Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sons laptop had virus warning [Solved]


  • This topic is locked This topic is locked

#1
fonzy

fonzy

    Member

  • Member
  • PipPip
  • 76 posts

Hi,

 

My sons laptop had a virus warning show up when he was browsing. The popup kept flashing back up when he closed it. It looked like a Windows warning message but I am not sure.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by cstar (administrator) on JOSHUA-LAPTOP (HP HP Pavilion Laptop 14-dv1xxx) (19-08-2022 21:16:30)
Running from C:\Users\Jmbst\OneDrive\Desktop
Loaded Profiles: cstar & Jmbst
Platform: Microsoft Windows 11 Home Version 21H2 22000.856 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe ->) 0 C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\HPAudioSwitch.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe <13>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_19c2c86110716a54\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_19c2c86110716a54\igfxEMN.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\BridgeCommunication.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_19c2c86110716a54\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_07fa4837b9b8203d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_831e9699d5c05b1c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_a29135245e28a81a\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.0.112.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe <3>
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.2.13.0_x64__v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.exe
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(sihost.exe ->) 0 C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) 0 C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(sihost.exe ->) 0 C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\HP.MyHP.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe\YourPhone.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteamsupdate.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.565.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
0 C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
0 C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [373600 2021-01-18] (Express Vpn LLC -> ExpressVPN)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [DEL_ST_CPL] => CMD /C del "C:\windows\TEMP\ST_CPL.pkg.XML" /F (No File) <==== ATTENTION
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\Installer\setup.exe [3286968 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1342289154-3405821600-2745982807-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1342289154-3405821600-2745982807-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2642320 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1342289154-3405821600-2745982807-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1342289154-3405821600-2745982807-1002\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1342289154-3405821600-2745982807-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2642320 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1342289154-3405821600-2745982807-1002\...\Run: [MicrosoftEdgeAutoLaunch_E69E0D8EA8D29375E41345F7F6ECE03A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.82\Installer\chrmstp.exe [2022-08-17] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {016C2253-9C67-4A60-9BA4-1E6249768201} - System32\Tasks\RtkAudUService64_BG => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5b38b833337c212f\RtkAudUService64.exe [3471240 2022-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {0D1C9FAC-1615-4A58-B8A2-2087E125452D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EEF4906-BEC9-402C-8790-C39692D25B97} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\HP\HP Support Framework\Modules\HPWPD.exe [310856 2022-07-27] (HP Inc. -> HP Inc.)
Task: {110A870D-6BEB-49AE-B3DD-6C07DDB80FDA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1342289154-3405821600-2745982807-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214160 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {1AA69A46-E13C-4F49-BA1E-A74742175D59} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {1CD0CE20-11D1-470E-950D-51309CEB78E0} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [758352 2022-01-19] (McAfee, LLC -> McAfee, LLC)
Task: {27C2FC3B-F77B-46F1-B135-9059CE4BE217} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1342289154-3405821600-2745982807-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214160 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {37C5BD9A-4EA5-4AF9-90F6-D59F3C9F303D} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\windows\System32\Autopilot.dll [217088 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
Task: {3992B65D-0931-426B-A2B0-F71FB601C7F7} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\HP\HP Support Framework\Modules\HPDeviceCheck\HPDeviceCheck.exe [316488 2022-07-27] (HP Inc. -> )
Task: {3CFD03C0-1A27-48DE-96F0-5D5CCB05DC27} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AF1A6CD-42C2-4EB7-820B-2B3CAFBE13A6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {4BC2DF7D-ABC1-4DB9-B09F-E86C4EF41566} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1074608 2022-01-11] (McAfee, LLC -> McAfee, LLC)
Task: {56B63109-BD2C-4554-BAD1-056980C93CAB} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.104\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC)
Task: {56B73CB2-2D6F-42EF-9685-16212E9A3AF7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-07-27] (HP Inc. -> HP Inc.)
Task: {61AEF379-A4DF-40AC-9392-6856584F6E68} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C5143AF-9A92-4381-A5F8-5EEA0D07CD9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {749C01C1-6549-4C88-BD28-62E3354FC48A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [221328 2022-07-27] (HP Inc. -> )
Task: {804452FC-30BB-4031-9AEE-A0A252ABB9A6} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.54\Installer\setup.exe [3286968 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {85A3C162-055D-47B1-B5F6-05B57F91E683} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [412744 2022-07-27] (HP Inc. -> HP Inc.)
Task: {8A7F2A54-292C-471D-9B58-377EEEFA8800} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-26] (Google LLC -> Google LLC)
Task: {93D9BFA4-0E79-4790-AC18-0FF19CA4E05E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-26] (Google LLC -> Google LLC)
Task: {A1F25F96-DBDC-4564-947A-633E4DE92D5D} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4560960 2022-06-27] (McAfee, LLC -> McAfee, LLC)
Task: {A8C84C49-E82C-410F-AB86-1A0DB8E3AA04} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\windows\System32\Autopilot.dll [217088 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
Task: {C0D39203-6044-4C38-A7A7-457F59024800} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {CA0D9FBA-3F23-471D-B80B-931BA3908EC8} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1074608 2022-01-11] (McAfee, LLC -> McAfee, LLC)
Task: {F5319491-3281-412F-849C-29B940902E43} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F846A3DD-2198-4E60-8EC4-1C9A5E37620D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214160 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE300FA3-BB24-430F-8BBE-F66A1EDC0712} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-07-27] (HP Inc. -> HP Inc.)
Task: {FE8677B1-ED5B-410E-9260-078D27D83D52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-07-27] (HP Inc. -> HP Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a894fc34-d632-4879-b113-ec4f4fa1f4ac}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge Profile: C:\Users\cstar\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-21]
 
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-12-27] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2022-01-26] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2022-01-26] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default [2022-08-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-12-26]
CHR Extension: (Google Docs Offline) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-26]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-12-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8903520 2021-12-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437088 2021-01-18] (Express Vpn LLC -> ExpressVPN)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncHelper.exe [3389840 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\AppHelperCap.exe [770544 2022-06-21] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\DiagsCap.exe [769040 2022-06-21] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\NetworkCap.exe [762376 2022-06-21] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_620459b7cf27a23d\x64\SysInfoCap.exe [769040 2022-06-21] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)
R2 IntelAudioService; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_a29135245e28a81a\\AS\\IAS\\IntelAudioService.exe [532056 2022-04-25] (Intel Corporation -> Intel)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-08-06] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [791664 2022-01-19] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [604312 2021-04-22] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.0.112.0\\McCSPServiceHost.exe [2671464 2022-01-12] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1676304 2022-01-18] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.151.0717.0001\OneDriveUpdaterService.exe [3830160 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4310552 2022-01-18] (McAfee, LLC -> McAfee, LLC)
R2 SECOMNService; C:\windows\System32\SECOMN64.exe [743400 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [507904 2021-09-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\windows\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2021-01-18] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpnwintun; C:\windows\System32\drivers\expressvpn-wintun.sys [46824 2021-01-18] (Express VPN International Ltd. -> ExpressVPN)
S3 GSCAuxDriver; C:\windows\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_47dea9773e9dfab7\GSCAuxDriverx64.sys [78904 2021-08-09] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\windows\System32\DriverStore\FileRepository\gscheci.inf_amd64_1027aa064fe1f3f7\TeeDriverGSCW8x64.sys [258104 2021-08-09] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_fc1ed3a5a1d514f2\iaLPSS2_SPI_TGL.sys [158352 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_cd8c3a141c1b1284\iaLPSS2_UART2_TGL.sys [313504 2021-07-19] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\windows\System32\drivers\iaStorVD.sys [1544912 2022-01-05] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_2a3cc0b2d56e7a64\IntcUSB.sys [889936 2022-04-25] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\windows\System32\DriverStore\FileRepository\gna.inf_amd64_19ceb7ce67a7cf8b\gna.sys [87200 2022-01-11] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\windows\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 MpKsl3a089219; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5AAF47F-0DA0-439A-BD67-A2A8A4DE1FE7}\MpKslDrv.sys [141576 2022-08-19] (Microsoft Windows -> Microsoft Corporation)
S3 rtux64w10; C:\windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_a39ece60dbc76c55\rtux64w10.sys [683520 2021-06-05] (Microsoft Windows -> Realtek Corporation)
R3 tapexpressvpn; C:\windows\System32\drivers\tapexpressvpn.sys [52904 2021-01-18] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 mfeaack01; \Device\mfeaack01.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-08-19 21:15 - 2022-08-19 21:16 - 000000000 ____D C:\FRST
2022-08-19 21:01 - 2022-08-19 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-08-19 20:57 - 2022-08-19 20:57 - 000000000 ____D C:\Users\Jmbst\AppData\Local\mbam
2022-08-19 20:52 - 2022-08-19 20:52 - 002556344 _____ (Malwarebytes) C:\Users\Jmbst\Downloads\MBSetup-12115C6B-37335.37335.exe
2022-08-18 14:24 - 2022-03-28 01:05 - 000529448 _____ (Intel) C:\windows\system32\libvpl.dll
2022-08-18 14:24 - 2022-03-28 01:05 - 000460144 _____ (Intel) C:\windows\SysWOW64\libvpl.dll
2022-08-18 14:24 - 2022-03-28 01:04 - 000961344 _____ (Intel Corporation) C:\windows\system32\libmfxhw64.dll
2022-08-18 14:24 - 2022-03-28 01:04 - 000720072 _____ (Intel Corporation) C:\windows\SysWOW64\libmfxhw32.dll
2022-08-18 14:24 - 2022-03-28 01:04 - 000604040 _____ (Intel Corporation) C:\windows\system32\intel_gfx_api-x64.dll
2022-08-18 14:24 - 2022-03-28 01:04 - 000463008 _____ (Intel Corporation) C:\windows\SysWOW64\intel_gfx_api-x86.dll
2022-08-18 14:24 - 2022-03-28 01:04 - 000346304 _____ C:\windows\SysWOW64\IntelControlLib32.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 001915496 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-08-18 14:24 - 2022-03-28 01:03 - 001915496 _____ C:\windows\system32\vulkaninfo.exe
2022-08-18 14:24 - 2022-03-28 01:03 - 001486440 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-08-18 14:24 - 2022-03-28 01:03 - 001486440 _____ C:\windows\SysWOW64\vulkaninfo.exe
2022-08-18 14:24 - 2022-03-28 01:03 - 001442984 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 001442984 _____ C:\windows\system32\vulkan-1.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 001155752 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 001155752 _____ C:\windows\SysWOW64\vulkan-1.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 000477576 _____ C:\windows\system32\ze_tracing_layer.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 000385408 _____ C:\windows\system32\ze_loader.dll
2022-08-18 14:24 - 2022-03-28 01:03 - 000151960 _____ C:\windows\system32\ze_validation_layer.dll
2022-08-18 14:24 - 2022-03-28 01:02 - 027904384 _____ (Intel Corporation) C:\windows\system32\mfxplugin64_hw.dll
2022-08-18 14:24 - 2022-03-28 01:02 - 020646784 _____ (Intel Corporation) C:\windows\SysWOW64\mfxplugin32_hw.dll
2022-08-18 14:24 - 2022-03-28 01:01 - 000244112 _____ C:\windows\system32\ControlLib.dll
2022-08-18 14:24 - 2022-03-28 01:01 - 000197680 _____ C:\windows\SysWOW64\ControlLib32.dll
2022-08-18 14:24 - 2022-03-28 01:01 - 000197680 _____ C:\windows\system32\ControlLib32.dll
2022-08-12 14:04 - 2022-08-12 14:04 - 000327680 _____ C:\windows\system32\pnpdiag.dll
2022-08-12 14:04 - 2022-08-12 14:04 - 000069632 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2022-08-12 14:04 - 2022-08-12 14:04 - 000041472 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2022-08-12 14:04 - 2022-08-12 14:04 - 000015026 _____ C:\windows\system32\DrtmAuthTxt.wim
2022-08-12 14:03 - 2022-08-12 14:03 - 000335872 _____ C:\windows\system32\Windows.Management.InprocObjects.dll
2022-08-12 13:55 - 2022-08-12 13:55 - 000000000 ___HD C:\$WinREAgent
2022-08-11 11:17 - 2022-04-20 19:33 - 050809162 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-08-19 21:14 - 2021-06-05 13:10 - 000000000 ___HD C:\windows\ELAMBKUP
2022-08-19 21:14 - 2021-06-05 13:10 - 000000000 ____D C:\windows\SystemTemp
2022-08-19 21:05 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-19 20:40 - 2021-12-26 17:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-19 20:40 - 2021-06-25 19:10 - 000000000 ____D C:\windows\system32\SleepStudy
2022-08-19 15:54 - 2021-06-05 13:10 - 000000000 ____D C:\windows\AppReadiness
2022-08-19 15:48 - 2021-12-26 17:20 - 000000000 __SHD C:\Users\Jmbst\IntelGraphicsProfiles
2022-08-19 15:48 - 2021-12-26 17:20 - 000000000 ___RD C:\Users\Jmbst\OneDrive
2022-08-19 12:20 - 2021-12-26 17:20 - 000000000 ____D C:\Users\Jmbst\AppData\Local\D3DSCache
2022-08-18 21:10 - 2021-06-25 19:15 - 000943460 _____ C:\windows\system32\PerfStringBackup.INI
2022-08-18 21:10 - 2021-06-05 13:09 - 000000000 ____D C:\windows\INF
2022-08-18 21:02 - 2021-09-14 04:29 - 000000000 ____D C:\Intel
2022-08-18 21:02 - 2021-06-25 19:10 - 000012288 ___SH C:\DumpStack.log.tmp
2022-08-18 21:02 - 2021-06-25 19:10 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-08-18 21:02 - 2021-06-05 13:10 - 000000000 ____D C:\windows\ServiceState
2022-08-18 16:32 - 2022-06-24 20:08 - 000000000 ____D C:\Users\Jmbst\AppData\Roaming\Origin
2022-08-18 16:32 - 2021-06-05 13:01 - 001048576 _____ C:\windows\system32\config\BBI
2022-08-18 16:24 - 2022-06-24 20:08 - 000000000 ____D C:\Users\Jmbst\AppData\Local\Origin
2022-08-18 15:10 - 2022-06-24 20:11 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-08-18 15:10 - 2022-06-24 20:08 - 000000000 ____D C:\ProgramData\Origin
2022-08-18 14:24 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-17 20:52 - 2021-12-26 18:04 - 000000000 ____D C:\Users\Jmbst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-08-17 20:51 - 2021-12-26 17:19 - 000000000 ____D C:\Users\Jmbst\AppData\Local\Packages
2022-08-17 17:00 - 2021-12-26 21:10 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-17 16:59 - 2021-06-05 13:01 - 000032768 _____ C:\windows\system32\config\ELAM
2022-08-17 16:55 - 2021-12-27 20:38 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-08-17 16:55 - 2021-10-30 11:27 - 000000000 ____D C:\windows\HoloShell
2022-08-17 16:55 - 2021-10-30 02:44 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-08-17 16:55 - 2021-06-25 19:10 - 000589632 _____ C:\windows\system32\FNTCACHE.DAT
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\SysWOW64\WinMetadata
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\SysWOW64\Dism
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\SystemResources
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\WinMetadata
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\Sysprep
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\oobe
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\es-MX
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\Dism
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\ShellExperiences
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\Provisioning
2022-08-17 16:55 - 2021-06-05 13:10 - 000000000 ____D C:\windows\bcastdvr
2022-08-17 12:55 - 2021-12-26 17:08 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-17 12:55 - 2021-12-26 17:08 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-16 12:32 - 2022-06-24 20:10 - 000000000 ____D C:\Program Files (x86)\Origin
2022-08-15 19:51 - 2021-12-26 18:04 - 000000000 ____D C:\Users\Jmbst\AppData\Local\Roblox
2022-08-15 19:35 - 2021-12-26 18:04 - 000000255 _____ C:\Users\Jmbst\AppData\LocalLow\rbxcsettings.rbx
2022-08-15 15:29 - 2021-12-27 14:33 - 000004784 _____ C:\windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-08-15 15:29 - 2021-06-25 19:10 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-15 15:28 - 2021-09-14 04:36 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-12 14:30 - 2021-12-26 17:46 - 000000000 ____D C:\windows\system32\MRT
2022-08-12 14:12 - 2021-12-26 17:46 - 144534560 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2022-08-12 14:11 - 2021-06-05 13:01 - 000000000 ____D C:\windows\CbsTemp
2022-08-12 14:03 - 2021-06-25 19:13 - 003103744 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2022-08-11 15:56 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2022-08-11 11:17 - 2021-10-30 02:34 - 000003366 _____ C:\windows\system32\Tasks\RtkAudUService64_BG
2022-08-10 20:41 - 2022-06-24 21:43 - 000001378 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2022-08-09 22:28 - 2021-12-26 17:16 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2022-08-09 22:28 - 2021-12-26 17:16 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-09 22:28 - 2021-12-26 17:16 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-09 21:30 - 2021-12-26 17:45 - 000003194 _____ C:\windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-08-09 21:30 - 2021-12-26 17:45 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-09 21:30 - 2021-12-26 17:21 - 000003596 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1342289154-3405821600-2745982807-1002
2022-08-09 21:30 - 2021-12-26 17:06 - 000003596 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1342289154-3405821600-2745982807-1001
2022-07-29 22:19 - 2021-12-26 17:19 - 000000000 ____D C:\Users\Jmbst
2022-07-27 14:13 - 2021-06-25 19:10 - 000003536 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 14:13 - 2021-06-25 19:10 - 000003412 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-22 20:32 - 2021-06-05 13:10 - 000000000 ____D C:\windows\system32\setup
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by cstar (19-08-2022 21:17:15)
Running from C:\Users\Jmbst\OneDrive\Desktop
Microsoft Windows 11 Home Version 21H2 22000.856 (X64) (2021-12-25 10:05:15)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1342289154-3405821600-2745982807-500 - Administrator - Disabled)
charl (S-1-5-21-1342289154-3405821600-2745982807-1004 - Limited - Disabled)
clara (S-1-5-21-1342289154-3405821600-2745982807-1005 - Limited - Disabled)
cstar (S-1-5-21-1342289154-3405821600-2745982807-1001 - Administrator - Enabled) => C:\Users\cstar
DefaultAccount (S-1-5-21-1342289154-3405821600-2745982807-503 - Limited - Disabled)
famil (S-1-5-21-1342289154-3405821600-2745982807-1006 - Limited - Disabled)
Guest (S-1-5-21-1342289154-3405821600-2745982807-501 - Limited - Disabled)
holly (S-1-5-21-1342289154-3405821600-2745982807-1003 - Limited - Disabled)
Jmbst (S-1-5-21-1342289154-3405821600-2745982807-1002 - Limited - Enabled) => C:\Users\Jmbst
Joshu (S-1-5-21-1342289154-3405821600-2745982807-1008 - Limited - Disabled)
megan (S-1-5-21-1342289154-3405821600-2745982807-1007 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1342289154-3405821600-2745982807-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Disabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ExpressVPN (HKLM-x32\...\{57e033a5-c75e-4823-83af-c1b6b3b759ab}) (Version: 10.0.9.2 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B876CD0833}) (Version: 10.0.9.2 - ExpressVPN) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.82 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R43 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Office Home and Student 2021 - en-us (HKLM\...\HomeStudent2021Retail - en-us) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.151.0717.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820 (HKLM\...\{9CA7111B-263D-45DE-B898-61FAD30B3237}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820 (HKLM\...\{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Roblox Player for Jmbst (HKU\S-1-5-21-1342289154-3405821600-2745982807-1002\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Jmbst (HKU\S-1-5-21-1342289154-3405821600-2745982807-1002\...\roblox-studio) (Version:  - Roblox Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.90.375.1020 - Electronic Arts Inc.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - gamigo, Inc.) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.748 - McAfee, LLC)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.71 - WildTangent)
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 7.0.0.673 - WildTangent) Hidden
 
Packages:
=========
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2022-01-21] (HP Inc.)
HP Enhanced Lighting -> C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.2.13.0_x64__v10z8vjag6ke6 [2022-01-21] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-05-30] (HP Inc.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-05-30] (McAfee LLC.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-05-25] (Random Salad Games LLC)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2022-01-05] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2022-01-05] (Intel Corporation -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.151.0717.0001\FileSyncShell64.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe offers.lnk -> C:\Program Files (x86)\Online Services\Adobe\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?type=103_NW&RedeemCode=YU2qZVym%2faNmY%2fcvDmlPfsDkaPHs9uFI2nQ5JzTzLd5IIB9M59vatzONvfiidAxdrhXzUQJmr6JE1v40k2Y7U6F6CvfGLjfDwLxwn%2bOxvcrfnoqvwEa3f0Bcy5C2ZCJZ7KqjsqZpU4ALxZqwhGSbPj0CTzAtIkstWltIIgX9zBs%3d
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
 
==================== Loaded Modules (Whitelisted) =============
 
2021-12-29 15:03 - 2021-12-29 15:03 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-10-30 02:43 - 2021-10-30 02:43 - 000113152 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.2.13.0_x64__v10z8vjag6ke6\Win32\CameraEventHelper.dll
2022-06-19 18:36 - 2022-06-19 18:36 - 000138240 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\013757d928e3e14b59bef4bc7ac5671b\Interop.IWshRuntimeLibrary.ni.dll
2022-08-19 12:22 - 2022-08-19 12:22 - 000139776 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\3db84aa79a3fe1457c96f12d59c65ea4\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-10-30 02:40 - 2021-10-30 02:40 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2022-07-13 20:49 - 2022-07-13 20:49 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2021-12-29 15:03 - 2021-12-29 15:03 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2022-07-13 20:49 - 2022-07-13 20:49 - 001688576 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2022-08-19 12:22 - 2022-08-19 12:22 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\23ad0bc29f11090587e639c6d5a0e70e\log4net.ni.dll
2022-06-24 20:10 - 2022-06-24 20:09 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-06-24 20:10 - 2022-06-24 20:10 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-06-24 20:10 - 2022-06-24 20:09 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-16 12:31 - 2022-06-24 20:09 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-16 12:31 - 2022-06-24 20:09 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-16 12:31 - 2022-06-24 20:09 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-16 12:31 - 2022-06-24 20:09 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-16 12:31 - 2022-06-24 20:09 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-16 12:31 - 2022-06-24 20:09 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Jmbst\AppData\Local\Temp:$DATA​ [16]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKLM -> {785B309F-D8E8-4459-8F1F-6AB62CFDE895} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {785B309F-D8E8-4459-8F1F-6AB62CFDE895} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1342289154-3405821600-2745982807-1001 -> {785B309F-D8E8-4459-8F1F-6AB62CFDE895} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-07-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-07-27] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1342289154-3405821600-2745982807-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-1342289154-3405821600-2745982807-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jmbst\OneDrive\Pictures\Camera Roll\WIN_20220525_16_22_22_Pro.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{53247632-E6AA-4853-9E5B-90124870B73D}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{931E1AB0-CC57-4F82-93D8-2581B6EF8BD0}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{66AD8BBC-228A-4302-A15C-BD1B0DB0D94F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{4E32F534-CB91-4851-8E0D-AE6779F44711}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3311DACB-5D3A-48D6-B102-2DF5CA9AD793}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9DD9899A-76B8-4E05-BD83-3854D1FCBEFB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D41537D9-F562-4E66-B7D5-B1AB447F1023}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3638F56-0AAE-42E2-92E6-90E07C3706A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RuneScape\bin\win64\RuneScape.exe => No File
FirewallRules: [{B34E7B1B-B3B9-46FB-A9FB-2E39ACCA7FE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RuneScape\bin\win64\RuneScape.exe => No File
FirewallRules: [{BA2B3087-FD36-4062-AC52-61640CC8091A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Custom Night\Ultimate Custom Night.exe () [File not signed]
FirewallRules: [{C445CDD9-4BCE-4993-AEC6-B93885A05752}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Custom Night\Ultimate Custom Night.exe () [File not signed]
FirewallRules: [{97B20227-6C6F-4652-A1C6-17501A3DF605}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DDCCFDB-DD32-48BE-B43A-BDAAF73AE14A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{D9201E9C-5BFC-4DA4-B3B9-23D8D2E01AE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{A10EA534-AEF7-4D50-83E3-267BF9D4CE4C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.17.3200.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{F801963A-0267-40B1-8EB2-9966281EC96B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.17.3200.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{D985B5CA-FCC8-4AF7-ADBD-49FB0160E401}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6EF5B236-A35B-486A-BF9F-33FE46FEEB61}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{023BEBE2-572A-43FB-9D96-2FF5819672D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A5D88913-660A-4C5A-BA1E-700507657CF7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34E86502-0E74-4F6F-BDED-D82017323695}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E75B9B52-9E41-4E2F-936B-2DE870DC58E7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2F3C771A-4E23-45D2-AAD7-650E32B3EC85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C721037-61A8-4245-AAFE-EAC327C1F2BB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{73B5AE9F-49B1-4AD1-A072-1ACEDE403B83}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FBD81E2-2F5C-445A-AF4D-377B4D2F8178}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50ABE067-A2DC-4D3C-82B3-2D07F8296601}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{942209AB-543B-4E8A-BC77-2FD4D843F8EA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{75C8DC69-42FA-423F-8140-A6FA5F4F72A9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{30C2C8AE-BD3D-44AF-93F3-D07C7E2E03AC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{69E01EC6-DB0A-4295-8BEE-8B65764D67DC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{55CCDADC-F6A1-432E-8F5F-BC84BD5CE403}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{1B789088-D17D-435E-A14C-40BF5568E978}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{FB973AE9-53D7-4978-B312-621C62B24103}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{BA59918A-E77A-46DC-A2C3-512E0993DFBA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{967068DB-FDE6-437D-B514-1F6F900E0E35}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{D917765B-6D04-4C5B-9027-C0D15C9209A5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{CF943742-46C7-4C01-B436-BB2924D4FE67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{BB426524-A374-42AE-B64E-49135EDB5591}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{9613BB46-1EB9-4510-B84C-94D4D316E97B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{0C72C2E1-BFA2-49FD-808C-DC860AB7C409}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{76B923B1-5725-4943-ACD0-72D670116B6A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2207.6.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{F277A757-D1CF-4764-BD6B-398E4D7F1539}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AD20DD2-0E8B-4C84-8D85-7D174FE1EB91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CEEBB3C4-5A26-42FB-9CF9-24FA53B854A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8D983F3-5E08-4375-8885-990B16265422}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{773ADC01-49C1-452A-91EA-395222B202BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{112BC2E0-A9B3-4C38-9B09-A95579C14DAE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{150EF4B3-948A-473B-B4A0-DFB809D68776}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{28AE48D8-60EE-4C3C-81DC-73E676C742A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7DE338E-2762-4C8B-8C43-DD4D07ECBAD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5A3426A-40DD-4179-A134-1AD3D468B37D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{B65F07C8-E77D-4B32-AA7D-C3A0C7DE5F7C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CD3E2CEF-D3F6-4516-A1E0-82C50D60805A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7A61B816-73A2-43F8-B3D5-2C010FBCF3A4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F1D6F3BB-D6B0-483C-8477-A3E489BB45FB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{6BB76BF5-E43F-46F4-B254-263E9FA8D8D7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0F1133D2-B32F-4689-B0AF-D3B9C8F6E7DA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B82F568A-1F73-4433-948F-498EE454B9CD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{882B512E-9DF0-472E-B893-E2A5B0C289C9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{A5CF9C05-1018-474F-997A-DB40F75D616A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{FD6FAF82-884C-41E3-A4E1-AC0657F50E45}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{F29CD2A9-7641-4DA9-9F18-63A992C12F53}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4344C5C3-79D2-44E7-B801-85C0CB4CB238}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{E0824E0C-6054-4FF2-A79D-388328C40DC7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8C6CADC1-B069-4FA3-AD27-55E821D4B2FB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{9E537BC3-A503-4BC8-86E8-06945133DCCF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0B77920B-A9F4-402B-94B2-DE65C38DBE1F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{E0CA7F8C-089F-4CEC-B791-904CFE303CD9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{00552CDB-6143-490B-B859-5A4F3ED0F21B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3EB2216F-A9BF-499F-9364-8213E9275513}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2208.1.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{89EB4CA4-9713-458B-AEBE-F3060C4D208C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06C9170C-1E01-47E2-A6E9-9BB6BAF98FEA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
10-08-2022 20:41:09 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
12-08-2022 13:55:45 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/18/2022 04:32:43 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (08/18/2022 04:32:43 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (08/18/2022 04:32:43 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (08/18/2022 04:32:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (08/18/2022 04:32:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (08/18/2022 04:32:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (08/18/2022 04:32:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (08/18/2022 02:26:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RobloxPlayerBeta.exe version 0.540.0.26551 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2edc
 
Start Time: 01d8b305f7dc42da
 
Termination Time: 9
 
Application Path: C:\Users\Jmbst\AppData\Local\Roblox\Versions\version-dd069f433d43402d\RobloxPlayerBeta.exe
 
Report Id: f35f5c20-b351-4fa5-88a6-ffd966a6bc6b
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Unknown
 
 
System errors:
=============
Error: (08/19/2022 08:40:35 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A894FC34-D632-4879-B113-EC4F4FA1F4AC} because another computer on the network has the same name.  The server could not start.
 
Error: (08/19/2022 03:48:32 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A894FC34-D632-4879-B113-EC4F4FA1F4AC} because another computer on the network has the same name.  The server could not start.
 
Error: (08/19/2022 10:29:53 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A894FC34-D632-4879-B113-EC4F4FA1F4AC} because another computer on the network has the same name.  The server could not start.
 
Error: (08/18/2022 04:32:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Server service terminated with the following error: 
A system shutdown is in progress.
 
Error: (08/18/2022 04:32:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Microsoft Defender Antivirus Service service terminated with the following error: 
%%2147943515 = A system shutdown is in progress.
 
Error: (08/18/2022 04:32:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel® Audio Service service terminated with the following service-specific error: 
The operation completed successfully.
 
Error: (08/18/2022 04:32:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel® Audio Service service terminated with the following service-specific error: 
The operation completed successfully.
 
Error: (08/18/2022 04:32:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
Windows Defender:
================
Date: 2022-08-15 19:35:00
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-08-15 19:24:45
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-07-25 13:35:48
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-07-25 12:53:52
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-07-22 11:20:11
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-08-19 21:14:39
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-08-19 21:14:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_831e9699d5c05b1c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-08-19 21:14:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2022-08-19 21:14:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-08-19 21:14:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Insyde F.01 07/14/2021
Motherboard: HP 8987
Processor: 11th Gen Intel® Core™ i5-1155G7 @ 2.50GHz
Percentage of memory in use: 67%
Total physical RAM: 7941.99 MB
Available physical RAM: 2613.91 MB
Total Virtual: 11013.99 MB
Available Virtual: 4531.3 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:476.14 GB) (Free:351.56 GB) (Model: Intel Optane H20 with SSD 512GB) (Protected) NTFS
 
\\?\Volume{6abf69b1-b9de-4d43-9b31-4ab887c43663}\ (Windows RE tools) (Fixed) (Total:0.52 GB) (Free:0.06 GB) NTFS
\\?\Volume{0d98844c-6be1-447b-878a-300fd1067a8f}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 9C125F44)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,330 posts
  • MVP

Nothing visible in your logs.  Sounds like the website he visited was hacked.  It should have gone away after closing the browser (as long as he didn't go back to the sick site)   We've seen these before.  Usually there is a telephone number to call.  It's a scam.


  • 0

#3
fonzy

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Awesome. Thank you for taking the time to reply
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP