Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022 Ran by Rick (administrator) on WINDOWS-TVV16GO (Dell Inc. XPS 8900) (30-07-2022 14:29:28) Running from C:\Users\Rick\Desktop Loaded Profiles: Rick Platform: Microsoft Windows 10 Pro Version 21H1 19043.1826 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <8> (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2> (C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe (cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\browserhost.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2> (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125694.inf_amd64_1331072a649f62e0\igfxEM.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\O01459A.tmp (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (services.exe ->) () [File not signed] C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe (services.exe ->) (CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125694.inf_amd64_1331072a649f62e0\igfxCUIService.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe (services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingNews_4.55.40792.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2017-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2017-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2017-01-15] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [611248 2015-04-19] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [362056 2022-05-05] (Apple Inc. -> Apple Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-1690020948-228969040-3290669720-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-1690020948-228969040-3290669720-1001\...\Run: [MicrosoftEdgeAutoLaunch_EF09251048DD056187DB9D41D3C2F7EB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601840 2022-07-28] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1690020948-228969040-3290669720-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Rick\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File) HKU\S-1-5-21-1690020948-228969040-3290669720-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Rick\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File) HKU\S-1-5-21-1690020948-228969040-3290669720-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rick\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File) HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\WINDOWS\system32\hpinkstsE511LM.dll [393352 2017-03-09] (Hewlett Packard -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-20] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0702AED6-1F2C-46A8-BECD-05EB3B527071} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {0C320573-2342-4D89-BC08-D6A13983AAD7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {1E193C20-A505-4416-9F7A-299F615219FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2F75E20A-B7BA-4E56-B584-D766EF08B472} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-12] (Microsoft Corporation -> Microsoft Corporation) Task: {3BF24A9F-525B-47CD-88D5-23221E6B0DFB} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-07] (HP Inc. -> HP Inc.) Task: {48449F23-EB35-4879-8709-785022A62DC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {4D1FB2B7-2AA4-4307-857F-CEDE65A96B97} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {557E5530-DBBE-4EC7-8EDF-E9C0109D156C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-05-07] (CyberLink Corp. -> CyberLink) Task: {6B420C92-3C56-4A29-8A13-3AF8DEE6AD3F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {766CEE2E-D0E3-429F-8D4E-F3616D6C32A7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2022-06-21] (Dell Inc -> Dell Inc.) Task: {980DBF01-5C48-4F23-9A97-35944B343E70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9D7A5933-0240-4088-8D6B-B9CFB27AA92B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-15] (Google LLC -> Google LLC) Task: {B94D584D-773D-4462-9E71-C2F693D9289E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BF20DA54-1601-4F2B-AAD7-5D04A3120959} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {C1E90FDA-C036-4A02-AE2D-BA349FE9C7FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C2AD1670-3291-4B71-B986-3FA66042713D} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.) Task: {C34BEDE7-780D-4B6D-A09A-CE599349B3A0} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-07] (HP Inc. -> HP Inc.) Task: {D4CEA257-C98F-475A-9B07-E9ED912C149E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1000904 2022-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {D5FE4549-4CDE-46C0-986E-D95391F48F06} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {DACCBC62-55A0-42C9-A58D-689941B32DAB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.) Task: {DDD78D36-57BC-42AF-93DC-C792C82132BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-15] (Google LLC -> Google LLC) Task: {F4BD8A47-2F26-41A7-8E1E-5C7D6CB7CC76} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe (No File) Task: {FD9911B0-F58B-4AEC-B7B7-0D683D6E3016} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-19] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.86.1 Tcpip\..\Interfaces\{27c53110-a94a-4c4c-bce3-ec237faed67e}: [DhcpNameServer] 10.49.34.1 10.49.34.2 Tcpip\..\Interfaces\{aac471f8-f76d-4d94-a599-d917a9259b43}: [DhcpNameServer] 192.168.86.1 Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge DefaultProfile: Default Edge Profile: C:\Users\Rick\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-30] Edge HomePage: Default -> hxxp://mysearch.avg.com/?cid={16C9990C-F686-49AC-8902-BB10B6933680}&mid=61badbf00bae47d09135d16daef152e6-35e851d633474a8de12a1670620ab0d70fda4c08&lang=en&ds=AVG&pr=fr&d=2013-05-02 21:20:26&v=15.0.1.2&pid=safeguard&sg=1&sap=hp FireFox: ======== FF DefaultProfile: lrkht0p0.default FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\lrkht0p0.default [2021-07-08] FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\dulvv451.default-release [2022-07-30] FF Notifications: Mozilla\Firefox\Profiles\dulvv451.default-release -> hxxps://www.livejasmin.com FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-12] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default [2022-07-30] CHR Notifications: Default -> hxxps://mail.google.com; hxxps://music.amazon.com; hxxps://patch.com; hxxps://www.cnet.com; hxxps://www.consimworld.com; hxxps://www.dailymail.co.uk; hxxps://www.facebook.com; hxxps://www.hollywoodreporter.com; hxxps://www.livejasmin.com; hxxps://www.netflix.com; hxxps://www.reddit.com; hxxps://www.winemag.com; hxxps://www.zinio.com CHR HomePage: Default -> hxxp://mysearch.avg.com/?cid={16C9990C-F686-49AC-8902-BB10B6933680}&mid=61badbf00bae47d09135d16daef152e6-35e851d633474a8de12a1670620ab0d70fda4c08&lang=en&ds=AVG&pr=fr&d=2013-05-02 21:20:26&v=15.0.1.2&pid=safeguard&sg=1&sap=hp CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-26] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-07-01] CHR Extension: (Google Docs Offline) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-22] CHR Extension: (Chrome Web Store Payments) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111288 2022-07-19] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-05-20] (Dell Inc -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [138448 2022-05-20] (Dell Inc -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-05-20] (Dell Inc -> Dell Technologies Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44448 2022-04-27] (Dell Inc -> ) R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [134560 2022-02-19] (Dell Inc -> Dell) R2 EpocCamService; C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe [10603272 2021-08-17] (Corsair Memory, Inc. -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-07] (HP Inc. -> HP Inc.) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe [748544 2020-04-18] () [File not signed] R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-07-19] (McAfee, LLC -> McAfee, LLC) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] (CyberLink Corp. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6232176 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [137056 2022-06-21] (Dell Inc -> Dell Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation) R3 kinonivd; C:\WINDOWS\System32\drivers\kinonivd.sys [283672 2021-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [31256 2021-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 MpKsl1f650894; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9A519C76-BB74-4B5D-8020-549FF69672BB}\MpKslDrv.sys [141576 2022-07-30] (Microsoft Windows -> Microsoft Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [60944 2015-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation) S0 iaStorA; System32\drivers\iaStorA.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-07-30 14:29 - 2022-07-30 14:30 - 000026563 _____ C:\Users\Rick\Desktop\FRST.txt 2022-07-30 14:26 - 2022-07-30 14:27 - 002369536 _____ (Farbar) C:\Users\Rick\Desktop\FRST64 (3).exe 2022-07-26 10:00 - 2022-07-26 10:04 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-07-22 18:11 - 2022-07-22 18:11 - 009046907 _____ C:\Users\Rick\Downloads\BCS_Arracourt_V103.vmod 2022-07-22 18:07 - 2022-07-22 18:07 - 014589832 _____ C:\Users\Rick\Downloads\Reluctant_Enemies_1_10.vmod 2022-07-22 18:04 - 2022-07-22 18:04 - 000000873 _____ C:\Users\Rick\Desktop\VASSAL.lnk 2022-07-22 18:04 - 2022-07-22 18:04 - 000000000 ____D C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VASSAL 2022-07-22 18:04 - 2022-07-22 18:04 - 000000000 ____D C:\Program Files\VASSAL-3.6.7 2022-07-22 18:03 - 2022-07-22 18:04 - 061784497 _____ (vassalengine.org) C:\Users\Rick\Downloads\VASSAL-3.6.7-windows-x86_64.exe 2022-07-12 11:39 - 2022-07-12 11:39 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-12 11:39 - 2022-07-12 11:39 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-12 11:39 - 2022-07-12 11:39 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-12 11:39 - 2022-07-12 11:39 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-12 11:39 - 2022-07-12 11:39 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-12 11:39 - 2022-07-12 11:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-12 11:39 - 2022-07-12 11:39 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-12 11:39 - 2022-07-12 11:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-12 11:39 - 2022-07-12 11:39 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-12 11:39 - 2022-07-12 11:39 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-12 11:39 - 2022-07-12 11:39 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-12 11:39 - 2022-07-12 11:39 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-12 11:39 - 2022-07-12 11:39 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-07-12 11:38 - 2022-07-12 11:38 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-12 11:38 - 2022-07-12 11:38 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-12 11:37 - 2022-07-12 11:37 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-12 11:37 - 2022-07-12 11:37 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-12 11:37 - 2022-07-12 11:37 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-07-12 11:37 - 2022-07-12 11:37 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-12 11:02 - 2022-07-12 11:02 - 000000000 ___HD C:\$WinREAgent 2022-07-08 19:58 - 2022-07-08 19:58 - 000036672 _____ C:\Users\Rick\Downloads\Last Blitzkrieg Locations.xlsx 2022-07-08 08:03 - 2022-07-08 08:03 - 000000000 ____D C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-07-08 08:03 - 2022-07-08 08:03 - 000000000 ____D C:\Users\Rick\AppData\Local\Zoom 2022-07-08 08:02 - 2022-07-08 08:03 - 000000000 ____D C:\Users\Rick\AppData\Roaming\Zoom 2022-07-07 22:00 - 2022-07-07 22:00 - 000000000 ____D C:\WINDOWS\SysWOW64\NV 2022-07-07 22:00 - 2022-07-07 22:00 - 000000000 ____D C:\WINDOWS\system32\NV 2022-07-07 21:57 - 2022-06-05 21:23 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-07-07 21:57 - 2022-06-05 21:23 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-07-07 21:57 - 2022-06-05 21:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-07-07 21:57 - 2022-06-05 21:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-07-07 21:57 - 2022-06-05 21:23 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-07-07 21:57 - 2022-06-05 21:23 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-07-07 21:57 - 2022-06-05 21:23 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-07-07 21:57 - 2022-06-05 21:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-07-07 21:57 - 2022-06-05 21:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-07-07 21:57 - 2022-06-05 21:22 - 001209432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-07-07 21:57 - 2022-06-05 21:20 - 001529928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-07-07 21:57 - 2022-06-05 21:20 - 001505208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll 2022-07-07 21:57 - 2022-06-05 21:20 - 001175720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-07-07 21:57 - 2022-06-05 21:20 - 000795720 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-07-07 21:57 - 2022-06-05 21:20 - 000636480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-07-07 21:57 - 2022-06-05 21:20 - 000051640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 008610448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 007713856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 002931880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 002121688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 001731752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6451215.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 001600680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 001493048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6451215.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 000981672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-07-07 21:57 - 2022-06-05 21:19 - 000792216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-07-03 18:49 - 2022-07-03 18:49 - 000076107 _____ C:\Users\Rick\Desktop\Counter_Tray_Labels.pdf 2022-07-01 13:23 - 2022-07-01 13:23 - 000048496 _____ C:\Users\Rick\Desktop\Spa_test.pdf 2022-07-01 13:17 - 2022-07-01 13:17 - 002250022 _____ C:\Users\Rick\Desktop\Francorchamps_2007_HD_27_mm.pdf 2022-07-01 12:17 - 2022-07-01 12:17 - 000000000 ____D C:\Users\Rick\AppData\LocalLow\NVIDIA 2022-07-01 12:15 - 2022-07-01 12:15 - 000000000 ____D C:\Users\Rick\.ms-ad ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-07-30 14:30 - 2020-11-04 13:46 - 000000000 ____D C:\FRST 2022-07-30 14:25 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-30 13:58 - 2021-07-08 10:19 - 000000000 ____D C:\Users\Rick\AppData\LocalLow\Mozilla 2022-07-30 13:55 - 2022-02-08 16:35 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-07-30 13:43 - 2020-03-15 18:09 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-30 13:06 - 2020-10-13 00:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-07-30 10:14 - 2020-10-13 01:14 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{DF799FC4-D42A-4B1A-80C6-FFCF0FCC76B5} 2022-07-30 04:27 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-07-30 04:26 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-30 03:39 - 2020-03-18 20:04 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-30 03:39 - 2020-03-18 20:04 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-07-26 10:04 - 2021-08-24 11:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-07-26 10:04 - 2021-07-08 10:19 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-07-26 10:04 - 2021-07-08 10:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-07-25 17:10 - 2020-05-05 20:48 - 000007598 _____ C:\Users\Rick\AppData\Local\Resmon.ResmonCfg 2022-07-25 14:32 - 2022-04-21 10:12 - 000002378 _____ C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-25 14:32 - 2021-12-11 12:23 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1690020948-228969040-3290669720-1001 2022-07-25 14:32 - 2020-10-13 01:14 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1690020948-228969040-3290669720-1001 2022-07-22 18:05 - 2021-08-26 15:06 - 000000000 ____D C:\Users\Rick\AppData\Roaming\VASSAL 2022-07-22 18:04 - 2022-01-26 13:46 - 000000000 ____D C:\Program Files\VASSAL-3.6.4 2022-07-20 13:43 - 2020-03-15 18:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-20 13:43 - 2020-03-15 18:09 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-07-19 11:32 - 2020-09-01 21:43 - 000000000 ____D C:\Program Files\Microsoft Office 2022-07-17 15:43 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-07-14 23:32 - 2021-10-14 16:47 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-07-14 23:32 - 2021-10-14 16:47 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-07-14 23:32 - 2020-10-13 01:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-07-13 19:32 - 2020-10-13 01:14 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-07-13 19:20 - 2020-10-13 01:05 - 000797554 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-07-13 19:20 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF 2022-07-13 19:18 - 2020-10-13 00:54 - 000000000 ____D C:\Users\Rick 2022-07-13 19:18 - 2017-01-15 01:13 - 000000000 __SHD C:\Users\Rick\IntelGraphicsProfiles 2022-07-13 19:15 - 2020-10-13 01:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-07-13 19:15 - 2017-01-24 04:57 - 000000000 ____D C:\ProgramData\NVIDIA 2022-07-13 19:14 - 2020-10-13 00:48 - 000008192 ___SH C:\DumpStack.log.tmp 2022-07-12 16:07 - 2020-10-13 00:48 - 000459536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-07-12 16:06 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-07-12 16:04 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-07-12 16:04 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-07-12 15:33 - 2018-04-14 11:09 - 000000000 ____D C:\Users\Rick\AppData\Local\Packages 2022-07-12 11:44 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-07-12 11:37 - 2020-10-13 00:51 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-07-12 10:56 - 2017-01-15 08:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-07-12 10:52 - 2017-01-15 08:01 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-07-07 21:59 - 2017-01-24 04:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation ==================== Files in the root of some directories ======== 2020-05-05 20:48 - 2022-07-25 17:10 - 000007598 _____ () C:\Users\Rick\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================