Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024 Ran by Dee Skelley (administrator) on ORIGINALWIN10 (11-10-2024 19:07:36) Running from C:\Users\Dee Skelley\Desktop\FRST64.exe Loaded Profiles: Dee Skelley Platform: Microsoft Windows 10 Home Version 22H2 19045.5011 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{401B6D55-BBE9-4AE6-BA44-2C45BEB8ADFB}\MicrosoftEdge_X64_129.0.2792.89_129.0.2792.79.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{401B6D55-BBE9-4AE6-BA44-2C45BEB8ADFB}\EDGEMITMP_F8D52.tmp\setup.exe <2> (C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{401B6D55-BBE9-4AE6-BA44-2C45BEB8ADFB}\MicrosoftEdge_X64_129.0.2792.89_129.0.2792.79.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe <2> (C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4950_none_7dd913727cb4d87c\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4950_none_7dd913727cb4d87c\TiWorker.exe (svchost.exe ->) (VS REVO GROUP OOD -> VS Revo Group Ltd.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe (wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.419.436.0.exe (wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\Run: [MicrosoftEdgeAutoLaunch_9E06BE8F7D505564A0EB94364EDC4BA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3795008 2024-10-03] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.100\Installer\chrmstp.exe [2024-10-11] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {33B7B7C9-3CD0-458A-B401-727EB5B130EF} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {ACE7DFD1-1D33-4F06-89BE-1455C4292002} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46B762EC-BEF6-47D3-B083-AEE0479F82C7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC) Task: {13B69687-8991-4675-9DC6-2416B3C47FA5} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-10] (Microsoft Windows -> Microsoft Corporation) Task: {8AE84541-D997-4FD5-91DE-25040D8D413E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D01D119A-9012-4A87-B9B4-C8E1FCDF5C3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {456A21FD-14FE-48C4-9B60-4A658DBE1CDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {91B5879F-2510-4C90-98A4-DCBBF9762630} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9984DECB-2584-403A-8353-405534E2F6DB} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {D6994431-9110-4FFC-8C13-68CA9EFAD27D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). Task: {B48B1455-2B29-4B56-A7E0-85FD4976B0D3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2958740073-524152327-740456925-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). Task: {480090C9-297F-4F08-99EB-E912D6AB3E17} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-10] (Mozilla Corporation -> Mozilla Foundation) Task: {41683C65-1928-4C50-A838-7AB05494EFA0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {DBFED809-9F40-4A00-9E4D-CDDB77C93933} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {85438D4E-F8F5-48A8-8BD5-BFBECFDD7D94} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4013240 2024-09-24] (VS REVO GROUP OOD -> VS Revo Group Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{a067245a-213d-47fd-9be3-53a8d9a6aa68}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{a067245a-213d-47fd-9be3-53a8d9a6aa68}: [DhcpDomain] hsd1.pa.comcast.net Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Dee Skelley\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-10] Edge Extension: (Google Docs Offline) - C:\Users\Dee Skelley\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-28] Edge Extension: (Edge relevant text changes) - C:\Users\Dee Skelley\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-09-28] FireFox: ======== FF DefaultProfile: spq8mt6f.default FF ProfilePath: C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\spq8mt6f.default [2024-10-05] FF ProfilePath: C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release [2024-10-11] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-10-01] FF Extension: (Kaspersky Protection) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2024-10-01] FF Extension: (Malwarebytes Browser Guard) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-10-02] FF Extension: (JavaScript Toggle On and Off) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2022-05-23] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default [2024-10-05] CHR Extension: (Dark Mode) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-01-06] CHR Extension: (Return YouTube Dislike) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-05-14] CHR Extension: (Google Docs Offline) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-14] CHR Extension: (AdBlock — best ad blocker) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-07-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-09] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-05] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2022-10-28] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9019096 2024-10-05] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-05] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-10-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-10-31] (AVAST Software s.r.o. -> The OpenVPN Project) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2024-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2024-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-10-08] (Malwarebytes Inc. -> Malwarebytes) R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-10-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-10-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-10-11 19:07 - 2024-10-11 19:11 - 000016280 _____ C:\Users\Dee Skelley\Desktop\FRST.txt 2024-10-11 18:42 - 2024-10-11 18:42 - 000000000 ____D C:\WINDOWS\Minidump 2024-10-10 14:49 - 2024-10-10 14:49 - 000021724 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-10-10 14:45 - 2024-10-10 14:45 - 000021724 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-10-10 14:25 - 2024-10-10 14:25 - 000000000 ___HD C:\$WinREAgent 2024-10-10 13:59 - 2024-10-10 13:59 - 000000000 ____D C:\Users\Dee Skelley\AppData\LocalLow\IGDump 2024-10-10 13:02 - 2024-10-10 13:02 - 000000249 _____ C:\Users\Dee Skelley\Desktop\Welcome! • Max.url 2024-10-10 12:52 - 2024-10-11 18:42 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-10-08 19:00 - 2024-10-08 15:19 - 000000000 ____D C:\Windows.old 2024-10-08 18:58 - 2024-10-08 19:00 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2024-10-08 18:56 - 2024-10-08 18:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2024-10-08 18:56 - 2024-10-08 15:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2024-10-08 18:53 - 2024-10-08 18:53 - 000000000 ____D C:\Program Files\Reference Assemblies 2024-10-08 18:53 - 2024-10-08 18:53 - 000000000 ____D C:\Program Files\MSBuild 2024-10-08 18:53 - 2024-10-08 18:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2024-10-08 18:53 - 2024-10-08 18:53 - 000000000 ____D C:\Program Files (x86)\MSBuild 2024-10-08 15:22 - 2024-10-08 15:22 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2024-10-08 15:20 - 2024-10-08 15:20 - 000000020 ___SH C:\Users\Dee Skelley\ntuser.ini 2024-10-08 15:18 - 2024-10-11 18:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-10-08 15:18 - 2024-10-10 14:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-10-08 15:18 - 2024-10-08 15:18 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-10-08 15:18 - 2024-10-08 15:18 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-10-08 15:18 - 2024-10-08 15:18 - 000002732 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate 2024-10-08 15:18 - 2024-10-08 15:18 - 000002262 _____ C:\WINDOWS\system32\Tasks\StartCN 2024-10-08 15:18 - 2024-10-08 15:18 - 000002182 _____ C:\WINDOWS\system32\Tasks\StartDVR 2024-10-08 15:18 - 2024-10-08 15:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\VS Revo Group 2024-10-08 15:17 - 2024-10-08 15:18 - 000002582 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2024-10-08 15:17 - 2024-10-08 15:17 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2024-10-08 15:17 - 2024-10-08 15:17 - 000011433 _____ C:\WINDOWS\diagerr.xml 2024-10-08 15:17 - 2024-10-08 15:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-10-08 15:13 - 2024-10-11 18:57 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-10-08 15:10 - 2024-10-08 15:10 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2024-10-08 15:10 - 2024-10-08 15:10 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\Network 2024-10-08 15:09 - 2024-10-08 15:09 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\SystemCertificates 2024-10-08 15:09 - 2024-10-08 15:09 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\Crypto 2024-10-08 15:08 - 2024-10-08 15:08 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-10-08 15:04 - 2024-10-10 13:59 - 000000000 ____D C:\Users\Dee Skelley 2024-10-08 15:04 - 2024-10-08 15:20 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\Windows 2024-10-08 15:01 - 2024-10-11 18:50 - 000259496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-10-08 15:01 - 2024-10-11 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-10-08 13:50 - 2024-10-08 15:20 - 000000000 ___DC C:\WINDOWS\Panther 2024-10-08 13:32 - 2024-10-08 13:32 - 000000000 ___HD C:\$Windows.~WS 2024-10-08 12:44 - 2024-10-08 12:44 - 869177361 _____ C:\WINDOWS\MEMORY.DMP 2024-10-05 13:19 - 2024-10-05 13:20 - 000000000 ____D C:\AdwCleaner 2024-10-05 13:18 - 2024-10-05 13:18 - 008790880 _____ (Malwarebytes) C:\Users\Dee Skelley\Desktop\AdwCleaner.exe 2024-10-05 13:14 - 2024-10-05 13:14 - 000001241 _____ C:\Users\Dee Skelley\Desktop\Malwarebytes Scan Report 2024-10-05 122544.txt 2024-10-05 12:21 - 2024-10-11 19:19 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Malwarebytes 2024-10-05 12:21 - 2024-10-05 12:21 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-10-05 12:21 - 2024-10-05 12:21 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-10-05 12:19 - 2024-10-05 12:19 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-10-05 12:19 - 2024-10-05 12:19 - 000000000 ____D C:\Program Files\Malwarebytes 2024-10-05 12:17 - 2024-10-05 12:17 - 002549600 _____ (Malwarebytes) C:\Users\Dee Skelley\Desktop\MBSetup.exe 2024-10-03 18:35 - 2024-10-11 19:07 - 000000000 ____D C:\Users\Dee Skelley\Desktop\OldScans 2024-10-02 11:36 - 2024-10-08 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2024-10-02 11:36 - 2024-10-02 11:36 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2024-10-02 11:36 - 2024-10-02 11:36 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\VS Revo Group 2024-10-02 11:36 - 2024-10-02 11:36 - 000000000 ____D C:\Program Files\VS Revo Group 2024-10-02 11:34 - 2024-10-02 11:34 - 011321064 _____ (VS Revo Group ) C:\Users\Dee Skelley\Desktop\revosetup.exe 2024-10-01 15:31 - 2024-10-11 19:09 - 000000000 ____D C:\FRST 2024-10-01 15:29 - 2024-10-01 15:29 - 002397696 _____ (Farbar) C:\Users\Dee Skelley\Desktop\FRST64.exe 2024-09-28 17:10 - 2024-10-11 18:45 - 000000000 ____D C:\WINDOWS\system32\compatrel 2024-09-27 12:48 - 2024-09-27 12:48 - 000000000 ____D C:\WINDOWS\system32\o2 ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-10-11 19:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-10-11 19:14 - 2021-07-08 15:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-10-11 19:14 - 2021-07-08 15:36 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-10-11 19:13 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-10-11 19:10 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-10-11 19:06 - 2022-03-05 15:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-10-11 19:00 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-10-11 19:00 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF 2024-10-11 18:59 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-10-11 18:51 - 2023-12-03 22:52 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-10-11 18:51 - 2021-07-09 10:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-10-11 18:51 - 2021-07-09 10:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-10-11 18:49 - 2021-07-08 17:31 - 000008192 ___SH C:\DumpStack.log.tmp 2024-10-11 18:49 - 2021-07-08 15:00 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2024-10-11 18:49 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2024-10-11 18:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-10-11 18:45 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2024-10-11 18:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-10-11 18:44 - 2023-12-03 22:52 - 000000000 ____D C:\WINDOWS\InboxApps 2024-10-11 18:44 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Portable Devices 2024-10-11 18:44 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2024-10-11 18:44 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2024-10-11 18:44 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2024-10-11 18:44 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-10-11 18:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-10-11 18:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-10-11 18:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning 2024-10-11 18:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-10-11 18:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-10-11 18:44 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing 2024-10-11 18:42 - 2021-07-08 17:31 - 000125952 ____N C:\WINDOWS\Minidump\101124-46046-01.dmp 2024-10-10 14:24 - 2021-07-08 15:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-10-10 14:22 - 2021-07-08 15:03 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-10-10 14:06 - 2021-11-22 18:55 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-10-10 14:06 - 2021-11-22 18:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-10-10 14:00 - 2021-07-22 19:50 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\D3DSCache 2024-10-10 12:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat 2024-10-08 19:00 - 2022-07-31 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2024-10-08 19:00 - 2022-07-16 03:29 - 000000000 ____D C:\WINDOWS\SysWOW64\AGEIA 2024-10-08 19:00 - 2022-07-16 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2024-10-08 19:00 - 2022-04-29 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows 2024-10-08 19:00 - 2022-04-29 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2024-10-08 19:00 - 2022-04-29 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2024-10-08 19:00 - 2022-03-18 15:44 - 000000000 ____D C:\Program Files\UNP 2024-10-08 19:00 - 2021-10-31 20:43 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2024-10-08 19:00 - 2021-08-01 16:25 - 000000000 ____D C:\WINDOWS\system32\AMD 2024-10-08 19:00 - 2021-07-23 13:19 - 000000000 ____D C:\WINDOWS\system32\4_e75a0a 2024-10-08 19:00 - 2021-07-22 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2024-10-08 19:00 - 2019-12-07 05:18 - 000000000 ____D C:\WINDOWS\Setup 2024-10-08 19:00 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 __RHD C:\Users\Public\Libraries 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\schemas 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate 2024-10-08 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2024-10-08 18:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2024-10-08 18:53 - 2019-12-07 05:10 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2024-10-08 18:53 - 2019-12-07 05:10 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2024-10-08 18:53 - 2019-12-07 05:10 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2024-10-08 18:53 - 2019-12-07 05:10 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2024-10-08 18:52 - 2019-12-07 05:09 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2024-10-08 18:52 - 2019-12-07 05:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2024-10-08 18:52 - 2019-12-07 05:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2024-10-08 18:52 - 2019-12-07 05:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2024-10-08 18:52 - 2019-12-07 05:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2024-10-08 18:52 - 2019-12-07 05:09 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2024-10-08 18:52 - 2019-12-07 05:09 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2024-10-08 15:20 - 2021-07-08 14:49 - 000000000 __RHD C:\Users\Public\AccountPictures 2024-10-08 15:20 - 2021-07-08 14:49 - 000000000 ___RD C:\Users\Dee Skelley\3D Objects 2024-10-08 15:17 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender 2024-10-08 15:10 - 2019-12-07 05:14 - 000000000 __RSD C:\WINDOWS\Media 2024-10-08 15:06 - 2021-07-22 18:51 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-10-08 15:06 - 2019-12-07 05:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2024-10-08 15:05 - 2021-10-29 20:54 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2024-10-08 15:05 - 2021-07-08 14:49 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Packages 2024-10-08 13:50 - 2022-05-24 13:38 - 000000000 ____D C:\ESD 2024-10-04 19:16 - 2021-07-08 17:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-10-04 19:04 - 2021-07-08 15:05 - 000918944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-10-02 11:25 - 2021-07-08 14:49 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\ConnectedDevicesPlatform 2024-10-01 15:08 - 2021-07-22 18:32 - 000000000 ____D C:\Program Files (x86)\Steam 2024-10-01 15:07 - 2022-07-31 21:58 - 000000000 ____D C:\Riot Games 2024-10-01 15:06 - 2022-07-31 23:21 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2024-09-30 16:42 - 2022-06-26 14:32 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Oculus 2024-09-30 16:36 - 2021-07-22 18:34 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Steam 2024-09-30 16:18 - 2022-05-01 14:51 - 000001898 _____ C:\Users\Dee Skelley\Desktop\Steam.lnk 2024-09-30 16:12 - 2021-07-08 14:58 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\MMC 2024-09-28 17:27 - 2021-07-08 14:49 - 000000000 ____D C:\ProgramData\Packages 2024-09-27 13:14 - 2021-07-08 15:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2024-09-27 12:29 - 2023-10-19 13:02 - 000000000 ____D C:\Program Files\RUXIM 2024-09-26 15:15 - 2021-07-09 10:30 - 000000000 ____D C:\Program Files (x86)\Google ==================== Files in the root of some directories ======== 2022-05-22 22:23 - 2022-05-22 22:23 - 000007601 _____ () C:\Users\Dee Skelley\AppData\Local\Resmon.ResmonCfg 2023-07-11 15:50 - 2023-07-11 15:50 - 000000000 _____ () C:\Users\Dee Skelley\AppData\Local\{8DBA7834-C4DF-4289-A385-9CA2351BCCD5} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================