Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021 Ran by betha (administrator) on DESKTOP-6VQERA5 (Dell Inc. Inspiron 5488 AIO) (06-04-2021 17:08:20) Running from C:\Users\betha\Desktop Loaded Profiles: betha Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe (Asurvio, LP -> Asurvio LP) C:\Program Files (x86)\Driver Support One\DSOne.exe (Asurvio, LP -> Asurvio LP) C:\Program Files (x86)\Driver Support One\DSOneWD.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\IntelCpHeciSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\betha\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe (Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMA.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (Wistron Corporation) [File not signed] C:\Windows\SysWOW64\OSDSrv\OSDApp.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [OSDApp] => C:\Windows\SysWOW64\OSDSrv\OSDApp.exe [2091520 2015-04-14] (Wistron Corporation) [File not signed] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-04-06] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670856 2019-10-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896136 2019-10-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> ) HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\Run: [ZUpdater] => C:\Users\betha\AppData\Roaming\ZUpdater\ZUpdater.exe do://zupdater HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\Run: [EPSDNMON] => "" HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\betha\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\betha\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\RunOnce: [Uninstall 20.169.0823.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\betha\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\amd64" HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\RunOnce: [Uninstall 20.169.0823.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\betha\AppData\Local\Microsoft\OneDrive\20.169.0823.0006" HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\WINDOWS\system32\EFXLM16A.DLL [182784 2018-12-26] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON WF-7720 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBSAE.DLL [182784 2016-08-01] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-03-31] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\OSDEventCredProv.dll [2013-12-24] (Wistron Corporation) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-04-06] BootExecute: autocheck autochk * icarus_rvrt.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {101AF588-903C-45CE-A3A0-DD5ED22478E3} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1191136 2021-03-17] (Avast Software s.r.o. -> AVAST Software) Task: {14051434-0BBB-44D7-8561-4D1185AAF584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-04] (Google Inc -> Google Inc.) Task: {1690DF32-4FD0-45AC-9E71-06A6E7D66EEF} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.) Task: {2A0FF7C9-BE40-4D9A-ACA5-0F1D97BCE5D5} - System32\Tasks\ZUpdater => C:\Users\betha\AppData\Roaming\ZUpdater\ZUpdater.exe [560640 2019-06-01] () [File not signed] <==== ATTENTION Task: {2AA556DE-94E4-4577-84A1-1F8870248BDC} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.) Task: {395C0FB7-AE65-47AA-99A6-400207D1A546} - System32\Tasks\Update_Deepteep => C:\Users\betha\AppData\Roaming\AppSync\AppSync.exe Task: {44352035-6BC0-4D64-A94C-8ABFEDA995F4} - System32\Tasks\EPSON WF-7720 Series Update {FA210AFE-F48A-4E3B-A771-A16AC518FB4A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSAE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {4936DE0A-DAA8-412B-95E7-969AE1A2D1EE} - System32\Tasks\DSOne Agent => C:\Program Files (x86)\Driver Support One\DSOne.exe [1087680 2020-05-08] (Asurvio, LP -> Asurvio LP) <==== ATTENTION Task: {4A1519B5-E44C-482D-86A6-6FD2572B638D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [436696 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.) Task: {6659D494-64B5-4412-9DB8-AF02791DC441} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-04] (Google Inc -> Google Inc.) Task: {70B53E9B-78A0-4BD2-8566-E2A3002DDE4B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114024 2021-03-24] (Microsoft Corporation -> Microsoft Corporation) Task: {7306A5B2-7FF4-4113-9263-BF54B1D4BCFC} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {73873983-1796-4D54-97D2-363575176C37} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.) Task: {7F1760A0-355E-435F-974E-BDD9C4E01D08} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5493472 2021-03-16] (Avast Software s.r.o. -> Avast Software) Task: {809DF21E-5AD6-4A96-8296-8B54836EB3C4} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1413426085-2912600488-2307700468-1002 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {8274E320-A33D-4ABF-A2FD-E8C2B127EA4F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-06] (Avast Software s.r.o. -> AVAST Software) Task: {95A1B252-38C6-466C-B270-D2BF807C4330} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [33984 2019-03-07] (Rivet Networks LLC -> DELL) Task: {A6B6FAF3-152C-49C4-9F7D-F97E8EC11448} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.) Task: {AD639952-A21F-4D40-B2B0-417ADA027603} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software) Task: {BD8E1E0F-0B90-404A-ACA2-ACADF6D98087} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.) Task: {C6E897E5-36F7-419C-8C4E-255B15D589BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation) Task: {C74D1137-D215-4902-B090-A55B582D5A0A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114024 2021-03-24] (Microsoft Corporation -> Microsoft Corporation) Task: {D42004B4-69E9-4345-A0F8-AD1E101C2FF8} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4731616 2021-03-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid a00046d4-67c5-46ff-9948-abc91f5ebe23 Task: {D551990B-01BA-4E0D-8659-C3BB3A7C86D2} - System32\Tasks\UpdatePrt => C:\Users\betha\AppData\Roaming\AppMaster\AppMaster.exe Task: {EB52C2CD-6BE8-4544-870E-F5D29CBFBBE2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation) Task: {F65251B8-E8AC-4446-BF13-83B69CAEF2B2} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe Task: {FBDC230B-2306-4080-BAC8-439F60F8260A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133464 2021-03-24] (Microsoft Corporation -> Microsoft Corporation) Task: {FFA5585C-7535-4957-A380-5C989B406FEE} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [37713272 2018-01-03] (McAfee, Inc. -> McAfee, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\EPSON WF-7720 Series Update {FA210AFE-F48A-4E3B-A771-A16AC518FB4A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSAE.EXE:/EXE:{FA210AFE-F48A-4E3B-A771-A16AC518FB4A} /F:UpdateWORKGROUP\DESKTOP-6VQERA5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DESKTOP 6VQERA5 ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{42e3244a-bd07-4b28-a524-dde229190d41}: [NameServer] 100.120.112.1 Tcpip\..\Interfaces\{4788f4ee-7ecd-4cae-aeda-1b80a4db23d9}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{6c81e576-1842-4305-a205-496ae6cae942}: [DhcpNameServer] 192.0.0.3 Tcpip\..\Interfaces\{cf8073a6-5df3-4510-8a80-69d56cd204d2}: [NameServer] 100.120.200.1 Edge: ======= DownloadDir: C:\Users\betha\Downloads Edge Profile: C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-06] Edge HomePage: Default -> hxxp://www.google.com/ Edge StartupUrls: Default -> "hxxp://go.deepteep.com/?E1EFFE3593ECA4757E5BC95AE1F5837A=H1xAXFBMX1daU1QEEUleSAoRAjMIEFJfXlBLXVBDXV1dUUNdUkBeSA4MGwhcNikrKScwKidEX15SUUQpWFRPTktBUiYzRV9eWyM8XVUmIi8uVUZcUkYsX1MgQS1Z" Edge DefaultSearchURL: Default -> hxxps://go.deepteep.com/?7A6A55FB3EF22D49979E8F30948415DD=H1xAXFBMX1daU1QNEQQwBw9cQ1lQTV5fXFNBWlFFXl1fUFQJDB0LUyknNy4nNikoW1FCVVFCKldLQVJMQVQlPFpRQlwjOl5aOSwzKVVAX11ZIkNUIEcuVg&q={searchTerms} Edge DefaultSearchKeyword: Default -> go.deepteep.com Edge Extension: (Avast Online Security) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-03-08] Edge Extension: (Smart Searching Tab) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iacoifmgngnkjphlhpencjhenbngoheg [2020-10-14] Edge Extension: (Login Assistant Tab) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ibcppkopdlkcfeaolbfhpbkenmcecndn [2020-10-14] Edge Extension: (EmailSearchTools) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jghejomglpmejfcphjbfeplpdndfccbb [2020-10-14] Edge Extension: (Remoku) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kmbcoebcjaiiejopnadjlknjhifadnlg [2020-10-14] Edge Extension: (Print My Recipes) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmiogdihiogabnedkmfhmpfmcmabefpk [2020-10-14] Edge Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\betha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2020-10-14] FireFox: ======== FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\GlanceGuest\npglance.dll [2018-06-23] (Glance Networks Inc -> Glance Networks, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default [2021-04-06] CHR Notifications: Default -> hxxps://en.softonic.com; hxxps://pinchofyum.com; hxxps://printmyrecipes.com; hxxps://sweetpeasandsaffron.com; hxxps://themicrogardener.com; hxxps://www.allrecipes.com; hxxps://www.ashleyfurniture.com; hxxps://www.build.com; hxxps://www.facebook.com; hxxps://www.pinterest.com CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://mmiogdihiogabnedkmfhmpfmcmabefpk/newtabhtml/newtabpage.html", Not-active:"chrome-extension://iacoifmgngnkjphlhpencjhenbngoheg/newtabhtml/newtabpage.html", Not-active:"chrome-extension://ibcppkopdlkcfeaolbfhpbkenmcecndn/newtabhtml/newtabpage.html" CHR Extension: (Slides) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-04] CHR Extension: (Docs) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04] CHR Extension: (Google Drive) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01] CHR Extension: (YouTube) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-04] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-12] CHR Extension: (Sheets) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-04] CHR Extension: (Chrome Remote Desktop) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-22] CHR Extension: (Google Docs Offline) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-02] CHR Extension: (Hide My Searches) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjamfbppkhdlfbepaflbkpblgninaoia [2019-11-12] CHR Extension: (Avast Online Security) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-22] CHR Extension: (Smart Searching Tab) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\iacoifmgngnkjphlhpencjhenbngoheg [2020-08-24] CHR Extension: (Login Assistant Tab) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcppkopdlkcfeaolbfhpbkenmcecndn [2020-08-24] CHR Extension: (EmailSearchTools) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghejomglpmejfcphjbfeplpdndfccbb [2020-01-10] CHR Extension: (Remoku) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbcoebcjaiiejopnadjlknjhifadnlg [2018-10-16] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-10] CHR Extension: (Print My Recipes) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiogdihiogabnedkmfhmpfmcmabefpk [2020-05-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10] CHR Extension: (Gmail) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01] CHR Extension: (Chrome Media Router) - C:\Users\betha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-02] CHR HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1302184 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-06] (Avast Software s.r.o. -> AVAST Software) S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\90.0.4430.26\remoting_host.exe [71280 2021-03-14] (Google LLC -> Google LLC) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-04-06] (PC-Doctor, Inc. -> PC-Doctor, Inc.) S2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc -> Dell Inc.) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> ) R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 OSDSrv; C:\Windows\SysWOW64\OSDSrv\OSDSrv.EXE [192512 2013-12-27] () [File not signed] R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2019-03-07] (Rivet Networks LLC -> CloudBees, Inc.) R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8059104 2021-03-17] (Avast Software s.r.o. -> AVAST Software) R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2351304 2019-03-07] (Rivet Networks LLC -> Rivet Networks) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-09-23] (Avast Software s.r.o. -> Avast Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) S3 GENERICDRV; C:\ProgramData\Dell\Update\Downloads\BIOS\Vostro 5460 and Inspiron 5488 Intel 7th gen processor Kaby Lake S System BIOS\amifldrv64.sys [17616 2018-03-06] (American Megatrends, Inc. -> ) R1 JitDriver; C:\WINDOWS\system32\drivers\JitDriver.sys [47104 2020-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; c:\program files\dell\supportassist\pcdsrvc_x64.pkms [25584 2017-04-14] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [132952 2019-03-07] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-06 17:08 - 2021-04-06 17:09 - 000031716 _____ C:\Users\betha\Desktop\FRST.txt 2021-04-06 17:05 - 2021-04-06 17:08 - 000000000 ____D C:\FRST 2021-04-06 17:05 - 2021-04-06 17:05 - 002298368 _____ (Farbar) C:\Users\betha\Desktop\FRST64.exe 2021-04-06 16:50 - 2021-04-06 16:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1413426085-2912600488-2307700468-1002 2021-04-06 16:49 - 2021-04-06 16:49 - 000002369 _____ C:\Users\betha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-06 16:48 - 2021-04-06 16:48 - 000003914 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2021-04-06 16:39 - 2021-04-06 16:39 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-04-06 16:36 - 2021-04-06 16:36 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update 2021-04-06 16:32 - 2021-04-06 16:33 - 000436880 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-06 13:12 - 2021-04-06 13:11 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-04-06 13:12 - 2021-04-06 13:11 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-03-31 10:31 - 2021-03-31 10:31 - 000001994 _____ C:\Users\betha\Downloads\payroll - 2021-03-31T103144.681.iif 2021-03-25 10:47 - 2021-03-25 10:47 - 000000000 ____D C:\Users\betha\AppData\LocalLow\Intel 2021-03-25 10:46 - 2021-03-25 10:46 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2021-03-25 10:45 - 2021-01-08 03:44 - 000171496 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2021-03-25 10:45 - 2021-01-08 03:44 - 000146784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 001790224 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-03-25 10:45 - 2021-01-08 03:43 - 001790224 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-03-25 10:45 - 2021-01-08 03:43 - 001386256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-03-25 10:45 - 2021-01-08 03:43 - 001386256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-03-25 10:45 - 2021-01-08 03:43 - 001096320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 001096320 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 000949376 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 000949376 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 000507728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 000427856 _____ C:\WINDOWS\system32\ze_loader.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 000370512 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-03-25 10:45 - 2021-01-08 03:43 - 000148816 _____ C:\WINDOWS\system32\ze_validation_layer.dll 2021-03-25 10:45 - 2021-01-08 03:42 - 000294224 _____ C:\WINDOWS\system32\igfxCPL.cpl 2021-03-23 11:10 - 2021-03-23 11:10 - 000052163 _____ C:\Users\betha\Documents\bethSScardDL20210323_11100058.pdf 2021-03-19 08:53 - 2021-03-23 09:04 - 000110886 _____ C:\Users\betha\Documents\USB_ReliaCard_Fraud_Form.pdf 2021-03-17 17:37 - 2021-03-17 17:37 - 000001994 _____ C:\Users\betha\Downloads\payroll - 2021-03-17T173742.346.iif 2021-03-17 17:27 - 2021-03-17 17:27 - 000051502 _____ C:\Users\betha\Downloads\payroll_processing_report.html 2021-03-17 17:26 - 2021-03-17 17:26 - 000039795 _____ C:\Users\betha\Downloads\payroll_processing_report (4).pdf 2021-03-17 17:15 - 2021-03-17 17:15 - 000051502 _____ C:\Users\betha\Documents\Average Monthly Payroll Cost Report.html 2021-03-17 17:15 - 2021-03-17 17:15 - 000000000 ____D C:\Users\betha\Documents\Average Monthly Payroll Cost Report_files 2021-03-17 17:09 - 2021-03-17 17:09 - 000039795 _____ C:\Users\betha\Downloads\payroll_processing_report (3).pdf 2021-03-16 15:05 - 2021-03-16 15:05 - 000044250 _____ C:\Users\betha\Downloads\941 2nd qtr 2020.pdf 2021-03-16 15:04 - 2021-03-16 15:04 - 000040841 _____ C:\Users\betha\Downloads\941 3rd qtr 2020 (2).pdf 2021-03-16 15:03 - 2021-03-16 15:03 - 000685717 _____ C:\Users\betha\Downloads\941 1st qtr 2020 (1).pdf 2021-03-16 15:02 - 2021-03-16 15:02 - 000040841 _____ C:\Users\betha\Downloads\941 3rd qtr 2020 (1).pdf 2021-03-16 15:00 - 2021-03-16 15:00 - 000040860 _____ C:\Users\betha\Downloads\custom_upload_9414th_qtr2019.pdf (1).pdf 2021-03-15 15:54 - 2021-03-15 15:54 - 000044250 _____ C:\Users\betha\Downloads\irs_form_941_4_quarters_or_940_944_2019_or_2020_or_1040_schedule_c_2019_or_2020_if_applicable (3).pdf 2021-03-15 15:53 - 2021-03-15 15:53 - 000685717 _____ C:\Users\betha\Downloads\941 1st qtr 2020.pdf 2021-03-15 15:53 - 2021-03-15 15:53 - 000040841 _____ C:\Users\betha\Downloads\941 3rd qtr 2020.pdf 2021-03-15 15:49 - 2021-03-15 15:49 - 000040860 _____ C:\Users\betha\Downloads\custom_upload_9414th_qtr2019.pdf.pdf 2021-03-15 15:48 - 2021-03-15 15:48 - 000000009 _____ C:\Users\betha\Downloads\irs_form_941_4_quarters_or_940_944_2019_or_2020_or_1040_schedule_c_2019_or_2020_if_applicable (2).pdf 2021-03-15 09:42 - 2021-03-15 09:42 - 000039795 _____ C:\Users\betha\Downloads\payroll_processing_report (2).pdf 2021-03-14 13:13 - 2021-03-14 13:13 - 000038819 _____ C:\Users\betha\Documents\1099-INT2020-2020-12 Davids Truck.pdf 2021-03-12 10:37 - 2021-03-12 10:37 - 000044250 _____ C:\Users\betha\Downloads\irs_form_941_4_quarters_or_940_944_2019_or_2020_or_1040_schedule_c_2019_or_2020_if_applicable (1).pdf 2021-03-10 22:16 - 2021-03-10 22:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-10 22:15 - 2021-03-10 22:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-10 22:15 - 2021-03-10 22:15 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-10 22:15 - 2021-03-10 22:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-10 22:15 - 2021-03-10 22:15 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-10 22:15 - 2021-03-10 22:15 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-03-10 22:14 - 2021-03-10 22:14 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-10 22:14 - 2021-03-10 22:14 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-10 22:14 - 2021-03-10 22:14 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-10 22:14 - 2021-03-10 22:14 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-10 22:14 - 2021-03-10 22:14 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-10 16:18 - 2021-03-10 16:18 - 000002646 _____ C:\Users\betha\Downloads\payroll - 2021-03-10T151815.360.iif 2021-03-09 15:38 - 2021-03-09 15:38 - 000044250 _____ C:\Users\betha\Downloads\irs_form_941_4_quarters_or_940_944_2019_or_2020_or_1040_schedule_c_2019_or_2020_if_applicable.pdf 2021-03-09 15:32 - 2021-03-09 15:32 - 000040860 _____ C:\Users\betha\Documents\941 4th qtr 2020.pdf 2021-03-09 15:31 - 2021-03-09 15:31 - 000040841 _____ C:\Users\betha\Documents\941 3rd qtr 2020.pdf 2021-03-09 15:30 - 2021-03-09 15:30 - 000044250 _____ C:\Users\betha\Documents\941 2nd qtr 2020.pdf 2021-03-09 15:29 - 2021-03-09 15:29 - 000685717 _____ C:\Users\betha\Documents\941 1st qtr 2020.pdf 2021-03-09 15:14 - 2021-03-09 15:14 - 000039795 _____ C:\Users\betha\Documents\PPPpayrollreport20210309_14145150.pdf 2021-03-09 15:01 - 2021-03-09 15:01 - 000041379 _____ C:\Users\betha\Documents\OfficerDesignation20210309_14013715.pdf 2021-03-09 14:55 - 2021-03-09 14:55 - 000100123 _____ C:\Users\betha\Downloads\certificate_of_company_officer.pdf 2021-03-09 14:51 - 2021-03-09 14:51 - 000825655 _____ C:\Users\betha\Downloads\operating_agreement_by_laws_dba_filing (1).pdf 2021-03-09 14:50 - 2021-03-09 14:50 - 000046507 _____ C:\Users\betha\Documents\ENTStatement-2020-01.pdf 2021-03-09 14:48 - 2021-03-09 14:48 - 000041821 _____ C:\Users\betha\Documents\bankstatementfeb2021.pdf 2021-03-09 14:18 - 2021-03-09 14:18 - 000533166 _____ C:\Users\betha\Downloads\Form (2).pdf 2021-03-09 14:17 - 2021-03-09 14:17 - 000646631 _____ C:\Users\betha\Documents\Borrower Application 2483-SD revised-508.pdf 2021-03-08 18:06 - 2021-03-08 18:06 - 000043479 _____ C:\Users\betha\Documents\ProfitandLoss 2019 2020 Comparison.pdf 2021-03-08 18:05 - 2021-03-08 18:05 - 000043479 _____ C:\Users\betha\Downloads\ProfitandLoss 2019 2020 Comparison.pdf 2021-03-08 17:22 - 2021-03-08 17:22 - 000388758 _____ C:\Users\betha\Downloads\ownership_addendum.pdf 2021-03-08 17:09 - 2021-03-08 17:09 - 000314951 _____ C:\Users\betha\Downloads\promissory_note.pdf 2021-03-08 17:07 - 2021-03-08 17:07 - 000428098 _____ C:\Users\betha\Downloads\sba_approved (1).pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-06 17:04 - 2020-10-17 01:18 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F9D5E152-7DDC-494E-96B9-CB6257401012} 2021-04-06 16:51 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-06 16:51 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-06 16:50 - 2018-02-04 20:38 - 000000000 ___RD C:\Users\betha\OneDrive 2021-04-06 16:49 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-06 16:49 - 2017-07-25 04:05 - 000000000 ____D C:\ProgramData\PCDr 2021-04-06 16:49 - 2017-07-25 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-04-06 16:48 - 2017-07-25 04:20 - 000000000 ____D C:\ProgramData\Dell 2021-04-06 16:47 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-06 16:45 - 2017-07-25 04:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-06 16:44 - 2020-10-17 01:11 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-06 16:43 - 2020-03-20 13:55 - 000000000 ____D C:\Program Files (x86)\Driver Support One 2021-04-06 16:38 - 2018-02-04 20:33 - 000000000 __SHD C:\Users\betha\IntelGraphicsProfiles 2021-04-06 16:37 - 2020-10-17 01:00 - 000000000 ____D C:\Users\betha 2021-04-06 16:35 - 2020-10-17 01:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-06 16:35 - 2020-10-17 00:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-06 16:35 - 2020-10-17 00:54 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-06 16:35 - 2020-01-16 10:56 - 000000951 _____ C:\WINDOWS\Tasks\EPSON WF-7720 Series Update {FA210AFE-F48A-4E3B-A771-A16AC518FB4A}.job 2021-04-06 16:35 - 2017-07-25 04:13 - 000000000 ____D C:\Intel 2021-04-06 16:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-06 16:31 - 2019-12-07 03:03 - 007077888 _____ C:\WINDOWS\system32\config\BBI 2021-04-06 15:51 - 2020-10-17 01:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-04-06 15:51 - 2018-02-05 12:09 - 000000000 ____D C:\Users\betha\AppData\Roaming\AVAST Software 2021-04-06 15:51 - 2018-02-05 12:07 - 000000000 ____D C:\ProgramData\AVAST Software 2021-04-06 15:51 - 2018-02-05 12:07 - 000000000 ____D C:\Program Files\AVAST Software 2021-04-06 15:50 - 2020-10-17 01:21 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a45419300e23 2021-04-06 15:50 - 2020-10-17 01:18 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-06 15:50 - 2020-10-17 01:18 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-06 15:50 - 2020-10-17 01:18 - 000002642 _____ C:\WINDOWS\system32\Tasks\ZUpdater 2021-04-06 15:50 - 2020-10-17 01:18 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton 2021-04-06 15:50 - 2020-10-17 01:18 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry 2021-04-06 15:43 - 2018-10-16 17:25 - 000000000 ____D C:\Users\betha\AppData\Local\D3DSCache 2021-04-06 13:12 - 2020-10-17 01:18 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-04-06 13:12 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-06 13:11 - 2020-10-24 07:34 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-04-06 13:11 - 2020-04-27 15:06 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-04-06 13:11 - 2019-01-09 07:38 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-04-06 13:11 - 2019-01-09 07:38 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-04-06 13:11 - 2018-11-02 17:53 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-04-06 13:11 - 2018-02-19 17:43 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-04-06 13:11 - 2018-02-19 17:43 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-04-06 13:11 - 2018-02-19 17:43 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-04-06 13:11 - 2018-02-19 17:43 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-04-06 13:10 - 2019-01-14 09:38 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-04-06 13:10 - 2018-02-19 17:43 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-04-06 13:10 - 2018-02-19 17:43 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-04-04 10:36 - 2020-10-14 11:05 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-04 10:34 - 2020-10-14 23:17 - 000000000 ____D C:\Users\betha\AppData\Local\ElevatedDiagnostics 2021-04-02 14:21 - 2020-10-17 01:18 - 000003814 _____ C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask 2021-04-02 14:21 - 2020-10-17 01:18 - 000003504 _____ C:\WINDOWS\system32\Tasks\EPSON WF-7720 Series Update {FA210AFE-F48A-4E3B-A771-A16AC518FB4A} 2021-04-02 14:21 - 2020-10-17 01:18 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-02 14:21 - 2020-10-17 01:18 - 000003310 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C2CC13FF-726B-456B-A52B-190BCCA92BFA} 2021-04-02 14:21 - 2020-10-17 01:18 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-02 14:21 - 2020-10-17 01:18 - 000003104 _____ C:\WINDOWS\system32\Tasks\PCDDataUploadTask 2021-04-02 14:21 - 2020-10-17 01:18 - 000002996 _____ C:\WINDOWS\system32\Tasks\PCDEventLauncherTask 2021-04-02 14:21 - 2020-10-17 01:18 - 000002984 _____ C:\WINDOWS\system32\Tasks\SystemToolsDailyTest 2021-04-02 14:21 - 2020-10-17 01:18 - 000002686 _____ C:\WINDOWS\system32\Tasks\UpdatePrt 2021-04-02 14:21 - 2020-10-17 01:18 - 000002670 _____ C:\WINDOWS\system32\Tasks\Update_Deepteep 2021-04-02 14:21 - 2020-10-17 01:18 - 000002614 _____ C:\WINDOWS\system32\Tasks\DSOne Agent 2021-04-02 14:21 - 2020-10-17 01:18 - 000002386 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare) 2021-03-31 20:26 - 2018-02-04 20:56 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-03-31 20:26 - 2018-02-04 20:56 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-03-31 20:26 - 2018-02-04 20:56 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-03-30 07:09 - 2018-02-04 20:55 - 000000000 ____D C:\Program Files (x86)\Google 2021-03-23 08:46 - 2018-02-05 13:36 - 000002075 _____ C:\Users\Public\Desktop\Google Slides.lnk 2021-03-23 08:46 - 2018-02-05 13:36 - 000002075 _____ C:\ProgramData\Desktop\Google Slides.lnk 2021-03-23 08:46 - 2018-02-05 13:36 - 000002073 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2021-03-23 08:46 - 2018-02-05 13:36 - 000002073 _____ C:\ProgramData\Desktop\Google Sheets.lnk 2021-03-23 08:46 - 2018-02-05 13:36 - 000002063 _____ C:\Users\Public\Desktop\Google Docs.lnk 2021-03-23 08:46 - 2018-02-05 13:36 - 000002063 _____ C:\ProgramData\Desktop\Google Docs.lnk 2021-03-23 08:46 - 2018-02-05 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-03-11 01:45 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-10 22:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-10 11:12 - 2018-02-05 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-10 11:10 - 2018-02-05 12:02 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================