computer hacked

Started by mare_wbpa, June 27, 2024, 08:04:10 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

mare_wbpa

I won't try anything today. I'm having issues with my bank since I closed the old account and opened a new one. I spent almost 2 hrs trying to get a human to talk to. My nerves are fried since I got off the phone with the human that I finally got to speak to. If I tried anything technical now I would probably mess it up.,

mare_wbpa

Before I proceed with the fixlist and FRST procedure I think I should tell you that I'm getting a different window when I start my computer

ONENOTE M.EXE-system error
The code execution  cannot proceed because AppVI sv Subsystem 64 dII was not found. reinstalling the program may fix the problem

DR M

Mary Ann, please go on for the FRST fix.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

mare_wbpa

Just to be sure, I download fixlist and save then run FRST and click on fix, copy both logs and paste in post

DR M

When you click on Fix, one log will be created. Not two. The fixlog.txt.

Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

mare_wbpa

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.07.2024
Ran by mary ann (10-07-2024 12:59:24) Run:6
Running from C:\Users\mary ann\Downloads
Loaded Profiles: mary ann
Boot Mode: Normal
==============================================

fixlist content:
*****************
createrestorepoint:
Startup: C:\Users\mary ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2024-01-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {15062BAD-EE8F-4E6D-B8EA-9FC2C8BC1BE6} - \SystemOptimizer -> No File <==== ATTENTION
Task: {77A02876-AADA-4DB9-B51B-D37DDB8D2115} - \SystemOptimizerCustomEvent -> No File <==== ATTENTION
CHR HKU\S-1-5-21-808705873-2307071823-1975692619-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflanjgoamglnnocilcllegbbbfogfjc]
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [X]
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
emptytemp:

*****************

Restore point was successfully created.
C:\Users\mary ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk => moved successfully
C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15062BAD-EE8F-4E6D-B8EA-9FC2C8BC1BE6}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemOptimizer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77A02876-AADA-4DB9-B51B-D37DDB8D2115}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemOptimizerCustomEvent" => removed successfully
HKU\S-1-5-21-808705873-2307071823-1975692619-1001\SOFTWARE\Google\Chrome\Extensions\cflanjgoamglnnocilcllegbbbfogfjc => removed successfully
HKLM\System\CurrentControlSet\Services\GamesAppService => removed successfully
GamesAppService => service removed successfully
HKLM\System\CurrentControlSet\Services\HP Comm Recover => removed successfully
HP Comm Recover => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10721403 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 3789473 B
Edge => 0 B
Chrome => 0 B
Firefox => 872632372 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 658710 B
NetworkService => 658710 B
mary ann => -8804043 B

RecycleBin => 0 B
EmptyTemp: => 848.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:59:48 ====

mare_wbpa

createrestorepoint:
Startup: C:\Users\mary ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2024-01-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {15062BAD-EE8F-4E6D-B8EA-9FC2C8BC1BE6} - \SystemOptimizer -> No File <==== ATTENTION
Task: {77A02876-AADA-4DB9-B51B-D37DDB8D2115} - \SystemOptimizerCustomEvent -> No File <==== ATTENTION
CHR HKU\S-1-5-21-808705873-2307071823-1975692619-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflanjgoamglnnocilcllegbbbfogfjc]
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [X]
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
emptytemp:

DR M

Mary Ann,

Go here https://apps.microsoft.com/detail/xpffzhvgqwwlhb?hl=en-us&gl=US

to install OneNote for Windows.

Let me know if you have issues while trying to install it.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

mare_wbpa

It seems to have installed. Onenote is in my apps list

DR M

Restart and let me know if you are getting any warnings.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

mare_wbpa

Onenote seems to have downloaded. It's in my list of apps. didn't I send the right log for frst.txt?

mare_wbpa

I hope this is it

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.07.2024
Ran by mary ann (administrator) on LAPTOP-4EQFBMN3 (HP HP Laptop 17-cn2xxx) (08-07-2024 14:05:41)
Running from C:\Users\mary ann\Downloads\FRST64.exe
Loaded Profiles: mary ann
Platform: Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24151.2105.2943.2101_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe <12>
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClient.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClient.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\BridgeCommunication.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_ac13c23bf8b4219a\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_ac13c23bf8b4219a\ipf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc) C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6\win32\HP.ContextAware.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2406.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Users\mary ann\AppData\Local\Mozilla Firefox\firefox.exe <30>
(explorer.exe ->) (Storage Appliance Corporation -> Storage Appliance Corp.) C:\ProgramData\OfficeGuardianV2N\Reminder\SacReminder.exe
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_191d9fb378307f35\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0db786bd9a6ade98\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_ac13c23bf8b4219a\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_29fd1afabcf5470c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Storage Appliance Corporation -> Storage Appliance Corp.) C:\ProgramData\OfficeGuardianV2N\UACProxy.exe
(services.exe ->) (Storage Appliance Corporation -> Storage Appliance Corporation) C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1501.533.0_x64__8wekyb3d8bbwe\DevHome.PI.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6\HPQuickDrop.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\mary ann\AppData\Local\Microsoft\OneDrive\24.116.0609.0005\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe [1987544 2024-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [464320 2024-06-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\...\Run: [HPOneAgentService] => C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1605136 2024-05-20] (HP Inc. -> HP Inc; HP Development Company, L.P.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [380784 2022-08-16] (EXPRSVPN LLC -> ExpressVPN)
HKU\S-1-5-21-808705873-2307071823-1975692619-1001\...\Run: [MicrosoftEdgeAutoLaunch_999B8E90B693400311D9758E783E7FCC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-808705873-2307071823-1975692619-1001\...\Run: [SacReminderHDDV2N] => C:\ProgramData\OfficeGuardianV2N\reminder\SacReminder.exe [862032 2010-11-18] (Storage Appliance Corporation -> Storage Appliance Corp.)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\windows\system32\CNMLMBX.DLL [391168 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files\AVG\Browser\Application\126.0.25497.127\Installer\chrmstp.exe [2024-07-01] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-26] (Google LLC -> Google LLC)
Startup: C:\Users\mary ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2024-01-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15062BAD-EE8F-4E6D-B8EA-9FC2C8BC1BE6} - \SystemOptimizer -> No File <==== ATTENTION
Task: {77A02876-AADA-4DB9-B51B-D37DDB8D2115} - \SystemOptimizerCustomEvent -> No File <==== ATTENTION
Task: {0DF0C6B6-575F-4680-B6AC-B1A7705BD1B8} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVG\Browser\Application\AVGBrowser.exe [3154536 2024-06-25] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {97169D64-028B-4D24-A1E1-32CFE50BCEFA} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVG\Browser\Application\AVGBrowser.exe [3154536 2024-06-25] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {F3CF72D0-BA0B-4D08-9A68-C3B197B53B39} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5131704 2024-06-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {97A9314E-F50B-4E91-BEE4-CE020216906C} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [8027576 2024-06-20] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {9F2FF50B-9FD5-4F95-B1A2-B7CC463BF101} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2024-01-12] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {FEB83023-3CE9-4DD1-9ED1-2B388C7BF3C1} - System32\Tasks\AVGBrowserProtectS-1-5-21-808705873-2307071823-1975692619-1001 => C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {9AAD71D1-07E2-45D3-883B-237BF6E09ADE} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2024-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {0194822B-53DE-4043-A680-1B0E4CD02BB0} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2024-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F3F2D9EB-1B0C-4EA5-8DA6-89267E4CF512} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{8D9A1D6A-B4AD-436B-A14F-D5A9B784B54F} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {3F7DEAE6-2942-47F5-9639-EBAA31964D8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-05-13] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {577E5A4B-3BE3-475E-9CF9-E9EDAFD48E35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-05-13] (HP Inc. -> HP Inc.)
Task: {6ABFFDA9-1E94-45A8-91C1-951A89882612} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {4C8C4A6C-ADEB-4F6B-933D-DB060D0B5D2F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {CC570B68-43FB-4442-89FF-BA3D6B507FE2} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {D39C6D05-2383-47BB-A52D-A759C725F23B} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{E3864E7A-058C-4AC3-8331-E2E4F64C69A4}\HPOneAgent.exe [1169488 2024-06-28] (HP Inc. -> HP Inc.)
Task: {89CC1783-2895-4C34-88B0-6C79AF0C2967} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {084A4A14-EE8B-4D5E-A191-63BD24FA163D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {31491C22-EC9D-47D3-890A-E6A52E15602A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B96913AD-DBDB-4892-82C2-615534003774} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {49F4BD44-72F3-4B59-A1A1-D17902FF0742} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169408 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {D876E5B7-2851-4C88-AF4B-1C662D57E990} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {F4907934-B6EB-4C2A-81EE-1492B2971241} - System32\Tasks\Mozilla\Firefox Background Update 80E4E1F205DA295 => C:\Users\mary ann\AppData\Local\Mozilla Firefox\firefox.exe [676936 2024-06-26] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\80E4E1F205DA295\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\80E4E1F205DA295\backgroundupdate.moz_log --backgroundtask backgroundup (the data entry has 4 more characters).
Task: {1AC12C42-DC1C-4FF7-85AB-74E9CBEE60BC} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-808705873-2307071823-1975692619-1001 80E4E1F205DA295 => C:\Users\mary ann\AppData\Local\Mozilla Firefox\firefox.exe [676936 2024-06-26] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\80E4E1F205DA295\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\80E4E1F205DA295\backgroundupdate.moz_log --backgroundtask backgroundup (the data entry has 4 more characters).
Task: {95878FD7-7EAF-4EFD-BF0F-F68E2E844724} - System32\Tasks\Mozilla\Firefox Default Browser Agent 80E4E1F205DA295 => C:\Users\mary ann\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34888 2024-06-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {FFCF0EBF-C677-4E6E-B62F-7951885D23E8} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [69584 2024-07-03] (HP Inc. -> HP Inc.)
Task: {7403A393-C0F7-4A83-8F02-5ED3A225E003} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [69584 2024-07-03] (HP Inc. -> HP Inc.)
Task: {0187A62A-4B6B-4A90-9C9C-D807A8375574} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [66512 2024-07-03] (HP Inc. -> HP Inc.)
Task: {508913E3-BD66-4B1D-9E15-745945DCCFA3} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [66512 2024-07-03] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{76589a44-f848-4698-a640-9c4b72e3128b}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\mary ann\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-08]
Edge Extension: (Google Docs Offline) - C:\Users\mary ann\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\mary ann\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: 5h3lizib.default
FF ProfilePath: C:\Users\mary ann\AppData\Roaming\Mozilla\Firefox\Profiles\5h3lizib.default [2024-06-30]
FF ProfilePath: C:\Users\mary ann\AppData\Roaming\Mozilla\Firefox\Profiles\lopv9txo.default-release [2024-07-08]
FF Notifications: Mozilla\Firefox\Profiles\lopv9txo.default-release -> hxxps://www.truthfinder.com; hxxps://10beststreamingservices.com
FF Extension: (Login Safely) - C:\Users\mary ann\AppData\Roaming\Mozilla\Firefox\Profiles\lopv9txo.default-release\Extensions\loginsafley@loginonline.co.xpi [2024-07-02]
FF Extension: (Capital One Shopping: Save Now) - C:\Users\mary ann\AppData\Roaming\Mozilla\Firefox\Profiles\lopv9txo.default-release\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2024-04-05]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1650.5\npAvgBrowserUpdate3.dll [2024-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1650.5\npAvgBrowserUpdate3.dll [2024-03-02] (AVG Technologies USA, LLC -> AVG Technologies)

Chrome:
=======
CHR Profile: C:\Users\mary ann\AppData\Local\Google\Chrome\User Data\Default [2024-07-04]
CHR HomePage: Default -> bing.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?EID=MBHSE&FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Microsoft Bing Homepage & Search Engine) - C:\Users\mary ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflanjgoamglnnocilcllegbbbfogfjc [2024-06-26]
CHR Extension: (Google Docs Offline) - C:\Users\mary ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mary ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-24]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-808705873-2307071823-1975692619-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflanjgoamglnnocilcllegbbbfogfjc]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2024-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [802744 2024-06-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2360248 2024-06-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1239992 2024-06-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [9077176 2024-06-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2024-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files\AVG\Browser\Application\126.0.25497.127\elevation_service.exe [1773384 2024-06-25] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-01-12] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_191d9fb378307f35\ipfsvc.exe [557096 2023-06-23] (Intel Corporation -> Intel Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [439664 2022-08-16] (EXPRSVPN LLC -> ExpressVPN)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1605136 2024-05-20] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\AppHelperCap.exe [928808 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\DiagsCap.exe [927792 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe [923584 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\SysInfoCap.exe [928704 2024-06-02] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 Intel(R) Platform License Manager Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_4e9e8c349f3a1aca\lib\PlatformLicenseManagerService.exe [741584 2023-10-25] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_29fd1afabcf5470c\AS\IAS\IntelAudioService.exe [530520 2023-10-18] (Intel Corporation -> Intel)
R2 ipfsvc; C:\windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_ac13c23bf8b4219a\ipf_uf.exe [2999912 2023-06-27] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8901528 2024-07-06] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-06] (Malwarebytes Inc. -> Malwarebytes)
R2 SacNetAgentService_C57C4F854F53; C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe [163664 2010-11-18] (Storage Appliance Corporation -> Storage Appliance Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CFUACProxy_officeguardianv2n; "C:\ProgramData\OfficeGuardianV2N\UACProxy.exe" -s "-pC:\ProgramData\OfficeGuardianV2N"
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [X]
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\windows\System32\drivers\avgArDisk.sys [20544 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [229952 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdriver.sys [380992 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsh.sys [292936 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniv.sys [84544 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\windows\System32\drivers\avgElam.sys [27760 2024-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\windows\System32\drivers\avgKbd.sys [28736 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [271944 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\windows\System32\drivers\avgNetHub.sys [548928 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [97856 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [69184 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [942536 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [1195992 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 avgStm; C:\windows\System32\drivers\avgStm.sys [203736 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [306648 2024-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [184320 2023-04-21] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\windows\System32\drivers\bthmodem.sys [106496 2023-04-21] (Microsoft Corporation) [File not signed]
S3 CtaChildDriver; C:\windows\System32\drivers\CtaChildDriver.sys [55776 2023-02-14] (Intel Corporation -> )
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [158640 2024-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 expressvpntun; C:\windows\System32\drivers\expressvpn-tun.sys [56552 2022-08-16] (Express VPN International Ltd. -> ExpressVPN)
R0 fse; C:\windows\System32\drivers\fse.sys [218608 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 GSCAuxDriver; C:\windows\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_3b711bdc1649d583\GSCAuxDriverx64.sys [109040 2023-02-14] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\windows\System32\DriverStore\FileRepository\gscheci.inf_amd64_3658d9d706e4cea6\TeeDriverGSCW8x64.sys [278584 2023-02-14] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [26648 2022-06-23] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [53368 2024-01-14] (HP Inc. -> Windows (R) Win 7 DDK provider)
R3 iaLPSS2_GPIO2_ADL; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_bda8110c074a36f5\iaLPSS2_GPIO2_ADL.sys [141312 2023-07-24] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_c4c17f8529a3943d\iaLPSS2_I2C_ADL.sys [211456 2023-07-24] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ADL; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_334c460fea9b11a4\iaLPSS2_SPI_ADL.sys [171608 2022-12-15] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ADL; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_43d5df63d19fde70\iaLPSS2_UART2_ADL.sys [329320 2022-12-15] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\windows\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-08-29] (Intel Corporation -> Intel Corporation)
S3 Intel_NF_I2C; C:\windows\System32\DriverStore\FileRepository\intel_nf_i2c_child.inf_amd64_a329fd450939b60d\Intel_NF_I2C.sys [222688 2023-02-14] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_4c3f63d0ffe9d9b8\ipf_acpi.sys [88632 2023-06-27] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_ac13c23bf8b4219a\ipf_cpu.sys [85560 2023-06-27] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_ac13c23bf8b4219a\ipf_lf.sys [481896 2023-06-27] (Intel Corporation -> Intel Corporation)
S3 LT6911Au; C:\windows\System32\DriverStore\FileRepository\lt6911au.inf_amd64_62449180becc5735\LT6911Au.sys [66728 2023-03-23] (Intel Corporation -> Intel(R) Corporation)
R2 mbamchameleon; C:\windows\System32\Drivers\MbamChameleon.sys [221264 2024-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [21480 2024-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt11.sys [234856 2024-07-08] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [78400 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239576 2024-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [188784 2024-07-08] (Malwarebytes Inc. -> Malwarebytes)
S3 rtux64w10; C:\windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
S3 scsiscan; C:\windows\system32\DRIVERS\scsiscan.sys [57344 2024-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-07-08 14:02 - 2024-07-08 14:02 - 002093056 _____ (Farbar) C:\Users\mary ann\Downloads\FRST.exe
2024-07-08 13:44 - 2024-07-08 13:44 - 000234856 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt11.sys
2024-07-08 13:22 - 2024-07-08 13:44 - 000188784 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2024-07-07 12:51 - 2024-07-07 12:53 - 000001238 _____ C:\Users\mary ann\Desktop\Malwarebytes Scan Report 2024-07-07 123522.txt
2024-07-07 10:57 - 2024-07-07 11:01 - 000002177 _____ C:\Users\mary ann\Desktop\Malwarebytes Scan Report 2024-07-06 233019.txt
2024-07-07 10:48 - 2024-07-07 10:48 - 000002177 _____ C:\Users\mary ann\Desktop\Malwarebytes Scan Report 2024-07-06 193019.txt
2024-07-06 19:40 - 2024-07-08 14:06 - 000036505 _____ C:\Users\mary ann\Downloads\FRST.txt
2024-07-06 19:40 - 2024-07-06 19:40 - 000000000 _____ C:\Users\mary ann\Downloads\New Text Document (3).txt
2024-07-06 19:39 - 2024-07-06 19:39 - 000005689 _____ C:\Users\mary ann\Downloads\fixlist(49).txt
2024-07-06 19:39 - 2024-07-06 19:39 - 000005689 _____ C:\Users\mary ann\Downloads\fixlist(48).txt
2024-07-06 19:39 - 2024-07-06 19:39 - 000005689 _____ C:\Users\mary ann\Downloads\fixlist(46).txt
2024-07-06 19:39 - 2024-07-06 19:39 - 000005689 _____ C:\Users\mary ann\Downloads\fixlist(45).txt
2024-07-06 19:39 - 2024-07-06 19:39 - 000005689 _____ C:\Users\mary ann\Downloads\fixlist(44).txt
2024-07-06 19:38 - 2024-07-06 19:38 - 002424079 _____ C:\Users\mary ann\Downloads\fixlist(43).txt
2024-07-06 19:38 - 2024-07-06 19:38 - 000005689 _____ C:\Users\mary ann\Downloads\fixlist.txt
2024-07-06 19:24 - 2024-07-06 19:24 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-07-06 19:24 - 2024-07-06 19:24 - 000002088 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-07-06 19:24 - 2024-07-06 19:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-07-06 19:24 - 2024-07-06 19:24 - 000000000 ____D C:\Program Files\Malwarebytes
2024-07-06 19:23 - 2024-07-06 19:23 - 002591728 _____ (Malwarebytes) C:\Users\mary ann\Downloads\MBSetup(1).exe
2024-07-05 13:46 - 2024-07-08 14:04 - 000000000 ____D C:\Users\mary ann\AppData\Local\Malwarebytes
2024-07-05 13:39 - 2024-07-05 13:39 - 002591728 _____ (Malwarebytes) C:\Users\mary ann\Downloads\MBSetup.exe
2024-07-05 11:49 - 2024-07-05 11:49 - 000000000 ____D C:\Users\mary ann\AppData\Local\INetHistory
2024-07-04 16:33 - 2024-07-08 13:44 - 000000000 ____D C:\Users\mary ann\AppData\LocalLow\IGDump
2024-07-04 16:20 - 2024-07-05 11:22 - 002591728 _____ (Malwarebytes) C:\Users\mary ann\Desktop\MBSetup(1).exe
2024-07-04 16:14 - 2024-07-04 16:14 - 002591728 _____ (Malwarebytes) C:\Users\mary ann\Desktop\MBSetup.exe
2024-07-04 13:16 - 2024-07-04 13:20 - 000000000 ____D C:\AdwCleaner
2024-07-04 13:12 - 2024-07-04 13:12 - 008790880 _____ (Malwarebytes) C:\Users\mary ann\Downloads\adwcleaner(1).exe
2024-07-04 13:12 - 2024-07-04 13:12 - 008790880 _____ (Malwarebytes) C:\Users\mary ann\Desktop\adwcleaner.exe
2024-07-04 12:07 - 2024-07-04 12:08 - 000017299 _____ C:\Users\mary ann\Downloads\Fixlog.txt
2024-07-04 12:07 - 2024-07-04 12:07 - 000000000 ____D C:\Users\mary ann\Downloads\FRST-OlderVersion
2024-07-03 16:03 - 2024-07-03 16:03 - 000000752 _____ C:\Users\mary ann\Desktop\Downloads - Shortcut (2).lnk
2024-07-03 15:47 - 2024-07-04 12:05 - 000000000 ____D C:\Users\mary ann\Documents\FRST-OlderVersion
2024-07-03 15:44 - 2024-07-03 15:44 - 000000982 _____ C:\Users\mary ann\Desktop\FRST - Shortcut.lnk
2024-07-03 15:33 - 2024-07-03 15:33 - 000001045 _____ C:\Users\mary ann\Desktop\fixlist(43) - Shortcut.lnk
2024-07-03 13:08 - 2024-07-03 13:08 - 000000000 ___HD C:\$AV_AVG
2024-07-02 21:32 - 2024-07-02 21:32 - 000000000 ____D C:\Users\mary ann\AppData\Roaming\WildTangent
2024-06-30 18:32 - 2024-06-30 18:32 - 000001684 _____ C:\Users\mary ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRST64 - Shortcut (2).lnk
2024-06-30 16:04 - 2024-06-30 16:04 - 000000000 ____D C:\Users\mary ann\Downloads\New folder (2)
2024-06-30 16:02 - 2024-06-30 16:02 - 000000000 ____D C:\Users\mary ann\Downloads\New folder
2024-06-30 15:56 - 2024-07-04 12:07 - 002395648 _____ (Farbar) C:\Users\mary ann\Downloads\FRST64.exe
2024-06-28 15:57 - 2024-07-08 14:05 - 000000000 ____D C:\FRST
2024-06-26 18:11 - 2024-06-26 18:10 - 000314816 _____ (Gen Digital Inc.) C:\windows\system32\avgBoot.exe
2024-06-26 18:11 - 2024-06-26 17:54 - 000000568 _____ C:\windows\SysWOW64\user.config
2024-06-26 18:09 - 2024-06-26 18:09 - 000234888 _____ (AVG Technologies CZ, s.r.o.) C:\Users\mary ann\Downloads\avg_antivirus_free_setup (1).exe
2024-06-26 18:09 - 2024-06-26 18:09 - 000234888 _____ (AVG Technologies CZ, s.r.o.) C:\Users\mary ann\Desktop\avg_antivirus_free_setup (1).exe
2024-06-26 15:20 - 2024-07-04 12:07 - 000000000 ____D C:\Users\mary ann\AppData\Local\Apps\2.0
2024-06-26 15:20 - 2024-06-30 11:32 - 000000000 ____D C:\Users\mary ann\AppData\Local\Deployment
2024-06-26 15:20 - 2024-06-26 15:20 - 000000568 _____ C:\windows\system32\user.config
2024-06-26 12:02 - 2024-07-08 14:00 - 000000000 ____D C:\Users\mary ann\AppData\Local\Mozilla Firefox
2024-06-12 19:40 - 2024-06-12 19:40 - 000024821 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-12 19:37 - 2024-06-12 19:37 - 000024821 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-06-12 19:22 - 2024-06-12 19:30 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-07-08 14:06 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-08 14:03 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SystemTemp
2024-07-08 14:01 - 2024-01-10 15:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-07-08 13:50 - 2022-11-03 00:39 - 000855938 _____ C:\windows\system32\PerfStringBackup.INI
2024-07-08 13:50 - 2022-05-07 01:22 - 000000000 ____D C:\windows\INF
2024-07-08 13:46 - 2024-01-14 19:12 - 000000000 ____D C:\Users\mary ann\AppData\Local\OGH
2024-07-08 13:44 - 2024-01-12 18:07 - 000000000 ____D C:\Users\mary ann\AppData\Local\AVG
2024-07-08 13:44 - 2024-01-12 17:23 - 000000000 ____D C:\ProgramData\AVG
2024-07-08 13:43 - 2022-11-03 00:32 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-08 13:43 - 2022-11-03 00:32 - 000000006 ____H C:\windows\Tasks\SA.DAT
2024-07-08 13:43 - 2022-05-07 01:24 - 000000000 ____D C:\windows\ServiceState
2024-07-08 13:43 - 2022-05-07 01:17 - 001048576 _____ C:\windows\system32\config\BBI
2024-07-08 13:38 - 2022-11-03 00:32 - 000000000 ____D C:\windows\system32\SleepStudy
2024-07-08 13:35 - 2023-04-21 14:33 - 000000000 ____D C:\Program Files\Microsoft Office
2024-07-08 10:37 - 2024-04-23 13:30 - 000004172 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{B7E812A0-8F9B-484B-BB1A-FEA794A52B0F}
2024-07-07 19:30 - 2022-05-07 01:24 - 000000000 ____D C:\windows\AppReadiness
2024-07-06 19:25 - 2024-01-10 12:04 - 000000000 ____D C:\Users\mary ann\AppData\Local\D3DSCache
2024-07-06 19:24 - 2022-05-07 01:24 - 000000000 ___HD C:\windows\ELAMBKUP
2024-07-05 13:20 - 2023-04-21 14:27 - 000001623 _____ C:\windows\system32\config\VSMIDK
2024-07-05 13:02 - 2024-01-10 15:03 - 000000000 ____D C:\Users\mary ann\AppData\Local\ExpressVPN
2024-07-05 12:57 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-05 11:21 - 2024-01-10 12:06 - 000000000 ___RD C:\Users\mary ann\OneDrive
2024-07-04 13:37 - 2023-09-01 10:56 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-07-04 13:20 - 2023-04-21 14:32 - 000000000 ____D C:\ProgramData\HP
2024-07-04 13:20 - 2023-04-21 06:48 - 000000000 ___HD C:\hp
2024-07-04 11:43 - 2023-09-01 10:25 - 000000000 ____D C:\ProgramData\Package Cache
2024-07-03 22:09 - 2022-11-03 00:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-03 22:09 - 2022-11-03 00:32 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-07-03 19:47 - 2022-05-07 01:24 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2024-07-03 19:13 - 2024-01-30 23:02 - 000004296 _____ C:\windows\system32\Tasks\OmenInstallMonitorCustomEvent
2024-07-03 19:13 - 2024-01-30 23:02 - 000004236 _____ C:\windows\system32\Tasks\OmenOverlayCustomEvent
2024-07-03 19:13 - 2024-01-14 19:14 - 000003894 _____ C:\windows\system32\Tasks\OmenInstallMonitor
2024-07-03 19:13 - 2024-01-14 19:14 - 000003834 _____ C:\windows\system32\Tasks\OmenOverlay
2024-07-03 19:11 - 2023-04-21 14:32 - 000000000 ____D C:\Program Files\HP
2024-07-01 14:51 - 2024-03-02 09:45 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2024-07-01 14:51 - 2024-03-02 09:45 - 000002293 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2024-06-30 18:44 - 2024-01-20 02:40 - 000000752 _____ C:\Users\mary ann\Documents\Downloads - Shortcut.lnk
2024-06-30 18:25 - 2024-02-28 23:14 - 000000000 ____D C:\Users\mary ann\AppData\Roaming\Microsoft\MMC
2024-06-30 18:04 - 2024-01-10 12:02 - 000000000 ____D C:\Users\mary ann\AppData\Local\Packages
2024-06-30 09:14 - 2022-11-03 00:35 - 000000000 ____D C:\ProgramData\Packages
2024-06-29 20:54 - 2024-01-30 12:38 - 000002754 _____ C:\windows\system32\Tasks\HPOneAgentRepairTask
2024-06-29 20:54 - 2024-01-10 12:06 - 000003062 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-808705873-2307071823-1975692619-1001
2024-06-29 20:54 - 2024-01-10 12:06 - 000002858 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-808705873-2307071823-1975692619-1001
2024-06-29 20:54 - 2023-09-01 10:53 - 000002854 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-808705873-2307071823-1975692619-500
2024-06-29 20:54 - 2022-11-03 00:32 - 000003464 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-29 20:54 - 2022-11-03 00:32 - 000003240 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-29 17:51 - 2024-01-10 12:02 - 000000000 ____D C:\Users\mary ann
2024-06-29 17:20 - 2024-01-13 15:58 - 000000000 ____D C:\Users\mary ann\AppData\Local\CrashDumps
2024-06-28 11:28 - 2024-01-10 12:06 - 000002395 _____ C:\Users\mary ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-26 18:12 - 2024-01-12 17:25 - 000002006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus Free.lnk
2024-06-26 18:12 - 2024-01-12 17:25 - 000001994 _____ C:\Users\Public\Desktop\AVG AntiVirus Free.lnk
2024-06-26 18:11 - 2024-02-24 13:05 - 000942536 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgSnx.sys
2024-06-26 18:11 - 2024-01-12 17:25 - 000000000 ____D C:\windows\system32\Tasks\AVG
2024-06-26 18:10 - 2024-02-24 13:05 - 000380992 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgbidsdriver.sys
2024-06-26 18:10 - 2024-02-24 13:05 - 000306648 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgVmm.sys
2024-06-26 18:10 - 2024-02-24 13:05 - 000292936 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgbidsh.sys
2024-06-26 18:10 - 2024-02-24 13:05 - 000229952 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgArPot.sys
2024-06-26 18:10 - 2024-02-24 13:05 - 000084544 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgbuniv.sys
2024-06-26 18:10 - 2024-02-24 13:05 - 000028736 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgKbd.sys
2024-06-26 18:10 - 2024-01-12 17:24 - 001195992 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgSP.sys
2024-06-26 18:10 - 2024-01-12 17:24 - 000548928 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgNetHub.sys
2024-06-26 18:10 - 2024-01-12 17:24 - 000271944 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgMonFlt.sys
2024-06-26 18:10 - 2024-01-12 17:24 - 000097856 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgRdr2.sys
2024-06-26 18:10 - 2024-01-12 17:24 - 000069184 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgRvrt.sys
2024-06-26 18:10 - 2024-01-12 17:24 - 000020544 _____ (Gen Digital Inc.) C:\windows\system32\Drivers\avgArDisk.sys
2024-06-26 16:45 - 2024-02-24 14:36 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-26 16:45 - 2024-02-24 14:36 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-06-26 12:16 - 2024-01-10 15:05 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2024-06-25 18:35 - 2022-05-07 01:24 - 000000000 ____D C:\windows\LiveKernelReports
2024-06-13 14:46 - 2024-01-12 17:26 - 000000000 ____D C:\windows\system32\MRT
2024-06-13 14:44 - 2024-01-12 17:26 - 199048176 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2024-06-12 19:57 - 2022-11-03 00:32 - 000535312 _____ C:\windows\system32\FNTCACHE.DAT
2024-06-12 19:56 - 2024-01-12 17:29 - 000000000 ____D C:\windows\system32\Microsoft-Edge-WebView
2024-06-12 19:56 - 2024-01-12 17:29 - 000000000 ____D C:\windows\InboxApps
2024-06-12 19:56 - 2023-09-01 11:10 - 000000000 ____D C:\windows\TextInput
2024-06-12 19:56 - 2023-09-01 11:10 - 000000000 ____D C:\windows\HoloShell
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ___SD C:\windows\system32\UNP
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ___RD C:\windows\PrintDialog
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\UUS
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SysWOW64\WinMetadata
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SysWOW64\setup
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SysWOW64\Dism
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SystemResources
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\WinMetadata
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\ShellExperiences
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\Sgrm
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\setup
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\oobe
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\migwiz
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\Dism
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\appraiser
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\ShellExperiences
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\ShellComponents
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\BrowserCore
2024-06-12 19:56 - 2022-05-07 01:24 - 000000000 ____D C:\windows\bcastdvr
2024-06-12 19:56 - 2022-05-07 01:17 - 000000000 ____D C:\windows\servicing
2024-06-12 19:49 - 2022-05-07 01:17 - 000000000 ____D C:\windows\CbsTemp
2024-06-12 19:48 - 2022-05-07 02:10 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\OEMDefaultAssociations.dll
2024-06-12 19:48 - 2022-05-07 02:10 - 000024383 _____ C:\windows\system32\OEMDefaultAssociations.xml
2024-06-12 19:48 - 2022-05-07 01:25 - 000077312 _____ (Khronos Group) C:\windows\SysWOW64\opencl.dll
2024-06-12 19:48 - 2022-05-07 01:24 - 000118784 _____ (Khronos Group) C:\windows\system32\opencl.dll
2024-06-12 19:46 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-12 19:40 - 2022-11-03 00:34 - 003216384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

DR M

Mary Ann,

I didn't ask for FRST logs this time.

I asked you to do this:

Go here https://apps.microsoft.com/detail/xpffzhvgqwwlhb?hl=en-us&gl=US

to install OneNote for Windows.


Did you do that???
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

mare_wbpa

I did post a reply. Onenote seems to have downloaded. It's in my list of apps.

DR M

And I also told you:

Restart and let me know if you are getting any warning.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."