Inactive Malwarebytes finding but not removing 12 pup.optional.spigot files

Hi All,

Malwarebytes is finding 12 occurences of

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/25/20
Scan Time: 2:11 AM
Log File: 60bf147c-2eed-11eb-aece-f8ac6596004a.json

-Software Information-
Version: 4.2.3.96
Components Version: 1.0.1122
Update Package Version: 1.0.33384
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1198)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 271422
Threats Detected: 12
Threats Quarantined: 0
Time Elapsed: 1 min, 42 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 2
PUP.Optional.Spigot, C:\USERS\JHOUG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 151, 475078, , , , , ,
PUP.Optional.Spigot, C:\USERS\JHOUG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 151, 454814, , , , , ,

File: 10
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 151, 475078, , , , , 743189420F3AD6098A2DC6FB107161BB, 3B4CB849995F19139D6FA707602CB1E66D4FCE183D896B16ED9FFE102C6FCF91
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000006.log, No Action By User, 151, 475078, , , , , 6477DB738F5557B1BBCFA0AE2C1361C3, DB059174EA39059863A87041562056A10B13D55DA3DC266D1D7ECA8785FAACEC
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.ldb, No Action By User, 151, 475078, , , , , EDEF4E0404D6910ED18B8CDC3C80A196, A500346716FE65E32DA644688095DA3B646020D605EF6F6E76C3BD2361F903A7
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 151, 475078, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 151, 475078, , , , , ,
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 151, 475078, , , , , 79E33F2A3661DF26C11AD10F27E44E69, D8C286274A2EE4FEAC2EB5BA5D1A934C140313EC4C046DFC6978A11E0B417CED
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 151, 475078, , , , , FFD8470275BCB5A6F16BD054CD4CA7A4, 636196379869B474468B061EC09DA7EA3245611388B546FE17238CAEA865BF18
PUP.Optional.Spigot, C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 151, 475078, , , , , FCF5AA6A3CCB2D5310642FFEA221EE8A, C388CAE03745960F92CCE8B245B14102C2492CC7F5D2B04C13A3A8F3BCAC61CE
PUP.Optional.Spigot, C:\USERS\JHOUG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 151, 475078, 1.0.33384, , ame, , 4343B3C31DC78553C153A591AEE7702C, 273CE9F13E176D59B6C91958C0224A6A39D64A2723CF1E96300C81C33F6D4DC4
PUP.Optional.Spigot, C:\USERS\JHOUG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 151, 454814, 1.0.33384, , ame, , EA163C024286F32F7775BA76343A4C10, 87AF23F3BBE76688C0BD19C60E435627AF83FBC0AD5F87EC5B65B27F6DA2C134

When I click quarantine it kills my chrome browser and says it has quarantined the files but the next time the scan runs they have returned.

I have included frst.txt and additioonal.txt
ADDITION.TXT
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-11-2020 01
Ran by jhoug (25-11-2020 09:54:50)
Running from C:\Users\jhoug\Downloads
Windows 10 Pro Version 1909 18363.1198 (X64) (2020-07-20 11:48:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2546177841-486358258-1182581874-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2546177841-486358258-1182581874-503 - Limited - Disabled)
Guest (S-1-5-21-2546177841-486358258-1182581874-501 - Limited - Disabled)
jhoug (S-1-5-21-2546177841-486358258-1182581874-1001 - Administrator - Enabled) => C:\Users\jhoug
WDAGUtilityAccount (S-1-5-21-2546177841-486358258-1182581874-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP PageWide Pro 477dn MFP Help (HKLM-x32\...\{2D660A22-58C0-41EE-8E8F-5D82379E53B0}) (Version: 44.0.0 - HP)
HP PageWide Pro 477dw MFP Basic Device Software (HKLM\...\{FCA67825-C08C-4C36-B94B-FFE07E622D5B}) (Version: 38.9.1948.19218 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{093C645A-294E-41E4-904C-DDF13DC47A27}) (Version: 12.3.6.12 - HP)
Intel(R) Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Lenovo Pen Settings Service (HKLM\...\ISD Tablet Driver) (Version: 7.6.1.29 - Wacom Technology Corp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R28 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13328.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2546177841-486358258-1182581874-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20408 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20408 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13328.20408 - Microsoft Corporation) Hidden
Product Improvement Study for HP PageWide Pro 477dw MFP (HKLM\...\{CCF579D6-914A-4DD3-A106-502E2936361B}) (Version: 38.9.1948.19218 - HP Inc.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.171 - McAfee, LLC)
Zoom (HKU\S-1-5-21-2546177841-486358258-1182581874-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)

Packages:
=========
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.0.595.0_x64__22t9g3sebte08 [2020-11-17] (AMZN Mobile LLC.) [Startup Task]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.47.2.0_x86__kgqvnymyfvs32 [2020-11-23] (king.com)
Dolby Atmos Speaker System -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosSpeakerSystem_3.20402.409.0_x64__rz1tebttyb220 [2020-06-24] (Dolby Laboratories)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_1.7.5123.0_x64__rz1tebttyb220 [2020-10-14] (Dolby Laboratories)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.48.4.0_x86__kgqvnymyfvs32 [2020-11-17] (king.com)
FMAPOControl -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.1.17.0_x64__4pejv7q2gmsnr [2020-09-19] (Fortemedia)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-17] (INTEL CORP) [Startup Task]
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.6.59.0_x64__ss941bf8mfs8a [2020-07-19] (Wacom Technology Corp.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-10-13] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-10-13] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.214.0_x64__dt26b99r8h8gj [2020-07-20] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-17] (Spotify AB) [Startup Task]
Thunderbolt Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.25.0_x64__8j3eq9eme6ctt [2020-07-20] (INTEL CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-17 17:01 - 2020-11-17 17:01 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll
2020-06-24 08:44 - 2020-06-24 08:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-06-24 08:44 - 2020-06-24 08:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-07-20 06:52 - 2020-04-09 11:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2546177841-486358258-1182581874-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2546177841-486358258-1182581874-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2546177841-486358258-1182581874-1001 -> DefaultScope {6AB2A264-5E8B-4610-A3F4-5D6750299EFE} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2546177841-486358258-1182581874-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhoug\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E648645-A627-4C89-A9B0-EF0302E1FA99}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{AF859EFB-8D54-462C-B64C-10572A76642E}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{A0FC3A00-E597-4E3D-BFEF-4B9274C9D50E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{98C9AE13-BC63-44F0-84CB-E726C4485CC8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AE7989D-B46F-4CDD-8A43-DC9082A92D04}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D3CD4007-3A58-40E8-9BE5-E3BEEF7AB422}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{379C972A-AB1A-4740-97B0-E4A86FB254CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B85C0818-17D6-48D2-8CCD-A45A2D9B48E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2B948E3C-F203-4A1F-9995-2ABA686C1F02}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{99B6EF39-7FD9-4B4C-9D97-6593D7685325}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7F686E3-D84C-4E8B-A8C4-EEFC1EEBF267}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9386BF36-731C-445D-AB64-8B542FAADEDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A0FD3FC5-65D2-4C42-9B95-2456D174D321}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A2297FA-E541-4516-AECB-DB3AFDBE7360}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C57B9783-9021-492F-85B5-DF88BAB4B1E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B056297B-DD64-405E-AF10-7DAAF3D1CA76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6612EEF1-A899-442A-B133-F08320798921}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D44029F3-9035-45EF-9304-7B4A1D444F81}] => (Allow) C:\Program Files\HP\HP PageWide Pro 477dw MFP\bin\FaxApplications.exe (HP Inc -> HP Inc.)
FirewallRules: [{91176AA0-F1D5-450B-879C-B82ECBEEBA40}] => (Allow) C:\Program Files\HP\HP PageWide Pro 477dw MFP\bin\DigitalWizards.exe (HP Inc -> HP Inc.)
FirewallRules: [{5011B235-1AA5-4738-BB5E-BC3E9FD9B3F8}] => (Allow) C:\Program Files\HP\HP PageWide Pro 477dw MFP\bin\SendAFax.exe (HP Inc -> HP Inc.)
FirewallRules: [{5FFC1E58-647A-479B-8043-BCEFEA4CAB9D}] => (Allow) C:\Program Files\HP\HP PageWide Pro 477dw MFP\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.)
FirewallRules: [{0A7B0C9C-38D4-4006-BB1F-A4951B8E9789}] => (Allow) C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{F2C30D53-70E4-4833-B0CF-E240364CA336}] => (Allow) LPort=5357
FirewallRules: [{125AEC6B-02EE-40E7-92A5-63BFD87C84B9}] => (Allow) C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{AE4417E1-DDBE-439A-ABE5-4FDC4D32AF62}] => (Allow) C:\Users\jhoug\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{27D4E0D3-9431-4CC4-AFC4-C55CF3024C77}] => (Allow) C:\Users\jhoug\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C06DD89B-3941-472F-9413-04490530CE44}] => (Allow) C:\Users\jhoug\AppData\Roaming\Zoom\bin\airhost.exe => No File

==================== Restore Points =========================

17-11-2020 10:44:35 Windows Update
21-11-2020 04:57:34 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/24/2020 11:29:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (11/24/2020 11:29:19 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (11/24/2020 11:29:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (11/24/2020 11:29:19 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (11/24/2020 11:19:50 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (11/17/2020 03:49:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchProtocolHost.exe, version: 7.0.18362.719, time stamp: 0x90c89b37
Faulting module name: SearchProtocolHost.exe, version: 7.0.18362.719, time stamp: 0x90c89b37
Exception code: 0xc000cf18
Fault offset: 0x00000000000244c7
Faulting process id: 0x33f0
Faulting application start time: 0x01d6bd20e9ea5a92
Faulting application path: C:\Windows\system32\SearchProtocolHost.exe
Faulting module path: C:\Windows\system32\SearchProtocolHost.exe
Report Id: c298b8d4-4e5e-4f20-8c0a-918d0438ee00
Faulting package full name:
Faulting package-relative application ID:

Error: (11/17/2020 11:56:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (11/17/2020 11:56:33 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (11/24/2020 11:37:50 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LenovoVantageService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/18/2020 11:32:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CH63RMT)
Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (11/18/2020 04:38:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LenovoVantageService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/18/2020 04:37:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LenovoVantageService service terminated unexpectedly. It has done this 1 time(s).

Error: (11/18/2020 04:02:49 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LenovoVantageService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/18/2020 04:02:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LenovoVantageService service terminated unexpectedly. It has done this 1 time(s).

Error: (11/17/2020 07:47:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='49152'>7043</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2020-11-18T00:47:19.070792400Z'/><EventRecordID>96105</EventRecordID><Correlation ActivityID='{b186014a-bd02-0000-1440-87b102bdd601}'/><Execution ProcessID='336' ThreadID='1252'/><Channel>System</Channel><Computer>DESKTOP-CH63RMT</Computer><Security/></System><ProcessingErrorData><ErrorCode>13</ErrorCode><DataItemName></DataItemName><EventPayload>4D0061006C00770061007200650062007900740065007300200053006500720076006900630065000000180000004D00420041004D0053006500720076006900630065000000</EventPayload></ProcessingErrorData></Event> service did not shut down properly after receiving a preshutdown control.

Error: (11/17/2020 07:46:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CH63RMT)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-07-19 17:42:58.282
Description:
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===================================

Date: 2020-11-25 09:41:30.245
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.243
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.241
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.233
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.231
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.226
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-11-25 09:41:30.223
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO AUCN54WW 01/09/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
Percentage of memory in use: 53%
Total physical RAM: 16126.66 MB
Available physical RAM: 7575.01 MB
Total Virtual: 18558.66 MB
Available Virtual: 8306.29 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:952.62 GB) (Free:482.08 GB) NTFS

\\?\Volume{72ef6e5e-e9eb-4814-9923-d40490265760}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{56e81855-be04-470b-8c1f-b61f5cceb4c1}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 288EE0B9)

Partition: GPT.

==================== End of Addition.txt =======================
FRST.TXT

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-11-2020 01
Ran by jhoug (administrator) on DESKTOP-CH63RMT (LENOVO 81Q9) (25-11-2020 09:53:54)
Running from C:\Users\jhoug\Downloads
Loaded Profiles: jhoug
Platform: Windows 10 Pro Version 1909 18363.1198 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <53>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIServiceN.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEMN.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_15d40a967a6e8438\IntelCpHDCPSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_bff7913eb62bbf90\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_16c0b30f7916739a\Intel_PIE_Service.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.18.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\jhoug\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(Texas Instruments Inc. -> Texas Instuments) C:\Windows\System32\TISmartAmpService.exe <2>
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_287a1226ec474ae7\WTabletServiceISD.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1082592 2020-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKU\S-1-5-21-2546177841-486358258-1182581874-1001\...\Run: [GoogleChromeAutoLaunch_393ECB6A3DB06116C6122AE2CEE01668] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2546177841-486358258-1182581874-1001\...\Run: [HP PageWide Pro 477dw MFP (NET)] => C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe [3734944 2019-08-06] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03A294A3-4E38-4C05-9515-4D4706E15885} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.11.630\mcdatrep.exe [1888160 2020-10-02] (McAfee, Inc. -> McAfee, LLC.)
Task: {128CF1AB-BD34-4439-8356-F9D284758B06} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\90eb7382-798d-45be-a3cf-3407beca36cb => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {15CC9103-A378-47F2-9C66-86C2BA7D8477} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\652761c3-c5a2-4824-af25-4a2b8b2a089c => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {1ED47798-9C0F-4A3F-92B4-A19BD496503B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4603200 2020-08-16] (McAfee, LLC -> McAfee, LLC)
Task: {25E7EE15-1E47-4FC9-ABBE-4371DC416CEE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144736 2020-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {26B077C1-69E7-4357-B68D-8ADCC2A55846} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [569728 2020-02-10] (Lenovo -> Lenovo Group Ltd.)
Task: {2FA1875E-8BCA-49CC-A39B-4F2DC0BD8CA5} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.5.126\DADUpdater.exe [4000984 2020-11-04] (McAfee, LLC -> McAfee, LLC)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {3025B1E8-38F9-420F-88CD-7656C28B7660} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {33DAB506-1228-4F42-9E84-1CBD5B699B4C} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {43784213-4393-44D9-92CA-ED550A6CDF8D} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {4770039B-240A-41EC-A5D3-F6426B22877A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144736 2020-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {49C4667A-8FDD-4711-A7B9-6FCADCD869B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-19] (Google LLC -> Google LLC)
Task: {73ABB386-8A2D-47B0-8553-67EFB449380E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {8B0B7650-9572-47C0-8389-CBECB2974B05} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {8D52CDBB-AB39-4348-98BC-DBBDE7F30310} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
Task: {90387EA4-1550-42FE-8A21-E87353D6EBCD} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {A6480378-DF42-4DF5-BC69-F2A6255C223F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B1B84066-3936-4EC4-BFA1-CD279728A7CB} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {CA2DC188-FB30-4A6C-A3F4-D7B8B31CBAE3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {CABE4CA7-32C9-4251-8EFC-7E3085BE687D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\854bfcfc-7d9c-4da3-baeb-b576d13d1fbe => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CBD0CFEC-129B-47DA-9B6C-8255B7A64B84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-19] (Google LLC -> Google LLC)
Task: {E08DD36E-3FF9-4496-B9C3-397690A6C6B4} - System32\Tasks\HPCustParticipation HP PageWide Pro 477dw MFP => C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\HPCustPartic.exe [6290848 2019-08-06] (HP Inc -> HP Inc.)
Task: {F19CD17A-D36F-4FDA-83D0-9CC87586C0CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1BC00DF-989B-4DF8-818D-D5203EEF34BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F350BC04-38C1-483F-984A-78912B7B526A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\32c631b1-3090-41f2-83ec-094c49fd2a81 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{7905c807-cf47-4b4b-947d-5f3e976597f9}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{e9e88719-659e-4d3f-82b0-9389c3c6e23a}: [DhcpNameServer] 10.114.2.1

Edge:
======
Edge Notifications: HKU\S-1-5-21-2546177841-486358258-1182581874-1001 -> hxxps://www.facebook.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhoug\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-25]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default [2020-11-25]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://search.yahoo.com/?type=407453&fr=spigot-yhp-ch","hxxp://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-19]
CHR Extension: (Docs) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-19]
CHR Extension: (Google Drive) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-17]
CHR Extension: (YouTube) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-19]
CHR Extension: (Polycom® RealPresence® Web Suite Extension) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\djidlmindihfdjgfedhgpfbpkjafcjcl [2020-07-19]
CHR Extension: (Sheets) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-19]
CHR Extension: (Gmail) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\jhoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9058184 2020-11-16] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1633952 2019-07-17] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\Windows\System32\FMService64.exe [360320 2019-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1808920 2020-04-25] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-24] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-20] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\\McCSPServiceHost.exe [2726312 2020-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TISmartAmpService; C:\Windows\System32\TISmartAmpService.exe [560288 2019-07-29] (Texas Instruments Inc. -> Texas Instuments)
R2 UDCService; C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe [97128 2020-02-10] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 YMC; C:\Windows\System32\YMC.exe [856960 2019-05-26] (Lenovo -> Lenovo Group Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-11-24] (Malwarebytes Corporation -> Malwarebytes)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-25] (McAfee, LLC -> McAfee, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-11-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197792 2020-11-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2020-11-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-11-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [138904 2020-11-24] (Malwarebytes Inc -> Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2020-06-08] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 usbaud; C:\Windows\System32\drivers\usbaud64w10.sys [109880 2020-03-25] (Synaptics Incorporated -> Synaptics Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-25 09:53 - 2020-11-25 09:54 - 000024102 _____ C:\Users\jhoug\Downloads\FRST.txt
2020-11-25 09:53 - 2020-11-25 09:54 - 000000000 ____D C:\FRST
2020-11-25 09:51 - 2020-11-25 09:51 - 002295808 _____ (Farbar) C:\Users\jhoug\Downloads\FRST64.exe
2020-11-24 16:38 - 2020-11-24 16:38 - 001172171 _____ C:\Users\jhoug\Downloads\Action_Required_Please_Complete_Exit_Documen.pdf
2020-11-24 16:37 - 2020-11-24 16:38 - 000137017 _____ C:\Users\jhoug\Downloads\ADEA.pdf
2020-11-24 11:38 - 2020-11-24 11:38 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000197792 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000138904 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-11-24 11:38 - 2020-11-24 11:38 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-24 11:38 - 2020-11-24 11:38 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-24 11:38 - 2020-11-24 11:38 - 000002032 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-24 11:38 - 2020-11-24 11:38 - 000000000 ____D C:\Users\jhoug\AppData\Local\mbam
2020-11-24 11:38 - 2020-11-24 11:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-24 11:38 - 2020-11-24 11:38 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-24 11:19 - 2020-11-24 11:19 - 000000000 ____D C:\ProgramData\mb3migration
2020-11-24 11:16 - 2020-11-24 11:16 - 011289960 _____ C:\Users\jhoug\Downloads\MB-SupportTool.exe
2020-11-24 11:16 - 2020-11-24 11:16 - 002295808 _____ (Farbar) C:\Users\jhoug\Downloads\FRSTEnglish.exe
2020-11-20 11:48 - 2020-11-20 11:48 - 000001942 _____ C:\Users\jhoug\Desktop\Zoom.lnk
2020-11-19 18:09 - 2020-11-19 18:09 - 014570328 _____ (Zoom Video Communications, Inc.) C:\Users\jhoug\Downloads\ZoomInstaller.exe
2020-11-19 18:09 - 2020-11-19 18:09 - 000000000 ____D C:\Users\jhoug\AppData\Roaming\Zoom
2020-11-19 18:09 - 2020-11-19 18:09 - 000000000 ____D C:\Users\jhoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-11-19 16:18 - 2020-11-19 16:18 - 000003738 _____ C:\Windows\system32\Tasks\HPCustParticipation HP PageWide Pro 477dw MFP
2020-11-19 16:18 - 2020-11-19 16:18 - 000002336 _____ C:\Users\Public\Desktop\HP PageWide Pro 477dw MFP.lnk
2020-11-19 16:18 - 2020-11-19 16:18 - 000002336 _____ C:\ProgramData\Desktop\HP PageWide Pro 477dw MFP.lnk
2020-11-19 16:18 - 2020-11-19 16:18 - 000001268 _____ C:\Users\Public\Desktop\Shop for Supplies - HP PageWide Pro 477dw MFP.lnk
2020-11-19 16:18 - 2020-11-19 16:18 - 000001268 _____ C:\ProgramData\Desktop\Shop for Supplies - HP PageWide Pro 477dw MFP.lnk
2020-11-19 16:18 - 2020-11-19 16:18 - 000000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2020-11-19 16:18 - 2020-11-19 16:18 - 000000057 _____ C:\ProgramData\Ament.ini
2020-11-19 16:18 - 2020-11-19 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-11-19 16:18 - 2020-11-19 16:18 - 000000000 ____D C:\ProgramData\HP
2020-11-19 16:18 - 2020-11-19 16:18 - 000000000 ____D C:\Program Files\HP
2020-11-19 16:18 - 2020-11-19 16:18 - 000000000 ____D C:\Program Files (x86)\HP
2020-11-19 16:17 - 2020-11-19 16:21 - 000000000 ____D C:\Users\jhoug\AppData\Local\HP
2020-11-19 16:10 - 2020-11-19 16:11 - 155994424 _____ C:\Users\jhoug\Downloads\PW477_DW_Full_WebPack_38.9.1948.exe
2020-11-19 15:49 - 2020-11-19 15:49 - 000385650 _____ C:\Users\jhoug\Downloads\RIF_Cover Letter.pdf
2020-11-19 15:49 - 2020-11-19 15:49 - 000106213 _____ C:\Users\jhoug\Downloads\RIF_Summary.pdf
2020-11-19 15:47 - 2020-11-19 15:47 - 000623830 _____ C:\Users\jhoug\Downloads\RIF_Supplemental.pdf
2020-11-19 15:45 - 2020-11-19 15:45 - 001536462 _____ C:\Users\jhoug\Downloads\RIF_Separation_Packet.pdf
2020-11-19 08:13 - 2020-11-19 08:13 - 000000000 ____D C:\Users\jhoug\AppData\Local\OneDrive
2020-11-18 21:18 - 2020-11-18 21:18 - 000000000 ____D C:\Users\jhoug\Documents\Xfinity Signature Support Computer Health Check
2020-11-18 21:18 - 2020-11-18 21:18 - 000000000 ____D C:\Users\jhoug\Documents\Wilmas Coins
2020-11-18 21:11 - 2020-11-18 21:18 - 000000000 ____D C:\Users\jhoug\Documents\UlsterProjectActivities
2020-11-18 16:59 - 2020-11-25 05:38 - 000004166 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{50741F71-9B2A-4AD7-8A84-54A837BA5247}
2020-11-18 16:38 - 2020-11-18 16:38 - 000001088 _____ C:\Users\jhoug\Downloads\InstallUtil.InstallLog
2020-11-18 16:17 - 2020-11-11 04:43 - 000000000 ____D C:\Users\jhoug\Documents\Zoom
2020-11-18 16:16 - 2020-11-18 16:16 - 000000000 ____D C:\Users\jhoug\Documents\StMarys
2020-11-18 16:11 - 2020-11-18 16:11 - 000000000 ____D C:\Users\jhoug\Documents\TurboTax
2020-11-18 16:11 - 2020-11-18 16:11 - 000000000 ____D C:\Users\jhoug\Documents\Scanned Documents
2020-11-18 16:11 - 2020-11-18 16:11 - 000000000 ____D C:\Users\jhoug\Documents\Recipe
2020-11-18 16:11 - 2020-11-18 16:11 - 000000000 ____D C:\Users\jhoug\Documents\Personal
2020-11-18 16:11 - 2020-11-18 16:11 - 000000000 ____D C:\Users\jhoug\Documents\PDFs Output
2020-11-18 16:11 - 2020-11-18 16:11 - 000000000 ____D C:\Users\jhoug\Documents\Outlook Files
2020-11-18 16:09 - 2020-11-18 16:09 - 000000000 ____D C:\Users\jhoug\Documents\OnScreen Control
2020-11-18 16:09 - 2020-11-18 16:09 - 000000000 ____D C:\Users\jhoug\Documents\Oldlapdownload
2020-11-18 16:02 - 2020-11-24 11:37 - 000001849 _____ C:\Windows\system32\InstallUtil.InstallLog
2020-11-18 16:02 - 2020-11-18 16:02 - 007824728 _____ (Lenovo Group Ltd.) C:\Users\jhoug\Downloads\Lenovo.Vantage.ServiceSetup.exe
2020-11-18 16:02 - 2020-11-18 16:02 - 000000303 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2020-11-18 15:47 - 2020-11-18 15:47 - 000000000 ____D C:\Users\jhoug\Documents\OCIPaas
2020-11-18 15:47 - 2020-11-18 15:47 - 000000000 ____D C:\Users\jhoug\Documents\NewBlueFX
2020-11-18 15:45 - 2020-11-18 15:45 - 000000000 ____D C:\Users\jhoug\Documents\New folder (2)
2020-11-18 09:15 - 2020-11-18 09:15 - 000000000 ____D C:\Users\jhoug\Documents\My TiVo Recordings for Portables
2020-11-18 08:58 - 2020-11-18 08:58 - 000000000 ____D C:\Users\jhoug\Documents\Other
2020-11-17 19:29 - 2020-11-17 19:30 - 000000000 ____D C:\Users\jhoug\Documents\My TiVo Recordings
2020-11-17 17:18 - 2020-11-17 17:18 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-11-17 17:18 - 2020-11-17 17:18 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-11-17 17:18 - 2020-11-17 17:18 - 001756592 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-11-17 17:18 - 2020-11-17 17:18 - 001366136 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-11-17 17:18 - 2020-11-17 17:18 - 001282872 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-11-17 17:18 - 2020-11-17 17:18 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2020-11-17 17:18 - 2020-11-17 17:18 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2020-11-17 17:18 - 2020-11-17 17:18 - 000059392 _____ C:\Windows\system32\runexehelper.exe
2020-11-17 17:18 - 2020-11-17 17:18 - 000035840 _____ C:\Windows\system32\deploymentcsphelper.exe
2020-11-17 17:18 - 2020-11-17 17:18 - 000000357 _____ C:\Windows\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000357 _____ C:\Windows\system32\DrtmAuth1KeyDelegate.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-11-17 17:18 - 2020-11-17 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-11-17 17:17 - 2020-11-17 17:17 - 004227116 _____ C:\Windows\system32\DefaultHrtfs.bin
2020-11-17 17:17 - 2020-11-17 17:17 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2020-11-17 17:17 - 2020-11-17 17:17 - 000200704 _____ C:\Windows\system32\IHDS.dll
2020-11-17 17:17 - 2020-11-17 17:17 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2020-11-17 16:29 - 2020-11-17 16:29 - 000000000 ____D C:\Users\jhoug\Documents\My Scans
2020-11-17 16:22 - 2020-11-17 16:22 - 000000000 ____D C:\Users\jhoug\Documents\LvolRecruitList
2020-11-17 16:22 - 2020-11-17 16:22 - 000000000 ____D C:\Users\jhoug\Documents\KofC
2020-11-17 16:21 - 2020-11-17 16:21 - 000000000 ____D C:\Users\jhoug\Documents\JhoughPersonal
2020-11-17 16:20 - 2020-11-17 16:20 - 000000000 ____D C:\Users\jhoug\Documents\MeganP Reference
2020-11-17 16:20 - 2020-11-17 16:20 - 000000000 ____D C:\Users\jhoug\Documents\HpReg_Backup
2020-11-17 16:20 - 2020-11-17 16:20 - 000000000 ____D C:\Users\jhoug\Documents\Family Tree Maker
2020-11-17 16:20 - 2020-11-17 16:20 - 000000000 ____D C:\Users\jhoug\Documents\Fall Festival 2011
2020-11-17 16:20 - 2020-11-17 16:20 - 000000000 ____D C:\Users\jhoug\Documents\ESCTraining
2020-11-17 16:19 - 2020-11-17 16:19 - 000000000 ____D C:\Users\jhoug\Documents\Fax
2020-11-17 16:19 - 2020-11-17 16:19 - 000000000 ____D C:\Users\jhoug\Documents\esc travel
2020-11-17 15:49 - 2020-11-17 15:49 - 000000000 ____D C:\Users\jhoug\Documents\Investments
2020-11-17 15:48 - 2020-11-19 14:56 - 000000000 ____D C:\Users\jhoug\Documents\COVId
2020-11-17 15:48 - 2020-11-17 15:48 - 000000000 ____D C:\Users\jhoug\Documents\CyberLink
2020-11-17 15:48 - 2020-11-17 15:48 - 000000000 ____D C:\Users\jhoug\Documents\cache
2020-11-17 15:48 - 2020-11-17 15:48 - 000000000 ____D C:\Users\jhoug\Documents\Budget Blanks
2020-11-17 15:48 - 2020-07-19 16:07 - 000000000 ____D C:\Users\jhoug\Documents\Custom Office Templates
2020-11-17 15:48 - 2020-07-19 16:07 - 000000000 ____D C:\Users\jhoug\Documents\Bluetooth Exchange Folder
2020-11-17 15:47 - 2020-11-17 15:47 - 000000000 ____D C:\Users\jhoug\Documents\annettelap
2020-11-17 15:20 - 2020-11-17 15:20 - 000000000 ____D C:\Users\jhoug\Documents\Adobe
2020-11-17 15:20 - 2020-11-17 15:20 - 000000000 ____D C:\Users\jhoug\Documents\Add-in Express
2020-11-17 15:20 - 2020-11-17 15:20 - 000000000 ____D C:\Users\jhoug\Documents\20171213-246135 Internal Database Event for Sales(79153541955981266)
2020-11-17 15:20 - 2020-11-17 15:20 - 000000000 ____D C:\Users\jhoug\Documents\20171213-246095 Internal Database Event for Sales(79153322527821504)
2020-11-17 14:44 - 2020-11-17 14:45 - 000000000 ____D C:\Users\jhoug\Documents\AncestryDocs
2020-11-17 10:41 - 2020-11-25 00:21 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-17 10:41 - 2020-11-25 00:21 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-17 10:41 - 2020-11-24 03:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-17 10:41 - 2020-11-24 03:21 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-17 10:41 - 2020-11-24 03:21 - 000002287 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-25 09:47 - 2019-10-16 23:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-11-24 23:30 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\AppReadiness
2020-11-24 23:30 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-24 13:13 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-24 11:38 - 2019-03-18 23:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-11-24 11:37 - 2020-07-20 07:05 - 000000000 __SHD C:\Users\jhoug\IntelGraphicsProfiles
2020-11-24 11:37 - 2020-07-19 16:05 - 000000000 ___RD C:\Users\jhoug\OneDrive
2020-11-24 11:34 - 2020-06-24 08:42 - 000795992 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-24 11:34 - 2019-03-18 23:50 - 000000000 ____D C:\Windows\INF
2020-11-24 11:30 - 2020-06-24 08:51 - 000000134 _____ C:\Windows\system32\regtest.txt
2020-11-24 11:30 - 2020-06-24 08:51 - 000000000 ___HD C:\Intel
2020-11-24 11:30 - 2020-06-24 08:44 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-24 11:30 - 2019-10-16 23:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-24 11:30 - 2019-10-16 23:06 - 000445200 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-24 11:30 - 2019-03-18 23:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-11-24 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2020-11-24 11:29 - 2019-03-18 23:37 - 001048576 _____ C:\Windows\system32\config\BBI
2020-11-24 10:14 - 2020-07-19 16:44 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2020-11-21 04:57 - 2020-08-21 12:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-20 19:40 - 2020-07-20 07:05 - 000000000 ____D C:\Users\jhoug\AppData\Local\Packages
2020-11-19 08:14 - 2020-07-19 16:08 - 000000000 ____D C:\Users\jhoug\AppData\Local\Lenovo
2020-11-17 19:48 - 2020-07-20 07:05 - 000000000 ___RD C:\Users\jhoug\3D Objects
2020-11-17 19:48 - 2019-10-16 23:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-17 19:46 - 2020-06-24 09:29 - 000000000 ___SD C:\Windows\system32\AppV
2020-11-17 19:46 - 2020-06-24 09:29 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ___RD C:\Windows\PrintDialog
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\TextInput
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SystemResources
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\WinMetadata
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\Sysprep
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\setup
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\oobe
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\es-MX
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\Dism
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\appraiser
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\Provisioning
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-17 19:46 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\bcastdvr
2020-11-17 19:46 - 2019-03-18 23:37 - 000000000 ____D C:\Windows\servicing
2020-11-17 17:21 - 2019-03-18 23:37 - 000000000 ____D C:\Windows\CbsTemp
2020-11-17 17:17 - 2019-10-16 23:09 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-11-17 15:16 - 2020-07-19 16:04 - 000000000 ____D C:\Users\jhoug\AppData\Local\PlaceholderTileLogoFolder
2020-11-17 12:02 - 2020-06-24 08:38 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2020-11-17 11:57 - 2020-07-19 16:44 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-11-17 10:46 - 2020-07-19 17:45 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-17 10:46 - 2020-07-19 17:45 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-17 10:46 - 2020-07-19 17:45 - 000002271 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-17 10:42 - 2020-07-20 07:01 - 000000000 ____D C:\Users\jhoug
2020-11-17 10:40 - 2020-07-20 06:48 - 000000000 ____D C:\Windows\minidump
2020-11-17 10:40 - 2020-06-24 08:34 - 000109568 ____N C:\Windows\Minidump\111720-11828-01.dmp
2020-11-17 10:40 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-17 10:40 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ___SD C:\Windows\system32\F12
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ___HD C:\PerfLogs
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\Com
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2020-11-17 10:40 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-12 11:00 - 2020-08-21 12:30 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2020-11-12 10:59 - 2020-08-21 12:30 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2020-11-11 05:35 - 2020-07-19 23:08 - 000000000 ____D C:\Windows\system32\MRT
2020-11-11 05:34 - 2020-07-19 23:08 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-10-31 02:44 - 2020-07-20 07:01 - 000002374 _____ C:\Users\jhoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-31 02:44 - 2020-07-19 16:05 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2546177841-486358258-1182581874-1001

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

I have done that for several days in a row and they keep coming back :-(