Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-04-2021 Ran by Owner (administrator) on SANDP (Hewlett-Packard p6754y) (11-04-2021 10:31:38) Running from C:\Users\Owner\Desktop Loaded Profiles: Owner Platform: Windows 10 Home Version 1607 14393.2189 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\8d09f6d36e093c28b437d247dd75b80f\WindowsUpdateBox.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6> (NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe (PDF Complete Inc. -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Sonic Solutions -> Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.48\ccSvcHst.exe <2> (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.48\SymcPCCULaunchSvc.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] (Hewlett-Packard Company -> ) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2020-08-29] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) [File not signed] HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [124536 2015-06-04] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc) HKLM\...\Policies\Explorer: [NoDrives] 524288 HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [HP ENVY Photo 7100 (NET)] => C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.) HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871536 2019-09-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\Run: [Discord] => C:\Users\Owner\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\...\MountPoints2: {d0286264-5bde-11e8-921f-643150259197} - "K:\setup.exe" HKU\S-1-5-21-3443875969-4187526408-4230261024-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\WLXPGSS.SCR [301936 2010-09-23] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3443875969-4187526408-4230261024-1007\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3443875969-4187526408-4230261024-1007\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871536 2019-09-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\3300 Series Port: lxcclmpm.dll HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\WINDOWS\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\WINDOWS\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PDFC: C:\WINDOWS\system32\pdfc_port.dll [27680 2017-11-08] (PDF Complete Inc. -> PDF Complete, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-03-29] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-03-14] ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (NETGEAR -> ) Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk [2019-07-20] ShortcutTarget: Amazon Cloud Drive.lnk -> C:\Users\Owner\AppData\Local\Apps\2.0\TJ3N9ZH4.HXP\11L36OJV.91P\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (Amazon Services LLC -> Amazon Digital Services, LLC.) HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0206CC90-D392-45D8-B52A-4078BEC9674F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {02C2520B-132C-4C2A-ACF4-A8FF3BCD42F2} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.1.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\SymErr.exe Task: {02EC03F3-72CC-45B7-BBC2-E166F4A24634} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2018-03-21] (Microsoft Windows -> Microsoft Corporation) Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {06D7101B-D9AD-401E-9D35-B66C4163EB3D} - System32\Tasks\{57E2D48C-87C7-475B-801C-C64BDF50C94E} => C:\Windows\system32\pcalua.exe -a E:\Setup.EXE -d E:\ Task: {073FD197-7C25-44E0-8FC2-40C8E8285F22} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {108AF5D9-D838-4C01-8A14-5973E284ED23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {1E4EE1F0-285F-4BCE-88F2-74A67977E747} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {21FAFEDF-0EAE-41E6-B3F1-431BD3403754} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [208760 2018-06-27] (HP Inc. -> HP Inc.) Task: {24642DDD-EE0E-471B-90A2-6D449987B424} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {24F4FA6A-98AC-4940-A66A-FF8D7DBDC572} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2BF072F7-41E0-4360-A67F-254A6FC579C0} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {31B10A85-01A8-4DBE-8687-5594C1C72C17} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {3238ACE6-4D6A-40D5-ABA6-65465BB94323} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {34A70115-7AA5-4B09-AA52-A21F1095BAD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {465602B9-8EEC-45D5-9A13-30AE6A2EB664} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4C9E880D-25DF-423E-B156-4E932C6B8E45} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2018-03-21] (Microsoft Windows -> Microsoft Corporation) Task: {56A3381C-9582-430F-BE09-2D5AA37C5392} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {578D0CA6-4844-430C-8D2A-BA79E7C01266} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {5AD24DCF-92B5-4AB0-9118-7549012ECD44} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {6033EE96-EFA7-4AAB-A12D-E821164F4EAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {6235F06B-A77E-4FFD-AEC8-08ED4D361A6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [88120 2016-02-18] (Hewlett-Packard Company -> Hewlett-Packard) Task: {675AE39B-86D1-43F9-9DF1-E3BCF1AEE60B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-07] (Mozilla Corporation -> Mozilla Foundation) Task: {68F27812-9BA8-4965-9597-E8A7676D2907} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1059704 2018-11-09] (HP Inc. -> HP Inc.) Task: {6AFEAD0B-A9E4-43E3-969B-4FDE1D02C629} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704 2010-09-14] (Hewlett-Packard Company -> Hewlett-Packard) Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {7A9ACFFD-3FEF-472C-931D-B19B0CB4EE2E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7E3FF365-0813-480C-811F-5B264FFB4F69} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {84CDDB4F-8273-461F-8CC4-C618336611D5} - System32\Tasks\HPCustParticipation HP ENVY Photo 7100 series => C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\HPCustPartic.exe [6659488 2019-03-18] (HP Inc -> HP Inc.) Task: {89BCB073-A1B5-4DB8-BE9A-D61939885CAA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [525728 2012-09-27] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {8AAB7994-585F-4271-91EB-07425EC87516} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [525728 2012-09-27] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {8AD5A7D4-C0DF-43B0-9C59-4962B434B739} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {959EB680-8624-4803-8E4B-EAA7F4D7E0A5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-09-18] (Garmin International, Inc. -> ) Task: {9803C303-DBEB-424B-8825-88A183D17189} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {A585A773-693A-4899-9F2E-29A6F1CB161A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {A7650279-506F-4919-B3A1-EF0F276F5024} - System32\Tasks\Symantec\Norton Error Processor 18.7.1.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\SymErr.exe Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B2DE50A7-CF5A-4B80-91A2-CF73BF4FAE85} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {B7F051CE-A2AC-43B3-8402-98709433B051} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware) Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BB81E79B-7F74-4200-AD34-39FF5FC0BFCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-12] (Microsoft Corporation -> Microsoft Corporation) Task: {BBCE3EC0-32CE-47CC-9542-B8F83DBA4B4E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CA34A630-9DDF-4AA9-97CD-A61AD0764B44} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-12] (Microsoft Corporation -> Microsoft Corporation) Task: {CB0A897D-D430-412D-9420-A4A1E2C3B9F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-12] (Microsoft Corporation -> Microsoft Corporation) Task: {D18CB7D6-F84D-45D1-9BB8-C6AAB3E7C4C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.) Task: {D2D8C566-94E3-4368-AB8A-49CBEA29D494} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {D56F54AD-C44B-4EB0-894F-4F6A298CD142} - System32\Tasks\{EFB3A039-A0CF-4879-97E1-676E8173316D} => C:\Windows\system32\pcalua.exe -a E:\lexusbin.exe -d E:\ Task: {D6C2CE37-AD91-4238-AE72-89AC98A4DF09} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {DCCEC452-F4F3-4193-B418-3B352CADD5F6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {E0E5F201-5868-44CA-AE39-B94D92CDC551} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {EADC0FAC-3041-48B9-9FD2-8930882B2F7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-12] (Microsoft Corporation -> Microsoft Corporation) Task: {F0948C00-FAE0-4240-A83C-8E2E45BCFCAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FC325156-B9EA-4A4E-9D5F-76604D5AD5F1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{07ccb2d4-7e9c-4cee-85a5-eed4db4652e6}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6f74f278-ddf2-4a69-a431-86442f681908}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{804fe9c2-fa8e-40d0-a84c-48b34d0868ff}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{db06c7cc-6e54-46e0-b192-6bc796f3689a}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ef9cbd18-b2c5-4aa1-bd87-7e1e2abcee8b}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: py01p708.default FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\vc7m2831.default-release-1607146326841 [2021-04-11] FF Extension: (Malwarebytes Browser Guard) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\vc7m2831.default-release-1607146326841\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-07] FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\py01p708.default [2020-08-20] FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\py01p708.default\user.js [2014-03-15] FF Extension: (Advertising Cookie Opt-out) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\py01p708.default\Extensions\optout@google.com.xpi [2015-09-26] [Legacy] [not signed] FF Extension: (Yahoo Toolbar and New Tab) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\py01p708.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}.xpi [2020-05-14] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3443875969-4187526408-4230261024-1001: @hulu.com/Hulu Desktop -> C:\Users\Default.migrated\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll [No File] FF Plugin HKU\S-1-5-21-3443875969-4187526408-4230261024-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-07-30] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-3443875969-4187526408-4230261024-1007: @hulu.com/Hulu Desktop -> C:\Users\Default.migrated\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll [No File] FF Plugin HKU\S-1-5-21-3443875969-4187526408-4230261024-1007: @nsroblox.roblox.com/launcher -> C:\Users\Patti - ipod\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll [2013-01-01] (Roblox Corporation -> ROBLOX Corporation) FF Plugin HKU\S-1-5-21-3443875969-4187526408-4230261024-1007: @nsroblox.roblox.com/launcher64 -> C:\Users\Patti - ipod\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) [File not signed] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2014-05-15] (Canon Inc. -> ) R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-11] (Malwarebytes Inc -> Malwarebytes) S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [405392 2018-03-27] (McAfee, Inc. -> McAfee, Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation -> Symantec Corporation) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.48\SymcPCCULaunchSvc.exe [177080 2011-12-14] (Symantec Corporation -> Symantec Corporation) R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.48\ccSvcHst.exe [126392 2011-12-14] (Symantec Corporation -> Symantec Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc) R2 RoxioNow Service; C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [399344 2010-09-11] (Sonic Solutions -> Roxio) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-12] (Microsoft Corporation -> Microsoft Corporation) R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] (NETGEAR -> ) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider) R3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\bcmwlhigh664.sys [1256192 2011-12-12] (NETGEAR -> Broadcom Corporation) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 FlyUsb; C:\WINDOWS\System32\drivers\FlyUsb.sys [24576 2015-06-04] (Microsoft Windows Hardware Compatibility Publisher -> LeapFrog) S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net) S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [21504 2010-08-06] (hxxp://libusb-win32.sourceforge.net) [File not signed] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-11] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-11] (Malwarebytes Inc -> Malwarebytes) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> ) S3 NPF; C:\WINDOWS\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc. -> CACE Technologies, Inc.) R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [25056 2011-07-22] (NETGEAR -> Windows (R) Win 7 DDK provider) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-12] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-11 10:31 - 2021-04-11 10:35 - 000034758 _____ C:\Users\Owner\Desktop\FRST.txt 2021-04-11 10:31 - 2021-04-11 10:31 - 000000000 ____D C:\Users\Owner\Desktop\FRST-OlderVersion 2021-04-11 10:30 - 2021-04-11 10:30 - 000000000 ___HD C:\$WINDOWS.~BT 2021-04-11 10:27 - 2021-04-11 10:27 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-04-11 10:18 - 2021-04-11 10:18 - 000000000 ____D C:\ProgramData\McAfee 2021-04-11 10:07 - 2021-04-11 10:07 - 000001497 _____ C:\Users\Owner\Desktop\MCPR - Shortcut.lnk 2021-04-11 10:05 - 2021-04-11 10:05 - 011049936 _____ (McAfee, LLC) C:\Users\Owner\Downloads\MCPR.exe 2021-04-11 01:57 - 2021-04-11 01:57 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-11 01:57 - 2020-12-05 11:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-04-11 00:52 - 2021-04-11 00:58 - 000066504 _____ C:\Users\Owner\Downloads\Addition.txt 2021-04-11 00:46 - 2021-04-11 00:58 - 000049119 _____ C:\Users\Owner\Downloads\FRST.txt 2021-04-11 00:44 - 2021-04-11 10:34 - 000000000 ____D C:\FRST 2021-04-11 00:41 - 2021-04-11 10:31 - 002297856 _____ (Farbar) C:\Users\Owner\Desktop\FRST64(1).exe 2021-04-10 23:47 - 2021-04-11 10:15 - 000000418 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job 2021-04-10 23:47 - 2021-04-10 23:47 - 000003892 _____ C:\WINDOWS\system32\Tasks\Driver Easy Scheduled Scan 2021-04-10 23:47 - 2021-04-10 23:47 - 000001014 _____ C:\ProgramData\Desktop\Driver Easy.lnk 2021-04-10 23:47 - 2021-04-10 23:47 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Easeware 2021-04-10 23:47 - 2021-04-10 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2021-04-10 23:46 - 2021-04-10 23:46 - 000000000 ____D C:\Program Files\Easeware 2021-04-10 00:41 - 2021-04-10 00:41 - 000002417 _____ C:\ProgramData\Desktop\Norton PC Checkup.LNK 2021-04-10 00:41 - 2021-04-10 00:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\NortonPCCheckupx64 2021-04-10 00:41 - 2021-04-10 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup 2021-04-10 00:41 - 2021-04-10 00:41 - 000000000 ____D C:\Program Files (x86)\NortonInstaller 2021-04-10 00:41 - 2021-04-10 00:41 - 000000000 ____D C:\Program Files (x86)\Norton PC Checkup 2021-04-09 01:26 - 2021-04-10 00:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-04-09 01:12 - 2021-04-09 01:12 - 000000000 ___HD C:\$SysReset 2021-04-08 01:22 - 2021-04-08 01:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-08 00:07 - 2021-04-10 05:18 - 000000000 __RSD C:\Users\Owner\Documents\McAfee Vaults 2021-04-08 00:07 - 2021-04-08 00:07 - 000000000 ____D C:\Users\Owner\AppData\Local\McAfee File Lock 2021-04-07 23:59 - 2021-04-11 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-04-07 23:45 - 2021-04-08 02:10 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-07 23:40 - 2021-04-07 23:41 - 071159400 _____ (McAfee, LLC) C:\Users\Owner\Downloads\McAfee_Installer_serial_wQG_foG-Si8cUL2sVqJvjQ2_key_affid_105_akey.exe 2021-04-01 09:30 - 2021-04-01 09:45 - 000000000 ___HD C:\$GetCurrent ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-11 10:30 - 2016-11-07 22:25 - 000000000 ___DC C:\WINDOWS\Panther 2021-04-11 10:29 - 2012-05-13 09:10 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-11 10:28 - 2016-11-29 21:50 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla 2021-04-11 10:26 - 2014-09-01 17:56 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat 2021-04-11 10:26 - 2010-12-10 14:43 - 000000000 ____D C:\ProgramData\PDFC 2021-04-11 10:25 - 2016-11-07 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-11 10:25 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-04-11 10:25 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-04-11 10:25 - 2016-07-16 01:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-04-11 10:24 - 2011-08-29 19:36 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Adobe 2021-04-11 10:23 - 2011-12-26 15:07 - 000000000 ____D C:\Users\Patti - ipod\AppData\Roaming\Adobe 2021-04-11 09:25 - 2015-08-29 10:37 - 000000000 ____D C:\Users\Owner\AppData\Local\Roblox 2021-04-11 09:15 - 2016-11-07 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-11 01:58 - 2020-12-06 02:13 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\IGDump 2021-04-11 01:57 - 2020-08-31 23:59 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-04-11 01:57 - 2020-02-03 00:31 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-04-11 01:57 - 2016-07-16 06:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-11 01:55 - 2020-02-03 00:31 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-04-10 23:40 - 2014-09-29 23:35 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-10 23:35 - 2016-07-16 06:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-10 23:27 - 2018-03-29 12:24 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2021-04-10 00:41 - 2015-11-29 14:10 - 000000000 ____D C:\ProgramData\NortonInstaller 2021-04-10 00:41 - 2010-12-10 14:56 - 000000000 ____D C:\ProgramData\Norton 2021-04-09 01:25 - 2011-12-30 10:51 - 000000000 ____D C:\WINDOWS\pss 2021-04-08 22:00 - 2019-06-06 01:53 - 000000000 ____D C:\Windows10Upgrade 2021-04-08 02:24 - 2016-11-07 20:35 - 002280930 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-08 02:12 - 2021-01-07 00:25 - 000000000 ____D C:\Users\Owner\AppData\Local\Discord 2021-04-08 02:10 - 2021-03-07 02:34 - 000000354 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job 2021-04-08 02:10 - 2020-12-05 00:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-08 02:09 - 2016-11-07 20:36 - 000000000 ____D C:\Users\Owner 2021-04-08 01:36 - 2011-12-30 10:51 - 000000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics 2021-04-08 01:35 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-04-08 01:34 - 2021-03-07 02:34 - 000003246 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForOwner 2021-04-08 01:22 - 2020-12-05 00:14 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-08 00:33 - 2021-01-07 00:29 - 000003926 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper 2021-04-08 00:23 - 2016-07-16 01:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-07 23:50 - 2016-07-16 06:45 - 000000000 ____D C:\WINDOWS\INF 2021-04-07 23:49 - 2021-01-07 00:26 - 000000000 ____D C:\Users\Owner\AppData\Roaming\discord 2021-04-07 23:29 - 2010-12-10 17:36 - 000277511 _____ C:\DUMP8b86.tmp 2021-04-01 09:46 - 2018-01-18 18:21 - 000000034 _____ C:\WINDOWS\progress.ini 2021-04-01 09:32 - 2017-07-27 16:30 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3443875969-4187526408-4230261024-1001 2021-04-01 09:31 - 2019-08-11 11:56 - 000002411 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-01 09:31 - 2015-11-29 14:18 - 000000000 ___RD C:\Users\Owner\OneDrive 2021-04-01 09:03 - 2010-12-10 17:36 - 000285767 _____ C:\DUMP88b8.tmp ==================== Files in the root of some directories ======== 2015-12-14 00:39 - 2015-12-14 00:39 - 000002201 _____ () C:\Users\Owner\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2021-04-08 00:41 ==================== End of FRST.txt ========================