This computer and my wife's computer are set up with file sharing and both are having issues. I want to get this computer fixed and then I will probably have to do this again with my wife's.
This computer becomes non responsive and hangs often. It will also not open programs and I have to restart it to get it to open the program. I do not have install disks or reboot disks.
Here is my log Thank you:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2020
Ran by Daniel (administrator) on HOMEPC (Hewlett-Packard 23-g017c) (03-05-2020 12:32:48)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel & QBDataServiceUser28 (Available Profiles: Daniel & QBDataServiceUser28)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
( (ATI Technologies Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_1\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SAP -> SAP SE or an SAP affiliate company) C:\Program Files (x86)\Intuit\QuickBooks 2018\QBDBMgrN.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.228\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7198424 2013-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\...\Run: [Spotify] => C:\Users\Daniel\AppData\Roaming\Spotify\Spotify.exe [22825376 2020-03-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4071840 2018-12-10] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-05-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> c:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-09-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-09-26] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-09-26] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-06-27]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-06-27]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-06-27]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2018\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06E88D07-CDDD-4236-89D6-507411BA70E3} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [382792 2020-04-22] (Intuit, Inc. -> Intuit Inc.)
Task: {09C60F2A-CAF7-4D25-B31C-D604943D898C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
Task: {0CC6F4A5-F5F4-4798-8625-EEFEDE288F97} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 9010 series => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPCustPartic.exe [6692256 2019-07-25] (HP Inc -> HP Inc.)
Task: {15360D51-ED96-43B7-90AE-401BD20E3610} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {28AA727C-8D2E-43A7-AF69-D11CE7FB588F} - System32\Tasks\DRScanner Startup => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [6078920 2020-02-22] (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {313AEF4F-7D6C-4835-8955-03B0A6672BC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {3AC1688A-6DFA-4174-B766-D6A7E5EBA99A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
Task: {3B991AB2-DF08-4B7E-ADE6-8067E2D66CBF} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {58FFC590-CF60-46D2-AAB2-6281799D1246} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761424 2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
Task: {5AFDECD2-9DFD-46E4-A942-BB3DF15DD061} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {73185AEF-8404-4D02-A5B0-CEBB734BB90B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {8B87510D-F4BA-4ADB-BEFC-AB713F1F5F46} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe [4147336 2020-03-20] (McAfee, Inc. -> McAfee, LLC)
Task: {91ABDF8F-89D3-4726-BADB-BFE6279ED64A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {A5D57E65-1848-45A9-BB2A-FAA572CEE97E} - System32\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001 => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-04-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C68E3F0F-D3F9-4637-A1A9-EFB3AEED985E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {C7D35114-9D71-43D8-AF78-85FFC3B8507C} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
Task: {C7F3C1AB-A73E-4AF8-8DB8-D32C98405B6C} - System32\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001 => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-04-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CC000EA5-7F82-4A2D-BD46-07436DA43168} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1448320 2020-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCF02621-7482-4A3C-AEDA-F1C7E1C44E99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
Task: {D1CA06C3-5F53-4C2A-B64D-B268FCF3A68D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {D31A61B3-7829-4180-81EB-7D1E25E33A69} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8D0DB40-F8D7-4AB6-B474-8C722FF5F43A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552120 2020-01-06] (McAfee, LLC -> McAfee, LLC.)
Task: {DD97FD2C-C168-4224-BC20-ED3965425688} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE923C74-FCB0-48B8-84A3-58017D2B2C84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {EED6E666-6A5C-4D29-943C-36FB38CD5F45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FA5348E8-24A2-4C97-856B-DD5FAC1BC928} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2019-12-12] (McAfee, Inc. -> McAfee, LLC.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001.job => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001.job => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{D4308C2F-E7B5-424E-98F9-2EBCD3AE793F}: [DhcpNameServer] 192.168.88.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
URLSearchHook: [S-1-5-21-541829613-2727475704-1047741498-1004] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-541829613-2727475704-1047741498-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-541829613-2727475704-1047741498-1004 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2020-04-22] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2013-08-21] (Microsoft Windows -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-02-05] (McAfee, LLC. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-02-05] (McAfee, LLC. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-541829613-2727475704-1047741498-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Daniel\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-541829613-2727475704-1047741498-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Daniel\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-541829613-2727475704-1047741498-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Daniel\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-24]
Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2020-05-03]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-22]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-22]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-03-30]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-22]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Satellite & Earth Maps) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejoikpaoingpnebdnolankempckocjbj [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Cisco Webex Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-04-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [239616 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink Corp. -> CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink Corp. -> CyberLink)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-17] (Malwarebytes Inc -> Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_1\McApExe.exe [758864 2020-02-05] (McAfee, LLC. -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe [2687856 2020-01-25] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1737992 2020-02-06] (McAfee, LLC -> McAfee, LLC.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1373912 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2018-04-27] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1537536 2018-04-27] (Intuit Inc.) [File not signed]
R3 QuickBooksDB28; C:\Program Files (x86)\Intuit\QuickBooks 2018\QBDBMgrN.exe [133904 2020-04-22] (SAP -> SAP SE or an SAP affiliate company)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.228\WsAppService.exe [493280 2017-07-28] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [12526592 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [619008 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75896 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131904 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [527272 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380840 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85920 2020-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521128 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [997800 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116856 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252328 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-01-31] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167232 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 mfeplk01; \Device\mfeplk01.sys [X]
S3 mfeplk02; \Device\mfeplk02.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-03 12:32 - 2020-05-03 12:34 - 000030486 _____ C:\Users\Daniel\Desktop\FRST.txt
2020-05-03 12:31 - 2020-05-03 12:33 - 000000000 ____D C:\FRST
2020-05-03 12:29 - 2020-05-03 12:29 - 000000944 _____ C:\Users\Daniel\Desktop\FRST64.exe - Shortcut.lnk
2020-05-03 12:25 - 2020-05-03 12:26 - 002283520 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2020-05-03 09:55 - 2020-05-03 09:55 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-03 09:54 - 2020-05-03 09:54 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-29 18:51 - 2018-06-22 17:08 - 000370424 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\wpcap.dll
2020-04-29 18:51 - 2018-06-22 17:08 - 000282360 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2020-04-29 18:51 - 2018-06-22 17:08 - 000107768 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Packet.dll
2020-04-29 18:51 - 2018-06-22 17:08 - 000098040 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2020-04-29 18:51 - 2018-01-31 12:16 - 000036600 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2020-04-24 13:52 - 2020-04-24 15:19 - 000000000 __SHD C:\Users\Daniel\Documents\cache
2020-04-24 13:51 - 2020-05-01 10:40 - 000000000 ____D C:\Users\Daniel\AppData\Local\WebEx
2020-04-24 13:51 - 2020-04-24 13:51 - 003650688 _____ (Cisco Webex LLC) C:\Users\Daniel\Downloads\Cisco_WebEx_Add-On.exe
2020-04-24 13:51 - 2020-04-24 13:51 - 002920768 _____ (Cisco Webex LLC) C:\Users\Daniel\Downloads\,coloradoevents,159351289979894045,1513114671,EC,00639802,SDJTSwAAAARQfINvPVwDSxEkY7bEyfeIbXHltVF_EpThEKppl0l7eQ2,1_webex.exe
2020-04-24 13:51 - 2020-04-24 13:51 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Mozilla
2020-04-24 09:53 - 2020-04-24 09:53 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_a90e860ee85aa307 (1).exe
2020-04-24 09:39 - 2020-04-24 09:40 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_a90e860ee85aa307.exe
2020-04-22 12:20 - 2020-04-22 12:20 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_o42a8sofizku_7e0aee1f240f2478.exe
2020-04-22 12:19 - 2020-04-22 12:19 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_o42a8sofizku_562edd8281a19674 (1).exe
2020-04-22 12:01 - 2020-04-22 12:01 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_o42a8sofizku_562edd8281a19674.exe
2020-04-22 11:20 - 2020-04-22 11:20 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-22 11:15 - 2020-04-22 11:15 - 000777965 _____ C:\Users\Daniel\Downloads\Grand Foundation Electric Utility Grant App.pdf
2020-04-22 09:57 - 2020-04-22 09:58 - 000239199 _____ C:\Users\Daniel\Downloads\EDITEDJacksonCounty-SBGF-App-1.pdf
2020-04-16 11:47 - 2020-03-31 00:23 - 001368080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-04-16 11:47 - 2020-03-30 23:57 - 007362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 11:47 - 2020-03-30 23:42 - 001737520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 11:47 - 2020-03-30 22:49 - 001500888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 11:47 - 2020-03-30 22:47 - 025754624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 11:47 - 2020-03-30 22:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 11:47 - 2020-03-30 22:22 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 11:47 - 2020-03-30 22:11 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 11:47 - 2020-03-30 22:10 - 005499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-16 11:47 - 2020-03-30 22:08 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 11:47 - 2020-03-30 21:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 11:47 - 2020-03-30 21:52 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 11:47 - 2020-03-30 21:43 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 11:47 - 2020-03-30 21:42 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-04-16 11:47 - 2020-03-30 21:35 - 015468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-16 11:47 - 2020-03-30 21:34 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-04-16 11:47 - 2020-03-30 21:23 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 11:47 - 2020-03-30 21:22 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-04-16 11:47 - 2020-03-30 21:20 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 11:47 - 2020-03-30 21:20 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-16 11:47 - 2020-03-30 21:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-04-16 11:47 - 2020-03-30 21:17 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-04-16 11:47 - 2020-03-30 21:14 - 013854720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-16 11:47 - 2020-03-30 21:10 - 001493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 11:47 - 2020-03-30 21:09 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-16 11:47 - 2020-03-30 20:59 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 11:47 - 2020-03-30 20:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-04-16 11:47 - 2020-03-30 20:56 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-16 11:47 - 2020-03-30 20:54 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-04-16 11:47 - 2020-03-27 08:25 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 11:47 - 2020-03-27 06:41 - 001680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 11:47 - 2020-03-23 18:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 11:47 - 2020-03-18 23:26 - 000374008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-04-16 11:47 - 2020-03-18 22:11 - 000316152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-04-16 11:47 - 2020-03-18 21:53 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 11:47 - 2020-03-18 21:17 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 11:47 - 2020-03-11 18:40 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 11:47 - 2020-03-10 02:09 - 001764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 11:47 - 2020-03-10 01:57 - 001135904 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 11:47 - 2020-03-10 01:22 - 001489728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 11:47 - 2020-03-10 00:27 - 000860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 11:47 - 2020-03-10 00:08 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 11:47 - 2020-03-09 23:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 11:47 - 2020-03-09 23:42 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 11:47 - 2020-03-07 23:20 - 000217400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 11:47 - 2020-03-07 22:31 - 000136816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 11:47 - 2020-03-07 22:03 - 000955640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 11:47 - 2020-03-07 21:44 - 000166248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 11:47 - 2020-03-07 21:22 - 000788096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 11:47 - 2020-03-07 20:45 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 11:47 - 2020-03-07 20:03 - 001479680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 11:47 - 2020-03-07 19:39 - 001335808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 11:47 - 2020-03-07 19:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 11:47 - 2020-03-07 19:37 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 11:47 - 2020-03-07 19:33 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 11:47 - 2020-03-07 19:29 - 003718144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 11:47 - 2020-03-07 19:24 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 11:47 - 2020-03-07 19:23 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 11:47 - 2020-03-07 19:21 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 11:47 - 2020-03-07 19:19 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 11:47 - 2020-03-07 17:25 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 11:47 - 2020-03-07 17:25 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 11:47 - 2020-02-13 02:01 - 000989648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 11:47 - 2020-02-08 14:03 - 000162416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 11:47 - 2020-02-05 08:20 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 11:15 - 2020-04-16 11:15 - 000323092 _____ C:\Users\Daniel\Downloads\Cratex Rubber Brochure.pdf
2020-04-16 11:14 - 2020-04-16 11:15 - 002014108 _____ C:\Users\Daniel\Downloads\Spedecut Catalog.pdf
2020-04-14 08:20 - 2020-04-14 08:20 - 000687256 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 004944424 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 003573320 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 001354600 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 000989032 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
2020-04-09 13:43 - 2020-04-09 13:43 - 000004974 _____ C:\Users\Daniel\Downloads\5b538b1717af4c76b1c795409b7390c8 (1).pdf
2020-04-09 13:38 - 2020-04-09 13:39 - 000004237 _____ C:\Users\Daniel\Downloads\5b538b1717af4c76b1c795409b7390c8.pdf
2020-04-06 15:02 - 2020-04-06 15:02 - 000364472 _____ (LogMeIn, Inc.) C:\Users\Daniel\Downloads\GoToMeeting Opener.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-03 12:26 - 2018-03-22 19:16 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-541829613-2727475704-1047741498-1001
2020-05-03 12:19 - 2018-03-21 18:07 - 000000000 ___DO C:\Users\Daniel\SkyDrive
2020-05-03 12:17 - 2014-07-02 23:15 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-05-03 12:00 - 2018-03-21 18:06 - 000003922 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{75B7D421-5167-49AC-A59C-D7F49F36E418}
2020-05-03 11:36 - 2020-03-23 11:54 - 000000558 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001.job
2020-05-03 10:45 - 2018-03-23 12:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-05-03 10:38 - 2018-11-10 16:01 - 000000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2020-05-03 10:38 - 2018-11-10 16:00 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2020-05-03 09:54 - 2013-08-22 08:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-03 09:53 - 2013-08-22 07:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-05-03 09:51 - 2018-06-27 14:10 - 000000090 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2020-05-03 09:44 - 2013-08-22 07:36 - 000000000 ____D C:\WINDOWS\Inf
2020-05-03 09:41 - 2013-08-22 07:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-05-01 21:28 - 2013-08-22 09:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-01 14:55 - 2018-03-22 19:19 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-01 14:55 - 2018-03-22 19:19 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-01 14:55 - 2018-03-22 19:19 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-01 10:32 - 2018-07-27 15:28 - 000000000 ____D C:\Program Files (x86)\Brother
2020-04-24 15:38 - 2018-03-21 18:05 - 000000000 ____D C:\Users\Daniel\AppData\Local\Packages
2020-04-24 15:24 - 2019-04-24 11:20 - 000000000 ____D C:\Users\Daniel\Documents\Danny
2020-04-24 09:43 - 2019-07-27 10:45 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-22 11:20 - 2020-04-01 10:20 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Zoom
2020-04-21 10:46 - 2013-08-22 09:36 - 000000000 ____D C:\WINDOWS\rescache
2020-04-21 09:50 - 2013-08-22 09:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-21 09:47 - 2014-07-02 23:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-18 12:57 - 2013-08-22 08:44 - 000512336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-18 12:49 - 2018-04-02 01:21 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2020-04-15 09:45 - 2018-06-24 11:18 - 000003172 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-541829613-2727475704-1047741498-1001
2020-04-15 09:44 - 2019-05-12 11:47 - 000002345 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2020-04-07 14:38 - 2020-03-23 11:54 - 000003652 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001
2020-04-07 14:38 - 2020-03-23 11:54 - 000003556 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001
2020-04-07 14:38 - 2020-03-23 11:54 - 000000654 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001.job
2020-04-07 14:38 - 2020-03-23 11:54 - 000000000 ____D C:\Users\Daniel\AppData\Local\GoToMeeting
==================== Files in the root of some directories ========
2018-06-29 12:48 - 2018-06-29 12:49 - 000053498 _____ () C:\Users\Daniel\AppData\Roaming\QBFileDrTool.log
2018-06-29 13:11 - 2019-05-18 15:16 - 000483992 _____ () C:\Users\Daniel\AppData\Roaming\QBFileDrTool_HOMEPC.log
2019-05-04 15:53 - 2019-06-04 12:12 - 000344220 _____ () C:\Users\Daniel\AppData\Local\ars.cache
2019-05-04 15:54 - 2019-06-04 12:13 - 000951294 _____ () C:\Users\Daniel\AppData\Local\census.cache
2019-05-04 15:17 - 2019-05-04 15:17 - 000000036 _____ () C:\Users\Daniel\AppData\Local\housecall.guid.cache
2019-09-27 11:57 - 2019-09-27 11:57 - 000007607 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2019-05-04 15:24 - 2019-06-04 10:08 - 000000010 _____ () C:\Users\Daniel\AppData\Local\sponge.last.runtime.cache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-05-01 11:43
==================== End of FRST.txt ========================
This computer becomes non responsive and hangs often. It will also not open programs and I have to restart it to get it to open the program. I do not have install disks or reboot disks.
Here is my log Thank you:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2020
Ran by Daniel (administrator) on HOMEPC (Hewlett-Packard 23-g017c) (03-05-2020 12:32:48)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel & QBDataServiceUser28 (Available Profiles: Daniel & QBDataServiceUser28)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
( (ATI Technologies Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_1\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SAP -> SAP SE or an SAP affiliate company) C:\Program Files (x86)\Intuit\QuickBooks 2018\QBDBMgrN.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.228\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7198424 2013-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\...\Run: [Spotify] => C:\Users\Daniel\AppData\Roaming\Spotify\Spotify.exe [22825376 2020-03-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4071840 2018-12-10] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-05-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> c:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-09-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-09-26] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-09-26] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-06-27]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-06-27]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-06-27]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2018\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06E88D07-CDDD-4236-89D6-507411BA70E3} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [382792 2020-04-22] (Intuit, Inc. -> Intuit Inc.)
Task: {09C60F2A-CAF7-4D25-B31C-D604943D898C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
Task: {0CC6F4A5-F5F4-4798-8625-EEFEDE288F97} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 9010 series => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPCustPartic.exe [6692256 2019-07-25] (HP Inc -> HP Inc.)
Task: {15360D51-ED96-43B7-90AE-401BD20E3610} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {28AA727C-8D2E-43A7-AF69-D11CE7FB588F} - System32\Tasks\DRScanner Startup => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [6078920 2020-02-22] (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {313AEF4F-7D6C-4835-8955-03B0A6672BC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {3AC1688A-6DFA-4174-B766-D6A7E5EBA99A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
Task: {3B991AB2-DF08-4B7E-ADE6-8067E2D66CBF} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {58FFC590-CF60-46D2-AAB2-6281799D1246} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761424 2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
Task: {5AFDECD2-9DFD-46E4-A942-BB3DF15DD061} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {73185AEF-8404-4D02-A5B0-CEBB734BB90B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {8B87510D-F4BA-4ADB-BEFC-AB713F1F5F46} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe [4147336 2020-03-20] (McAfee, Inc. -> McAfee, LLC)
Task: {91ABDF8F-89D3-4726-BADB-BFE6279ED64A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {A5D57E65-1848-45A9-BB2A-FAA572CEE97E} - System32\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001 => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-04-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C68E3F0F-D3F9-4637-A1A9-EFB3AEED985E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {C7D35114-9D71-43D8-AF78-85FFC3B8507C} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
Task: {C7F3C1AB-A73E-4AF8-8DB8-D32C98405B6C} - System32\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001 => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-04-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CC000EA5-7F82-4A2D-BD46-07436DA43168} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1448320 2020-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCF02621-7482-4A3C-AEDA-F1C7E1C44E99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-22] (Google Inc -> Google Inc.)
Task: {D1CA06C3-5F53-4C2A-B64D-B268FCF3A68D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {D31A61B3-7829-4180-81EB-7D1E25E33A69} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8D0DB40-F8D7-4AB6-B474-8C722FF5F43A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552120 2020-01-06] (McAfee, LLC -> McAfee, LLC.)
Task: {DD97FD2C-C168-4224-BC20-ED3965425688} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE923C74-FCB0-48B8-84A3-58017D2B2C84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {EED6E666-6A5C-4D29-943C-36FB38CD5F45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FA5348E8-24A2-4C97-856B-DD5FAC1BC928} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2019-12-12] (McAfee, Inc. -> McAfee, LLC.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001.job => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001.job => C:\Users\Daniel\AppData\Local\GoToMeeting\17359\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{D4308C2F-E7B5-424E-98F9-2EBCD3AE793F}: [DhcpNameServer] 192.168.88.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-541829613-2727475704-1047741498-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
URLSearchHook: [S-1-5-21-541829613-2727475704-1047741498-1004] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-541829613-2727475704-1047741498-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-541829613-2727475704-1047741498-1004 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2020-04-22] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2013-08-21] (Microsoft Windows -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-02-05] (McAfee, LLC. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-02-05] (McAfee, LLC. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-541829613-2727475704-1047741498-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Daniel\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-541829613-2727475704-1047741498-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Daniel\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-541829613-2727475704-1047741498-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Daniel\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-24]
Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2020-05-03]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-22]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-22]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-03-30]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-22]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Satellite & Earth Maps) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejoikpaoingpnebdnolankempckocjbj [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Cisco Webex Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-04-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [239616 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink Corp. -> CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink Corp. -> CyberLink)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-17] (Malwarebytes Inc -> Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_1\McApExe.exe [758864 2020-02-05] (McAfee, LLC. -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe [2687856 2020-01-25] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1737992 2020-02-06] (McAfee, LLC -> McAfee, LLC.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1373912 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2018-04-27] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1537536 2018-04-27] (Intuit Inc.) [File not signed]
R3 QuickBooksDB28; C:\Program Files (x86)\Intuit\QuickBooks 2018\QBDBMgrN.exe [133904 2020-04-22] (SAP -> SAP SE or an SAP affiliate company)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.228\WsAppService.exe [493280 2017-07-28] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [12526592 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [619008 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75896 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131904 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [527272 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380840 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85920 2020-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521128 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [997800 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116856 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252328 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-01-31] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167232 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 mfeplk01; \Device\mfeplk01.sys [X]
S3 mfeplk02; \Device\mfeplk02.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-03 12:32 - 2020-05-03 12:34 - 000030486 _____ C:\Users\Daniel\Desktop\FRST.txt
2020-05-03 12:31 - 2020-05-03 12:33 - 000000000 ____D C:\FRST
2020-05-03 12:29 - 2020-05-03 12:29 - 000000944 _____ C:\Users\Daniel\Desktop\FRST64.exe - Shortcut.lnk
2020-05-03 12:25 - 2020-05-03 12:26 - 002283520 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2020-05-03 09:55 - 2020-05-03 09:55 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-03 09:54 - 2020-05-03 09:54 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-29 18:51 - 2018-06-22 17:08 - 000370424 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\wpcap.dll
2020-04-29 18:51 - 2018-06-22 17:08 - 000282360 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2020-04-29 18:51 - 2018-06-22 17:08 - 000107768 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Packet.dll
2020-04-29 18:51 - 2018-06-22 17:08 - 000098040 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2020-04-29 18:51 - 2018-01-31 12:16 - 000036600 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2020-04-24 13:52 - 2020-04-24 15:19 - 000000000 __SHD C:\Users\Daniel\Documents\cache
2020-04-24 13:51 - 2020-05-01 10:40 - 000000000 ____D C:\Users\Daniel\AppData\Local\WebEx
2020-04-24 13:51 - 2020-04-24 13:51 - 003650688 _____ (Cisco Webex LLC) C:\Users\Daniel\Downloads\Cisco_WebEx_Add-On.exe
2020-04-24 13:51 - 2020-04-24 13:51 - 002920768 _____ (Cisco Webex LLC) C:\Users\Daniel\Downloads\,coloradoevents,159351289979894045,1513114671,EC,00639802,SDJTSwAAAARQfINvPVwDSxEkY7bEyfeIbXHltVF_EpThEKppl0l7eQ2,1_webex.exe
2020-04-24 13:51 - 2020-04-24 13:51 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Mozilla
2020-04-24 09:53 - 2020-04-24 09:53 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_a90e860ee85aa307 (1).exe
2020-04-24 09:39 - 2020-04-24 09:40 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_a90e860ee85aa307.exe
2020-04-22 12:20 - 2020-04-22 12:20 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_o42a8sofizku_7e0aee1f240f2478.exe
2020-04-22 12:19 - 2020-04-22 12:19 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_o42a8sofizku_562edd8281a19674 (1).exe
2020-04-22 12:01 - 2020-04-22 12:01 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Daniel\Downloads\Zoom_o42a8sofizku_562edd8281a19674.exe
2020-04-22 11:20 - 2020-04-22 11:20 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-22 11:15 - 2020-04-22 11:15 - 000777965 _____ C:\Users\Daniel\Downloads\Grand Foundation Electric Utility Grant App.pdf
2020-04-22 09:57 - 2020-04-22 09:58 - 000239199 _____ C:\Users\Daniel\Downloads\EDITEDJacksonCounty-SBGF-App-1.pdf
2020-04-16 11:47 - 2020-03-31 00:23 - 001368080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-04-16 11:47 - 2020-03-30 23:57 - 007362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 11:47 - 2020-03-30 23:42 - 001737520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 11:47 - 2020-03-30 22:49 - 001500888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 11:47 - 2020-03-30 22:47 - 025754624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 11:47 - 2020-03-30 22:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 11:47 - 2020-03-30 22:22 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 11:47 - 2020-03-30 22:11 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 11:47 - 2020-03-30 22:10 - 005499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-16 11:47 - 2020-03-30 22:08 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 11:47 - 2020-03-30 21:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 11:47 - 2020-03-30 21:52 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 11:47 - 2020-03-30 21:43 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 11:47 - 2020-03-30 21:42 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-04-16 11:47 - 2020-03-30 21:35 - 015468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-16 11:47 - 2020-03-30 21:34 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-04-16 11:47 - 2020-03-30 21:23 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 11:47 - 2020-03-30 21:22 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-04-16 11:47 - 2020-03-30 21:20 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 11:47 - 2020-03-30 21:20 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-16 11:47 - 2020-03-30 21:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-04-16 11:47 - 2020-03-30 21:17 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-04-16 11:47 - 2020-03-30 21:14 - 013854720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-16 11:47 - 2020-03-30 21:10 - 001493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 11:47 - 2020-03-30 21:09 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-16 11:47 - 2020-03-30 20:59 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 11:47 - 2020-03-30 20:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-04-16 11:47 - 2020-03-30 20:56 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-16 11:47 - 2020-03-30 20:54 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-04-16 11:47 - 2020-03-27 08:25 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 11:47 - 2020-03-27 06:41 - 001680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 11:47 - 2020-03-23 18:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 11:47 - 2020-03-18 23:26 - 000374008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-04-16 11:47 - 2020-03-18 22:11 - 000316152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-04-16 11:47 - 2020-03-18 21:53 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 11:47 - 2020-03-18 21:17 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 11:47 - 2020-03-11 18:40 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 11:47 - 2020-03-10 02:09 - 001764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 11:47 - 2020-03-10 01:57 - 001135904 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 11:47 - 2020-03-10 01:22 - 001489728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 11:47 - 2020-03-10 00:27 - 000860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 11:47 - 2020-03-10 00:08 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 11:47 - 2020-03-09 23:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 11:47 - 2020-03-09 23:42 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 11:47 - 2020-03-07 23:20 - 000217400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 11:47 - 2020-03-07 22:31 - 000136816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 11:47 - 2020-03-07 22:03 - 000955640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 11:47 - 2020-03-07 21:44 - 000166248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 11:47 - 2020-03-07 21:22 - 000788096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 11:47 - 2020-03-07 20:45 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 11:47 - 2020-03-07 20:03 - 001479680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 11:47 - 2020-03-07 19:39 - 001335808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 11:47 - 2020-03-07 19:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 11:47 - 2020-03-07 19:37 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 11:47 - 2020-03-07 19:33 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 11:47 - 2020-03-07 19:29 - 003718144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 11:47 - 2020-03-07 19:24 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 11:47 - 2020-03-07 19:23 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 11:47 - 2020-03-07 19:21 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 11:47 - 2020-03-07 19:19 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 11:47 - 2020-03-07 17:25 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 11:47 - 2020-03-07 17:25 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 11:47 - 2020-02-13 02:01 - 000989648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 11:47 - 2020-02-08 14:03 - 000162416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 11:47 - 2020-02-05 08:20 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 11:47 - 2020-02-05 08:20 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 11:15 - 2020-04-16 11:15 - 000323092 _____ C:\Users\Daniel\Downloads\Cratex Rubber Brochure.pdf
2020-04-16 11:14 - 2020-04-16 11:15 - 002014108 _____ C:\Users\Daniel\Downloads\Spedecut Catalog.pdf
2020-04-14 08:20 - 2020-04-14 08:20 - 000687256 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 004944424 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 003573320 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 001354600 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2020-04-14 08:19 - 2020-04-14 08:19 - 000989032 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
2020-04-09 13:43 - 2020-04-09 13:43 - 000004974 _____ C:\Users\Daniel\Downloads\5b538b1717af4c76b1c795409b7390c8 (1).pdf
2020-04-09 13:38 - 2020-04-09 13:39 - 000004237 _____ C:\Users\Daniel\Downloads\5b538b1717af4c76b1c795409b7390c8.pdf
2020-04-06 15:02 - 2020-04-06 15:02 - 000364472 _____ (LogMeIn, Inc.) C:\Users\Daniel\Downloads\GoToMeeting Opener.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-03 12:26 - 2018-03-22 19:16 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-541829613-2727475704-1047741498-1001
2020-05-03 12:19 - 2018-03-21 18:07 - 000000000 ___DO C:\Users\Daniel\SkyDrive
2020-05-03 12:17 - 2014-07-02 23:15 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-05-03 12:00 - 2018-03-21 18:06 - 000003922 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{75B7D421-5167-49AC-A59C-D7F49F36E418}
2020-05-03 11:36 - 2020-03-23 11:54 - 000000558 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001.job
2020-05-03 10:45 - 2018-03-23 12:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-05-03 10:38 - 2018-11-10 16:01 - 000000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2020-05-03 10:38 - 2018-11-10 16:00 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2020-05-03 09:54 - 2013-08-22 08:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-03 09:53 - 2013-08-22 07:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-05-03 09:51 - 2018-06-27 14:10 - 000000090 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2020-05-03 09:44 - 2013-08-22 07:36 - 000000000 ____D C:\WINDOWS\Inf
2020-05-03 09:41 - 2013-08-22 07:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-05-01 21:28 - 2013-08-22 09:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-01 14:55 - 2018-03-22 19:19 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-01 14:55 - 2018-03-22 19:19 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-01 14:55 - 2018-03-22 19:19 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-01 10:32 - 2018-07-27 15:28 - 000000000 ____D C:\Program Files (x86)\Brother
2020-04-24 15:38 - 2018-03-21 18:05 - 000000000 ____D C:\Users\Daniel\AppData\Local\Packages
2020-04-24 15:24 - 2019-04-24 11:20 - 000000000 ____D C:\Users\Daniel\Documents\Danny
2020-04-24 09:43 - 2019-07-27 10:45 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-22 11:20 - 2020-04-01 10:20 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Zoom
2020-04-21 10:46 - 2013-08-22 09:36 - 000000000 ____D C:\WINDOWS\rescache
2020-04-21 09:50 - 2013-08-22 09:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-21 09:47 - 2014-07-02 23:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-18 12:57 - 2013-08-22 08:44 - 000512336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-18 12:49 - 2018-04-02 01:21 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2020-04-15 09:45 - 2018-06-24 11:18 - 000003172 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-541829613-2727475704-1047741498-1001
2020-04-15 09:44 - 2019-05-12 11:47 - 000002345 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2020-04-07 14:38 - 2020-03-23 11:54 - 000003652 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001
2020-04-07 14:38 - 2020-03-23 11:54 - 000003556 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-541829613-2727475704-1047741498-1001
2020-04-07 14:38 - 2020-03-23 11:54 - 000000654 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-541829613-2727475704-1047741498-1001.job
2020-04-07 14:38 - 2020-03-23 11:54 - 000000000 ____D C:\Users\Daniel\AppData\Local\GoToMeeting
==================== Files in the root of some directories ========
2018-06-29 12:48 - 2018-06-29 12:49 - 000053498 _____ () C:\Users\Daniel\AppData\Roaming\QBFileDrTool.log
2018-06-29 13:11 - 2019-05-18 15:16 - 000483992 _____ () C:\Users\Daniel\AppData\Roaming\QBFileDrTool_HOMEPC.log
2019-05-04 15:53 - 2019-06-04 12:12 - 000344220 _____ () C:\Users\Daniel\AppData\Local\ars.cache
2019-05-04 15:54 - 2019-06-04 12:13 - 000951294 _____ () C:\Users\Daniel\AppData\Local\census.cache
2019-05-04 15:17 - 2019-05-04 15:17 - 000000036 _____ () C:\Users\Daniel\AppData\Local\housecall.guid.cache
2019-09-27 11:57 - 2019-09-27 11:57 - 000007607 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2019-05-04 15:24 - 2019-06-04 10:08 - 000000010 _____ () C:\Users\Daniel\AppData\Local\sponge.last.runtime.cache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-05-01 11:43
==================== End of FRST.txt ========================