PC is in danger – Virus, Trojan, Spyware, and Malware Removal Help | #microsoft | #hacking | #cybersecurity


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by deval (administrator) on LAPTOP-4KJI0R9D (HP HP Laptop 15-dw2xxx) (09-06-2021 11:19:43)
Running from C:UsersdevalDownloads
Loaded Profiles: deval
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusaswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusaswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusAVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusavgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusAVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntiviruswsc_proxy.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientAuthManagerAuthManSvr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientconcentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientReceiverReceiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientReceiverUpdaterService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientredirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientSelfServicePluginSelfService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientSelfServicePluginSelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientssonsvr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientwfcrun32.exe
(Dropbox, Inc -> Dropbox, Inc.) C:Program Files (x86)DropboxClientDropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:Program Files (x86)DropboxUpdateDropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:WindowsSystem32DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:Program Files (x86)DropboxClient124.4.4910QtWebEngineProcess.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:WindowsSystem32ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:WindowsSystem32ETDService.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwarea2service.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwarea2start.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwareeppwsc.exe
(Express Vpn LLC -> ExpressVPN) C:Program Files (x86)ExpressVPNbootstrapamd64nssm.exe
(Express Vpn LLC -> ExpressVPN) C:Program Files (x86)ExpressVPNexpressvpndexpressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:Program Files (x86)ExpressVPNexpressvpn-uiExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:Program Files (x86)HPHPAudioSwitchHPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:Program FilesHPCommRecoveryHPCommRecovery.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpanalyticscomp.inf_amd64_eb7ea98d07646ecex64TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpanalyticscomp.inf_amd64_eb7ea98d07646ecex64TouchpointGpuInfo.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64AppHelperCap.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64DiagsCap.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64NetworkCap.exe
(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64SysInfoCap.exe
(HP Inc.) C:Program FilesWindowsAppsAD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6HP.JumpStarts.exe
(HP Inc.) C:Program FilesWindowsAppsAD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6SystemEventUtilityHPSystemEventUtilityHost.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydptf_cpu.inf_amd64_21306a77b30fd6e0esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_0b214be229a13e84jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_efb119a73d6b56f6igfxCUIServiceN.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_efb119a73d6b56f6igfxEMN.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_577b4722c749a41fOneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_2b1d9e395a05d1c9IntelCpHDCPSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiastorac.inf_amd64_ef0d14a478b232f4RstMwService.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeePlatformMSMMcSmtFwk.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMATMcPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeVULMcVulCtr.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:UsersdevalAppDataLocalMicrosoftOneDriveOneDrive.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbweCortana.exe
(Microsoft Windows -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunAppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:Program Files (x86)EPSON SoftwareEvent ManagerEEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:Program Files (x86)EPSON SoftwareFAX UtilityFUFAXRCV.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:Program Files (x86)EPSON SoftwarePMA_APMA.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:Program Files (x86)EPSON SoftwarePMA_APMAService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:WindowsSystem32escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:WindowsSystem32spooldriversx643E_YATIQCE.EXE <2>
(Smart Sound Technology -> Intel) C:WindowsSystem32cAVSIASIntelAudioService.exe
(Sound Research Corporation -> Sound Research, Corp.) C:WindowsSystem32SECOMN64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RtkAudUService] => C:windowsSystem32RtkAudUService64.exe [1076000 2020-05-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [Emsisoft Anti-Malware] => C:Program FilesEmsisoft Anti-Malwarea2guard.exe [9331776 2021-03-03] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM…Run: [iTunesHelper] => C:Program FilesiTunesiTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM…Run: [AVGUI.exe] => C:Program FilesAVGAntivirusAvLaunch.exe [170240 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32…Run: [ExpressVPNNotificationService] => C:Program Files (x86)ExpressVPNexpressvpn-uiExpressVPNNotificationServiceStarter.exe [471432 2020-05-15] (Express Vpn LLC -> ExpressVPN)
HKLM-x32…Run: [ConnectionCenter] => C:Program Files (x86)CitrixICA Clientconcentr.exe [798816 2020-10-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32…Run: [Redirector] => C:Program Files (x86)CitrixICA Clientredirector.exe [460896 2020-10-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32…Run: [Citrix Receiver] => C:Program Files (x86)CitrixICA ClientSelfServicePluginSelfService.exe [5262432 2020-09-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32…Run: [Dropbox] => C:Program Files (x86)DropboxClientDropbox.exe [8172320 2021-06-05] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32…Run: [FUFAXRCV] => C:Program Files (x86)Epson SoftwareFAX UtilityFUFAXRCV.exe [670856 2020-04-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32…Run: [FUFAXSTM] => C:Program Files (x86)Epson SoftwareFAX UtilityFUFAXSTM.exe [896136 2020-04-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32…Run: [EEventManager] => C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe [1318024 2020-07-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…Run: [EPLTargetP0000000000000000] => C:windowssystem32spoolDRIVERSx643E_YATIQCE.EXE [418000 2016-07-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…Run: [EPLTargetP0000000000000001] => C:windowssystem32spoolDRIVERSx643E_YATIQCE.EXE [418000 2016-07-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…RunOnce: [Delete Cached Update Binary] => C:windowssystem32cmd.exe /q /c del /q “C:UsersdevalAppDataLocalMicrosoftOneDriveUpdateOneDriveSetup.exe”
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…RunOnce: [Delete Cached Standalone Update Binary] => C:windowssystem32cmd.exe /q /c del /q “C:UsersdevalAppDataLocalMicrosoftOneDriveStandaloneUpdaterOneDriveSetup.exe”
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…RunOnce: [Uninstall 21.073.0411.0002amd64] => C:windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersdevalAppDataLocalMicrosoftOneDrive21.073.0411.0002amd64”
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…RunOnce: [Uninstall 21.073.0411.0002] => C:windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersdevalAppDataLocalMicrosoftOneDrive21.073.0411.0002”
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…RunOnce: [Uninstall 21.083.0425.0003amd64] => C:windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersdevalAppDataLocalMicrosoftOneDrive21.083.0425.0003amd64”
HKUS-1-5-21-4172828257-1784996619-1967803511-1001…RunOnce: [Uninstall 21.083.0425.0003] => C:windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersdevalAppDataLocalMicrosoftOneDrive21.083.0425.0003”
HKLM…PrintMonitorsEPSON PC-FAX Driver2 64Monitor: C:windowssystem32EFXLM16A.DLL [182784 2020-04-25] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM…PrintMonitorsEPSON WF-4740 Series 64MonitorBE: C:windowssystem32E_YLMBQCE.DLL [184832 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM…PrintMonitorsEpsonNet Print Port: C:windowssystem32enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication91.0.4472.77Installerchrmstp.exe [2021-06-03] (Google LLC -> Google LLC)
HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02B7B57F-D8C9-4588-A60D-F4A5237DA5B9} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [696304 2021-05-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {05FAFDA9-EFFA-4ADA-82D1-37024FEBA008} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {13CBC11F-9FA8-4C8E-A357-718E487E203E} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker => C:Program Files (x86)HPHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1139032 2021-02-25] (HP Inc. -> HP Inc.)
Task: {154AD72D-246E-46EB-8C75-6DA668FF2C2E} – System32TasksHPConsent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {3BAD449B-B607-45C9-AB66-F2C5CD94D875} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [147288 2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EE1EEC2-CB60-47E3-A1F1-B9C6B519D954} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EE921F-CB71-4C8C-B63B-307F481095E2} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [147288 2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {5880740A-CCE4-4973-B1FA-E9CC6D2D980A} – System32TasksEPSON WF-4740 Series Update {BE63A48C-2285-4575-AAF0-AA0448161468} => C:windowssystem32spoolDRIVERSx643E_YTSQCE.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {5ACA60AF-0121-4835-AF7E-A27B856E6905} – System32TasksAntivirus Emergency Update => C:Program FilesAVGAntivirusAvEmUpdate.exe [4856576 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {5B4EBE61-C7EB-46A8-AA8C-6BFB153D8804} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Report => C:Program Files (x86)HPHP Support FrameworkResourcesHPSFReport.exe [135000 2020-12-22] (HP Inc. -> HP Inc.)
Task: {618DCE0F-B7F5-4258-B427-12855EF6C9F4} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_DeviceScan => C:Program Files (x86)HPHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1139032 2021-02-25] (HP Inc. -> HP Inc.)
Task: {6A3D8001-6062-427A-A70D-9F43A0240E20} – System32TasksDropboxUpdateTaskMachineUA => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [143144 2021-01-21] (Dropbox, Inc -> Dropbox, Inc.)
Task: {772E8CF1-FFEE-4FFC-989B-9D0FE2D687F8} – System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7AAE5ABC-8A42-404B-B7B8-28C65301BBC2} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-12-20] (Google LLC -> Google LLC)
Task: {856D21CA-A75D-4631-95E4-FCB321A9FF12} – System32TasksHPAudioSwitch => C:Program Files (x86)HPHPAudioSwitchHPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {A464D623-30EE-495A-B82B-3F6A9DB29FB0} – System32TasksHewlett-PackardHP Support AssistantHP Support Assistant Update Notice => C:Program Files (x86)HPHP Support FrameworkResourcesBingPopupBingPopup.exe [555640 2021-04-16] (HP Inc. -> HP Inc.)
Task: {B7A460BE-06FC-4C92-91E2-67E6AD025246} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-12-20] (Google LLC -> Google LLC)
Task: {BEA5D0CA-6275-4E7D-ACE7-1AE4D9343842} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAC7C09C-65EE-42E5-9B01-08FF5B76E829} – System32TasksEPSON WF-4740 Series Update {C887F7B0-FF4C-431F-905C-650BA47F726C} => C:windowssystem32spoolDRIVERSx643E_YTSQCE.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {D14208B0-64EC-44A6-BEB5-4039C0F22066} – System32TasksDropboxUpdateTaskMachineCore => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [143144 2021-01-21] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D4A9EFB5-664C-4F52-A781-AC1FE4E72C76} – System32TasksAVGOverseer => C:Program FilesCommon FilesAVGOverseeroverseer.exe [1821968 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:windowsTasksDropboxUpdateTaskMachineCore.job => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe
Task: C:windowsTasksDropboxUpdateTaskMachineUA.job => C:Program Files (x86)DropboxUpdateDropboxUpdate.exe
Task: C:windowsTasksEPSON WF-4740 Series Update {BE63A48C-2285-4575-AAF0-AA0448161468}.job => C:windowssystem32spoolDRIVERSx643E_YTSQCE.EXE:/EXE:{BE63A48C-2285-4575-AAF0-AA0448161468} /F:UpdateWORKGROUPLAPTOP-4KJI0R9D$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:windowsTasksEPSON WF-4740 Series Update {C887F7B0-FF4C-431F-905C-650BA47F726C}.job => C:windowssystem32spoolDRIVERSx643E_YTSQCE.EXE:/EXE:{C887F7B0-FF4C-431F-905C-650BA47F726C} /F:UpdateWORKGROUPLAPTOP-4KJI0R9D$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:Program Files (x86)BonjourmdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:Program FilesBonjourmdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
TcpipParameters: [DhcpNameServer] 192.168.1.254
Tcpip..Interfaces{591eb05e-8779-48b1-906e-55007205b6fa}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:UsersdevalAppDataLocalMicrosoftEdgeUser DataDefault [2021-06-08]
Edge Extension: (Malwarebytes Browser Guard) – C:UsersdevalAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-06-08]
Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: uwakor11.default
FF ProfilePath: C:UsersdevalAppDataRoamingMozillaFirefoxProfilesuwakor11.default [2020-12-20]
FF ProfilePath: C:UsersdevalAppDataRoamingMozillaFirefoxProfiles2u5v00d7.default-release [2021-06-09]
FF Extension: (Malwarebytes Browser Guard) – C:UsersdevalAppDataRoamingMozillaFirefoxProfiles2u5v00d7.default-releaseExtensions{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-08]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican -> C:Program Files (x86)CitrixICA ClientnpicaN.dll [2020-10-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:UsersdevalAppDataLocalGoogleChromeUser DataDefault [2021-06-09]
CHR Notifications: Default -> hxxps://last-news-cd7abvcd57vg6fb2.news-hot.xyz; hxxps://www2.news-back.org
CHR Extension: (Adobe Acrobat) – C:UsersdevalAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-01]
CHR Extension: (Chrome Web Store Payments) – C:UsersdevalAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) – C:UsersdevalAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0300511621351167mcinstcleanup; C:ProgramDataMcInstTemp0300511621351167McInst.exe [864720 2021-01-14] (McAfee, LLC -> McAfee, LLC)
R2 a2AntiMalware; C:Program FilesEmsisoft Anti-Malwarea2service.exe [9809008 2021-03-03] (Emsisoft Ltd -> Emsisoft Ltd)
R2 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:Program FilesAVGAntivirusAVGSvc.exe [623360 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:Program FilesAVGAntivirusavgToolsSvc.exe [370944 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:Program FilesAVGAntivirusaswidsagent.exe [8198768 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:Program FilesAVGAntiviruswsc_proxy.exe [109480 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 CWAUpdaterService; C:Program Files (x86)CitrixICA ClientReceiverUpdaterService.exe [43616 2020-10-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S2 dbupdate; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [143144 2021-01-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:Program Files (x86)DropboxUpdateDropboxUpdate.exe [143144 2021-01-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:windowssystem32DbxSvc.exe [44328 2021-06-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 EppWsc; C:Program FilesEmsisoft Anti-MalwareEppWsc.exe [1445584 2021-03-03] (Emsisoft Ltd -> Emsisoft Ltd)
R2 Epson PMAService A; C:Program Files (x86)Epson SoftwarePMA_APMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EpsonScanSvc; C:windowssystem32EscSvc64.exe [145224 2020-02-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 ExpressVPNService; C:Program Files (x86)ExpressVPNbootstrapamd64nssm.exe [438664 2020-05-15] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:Program FilesHPCommRecoveryHPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64AppHelperCap.exe [731152 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64DiagsCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64NetworkCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_d9cbd6bbac564232x64SysInfoCap.exe [729608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:windowsSystem32DriverStoreFileRepositoryhpanalyticscomp.inf_amd64_eb7ea98d07646ecex64TouchpointAnalyticsClientService.exe [480280 2021-03-17] (HP Inc. -> HP Inc.)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7391408 2021-05-18] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0NisSrv.exe [2644760 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MsMpEng.exe [136656 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mfefire; “C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe” [X]
S2 mfemms; “C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe” [X]
S3 mfevtp; no ImagePath
S2 WildTangentHelper; “C:Program Files (x86)WildTangent GamesIntegrationWildTangentHelperService.exe” [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:windowssystem32driversAmUStorU.sys [127936 2020-04-14] (Alcorlink Corp. -> )
S0 avgArDisk; C:windowsSystem32driversavgArDisk.sys [35800 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:windowsSystem32driversavgArPot.sys [216488 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:windowsSystem32driversavgbidsdriver.sys [365592 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:windowsSystem32driversavgbidsh.sys [250392 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:windowsSystem32driversavgbuniv.sys [99352 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 avgElam; C:windowsSystem32driversavgElam.sys [17344 2021-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:windowsSystem32driversavgKbd.sys [41424 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:windowsSystem32driversavgMonFlt.sys [181072 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:windowsSystem32driversavgNetHub.sys [523016 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:windowsSystem32driversavgRdr2.sys [107936 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:windowsSystem32driversavgRvrt.sys [83000 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:windowsSystem32driversavgSnx.sys [851272 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:windowsSystem32driversavgSP.sys [471480 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:windowsSystem32driversavgStm.sys [215464 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:windowsSystem32driversavgVmm.sys [327104 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 epp; C:Program FilesEmsisoft Anti-Malwareepp.sys [155112 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:windowsSystem32driverseppdisk.sys [37776 2019-06-03] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:windowsSystem32driversEppElam.sys [16808 2021-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:Program FilesEmsisoft Anti-Malwareeppwfp.sys [126968 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S3 expressvpnsplittunnel; C:Program Files (x86)ExpressVPNsplittunnelexpressvpnsplittunnel.sys [28440 2020-05-15] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapdriver.inf_amd64_1f5602eb8a12ac4cx64hpcustomcapdriver.sys [24096 2020-04-08] (HP Inc. -> HP Inc.)
R3 iaLPSS2_GPIO2_ICL; C:windowsSystem32DriverStoreFileRepositoryialpss2_gpio2_icl.inf_amd64_90beccc7e046ababiaLPSS2_GPIO2_ICL.sys [132872 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:windowsSystem32DriverStoreFileRepositoryialpss2_i2c_icl.inf_amd64_c8c0638291b9b209iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ICL; C:windowsSystem32DriverStoreFileRepositoryialpss2_spi_icl.inf_amd64_7e39397aa93f0448iaLPSS2_SPI_ICL.sys [157696 2020-04-23] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2_ICL; C:windowsSystem32DriverStoreFileRepositoryialpss2_uart2_icl.inf_amd64_b535659b9405201aiaLPSS2_UART2_ICL.sys [312600 2020-04-28] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:windowsSystem32DriversMbamChameleon.sys [220752 2021-05-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:windowsSystem32DRIVERSMbamElam.sys [19912 2021-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:windowsSystem32Driversmbamswissarmy.sys [248992 2021-05-18] (Malwarebytes Inc -> Malwarebytes)
R3 tapexpressvpn; C:windowsSystem32driverstapexpressvpn.sys [44304 2020-05-15] (ExprsVPN LLC -> The OpenVPN Project)
R1 vbdenum; C:windowsSystem32driversvbdenum.sys [119432 2020-08-21] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 WdBoot; C:windowssystem32driverswdWdBoot.sys [49560 2021-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:windowssystem32driverswdWdFilter.sys [425208 2021-06-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:windowsSystem32driverswdWdNisDrv.sys [76008 2021-06-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:windowsSystem32driversWirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S1 amsdk; ??C:windowssystem32driversamsdk.sys [X]
S0 cfwids; system32driverscfwids.sys [X]
R0 mfeaack; system32driversmfeaack.sys [X]
R0 mfeavfk; system32driversmfeavfk.sys [X]
S0 mfeelamk; system32driversmfeelamk.sys [X]
S0 mfefirek; system32driversmfefirek.sys [X]
R0 mfehidk; system32driversmfehidk.sys [X]
R0 mfeplk; system32driversmfeplk.sys [X]
R0 mfewfpk; system32driversmfewfpk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 11:19 – 2021-06-09 11:20 – 000032549 _____ C:UsersdevalDownloadsFRST.txt
2021-06-09 11:19 – 2021-06-09 11:19 – 000000000 ____D C:FRST
2021-06-09 11:18 – 2021-06-09 11:18 – 002300416 _____ (Farbar) C:UsersdevalDownloadsFRST64.exe
2021-06-08 19:19 – 2021-06-08 19:19 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDropbox
2021-06-08 12:00 – 2021-06-08 12:00 – 008534696 _____ (Malwarebytes) C:UsersdevalDownloadsAdwCleaner(1).exe
2021-06-08 11:57 – 2021-06-08 12:00 – 000962579 _____ C:windowsZAM.krnl.trace
2021-06-08 11:57 – 2021-06-08 12:00 – 000000000 ____D C:UsersdevalAppDataLocalAMSDK
2021-06-08 11:57 – 2021-06-08 11:57 – 000000000 ____D C:UsersdevalAppDataLocalZemana
2021-06-08 11:55 – 2021-06-08 11:55 – 013922376 _____ (Zemana Ltd. ) C:UsersdevalDownloadsAntiMalware_Setup.exe
2021-06-08 11:41 – 2021-06-08 11:41 – 007495512 _____ (VS Revo Group ) C:UsersdevalDownloadsrevosetup.exe
2021-06-08 11:30 – 2021-06-08 11:36 – 000000000 ____D C:UsersdevalAppDataLocalAVG
2021-06-08 11:30 – 2021-06-08 11:30 – 000002082 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG AntiVirus FREE.lnk
2021-06-08 11:30 – 2021-06-08 11:30 – 000002070 _____ C:UsersPublicDesktopAVG AntiVirus FREE.lnk
2021-06-08 11:30 – 2021-06-08 11:30 – 000002070 _____ c:ProgramDataDesktopAVG AntiVirus FREE.lnk
2021-06-08 11:30 – 2021-06-08 11:30 – 000000000 ____D C:UsersdevalAppDataRoamingAVG
2021-06-08 11:30 – 2021-06-08 11:30 – 000000000 ____D C:UsersdevalAppDataLocalCEF
2021-06-08 11:29 – 2021-06-08 11:29 – 000851272 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgSnx.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000523016 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgNetHub.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000471480 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgSP.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000365592 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32Driversavgbidsdriver.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000340224 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32avgBoot.exe
2021-06-08 11:29 – 2021-06-08 11:29 – 000327104 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgVmm.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000250392 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32Driversavgbidsh.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000216488 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgArPot.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000215464 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgStm.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000181072 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgMonFlt.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000107936 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgRdr2.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000099352 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32Driversavgbuniv.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000083000 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgRvrt.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000041424 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgKbd.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000035800 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgArDisk.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000017344 _____ (AVG Technologies CZ, s.r.o.) C:windowssystem32DriversavgElam.sys
2021-06-08 11:29 – 2021-06-08 11:29 – 000003992 _____ C:windowssystem32TasksAntivirus Emergency Update
2021-06-08 11:29 – 2021-06-08 11:29 – 000000000 ____D C:windowssystem32TasksAVG
2021-06-08 11:29 – 2021-06-08 11:29 – 000000000 ____D C:Program FilesCommon FilesAVG
2021-06-08 11:29 – 2021-06-08 11:29 – 000000000 ____D C:Program FilesAVG
2021-06-08 11:28 – 2021-06-08 11:36 – 000000000 ____D C:ProgramDataAVG
2021-06-08 11:28 – 2021-06-08 11:28 – 000261448 _____ (AVG Technologies CZ, s.r.o.) C:UsersdevalDownloadsavg_antivirus_free_setup.exe
2021-06-05 06:51 – 2021-06-05 06:51 – 000047600 _____ (Dropbox, Inc.) C:windowssystem32Driversdbx-stable.sys
2021-06-05 06:51 – 2021-06-05 06:51 – 000047600 _____ (Dropbox, Inc.) C:windowssystem32Driversdbx-dev.sys
2021-06-05 06:51 – 2021-06-05 06:51 – 000047600 _____ (Dropbox, Inc.) C:windowssystem32Driversdbx-canary.sys
2021-06-05 06:51 – 2021-06-05 06:51 – 000044328 _____ (Dropbox, Inc.) C:windowssystem32DbxSvc.exe
2021-05-26 21:52 – 2021-05-26 21:56 – 000000000 ____D C:UsersdevalAppDataRoamingApple Computer
2021-05-26 21:52 – 2021-05-26 21:52 – 000000000 ____H C:windowssystem32DriversMsft_User_WpdMtpDr_01_11_00.Wdf
2021-05-26 21:52 – 2021-05-26 21:52 – 000000000 ____D C:UsersdevalAppDataLocalApple Inc
2021-05-26 21:52 – 2021-05-26 21:52 – 000000000 ____D C:UsersdevalAppDataLocalApple Computer
2021-05-26 21:51 – 2021-05-26 21:51 – 000001823 _____ C:UsersPublicDesktopiTunes.lnk
2021-05-26 21:51 – 2021-05-26 21:51 – 000001823 _____ c:ProgramDataDesktopiTunes.lnk
2021-05-26 21:51 – 2021-05-26 21:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes
2021-05-26 21:51 – 2021-05-26 21:51 – 000000000 ____D C:ProgramDataApple Computer
2021-05-26 21:51 – 2021-05-26 21:51 – 000000000 ____D C:Program FilesiTunes
2021-05-26 21:50 – 2021-05-26 21:50 – 000002535 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsApple Software Update.lnk
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:windowssystem32TasksApple
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:UsersdevalAppDataLocalApple
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:ProgramDataApple
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:Program FilesCommon FilesApple
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:Program FilesBonjour
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:Program Files (x86)Bonjour
2021-05-26 21:50 – 2021-05-26 21:50 – 000000000 ____D C:Program Files (x86)Apple Software Update
2021-05-26 21:49 – 2021-05-26 21:49 – 199436776 _____ (Apple Inc.) C:UsersdevalDownloadsiTunes64Setup.exe
2021-05-18 16:38 – 2021-05-18 16:38 – 000248992 _____ (Malwarebytes) C:windowssystem32Driversmbamswissarmy.sys
2021-05-18 16:38 – 2021-05-18 16:38 – 000220752 _____ (Malwarebytes) C:windowssystem32DriversMbamChameleon.sys
2021-05-18 11:19 – 2021-05-18 11:19 – 000000000 ____D C:ProgramDataMcInstTemp0300511621351167
2021-05-12 21:12 – 2021-05-12 21:12 – 002755584 _____ (Microsoft Corporation) C:windowsSysWOW64mshtml.tlb
2021-05-12 21:12 – 2021-05-12 21:12 – 002755584 _____ (Microsoft Corporation) C:windowssystem32mshtml.tlb
2021-05-12 21:12 – 2021-05-12 21:12 – 001823816 _____ (Microsoft Corporation) C:windowssystem32winload.efi
2021-05-12 21:12 – 2021-05-12 21:12 – 001687040 _____ C:windowssystem32libcrypto.dll
2021-05-12 21:12 – 2021-05-12 21:12 – 001393504 _____ (Microsoft Corporation) C:windowssystem32winresume.efi
2021-05-12 21:12 – 2021-05-12 21:12 – 001314120 _____ (Microsoft Corporation) C:windowssystem32SecConfig.efi
2021-05-12 21:12 – 2021-05-12 21:12 – 001163776 _____ C:windowssystem32MBR2GPT.EXE
2021-05-12 21:12 – 2021-05-12 21:12 – 000700928 _____ C:windowssystem32FsNVSDeviceSource.dll
2021-05-12 21:12 – 2021-05-12 21:12 – 000165888 _____ C:windowssystem32DataStoreCacheDumpTool.exe
2021-05-12 21:12 – 2021-05-12 21:12 – 000060928 _____ C:windowssystem32runexehelper.exe
2021-05-12 21:12 – 2021-05-12 21:12 – 000013312 _____ C:windowssystem32agentactivationruntimestarter.exe
2021-05-12 21:12 – 2021-05-12 21:12 – 000011351 _____ C:windowssystem32DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 11:17 – 2021-03-03 21:45 – 000000000 ____D C:Program FilesEmsisoft Anti-Malware
2021-06-09 11:15 – 2020-05-06 04:58 – 000000000 ____D C:windowssystem32SleepStudy
2021-06-09 11:15 – 2019-12-07 05:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-06-08 19:19 – 2021-01-21 12:23 – 000000000 ____D C:Program Files (x86)Dropbox
2021-06-08 16:17 – 2020-12-20 13:05 – 000003380 _____ C:windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-4172828257-1784996619-1967803511-1001
2021-06-08 16:17 – 2020-12-20 13:05 – 000000000 ___RD C:UsersdevalOneDrive
2021-06-08 16:17 – 2020-12-20 13:01 – 000002374 _____ C:UsersdevalAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-06-08 13:08 – 2021-05-07 15:44 – 000000000 ____D C:Program FilesMozilla Firefox
2021-06-08 11:42 – 2019-12-07 05:14 – 000000000 ___HD C:windowsELAMBKUP
2021-06-08 11:42 – 2019-12-07 05:13 – 000000000 ____D C:windowsINF
2021-06-08 11:42 – 2019-12-07 05:03 – 000032768 _____ C:windowssystem32configELAM
2021-06-08 11:41 – 2020-12-10 13:50 – 000000000 ____D C:ProgramDataMcAfee
2021-06-08 11:40 – 2020-12-10 13:50 – 000000000 ____D C:Program FilesCommon FilesMcAfee
2021-06-08 11:09 – 2020-05-06 04:58 – 000000000 ____D C:windowssystem32Driverswd
2021-06-08 11:05 – 2020-12-20 13:14 – 000000000 ____D C:ProgramDataMozilla
2021-06-08 11:04 – 2020-12-20 13:14 – 000000000 ____D C:UsersdevalAppDataLocalLowMozilla
2021-06-04 19:01 – 2020-12-10 13:45 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-06-04 19:01 – 2020-12-10 13:45 – 000002283 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2021-06-04 19:01 – 2020-12-10 13:45 – 000002283 _____ c:ProgramDataDesktopMicrosoft Edge.lnk
2021-06-04 19:01 – 2019-12-07 05:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-06-04 19:01 – 2019-12-07 05:14 – 000000000 ____D C:windowsAppReadiness
2021-06-04 08:19 – 2021-01-21 12:10 – 000000000 ___RD C:UsersdevalDesktopQuick Sales
2021-06-03 18:48 – 2020-12-20 13:21 – 000002254 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-06-03 18:48 – 2020-12-20 13:21 – 000002213 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2021-06-03 18:48 – 2020-12-20 13:21 – 000002213 _____ c:ProgramDataDesktopGoogle Chrome.lnk
2021-05-28 23:50 – 2020-07-21 12:18 – 000000000 ____D C:Program FilesMicrosoft Office
2021-05-28 23:50 – 2019-12-07 05:14 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared
2021-05-27 19:49 – 2021-01-03 18:44 – 000000000 ____D C:UsersdevalAppDataLocalCitrix
2021-05-18 11:19 – 2020-12-10 13:50 – 000000000 ____D C:Program Files (x86)McAfee
2021-05-14 22:47 – 2020-05-06 05:03 – 000846280 _____ C:windowssystem32PerfStringBackup.INI
2021-05-14 22:42 – 2020-12-20 13:04 – 000000000 __SHD C:UsersdevalIntelGraphicsProfiles
2021-05-14 22:42 – 2020-12-10 13:41 – 000000000 ____D C:Intel
2021-05-14 22:42 – 2020-05-06 04:58 – 000008192 ___SH C:DumpStack.log.tmp
2021-05-14 22:42 – 2020-05-06 04:58 – 000000006 ____H C:windowsTasksSA.DAT
2021-05-14 22:42 – 2019-12-07 05:14 – 000000000 ____D C:windowsServiceState
2021-05-14 22:42 – 2019-12-07 05:03 – 000786432 _____ C:windowssystem32configBBI
2021-05-12 21:43 – 2020-12-10 13:22 – 000000000 ____D C:windowsHoloShell
2021-05-12 21:42 – 2019-12-07 05:14 – 000000000 ___RD C:windowsImmersiveControlPanel
2021-05-12 21:40 – 2021-01-21 12:23 – 000000938 _____ C:windowsTasksDropboxUpdateTaskMachineUA.job
2021-05-12 21:40 – 2021-01-21 12:23 – 000000934 _____ C:windowsTasksDropboxUpdateTaskMachineCore.job
2021-05-12 21:40 – 2020-12-20 13:14 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-05-12 21:40 – 2020-05-06 04:58 – 000460864 _____ C:windowssystem32FNTCACHE.DAT
2021-05-12 21:39 – 2019-12-07 05:50 – 000000000 ____D C:windowssystem32OpenSSH
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ___RD C:windowsPrintDialog
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsSysWOW64WinMetadata
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsSysWOW64setup
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsSysWOW64oobe
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsSysWOW64lt-LT
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsSysWOW64Dism
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsSystemResources
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowssystem32WinMetadata
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowssystem32SystemResetPlatform
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowssystem32setup
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowssystem32oobe
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowssystem32lt-LT
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowssystem32Dism
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsProvisioning
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsPolicyDefinitions
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsDiagTrack
2021-05-12 21:39 – 2019-12-07 05:14 – 000000000 ____D C:windowsbcastdvr
2021-05-12 21:14 – 2019-12-07 05:52 – 000023552 _____ (Microsoft Corporation) C:windowssystem32OEMDefaultAssociations.dll
2021-05-12 21:14 – 2019-12-07 05:03 – 000000000 ____D C:windowsCbsTemp
2021-05-12 16:33 – 2020-12-24 01:01 – 000000000 ____D C:windowssystem32MRT
2021-05-12 16:31 – 2020-12-24 01:01 – 132732536 ____C (Microsoft Corporation) C:windowssystem32MRT.exe
2021-05-12 13:44 – 2020-12-23 14:17 – 000002143 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

one + four =