - Aviata, Inc.) Hidden
ProtonVPN (HKLM-x32\...\{074CACAD-CAB4-42A5-9C13-D1245FA9D6D6}) (Version: 1.17.4 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.4) (Version: 1.17.4 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Slack (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\slack) (Version: 4.11.3 - Slack Technologies Inc.)
Slack (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\slack) (Version: 4.11.3 - Slack Technologies Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TurboTax 2019 (HKLM-x32\...\{176AF9FD-3AF6-4C10-9F68-A3AA455B3D51}) (Version: 1.00.0000 - Intuit Canada)
UFile 2019 (HKLM-x32\...\{D910E42E-320F-45DE-A3F1-BAB394C07133}) (Version: 23.21.0000 - Thomson Reuters DT Tax and Accounting Inc.)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vistaprint.ca Photo Books (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\{083552E6-919F-4871-A642-BEBC2544C246}_is1) (Version: 20.1.2.5553 - Vistaprint)
Vistaprint.ca Photo Books (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{083552E6-919F-4871-A642-BEBC2544C246}_is1) (Version: 20.1.2.5553 - Vistaprint)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSee (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\VSee) (Version: 4.8.1.41094 - VSee Lab Inc)
VSee (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\VSee) (Version: 4.8.1.41094 - VSee Lab Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\WinDirStat) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version: - )
YNAB 4 version 4.3.543 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.543 - YouNeedABudget.com)
Zoom (HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{53B2AC1B-7B81-47FC-8D3B-595CDE21D0BA}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Apps\Evernote\Evernote\EvernoteCCx64.dll (Evernote Corporation -> Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{93c503ec-b307-4339-bca2-37fe3b4836e8}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Apps\Evernote\Evernote\EvernoteOLShim64.dll (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\JPDELL\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1826214958-772042235-2865425336-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\JPDELL\Dropbox [2019-10-07 20:56]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat Elements\ContextMenuShim64.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\44.0.12.0\drivefsext.dll [2020-11-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2017\Acrobat Elements\ContextMenuShim64.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\JPDELL\Desktop\Chungi.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JP @ infoloud.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JP @ SC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JphilipSC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\JPDELL\Desktop\JPTech250.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\JPDELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d842922bcf93161\TiddlyDesktop.lnk -> C:\Users\JPDELL\Documents\TiddlyDesktop\TiddlyDesktop-win64-v0.0.13\nw.exe (The NWJS Community) -> --user-data-dir="C:\Users\JPDELL\AppData\Local\TiddlyDesktop\User Data" --profile-directory=Default --app-id=bpdeplafbjkfabcdjdbibppeobkefplc
==================== Loaded Modules (Whitelisted) =============
2020-06-16 12:31 - 2020-05-07 20:34 - 000278528 _____ () [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\vseeCryptoppEnc.DLL
2019-10-28 05:33 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2019-10-28 05:33 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-12-08 12:57 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-07-15 09:20 - 2019-07-15 09:20 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qgif.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000034304 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qicns.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qico.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000365056 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qjpeg.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qsvg.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000020480 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qtga.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qtiff.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qwbmp.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000418816 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\imageformats\qwebp.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 001172992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\platforms\qwindows.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 005138944 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Core.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 005322240 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Gui.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000265216 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Svg.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 004572160 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Widgets.dll
2020-06-16 12:31 - 2020-05-07 20:33 - 000147968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\JPDELL\AppData\Roaming\VSeeInstall\Qt5Xml.dll
2013-05-10 22:47 - 2013-05-10 22:47 - 000061440 _____ (VMProtect Software) [File not signed] C:\Program Files (x86)\PicPick\ppkgr.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\x64\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\x64\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\x64\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2017\AcroIEFavStub.dll [2017-04-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: intu-tt2019 - {F526FF07-B913-4B56-85DC-D7014178A5B4} - C:\Program Files (x86)\TurboTax 2019\ic2019pp.dll [2020-05-21] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\sharepoint.com -> hxxps://drphilip-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sharepoint.com -> hxxps://drphilip-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-10-05 16:51 - 2019-10-05 16:50 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\Control Panel\Desktop\\Wallpaper -> c:\users\jpdell\dropbox\wallpapers\world-map-with-time-zones.jpg
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\jpdell\dropbox\wallpapers\world-map-with-time-zones.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1826214958-772042235-2865425336-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{91CE00A7-1930-449C-A365-5002159DF482}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{15315D00-1EFE-47B7-8456-816E98C30F98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6E37DCC-117A-4C9C-BAF3-E1C07FE914B8}] => (Allow) C:\Users\JPDELL\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2EA37F03-FA2B-47C0-A340-AD58203822CD}] => (Allow) C:\Users\JPDELL\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{0802C77B-B935-402A-8C5A-90B9688FD2ED}] => (Allow) LPort=54925
FirewallRules: [{7B9E7AD0-6CEF-4D85-934C-65A63E087AAE}] => (Allow) LPort=54950
FirewallRules: [{3E27A806-3BBE-4E2B-ADF3-95453319E2D5}] => (Allow) LPort=54955
FirewallRules: [TCP Query User{2E342CA8-A46D-4D75-8480-961E8857F224}C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe] => (Allow) C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe => No File
FirewallRules: [UDP Query User{8F462529-872A-46D4-987A-3E4F93CADE77}C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe] => (Allow) C:\users\jpdell\appdata\local\programs\beaker-browser\beaker browser.exe => No File
FirewallRules: [TCP Query User{FA683DAC-A4FC-435C-A86F-21239B5FBDF3}C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [UDP Query User{66742814-1841-4DE0-A0C6-A929903870E0}C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [{7E4D3C60-0A28-465D-BF5C-9AACBC11D08F}] => (Block) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [{8D2AD010-9A8D-463E-9312-8DD1F8436941}] => (Block) C:\users\jpdell\appdata\roaming\vseeinstall\vsee.exe (VSee Lab, Inc -> VSee Lab, Inc.)
FirewallRules: [TCP Query User{4AF45D77-2D0D-475B-9161-5B4D57EF9A27}C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{86532533-7C64-466F-83AC-CA2497FC32B9}C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jpdell\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D492F470-142F-45F9-AF72-89B54AD8F48A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{835D725F-CBCA-48FA-890A-FAAFA93A70C3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
21-11-2020 23:58:12 Windows Update
27-11-2020 23:05:10 Installed Microsoft Project Professional 2013
==================== Faulty Device Manager Devices ============
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/06/2020 05:24:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/05/2020 11:01:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/05/2020 10:59:14 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (12/05/2020 10:58:44 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.10
System errors:
=============
Error: (12/05/2020 10:58:21 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (12/05/2020 10:58:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:39:29 PM on 2020-12-04 was unexpected.
Error: (12/04/2020 09:39:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:59:34 PM on 2020-12-04 was unexpected.
Error: (12/04/2020 09:39:17 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (12/04/2020 06:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PE48AC)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2020-12-06 18:03:20.719
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Mailpassview
ID: 2147571412
Severity: High
Category: Tool
Path: file:_C:\Users\JPDELL\AppData\Local\Google\DriveFS\am9obkBpbmZvbG91ZC5jb20\content_cache\d20\d86\132211
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Google\Drive File Stream\44.0.12.0\GoogleDriveFS.exe
Security intelligence Version: AV: 1.327.2176.0, AS: 1.327.2176.0, NIS: 1.327.2176.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2020-12-06 12:58:43.418
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {763AEB62-4553-4F3D-8D3E-E34798CA268F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-03 23:58:26.165
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D560F124-4175-4822-A72B-A7D2419E313E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-02 21:58:26.195
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A309CA5E-AC0D-4C62-B8A7-D6A9EFEF0DA1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-11-30 19:26:57.697
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {84D7C6A2-645B-45F7-934B-9F24EBE47EE3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-12-05 10:58:46.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-12-04 21:39:35.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-12-04 06:39:38.577
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-30 21:58:28.991
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-29 09:19:34.208
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-28 16:06:49.203
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-27 23:08:54.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-11-27 07:47:13.585
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A21 05/16/2019
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 43%
Total physical RAM: 16256.38 MB
Available physical RAM: 9258.73 MB
Total Virtual: 18688.38 MB
Available Virtual: 10765.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:164.6 GB) (Free:63.09 GB) NTFS
Drive g: (Google Drive File Stream) (Fixed) (Total:130 GB) (Free:59.93 GB) FAT32
Drive j: () (Fixed) (Total:931.51 GB) (Free:498.51 GB) NTFS
\\?\Volume{1ab06779-5349-4e84-bf62-4312ecd64854}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{5b89a5b0-c17a-4e75-ae60-ec4afce19a4b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================