I've received a laptop from friend who has some basic experience with computers. "It's slow, I think it has virus." was their reason. After checking it out, it has 5400RPM drive but I did some scans anyway. It has McAfee LiveSafe without active license.
MalwareBytes anti-malware found one infection:
Ransom.CryptProject, C:\USERS\[USERNAME]\APPDATA\LOCAL\TEMP\LOW\RAD3A201.TMP.DLL no action , ,1.0.1954
McAfee have been running during MBAM scan, and when MBAM found it, a McAfee window pop out saying that file has been pun into quarantine. Without active licence, I can't do anything in it. Not even look into logs, or quarantine.
Nod 32 found 2 PUPs. However even with McAfee disabled, it was causing some issues, so I uninstalled it. Not sure if I deleted them or not.
Other than that, it seems to be clean. No sign of ransomware, files doesn't seems to be encrypted, no files saying something about encryption. It seems to be slow because of the HDD instead of virus.
Should I give it back to them or do some more scans?
(if so, can i use [USERNAME] instead of their real username?)