Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024 Ran by mayra (administrator) on MAY (Dell Inc. G3 3579) (01-09-2024 05:35:15) Running from C:\Users\mayra\Downloads\FRST64.exe Loaded Profiles: mayra Platform: Microsoft Windows 10 Home Single Language Version 22H2 19045.4780 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager (C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <8> (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe (C:\Program Files\Google\Drive File Stream\95.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\95.0.2.0\crashpad_handler.exe (C:\Program Files\Google\Drive File Stream\95.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\96.0.0.0\GoogleDriveFS.exe <6> (C:\Program Files\Google\Drive File Stream\96.0.0.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\96.0.0.0\crashpad_handler.exe (C:\Program Files\HuionTablet\HuionTablet.exe ->) (Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Program Files\HuionTablet\HuionTabletCore.exe (C:\Program Files\HuionTablet\HuionTablet.exe ->) (Shenzhen Huion Animation Technology Co.,LTD -> TODO: <公司名>) C:\Program Files\HuionTablet\HuionServer.exe (C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2> (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Canva -> Canva Pty Ltd) C:\Users\mayra\AppData\Local\Programs\Canva\Canva.exe <2> (ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\95.0.2.0\GoogleDriveFS.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.exe (hasplms.exe ->) (Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <33> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (services.exe ->) (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe (services.exe ->) (Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_362cfac2b6e1097f\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_362cfac2b6e1097f\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_cba155292546bb13\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe <3> (services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe (Shenzhen Huion Animation Technology Co.,LTD -> ShenZhen Huion Animation Technology Co.Ltd.) C:\Program Files\HuionTablet\HuionTablet.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.5142.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.5142.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\mayra\AppData\Local\Microsoft\OneDrive\24.171.0825.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3> (svchost.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe [1232240 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.exe [1237696 2021-01-07] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [HuionTablet] => C:\Program Files\HuionTablet\HuionTablet.exe [5581640 2023-06-02] (Shenzhen Huion Animation Technology Co.,LTD -> ShenZhen Huion Animation Technology Co.Ltd.) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [544248 2024-07-11] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [468936 2023-05-14] (Power Software Limited -> Power Software Ltd) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.54\Installer\setup.exe [6901824 2024-08-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\96.0.0.0\GoogleDriveFS.exe [61313128 2024-08-31] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\96.0.0.0\GoogleDriveFS.exe [61313128 2024-08-31] (Google LLC -> Google, Inc.) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46247680 2024-08-07] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\96.0.0.0\GoogleDriveFS.exe [61313128 2024-08-31] (Google LLC -> Google, Inc.) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Run: [MicrosoftEdgeAutoLaunch_1DE9964748C96D792E33F5740A9EAA95] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741120 2024-08-28] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Run: [Microsoft Edge Update] => C:\Users\mayra\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateCore.exe [268232 2024-07-31] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11795872 2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\mayra\AppData\Local\Programs\Canva\Canva.exe [176670864 2024-08-05] (Canva -> Canva Pty Ltd) HKU\S-1-5-21-812743721-3416580457-3768192190-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\96.0.0.0\GoogleDriveFS.exe [61313128 2024-08-31] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3595016 2024-08-12] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Print\Monitors\HP be2a Status Monitor: C:\Windows\system32\hpinkstsbe2aLM.dll [468576 2018-06-15] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\novaPDF 9 Port Monitor: C:\Windows\system32\novamn9.dll [18944 2018-11-05] (Softland) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.86\Installer\chrmstp.exe [2024-08-28] (Google LLC -> Google LLC) Startup: C:\Users\mayra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chat.lnk [2023-06-02] ShortcutTarget: Google Chat.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {D83B4037-A8EB-4AF9-9C5D-8BBE60C6B9F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.) Task: {B2DF12A4-37EA-4DF7-92EB-EEDACC977949} - System32\Tasks\CorelUpdateHelperTask-BE2A91DA5A5928DCADE307B730DAC41F => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation) Task: {EEB40A5D-739F-4767-B0DE-0335FD64C770} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation) Task: {CDCD3FD7-17A3-4B9D-84D5-49CF3CF40928} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => c:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [964936 2024-04-25] (Dell Technologies Inc. -> Dell Inc.) -> c:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate Task: {3D8E36CB-1AE8-4763-90BA-794B816FB83C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{C4A92245-92DA-4421-9619-5444F3E5FDCC} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC) Task: {48A703C9-43E1-41FF-B00F-EB1C10C7824B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-08-07] (HP Inc. -> HP Inc.) Task: {A6EED08F-02C3-4787-83BE-7CA720D7335C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-08-07] (HP Inc. -> HP Inc.) Task: {DA85CEB7-DBF3-4A5E-970C-B1A7EC290225} - System32\Tasks\Microsoft POS for .NET SQM Uploader => C:\Program Files (x86)\Microsoft Point Of Service\SqmUploader.exe [33528 2014-03-06] (Microsoft Corporation -> Microsoft Corporation) Task: {D29804D1-F69E-4F77-A807-9FC41519C3C9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28621008 2024-08-29] (Microsoft Corporation -> Microsoft Corporation) Task: {C0D3713E-A71F-4073-9ABF-007671A79DAD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28621008 2024-08-29] (Microsoft Corporation -> Microsoft Corporation) Task: {700428F9-2067-4570-ABCC-406F974D6C9C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {DAFC5864-3C4E-436A-AC23-62B2707B982D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {86430C87-BA49-4B81-9FDC-41B1C4C4146D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [187544 2024-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {23BFE23E-89D6-490B-8C3D-0B1491C71DE4} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [253920 2023-09-04] (Microsoft Corporation -> Microsoft) Task: {5CD42088-0D2E-4E08-BC4B-4DBD8C47FE39} - System32\Tasks\Microsoft\Windows\AppListBackup\HaleUtil => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-24] (Microsoft Corporation -> Microsoft Corporation) -> C:\ProgramData\InstallDiscover\RconsAutalntic\C:\ProgramData\InstallDiscover\RconsAutalntic\athsivntxex.dll /silent /u Task: {803FD16A-1F8B-4FAD-9059-0CF83F0484A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F9DC26B4-BA13-4BDB-A464-BC29C6935AAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {18B8BEEE-B399-4FDD-BB37-BA8D2939FECE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {41414057-BC72-4F85-970D-7889C4453672} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-812743721-3416580457-3768192190-1001Core{1ADF9171-1070-47D4-88D4-5CBAD04756B0} => C:\Users\mayra\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {6E695118-06B8-4C30-8579-7A44E9E569E8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-812743721-3416580457-3768192190-1001UA{02F440C7-51CB-45AE-8DD8-7EECB227024F} => C:\Users\mayra\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {625DDB55-6773-4C6C-90CC-DEFEDA5C6FF1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {8A108DC5-E0C0-45C5-8ED9-EE921866ED54} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0C2FF5FE-9AEC-43FC-BFB7-128ADD3872B5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {935E73ED-A228-4046-92DD-2681754F2289} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9187AFBC-BF2A-4CBE-B6BE-09458A3001E6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {13F012F7-6F55-4527-B05C-2326AFC6A60B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {756F047C-1DCC-481D-8D13-D1452CE2B62D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1DB553A-AE5E-4151-9422-8DACB6F84DF7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B25125E7-937F-44E8-B4FD-8F49D495BFEB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6B84C3E0-380D-4165-BBA9-214AFB76B1BF} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [544248 2024-07-11] (Razer USA Ltd. -> Razer Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.68.1 Tcpip\..\Interfaces\{0ad1b4ad-c282-41ff-bcd0-551e96f1363e}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{42aed04b-4261-41f6-919d-6dd09d134691}: [DhcpNameServer] 192.168.1.254 192.168.68.1 Tcpip\..\Interfaces\{42aed04b-4261-41f6-919d-6dd09d134691}\3556277696F61427D616E69623E243: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{bd82ab6b-23d7-42ca-bd5c-60d70aac1402}: [DhcpNameServer] 192.168.1.254 192.168.68.1 Tcpip\..\Interfaces\{bd82ab6b-23d7-42ca-bd5c-60d70aac1402}\4656479605F435: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{bd82ab6b-23d7-42ca-bd5c-60d70aac1402}\94E46494E4944555D403734363F553: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{bd82ab6b-23d7-42ca-bd5c-60d70aac1402}\94E46494E4944555D453446424: [DhcpNameServer] 192.168.1.254 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-01] Edge Notifications: Default -> hxxps://mail.google.com; hxxps://www.instagram.com Edge HomePage: Default -> hxxps://www.google.com/ Edge StartupUrls: Default -> "hxxp://www.default-search.net/?sid=492&aid=246&itype=n&ver=13001&tm=416&src=hmp" Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms} Edge Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2024-08-01] Edge Extension: (Save to Pinterest) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkgoflemacdadndiohhdnphcmdhacabg [2024-07-05] Edge Extension: (Microsoft Rewards) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2024-06-25] Edge Extension: (Satin Stacks) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgilogkdbbgmgabhfoaaaedodhelhndn [2023-06-02] Edge Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhekieabhbkpmcefcoobjddigjcaadp [2024-08-27] Edge Extension: (Browsec VPN - Free VPN for Edge) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjnehcbecaggobjholekjijaaekbnlgj [2024-08-27] Edge Extension: (Google Docs Offline) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-14] Edge Extension: (AdBlock — block ads across the web) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-23] Edge Extension: (No Name) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2024-05-03] Edge Extension: (No Name) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-05-03] Edge Extension: (Edge relevant text changes) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (Google Keep Chrome Extension) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-08-31] Edge Extension: (AdBlock — block ads across the web) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-08-23] Edge Extension: (uBlock Origin) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-08-07] Edge Extension: (EverBee) - C:\Users\mayra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oeicpkgdngoghobnbjngekclpcmpgpij [2024-08-31] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default [2024-08-28] CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=492&aid=246&itype=n&ver=13001&tm=416&src=hmp" CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-07-14] CHR Extension: (uBlock Origin) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-08-28] CHR Extension: (Google Docs Offline) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-14] CHR Extension: (Save to Pinterest) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-07-03] CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-08-28] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-04-25] CHR Extension: (Google Keep Chrome Extension) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-08-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-02] CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2024-08-28] CHR Profile: C:\Users\mayra\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-07] CHR HKU\S-1-5-21-812743721-3416580457-3768192190-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862480 2024-08-29] (Microsoft Corporation -> Microsoft Corporation) R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588712 2024-07-11] (Razer USA Ltd. -> Razer Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-12-13] (Dell Inc -> Dell INC.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [50376 2024-04-24] (Dell Technologies Inc. -> ) R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell) R2 hasplms; C:\Windows\system32\hasplms.exe [7236720 2018-11-29] (Gemalto, Inc. -> SafeNet, Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-07] (HP Inc. -> HP Inc.) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11193088 2024-08-07] (Logitech Inc -> Logitech, Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [53688 2018-11-05] (Softland SRL -> Microsoft) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_cba155292546bb13\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-05-14] (NVIDIA Corporation -> NVIDIA Corporation) S4 POSPerformanceCounters; C:\Program Files (x86)\Microsoft Point Of Service\Microsoft.PointOfService.Service.exe [38648 2014-03-06] (Microsoft Corporation -> Microsoft Corporation) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1878448 2024-07-25] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-07-25] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-17] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-08-11] (Razer USA Ltd. -> Razer Inc.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2024-05-15] (Razer USA Ltd. -> Razer Inc.) R2 SupportAssistAgent; c:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.) S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41944 2023-09-04] (Microsoft Corporation -> Microsoft) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aksdf; C:\Windows\system32\drivers\aksdf.sys [389560 2018-11-29] (Gemalto, Inc. -> SafeNet, Inc.) R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [487352 2018-11-29] (Gemalto, Inc. -> SafeNet, Inc.) R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [48464 2023-04-11] (Dell Inc. -> Dell Inc.) R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-31] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [1970104 2018-11-29] (Gemalto, Inc. -> SafeNet, Inc.) R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2023-06-02] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2023-06-02] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2023-06-02] (Logitech Inc -> Logitech) R3 MpKslca6a166c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6F8CA0E6-31CC-4644-88C9-726D24EB95E8}\MpKslDrv.sys [271640 2024-09-01] (Microsoft Windows -> Microsoft Corporation) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [77272 2019-03-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2021-10-06] (Microsoft Corporation) [File not signed] R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602504 2024-08-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-12] (Microsoft Windows -> Microsoft Corporation) S2 wntpport; no ImagePath R0 Wof; no ImagePath U4 AppMgmt; no ImagePath U4 CscService; no ImagePath U4 googledrivefs31357; \SystemRoot\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [X] U4 napagent; no ImagePath U4 PeerDistSvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-09-01 05:35 - 2024-09-01 05:35 - 000042532 _____ C:\Users\mayra\Downloads\FRST.txt 2024-09-01 05:34 - 2024-09-01 05:35 - 000000000 ____D C:\FRST 2024-09-01 05:34 - 2024-09-01 05:34 - 002397184 _____ (Farbar) C:\Users\mayra\Downloads\FRST64.exe 2024-09-01 04:47 - 2024-09-01 04:47 - 000000165 ____H C:\Users\mayra\OneDrive\Escritorio\~$Copia de BITACORA(1).xlsx 2024-08-31 17:46 - 2024-08-31 17:50 - 000000000 ___HD C:\ProgramData\Hmq 2024-08-31 17:44 - 2024-08-31 17:44 - 002067390 _____ C:\Users\mayra\Downloads\completion.rar 2024-08-31 17:16 - 2024-08-31 19:40 - 000202817 _____ C:\Users\mayra\OneDrive\Escritorio\Copia de BITACORA(1).xlsx 2024-08-31 09:46 - 2024-08-31 09:46 - 000003434 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-BE2A91DA5A5928DCADE307B730DAC41F 2024-08-31 08:35 - 2024-08-31 08:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-08-31 08:31 - 2024-08-31 08:31 - 000003354 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-812743721-3416580457-3768192190-1001 2024-08-31 08:31 - 2024-08-31 08:31 - 000002381 _____ C:\Users\mayra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-08-28 17:26 - 2024-08-28 17:26 - 000492728 _____ C:\Users\mayra\OneDrive\Escritorio\saludos.pdf 2024-08-28 17:20 - 2024-08-28 17:20 - 000526559 _____ C:\Users\mayra\OneDrive\Escritorio\alineacion.pdf 2024-08-27 01:00 - 2024-08-27 01:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-08-27 01:00 - 2024-08-27 01:00 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-08-22 07:02 - 2024-08-22 07:02 - 000028803 _____ C:\Users\mayra\OneDrive\Documents\BITACORA.xlsx 2024-08-21 17:36 - 2024-08-21 17:36 - 000622417 _____ C:\Users\mayra\OneDrive\Escritorio\columna b mary.pdf 2024-08-21 16:54 - 2024-08-21 16:54 - 000178196 _____ C:\Users\mayra\OneDrive\Escritorio\templo mary.pdf 2024-08-19 12:54 - 2024-08-19 12:54 - 000641738 _____ C:\Users\mayra\OneDrive\Escritorio\jowa2.ai 2024-08-18 22:55 - 2024-08-18 22:55 - 001841349 _____ C:\Users\mayra\OneDrive\Escritorio\jowa.ai 2024-08-18 14:36 - 2024-08-18 14:36 - 005112148 _____ C:\Users\mayra\Downloads\Chau_Philomene_One,Didact_Gothic,Montserrat,Overlock,Poetsen_One.zip 2024-08-18 14:25 - 2024-08-18 14:25 - 004929615 _____ C:\Users\mayra\Downloads\Chau_Philomene_One,Didact_Gothic,Montserrat,Overlock.zip 2024-08-18 13:17 - 2024-08-18 13:17 - 000274297 _____ C:\Users\mayra\Downloads\OIG1.THj3.jpeg 2024-08-18 13:17 - 2024-08-18 13:17 - 000251655 _____ C:\Users\mayra\Downloads\OIG1.E.jpeg 2024-08-18 13:17 - 2024-08-18 13:17 - 000167914 _____ C:\Users\mayra\Downloads\OIG1._.jpeg 2024-08-18 13:17 - 2024-08-18 13:17 - 000160984 _____ C:\Users\mayra\Downloads\OIG1.jpeg 2024-08-13 19:44 - 2024-08-13 19:44 - 000000000 ___HD C:\$WinREAgent 2024-08-13 19:19 - 2024-08-13 19:19 - 000000000 _____ C:\Windows\invcol.tmp 2024-08-13 11:36 - 2024-08-13 11:36 - 000162613 _____ C:\Users\mayra\Downloads\tema3 y 4.pdf 2024-08-13 11:35 - 2024-08-13 11:35 - 001545392 _____ C:\Users\mayra\Downloads\LOS_33_TEMAS_DEL_APRENDIZ_MASON.pdf 2024-08-13 11:33 - 2024-08-13 11:33 - 006023938 _____ C:\Users\mayra\OneDrive\Escritorio\invitaciones.cdr 2024-08-13 11:33 - 2024-08-13 08:12 - 005982581 _____ C:\Users\mayra\OneDrive\Escritorio\Backup_of_invitaciones.cdr 2024-08-13 08:17 - 2024-08-13 08:17 - 002061700 _____ C:\Users\mayra\OneDrive\Escritorio\invitaciones2.pdf 2024-08-13 08:03 - 2024-08-13 08:03 - 000004036 _____ C:\Windows\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-812743721-3416580457-3768192190-1001_2 2024-08-12 20:09 - 2024-08-13 08:12 - 002053942 _____ C:\Users\mayra\OneDrive\Escritorio\invitaciones.pdf 2024-08-12 19:39 - 2024-08-12 19:39 - 000052140 _____ C:\Users\mayra\Downloads\great-vibes.zip 2024-08-12 19:22 - 2024-08-12 19:22 - 000025004 _____ C:\Users\mayra\Downloads\Bebas Neue Cyrillic.zip 2024-08-12 18:58 - 2024-08-12 18:58 - 004687968 _____ C:\Users\mayra\Downloads\Chau_Philomene_One,Didact_Gothic,Montserrat.zip 2024-08-12 18:57 - 2024-08-12 18:57 - 004502565 _____ C:\Users\mayra\Downloads\Chau_Philomene_One,Montserrat.zip 2024-08-12 18:53 - 2024-08-12 18:51 - 048339199 _____ C:\Users\mayra\OneDrive\Escritorio\invitacion ok.pdf 2024-08-12 18:53 - 2024-08-12 18:51 - 033513711 _____ C:\Users\mayra\OneDrive\Escritorio\invitacion.psd 2024-08-12 18:47 - 2024-08-12 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2024-08-12 18:47 - 2024-08-12 18:47 - 000000000 ____D C:\Program Files\LGHUB ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-09-01 05:32 - 2024-03-19 08:44 - 000000000 ____D C:\Users\mayra\AppData\Roaming\Microsoft\Excel 2024-09-01 05:31 - 2023-06-23 19:19 - 000004166 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9AD2B1A7-8DB5-4B35-A591-18DB4287D744} 2024-09-01 05:23 - 2023-06-02 14:39 - 000000000 ___SD C:\Users\mayra\AppData\Roaming\Microsoft\Credentials 2024-09-01 05:15 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-09-01 05:11 - 2024-03-05 12:51 - 000000000 ____D C:\Users\mayra\AppData\Roaming\Microsoft\Office 2024-08-31 22:36 - 2023-06-02 15:22 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-08-31 20:15 - 2022-01-04 01:00 - 000000000 ____D C:\Windows\SystemTemp 2024-08-31 17:17 - 2023-06-02 19:34 - 000000000 ____D C:\ProgramData\NVIDIA 2024-08-31 10:45 - 2023-06-02 14:55 - 000000000 ____D C:\Users\mayra\AppData\Local\Packages 2024-08-31 08:53 - 2023-06-02 14:55 - 000000000 ____D C:\Users\mayra\AppData\Local\D3DSCache 2024-08-31 08:53 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-08-31 08:53 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\AppReadiness 2024-08-31 08:35 - 2024-03-05 11:47 - 000000000 ____D C:\Program Files\Microsoft Office 2024-08-31 08:35 - 2019-12-07 03:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-08-31 08:31 - 2023-06-02 14:56 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-812743721-3416580457-3768192190-1001 2024-08-31 08:29 - 2024-03-05 12:51 - 000000000 ____D C:\Users\mayra\AppData\Roaming\Microsoft\Word 2024-08-31 08:29 - 2019-12-07 03:13 - 000000000 ____D C:\Windows\INF 2024-08-31 08:28 - 2024-04-25 20:24 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-08-31 08:28 - 2024-04-25 20:24 - 000002060 _____ C:\Users\mayra\OneDrive\Escritorio\Google Drive.lnk 2024-08-31 08:28 - 2023-06-02 15:22 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-08-28 16:03 - 2023-06-02 15:50 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-08-28 16:01 - 2024-03-18 19:15 - 000000000 ____D C:\Users\mayra\OneDrive\Escritorio\Eli 2024-08-27 01:58 - 2023-06-05 14:33 - 000003954 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean 2024-08-27 01:00 - 2023-06-02 22:10 - 000000000 ____D C:\Users\mayra\AppData\Roaming\discord 2024-08-27 01:00 - 2023-06-02 22:10 - 000000000 ____D C:\Users\mayra\AppData\Local\Discord 2024-08-27 01:00 - 2023-06-02 14:57 - 000002251 _____ C:\Users\mayra\OneDrive\Escritorio\Discord.lnk 2024-08-21 17:37 - 2024-06-21 19:26 - 000000000 ____D C:\Users\mayra\OneDrive\Escritorio\Maricela 2024-08-20 12:56 - 2024-06-29 17:35 - 000000000 ____D C:\Users\mayra\AppData\Roaming\Canva 2024-08-20 12:56 - 2023-06-02 16:22 - 000000000 ____D C:\Users\mayra\AppData\Local\LGHUB 2024-08-20 12:55 - 2023-06-03 13:32 - 000000000 __SHD C:\Users\mayra\IntelGraphicsProfiles 2024-08-19 10:58 - 2023-06-03 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2024-08-19 10:57 - 2023-06-03 15:15 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK 2024-08-18 21:22 - 2024-05-23 21:47 - 000000000 ____D C:\Users\mayra\OneDrive\Escritorio\1x 2024-08-14 06:47 - 2023-06-02 14:36 - 000840690 _____ C:\Windows\system32\PerfStringBackup.INI 2024-08-14 00:09 - 2024-06-29 17:34 - 001805104 _____ C:\Windows\system32\FNTCACHE.DAT 2024-08-14 00:09 - 2023-06-02 15:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-08-14 00:09 - 2023-06-02 15:22 - 000000000 ____D C:\Intel 2024-08-14 00:08 - 2023-08-05 13:24 - 000008192 ___SH C:\DumpStack.log.tmp 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SystemResources 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\setup 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\oobe 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\Dism 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\ServiceState 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\schemas 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\Provisioning 2024-08-14 00:08 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\bcastdvr 2024-08-14 00:08 - 2019-12-07 03:03 - 001048576 _____ C:\Windows\system32\config\BBI 2024-08-13 19:50 - 2019-12-07 03:03 - 000000000 ____D C:\Windows\CbsTemp 2024-08-13 19:48 - 2023-06-02 14:29 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-08-13 19:33 - 2023-06-02 15:01 - 000000000 ____D C:\Windows\system32\MRT 2024-08-13 19:31 - 2023-06-02 15:01 - 197093640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-08-13 11:37 - 2023-06-14 14:22 - 000000000 ____D C:\Users\mayra\AppData\Local\CrashDumps 2024-08-13 11:37 - 2023-06-02 19:20 - 000000000 ____D C:\Users\mayra\AppData\Local\Warframe 2024-08-13 11:37 - 2023-06-02 16:06 - 000000000 ____D C:\Program Files (x86)\Steam 2024-08-13 11:34 - 2023-06-03 15:14 - 000000000 ____D C:\Users\mayra\AppData\Local\Razer 2024-08-13 11:34 - 2023-06-03 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex 2024-08-12 18:57 - 2024-06-29 14:10 - 000000000 ____D C:\Users\mayra\AppData\Local\canva-updater 2024-08-12 18:49 - 2023-06-02 15:22 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-08-12 18:48 - 2023-08-31 22:20 - 000000000 ____D C:\Users\mayra\AppData\Roaming\G HUB 2024-08-07 06:30 - 2024-03-08 12:55 - 000000000 ____D C:\Windows\system32\Tasks\HP 2024-08-07 06:30 - 2024-01-26 09:44 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-08-07 06:13 - 2024-02-07 02:39 - 000000000 ____D C:\Users\mayra\OneDrive\Escritorio\masones ==================== Files in the root of some directories ======== 2023-09-26 18:58 - 2023-09-26 18:58 - 000001456 _____ () C:\Users\mayra\AppData\Local\Adobe Save for Web 13.0 Prefs ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================