In Progress Team Viewer Warning box and Problem submitting message

sportsmom2x2

Thread Starter
Joined
Sep 3, 2007
Messages
214
Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by bailey (09-09-2020 23:54:25)
Running from C:\Users\baile\Desktop
Boot Mode: Normal

================== Search Registry: "Code:HpStatusBl.dll" ===========


====== End of Search ======
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Looks like "Code:" was also copied into the search box. Just copy HpStatusBl.dll and click Search Registry. Post the resulting log.
 

sportsmom2x2

Thread Starter
Joined
Sep 3, 2007
Messages
214
Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by bailey (11-09-2020 03:15:20)
Running from C:\Users\baile\Desktop
Boot Mode: Normal

================== Search Registry: "HpStatusBl.dll" ===========


====== End of Search ======
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Do you have any HP printers connected to your computer/network?
 

sportsmom2x2

Thread Starter
Joined
Sep 3, 2007
Messages
214
I have a printer at home. After I installed my old printer and added my new printer this error message appeared. At that time I uninstalled my new printer and deleted it's files. But this did not get rid of the error message.
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Let me know if there is any improvement after this fix


---------------------------------------------------
Farbar Recovery Scan Tool - Fix

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Code:
    Start::
    CreateRestorePoint:
    ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll"
    End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.
 

sportsmom2x2

Thread Starter
Joined
Sep 3, 2007
Messages
214
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-09-2020
Ran by bailey (16-09-2020 23:55:44) Run:5
Running from C:\Users\baile\Desktop
Loaded Profiles: bailey
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll"

*****************

Restore point was successfully created.
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll" => Error: No automatic fix found for this entry.

==== End of Fixlog 23:55:51 ====
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Sorry for the delay. Do you still get the error message?
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Sorry for the slow response.

Please run a new scan with FRST and copy/paste just the FRST.txt log in your reply.
 

sportsmom2x2

Thread Starter
Joined
Sep 3, 2007
Messages
214
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by bailey (administrator) on YOGA720-15IKB (LENOVO 80X7) (23-09-2020 22:57:33)
Running from C:\Users\baile\Desktop
Loaded Profiles: bailey
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.2.18.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.2.18.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe
(Fitbit, Inc. -> Fitbit, Inc.) [File not signed] C:\Users\baile\Downloads\FitbitConnectService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\baile\AppData\Local\Google\Chrome\User Data\SwReporter\85.244.200\software_reporter_tool.exe <4>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> ) C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\YMC\ymc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Network Protect Ltd -> UltraVPN) C:\Program Files (x86)\UltraVPN\UltraVPN.exe
(Network Protect Ltd -> UltraVPN) C:\Program Files (x86)\UltraVPN\UltraVPNSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Users\baile\Downloads\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [999216 2017-04-28] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2018-01-24] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Polarr] => C:\ProgramData\SquirrelMachineInstalls\Polarr.exe [73300232 2020-06-16] (Polarr, Inc. -> Polarr, Inc.) [File not signed]
HKLM-x32\...\Run: [Fitbit Connect] => C:\Users\baile\Downloads\Fitbit Connect.exe [3414184 2015-09-11] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\Run: [Fitbit Connect] => C:\Users\baile\Downloads\Fitbit Connect.exe [3414184 2015-09-11] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
HKLM\...\Print\Monitors\HP 5912 Status Monitor: hpinksts5912LM.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraVPN.lnk [2019-02-01]
ShortcutTarget: UltraVPN.lnk -> C:\Program Files (x86)\UltraVPN\UltraVPN.exe (Network Protect Ltd -> UltraVPN)
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\baile\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2019-10-16]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN3AOEWGF505KC;CONNECTION=NW;MONITOR=1;
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-08-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0284CF8F-020D-4253-B64F-5D1BBB4C3BAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E41EACB-602F-472D-A50B-BAC99EBC6892} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {10A2D8F3-B81B-4C19-AA59-BED341E8F286} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-09] (Adobe Inc. -> Adobe)
Task: {10D771B3-2D11-4309-B81F-F345B570E2B4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {115746E1-1662-44FF-A34B-EFE8CAB8E6F1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {138C7D27-E8F7-45CF-824E-5382F35FB876} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {25B126E2-E129-4B8C-A051-AE8F6C2AC12F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {2DFF51F1-CABB-4908-BA77-B2BAB7347C9C} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-260720292-2504253849-2348319339-1001 => C:\Users\baile\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {35CAA328-CAF4-45D0-861D-C51C75003317} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\baile\Desktop\esetonlinescanner_enu.exe
Task: {3E154EAE-7138-4F19-9F37-D9157CEBB0E1} - System32\Tasks\Kaspersky_Upgrade_{E7FE8BD6-07C8-4138-AB61-92AA886397EA} => C:\Program Files\Common Files\AV\Kaspersky Anti-Virus\upgrade.exe
Task: {4C16A080-F532-4BCF-B71C-E1F5965884E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {75FC977E-C869-4B08-9988-563190B5B43B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {803F7B91-5F41-4098-AA84-63C57968A1CA} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {854037A7-409A-4E7E-8839-B64D9DD70321} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
Task: {85F68641-F7A0-4157-9E98-B37B506E64CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {86498FD1-0AB2-4547-9638-10E5FD662851} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)
Task: {8C821A8B-B520-4EF5-9D53-D66DDE610A8F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {9248D8AE-60DD-47FD-958B-DDD8017FCD9C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {A50783FA-E77E-4EC5-A69E-CE0ED433B888} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\baile\Desktop\esetonlinescanner_enu.exe
Task: {A9F7D7CF-3684-4250-8850-83825A1C66BD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b674c55e-b443-4ae2-9d16-254af914db15 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {B8E2B199-1076-41C7-8C1F-30421DD8978C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {BBEF7351-1502-4175-AC87-4BAB29443B41} - System32\Tasks\Agent Activation Runtime\S-1-5-21-260720292-2504253849-2348319339-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-06-17] (Microsoft Windows -> )
Task: {C340EDB2-D578-4577-942C-EAD05026590B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\16abd9ca-9c09-4fc7-965c-81667545ebc1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {CF95BFDC-8B60-4B94-97C8-82D4E7BC09BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D16B6888-B74A-4AAC-976A-1D2AFE5D16E3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [56136 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {D1EB2203-E895-4A6B-8BBA-E0C24B262C04} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\841be89d-fe20-4df2-b084-e7553a6b5372 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {D7E912F0-CD6F-456B-A47A-42DCED783974} - System32\Tasks\AdobeAAMUpdater-1.0-YOGA720-15IKB-bailey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E4BCE6C8-F123-4213-8B96-B63B4164CBAE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E631038B-2CFE-4CA4-9F1F-8732D0DFB9A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {E78FF0B2-D3DC-4B10-82FB-F6F627DC314A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE3668F8-BBB2-4DDE-9358-770A17D5080C} - System32\Tasks\Apple Diagnostics => C:\Users\baile\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2020-07-26] ()
Task: {F60FFFC9-E623-4E0B-A0DA-769D93A59936} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {F62503BF-FB5A-445B-8EE2-F21C01C93261} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42b41c9c-da12-4f31-9ca3-995cc3a1d0a5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {F63CE1F5-32C2-4A86-9264-9E8A5F60F81E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F9330818-1ABC-4A7E-83C5-454D9B18F8AA} - System32\Tasks\Lenovo\Lenovo MigrationAssistant logon task => C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe [151920 2017-12-06] (Lenovo -> )
Task: {FD7E4D41-F141-40D9-AAB5-790B1C8CF50E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3c4a9f21-8085-4361-98eb-ab3060e81302}: [DhcpNameServer] 192.168.1.1

Edge:
======
DownloadDir: C:\Users\baile\Downloads
Edge Notifications: HKU\S-1-5-21-260720292-2504253849-2348319339-1001 -> hxxps://gundersenhealthengage.mrcommunities.com
Edge Extension: (LastPass: Free Password Manager) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.49.0.0_neutral__qq0fmhteeht3j [2020-06-05]
Edge DefaultProfile: Default
Edge Profile: C:\Users\baile\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-06]
Edge HomePage: Default -> hxxp://lenovo17win10.msn.com/?pc=LCTE
Edge StartupUrls: Default -> "hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=88fptxqjxp1acegikmwv4003219&param1=y6bdVFVIsvuYsgEClQfz8Gt8Oby4iBdjLq7%2Fysk4Phe5sV980wpeWqTlm5o9JII7iwwCvodvHVmpLIImL8j7rfbdJPlUwIIjqsZs2SjQQqCJvjS%2FQWY7KMbX%2FIbp9XkODOpZ1gnHRs3GPSypa6phnT6z2I1QoBwvRV%2FZDyyoVAPPPUsCDpVGq%2BpJ8sRZ0c7vOtazvH%2FdN4JThvEz%2B3sI%2BQIXutpSjLkz26%2BjMooTs0HZK%2FprPDR%2FVhBGYy41OTdWRLZ1nxtk9tzcE5AP%2Bso8ZX6rWFU6IgCN2KGbkqMOTzHtLQ6MgRDwf7aT8P66GsUbwrq9Mk7vfQzO8tvlB5sDEg%2F6d6juo%2F7hR5zLtsx3AxbWbHpmwcF7OSyZyPwkQyZejStlfM1yVRFc9JqPkXOpuA%3D%3D"
Edge Extension: (Honey) - C:\Users\baile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2020-09-06]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\baile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-08-30]
Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\baile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-09-06]
Edge Extension: (Fancy & Cool Text Generator) - C:\Users\baile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fafnphaopehepcmfnakggljonnhkofpk [2020-08-15]
Edge Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\baile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmmlpenookphoknnpfilofakghemolmg [2020-08-15]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-12-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2019-09-12] (Parallel Graphics Limited -> ParallelGraphics)
FF Plugin HKU\S-1-5-21-260720292-2504253849-2348319339-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\baile\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)
FF Plugin HKU\S-1-5-21-260720292-2504253849-2348319339-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\baile\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-260720292-2504253849-2348319339-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\baile\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default [2020-09-23]
CHR Notifications: Default -> hxxps://bang.stanford.edu; hxxps://care.siriusxm.com; hxxps://cordcutters.os.tc; hxxps://forums.techguy.org; hxxps://myvpostpay.verizonwireless.com; hxxps://www.bootbarn.com; hxxps://www.linksmedicus.com; hxxps://www.reddit.com; hxxps://www.siriusxm.com; hxxps://www.verizon.com
CHR HomePage: Default -> file:///C:/Users/Owner/Documents/Medical
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchURL: Default -> hxxps://assetshuluimcom-a.akamaihd.net/h3o/browse/HuluLogo_44x44.png
CHR Extension: (Slides) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-30]
CHR Extension: (Docs) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-30]
CHR Extension: (Google Drive) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-30]
CHR Extension: (Honey) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-09-13]
CHR Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2020-09-15]
CHR Extension: (Netflix) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2017-12-31]
CHR Extension: (Hulu) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\epffkfffophpagfbbklffindaiconkmc [2020-03-28]
CHR Extension: (Sheets) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-30]
CHR Extension: (Google Docs Offline) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-13]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-09-17]
CHR Extension: (Grammarly for Chrome) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-09-06]
CHR Extension: (No Name) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR Profile: C:\Users\baile\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-08-15]
CHR Profile: C:\Users\baile\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-15]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-06-09] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX API Service; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [212784 2017-04-28] (Dolby Laboratories, Inc. -> )
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-06-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Fitbit Connect; C:\Users\baile\Downloads\FitbitConnectService.exe [1435304 2015-09-11] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413752 2017-08-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81240 2020-07-15] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-05] (Malwarebytes Inc -> Malwarebytes)
R2 UltraVPNSvc; C:\Program Files (x86)\UltraVPN\UltraVPNSvc.exe [3226440 2019-02-01] (Network Protect Ltd -> UltraVPN)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ymc; C:\Program Files\Lenovo\YMC\ymc.exe [49032 2016-12-23] (LENOVO -> Lenovo)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217608 2020-09-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-05] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39040 2018-08-15] (GZ Systems Limited -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 WacHidRouterISD; C:\WINDOWS\system32\DRIVERS\wachidrouter_isd.sys [142424 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-23 22:57 - 2020-09-23 22:58 - 000031011 _____ C:\Users\baile\Desktop\FRST.txt
2020-09-23 22:57 - 2020-09-23 22:57 - 000000000 ____D C:\Users\baile\Desktop\FRST-OlderVersion
2020-09-05 03:22 - 2020-09-05 03:22 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-05 03:22 - 2020-09-05 03:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-08-27 21:45 - 2020-08-27 21:45 - 000001095 _____ C:\Users\baile\Desktop\UltraVPN (2).lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-23 22:57 - 2020-08-09 00:24 - 002299392 _____ (Farbar) C:\Users\baile\Desktop\FRST64.exe
2020-09-23 22:57 - 2020-08-05 04:17 - 000000000 ____D C:\FRST
2020-09-23 22:55 - 2020-06-17 17:58 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B393C7FE-B95B-48A2-8819-C5B1623E23B2}
2020-09-23 22:55 - 2017-12-20 16:47 - 000000000 ____D C:\Users\baile\Documents\Outlook Files
2020-09-23 22:49 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-23 02:00 - 2017-12-20 01:53 - 000000000 ____D C:\Users\baile\AppData\Local\Adobe
2020-09-22 23:32 - 2018-02-13 00:29 - 000000000 ____D C:\Users\baile\Documents\Recipies
2020-09-22 23:29 - 2020-07-13 23:29 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-22 23:29 - 2020-07-13 23:29 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 23:29 - 2017-12-30 23:58 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-22 23:28 - 2019-10-01 21:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-09-22 23:28 - 2019-10-01 21:08 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-09-19 22:32 - 2018-01-05 01:16 - 000000000 ____D C:\Users\baile\Documents\Computer
2020-09-18 00:36 - 2020-06-17 17:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-17 03:04 - 2020-06-17 17:59 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-17 03:04 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2020-09-17 02:56 - 2020-06-17 17:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-17 02:56 - 2020-06-17 17:53 - 000008192 ___SH C:\DumpStack.log.tmp
2020-09-17 02:56 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-09-17 02:56 - 2019-12-07 04:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-09-16 23:49 - 2018-04-10 01:41 - 000000000 ____D C:\Users\baile\Documents\Battle Pirates
2020-09-13 04:00 - 2018-04-24 20:10 - 000000000 ____D C:\Users\baile\Documents\Amazon
2020-09-10 23:47 - 2020-06-17 17:58 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-260720292-2504253849-2348319339-1001
2020-09-10 23:47 - 2020-06-17 17:31 - 000002370 _____ C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-10 23:47 - 2017-12-19 20:38 - 000000000 ___RD C:\Users\baile\OneDrive
2020-09-10 20:13 - 2020-06-26 03:38 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 20:13 - 2020-06-26 03:38 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 20:13 - 2020-06-26 03:38 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-10 20:13 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-10 20:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-09 00:32 - 2020-06-17 17:58 - 000004598 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-09 00:32 - 2019-12-07 04:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-09 00:32 - 2019-12-07 04:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-09 00:32 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-09 00:32 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-05 03:22 - 2020-08-03 04:54 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-05 03:22 - 2020-08-03 04:54 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-05 03:22 - 2020-08-03 04:54 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-05 03:22 - 2020-08-03 04:53 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-05 03:22 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-05 03:21 - 2020-08-03 04:53 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-05 03:21 - 2018-06-21 04:36 - 000000000 ____D C:\Users\baile\AppData\Local\CrashDumps
2020-09-04 00:13 - 2020-04-20 21:42 - 000000000 ____D C:\Users\baile\Documents\Sewing
2020-09-01 23:38 - 2018-04-13 05:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-27 21:48 - 2020-06-26 03:38 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-27 21:48 - 2020-06-26 03:38 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 02:59 - 2017-12-19 22:12 - 000000000 ____D C:\Users\baile\AppData\Local\Packages

==================== Files in the root of some directories ========

2020-07-07 23:53 - 2020-07-07 23:53 - 003133892 _____ () C:\Users\baile\AppData\Roaming\fix.ps1
2019-08-16 19:02 - 2019-08-16 19:02 - 000000000 _____ () C:\Users\baile\AppData\Local\BITCC06.tmp
2019-08-16 19:02 - 2019-08-16 19:02 - 000000000 _____ () C:\Users\baile\AppData\Local\BITCC36.tmp
2018-09-25 23:03 - 2018-09-25 23:03 - 000000000 _____ () C:\Users\baile\AppData\Local\oobelibMkey.log
2019-08-09 17:03 - 2019-08-09 17:03 - 000000017 _____ () C:\Users\baile\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
I am asking the developer of FRST about some results of the log and will get back to you as soon as possible.
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Let me know if this fixes it


---------------------------------------------------
Farbar Recovery Scan Tool - Fix

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Code:
    Start::
    Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2019-10-16]
    End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.
 

sportsmom2x2

Thread Starter
Joined
Sep 3, 2007
Messages
214
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by bailey (12-10-2020 22:38:46) Run:6
Running from C:\Users\baile\Desktop
Loaded Profiles: bailey
Boot Mode: Normal
==============================================

fixlist content:
*****************
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2019-10-16]

*****************

C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk => moved successfully

==== End of Fixlog 22:38:46 ====
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
912
Hi sportsmom2x2

Do you still receive the popup upon startup?
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top