Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2022 Ran by Wade (administrator) on LAPTOP-4NE5FS8F (HUAWEI KPL-W0X) (28-10-2022 12:47:28) Running from C:\Users\Wade\OneDrive\Desktop Loaded Profiles: Wade Platform: Microsoft Windows 10 Home Version 22H2 19045.2130 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files\Huawei\HwOsd\OSDMainService.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\Huawei\HwOsd\OSDListener.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (DriverStore\FileRepository\u0335410.inf_amd64_8673f154b4eb3d39\B335408\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0335410.inf_amd64_8673f154b4eb3d39\B335408\atieclxx.exe (explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0335410.inf_amd64_8673f154b4eb3d39\B335408\atiesrxx.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\Huawei\HwOsd\OSDMainService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\Huawei\PCManager\MateBookService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> Microsoft) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> IntelĀ® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_82608b626ba1b8a0\RtkAudUService64.exe <3> (services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_82608b626ba1b8a0\RtkAudUService64.exe [1203952 2020-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-612249682-4202380856-1698065691-1001\...\Run: [Amazon Music] => C:\Users\Wade\AppData\Local\Amazon Music\Amazon Music.exe [20144584 2020-04-14] (Amazon.com Services LLC -> Amazon.com Services LLC) HKU\S-1-5-21-612249682-4202380856-1698065691-1001\...\Run: [OneDrive] => "C:\Users\Wade\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (No File) HKU\S-1-5-21-612249682-4202380856-1698065691-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10994528 2022-04-30] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-612249682-4202380856-1698065691-1001\...\Run: [Amazon Music Helper] => C:\Users\Wade\AppData\Local\Amazon Music\Amazon Music Helper.exe [2091976 2020-04-14] (Amazon.com Services LLC -> Amazon.com Services LLC) HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\WINDOWS\system32\hpinkstsD911LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\WINDOWS\system32\hpinkstsE511LM.dll [393352 2017-03-09] (Hewlett Packard -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.121\Installer\chrmstp.exe [2022-10-27] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00B5CC17-2B3B-434F-A367-58120BE1A01F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-612249682-4202380856-1698065691-1001 => C:\Users\Wade\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File) Task: {1625A1C2-73F0-4A6D-AEFA-B6475C25F4A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1B384C5C-EC77-4578-B7E2-A6459F2A36A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-16] (Google Inc -> Google Inc.) Task: {1CD6679B-AD3F-423E-AD33-AF37C48FB731} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3F014D50-8BBF-4514-9EEA-919187922D8E} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Wade\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-10-26] (ESET, spol. s r.o. -> ESET) Task: {41A1968F-013E-4887-BF04-06CA743D40AC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-04-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {4845D246-E6FC-4025-9DB5-8C27D60A7414} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-16] (Google Inc -> Google Inc.) Task: {5EE83791-3802-4C54-A9A1-6768CF73EDD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {71B596A1-7412-4235-8F2F-25A0EEE485A7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-612249682-4202380856-1698065691-1001 => C:\Users\Wade\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) Task: {A2B7C30E-39C8-4689-9953-DDAC1C49C818} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E86905CA-48E6-4448-9D10-0DB8BD01A780} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Wade\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) Task: {E8829530-F080-446F-B150-446A427D01C8} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Wade\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-10-26] (ESET, spol. s r.o. -> ESET) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0fd44dc5-54d3-4548-a4de-121a058f2fb6}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{f08c54a9-9236-4a6d-a4eb-768fa4971619}: [DhcpNameServer] 40.40.1.11 Edge: ======= DownloadDir: C:\Users\Wade\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\Wade\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-23] Edge DefaultSearchURL: Default -> hxxps://mobility-search.com/search?subid=11119&u=7df685ee95350dcc&channel=default&keyword={searchTerms} Edge DefaultSearchKeyword: Default -> google Edge DefaultNewTabURL: Default -> hxxps://mobilisearch.com/?path=chrome/newtab&u=7df685ee95350dcc&subid=11119&channel=default Edge DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316 Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Wade\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-12] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Wade\AppData\Local\Google\Chrome\User Data\Default [2022-10-28] CHR HomePage: Default -> hxxp://google.com/ CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316 CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\Wade\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2022-10-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\Wade\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-26] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602544 2018-09-27] (Dolby Laboratories, Inc. -> ) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [294968 2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [24528 2018-03-22] (Huawei Technologies Co., Ltd. -> Microsoft) U2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [890696 2018-04-10] (Huawei Technologies Co., Ltd. -> ) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-22] (Malwarebytes Inc. -> Malwarebytes) R2 OSDMainService; C:\Program Files\Huawei\HwOsd\OSDMainService.exe [166216 2018-04-10] (Huawei Technologies Co., Ltd. -> ) [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] S3 hwnetstat; C:\Program Files\Huawei\PCManager\WFPDriver.sys [32784 2018-04-10] (Huawei Technologies Co.,Ltd. -> ) S3 HwOs2ECx64; C:\Program Files\Huawei\PCManager\HwOs2EC10x64.sys [51336 2018-04-10] (Huawei Technologies Co., Ltd. -> Huawei) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [18912 2022-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [766040 2017-10-26] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [41400 2020-11-16] (McAfee, LLC. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation) R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [27048 2018-02-27] (Huawei Technologies Co., Ltd. -> Huawei Device) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-10-26 20:21 - 2022-10-26 20:21 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-10-26 20:17 - 2022-10-26 20:17 - 000000000 ___HD C:\$WinREAgent 2022-10-26 18:35 - 2022-10-26 18:35 - 000003854 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2022-10-26 18:35 - 2022-10-26 18:35 - 000003412 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2022-10-26 15:49 - 2022-10-26 20:21 - 076546048 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-10-26 15:14 - 2022-10-26 15:16 - 000001384 _____ C:\Users\Wade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-10-26 15:14 - 2022-10-26 15:14 - 000000000 ____D C:\Users\Wade\AppData\Local\ESET 2022-10-26 10:00 - 2022-10-26 10:03 - 000031343 _____ C:\Users\Wade\Downloads\Addition.txt 2022-10-26 09:58 - 2022-10-26 10:04 - 000023288 _____ C:\Users\Wade\Downloads\FRST.txt 2022-10-25 10:16 - 2022-10-25 10:16 - 000013600 _____ C:\340x227.webp 2022-10-25 09:47 - 2022-10-25 13:05 - 000000000 ____D C:\AdwCleaner 2022-10-24 22:03 - 2022-10-28 12:47 - 000000000 ____D C:\FRST 2022-10-14 04:55 - 2022-10-14 04:55 - 000000000 ____D C:\Program Files\Google 2022-10-14 04:54 - 2022-10-14 04:54 - 000000000 ____D C:\Users\Wade\OneDrive\Documents\TotalAV 2022-10-14 04:52 - 2022-10-14 04:52 - 000000000 ____D C:\Users\Wade\AppData\Local\GUI 2022-10-14 04:52 - 2022-09-27 05:42 - 000018912 _____ (TODO: ) C:\WINDOWS\system32\Drivers\protected_elam.sys 2022-10-14 03:14 - 2022-10-26 15:49 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-10-13 19:53 - 2022-10-13 19:53 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-13 19:53 - 2022-10-13 19:53 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-13 19:52 - 2022-10-13 19:52 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-13 19:52 - 2022-10-13 19:52 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-13 19:52 - 2022-10-13 19:52 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-13 19:52 - 2022-10-13 19:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-13 19:52 - 2022-10-13 19:52 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-12 08:46 - 2022-10-12 08:47 - 000139264 _____ C:\Users\Wade\AppData\Local\Tempwd.tmp ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-10-28 12:19 - 2020-09-26 10:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-28 12:19 - 2019-01-16 13:26 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-28 11:50 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-28 11:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-28 11:21 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-28 09:45 - 2019-01-16 13:27 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-28 09:45 - 2019-01-16 13:27 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-10-26 20:26 - 2020-09-26 10:14 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-26 20:26 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF 2022-10-26 20:21 - 2021-02-12 10:55 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-26 20:21 - 2020-09-26 10:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-26 20:21 - 2020-09-26 10:10 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-26 20:21 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-10-26 20:20 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-26 20:16 - 2019-01-16 13:24 - 000000000 ____D C:\Users\Wade\AppData\Local\Packages 2022-10-22 22:45 - 2021-06-01 13:50 - 000000000 ____D C:\Users\Wade\AppData\Local\CrashDumps 2022-10-20 22:53 - 2019-05-13 18:23 - 000000000 ____D C:\Users\Wade\AppData\Local\D3DSCache 2022-10-14 22:15 - 2021-02-12 10:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-14 22:15 - 2021-02-12 10:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-14 04:58 - 2020-12-22 20:35 - 000000000 ____D C:\WINDOWS\Minidump 2022-10-14 04:58 - 2020-09-26 01:25 - 000000000 ___DC C:\WINDOWS\Panther 2022-10-14 04:52 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-10-13 23:25 - 2019-01-16 13:25 - 000000000 ___RD C:\Users\Wade\OneDrive 2022-10-13 23:24 - 2020-04-07 22:11 - 000000000 ____D C:\Users\Wade\AppData\Roaming\Zoom 2022-10-13 23:23 - 2020-09-26 03:05 - 000000000 ____D C:\Users\Wade 2022-10-13 23:18 - 2021-11-11 19:02 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-10-13 23:11 - 2020-04-07 22:09 - 000000000 ____D C:\Users\Wade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2022-10-13 21:04 - 2019-01-17 14:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-13 21:03 - 2020-09-26 10:10 - 000294712 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-13 21:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-13 19:57 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2022-10-13 19:57 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-13 19:52 - 2020-09-26 10:11 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-13 18:36 - 2019-01-16 13:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-13 18:21 - 2019-01-16 13:51 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-10 22:39 - 2021-12-14 09:43 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-612249682-4202380856-1698065691-1001 2022-10-10 22:39 - 2020-09-26 10:18 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-612249682-4202380856-1698065691-1001 ==================== Files in the root of some directories ======== 2022-10-12 08:46 - 2022-10-12 08:47 - 000139264 _____ () C:\Users\Wade\AppData\Local\Tempwd.tmp ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================