Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2023 Ran by jeffl (administrator) on HOME (Dell Inc. Inspiron 15 5510) (06-08-2023 18:35:06) Running from C:\Users\jeffl\Desktop\FRST64.exe Loaded Profiles: jeffl Platform: Microsoft Windows 11 Home Version 22H2 22621.2070 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe (C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistHardwareDiags.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe (C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC) [File not signed] C:\Program Files\Rivet Networks\SmartByte\RAPS.exe (C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe <13> (DriverStore\FileRepository\cui_dch.inf_amd64_1e611bd77bc260c3\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1e611bd77bc260c3\igfxEMN.exe (DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_95df2d92a65cad35\WavesSvc64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15> (Microsoft Corporation -> Microsoft Corporation) C:\Users\jeffl\AppData\Local\Microsoft\OneDrive\23.156.0726.0003\Microsoft.SharePoint.exe (services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe (services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe (services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1e611bd77bc260c3\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_15c9ea6001a5206d\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_524cec1494781ee1\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8a4323c80a901a5c\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e2f37014c00c6170\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_444148fa7298b49f\RtkAudUService64.exe <3> (services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe (services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe (services.exe ->) (Rivet Networks, LLC.) [File not signed] C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe (services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_95df2d92a65cad35\WavesAudioService.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_95df2d92a65cad35\WavesSysSvc64.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe (svchost.exe ->) (DELL) [File not signed] C:\Config.Msi\12bb6042.rbf (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_444148fa7298b49f\RtkAudUService64.exe [1646392 2023-02-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_95df2d92a65cad35\WavesSvc64.exe [5083776 2023-02-15] (Waves Inc -> Waves Audio Ltd.) HKU\S-1-5-21-4191029877-289302484-2075726046-1001\...\Run: [MicrosoftEdgeAutoLaunch_19ED078C47B4BAE83F1956018108AD60] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-26] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon TS6300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFQ.DLL [529408 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (CANON INC.) [File not signed] HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6300 series: C:\WINDOWS\system32\CNMLMFQ.DLL [959488 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {38B9DB19-F3FE-4AD0-B6BD-D31FAE8C42EE} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [738144 2023-04-07] (Dell Inc -> Dell Inc.) Task: {295871EF-DDEF-4098-BE0D-68C2237715BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26910088 2023-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {BAD1A408-7668-47A2-8865-B70E1EADABC1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26910088 2023-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {B32F4C6C-7AB1-4C65-9D17-87874FA118DA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158616 2023-08-02] (Microsoft Corporation -> Microsoft Corporation) Task: {3A7E8B32-2A5B-465D-A786-832C36A2CF9C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158616 2023-08-02] (Microsoft Corporation -> Microsoft Corporation) Task: {EC0CE75A-5205-4D86-B4FF-A871368873B2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-02] (Microsoft Corporation -> Microsoft Corporation) Task: {6DAA27B7-A795-41C5-AC5F-A793C402563E} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc Task: {6DAA27B7-A795-41C5-AC5F-A793C402563E} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun Task: {6DAA27B7-A795-41C5-AC5F-A793C402563E} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {316C9826-BF82-47AB-BFE3-21E1A7D0564A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D2438381-D963-4E50-83A7-62547AF9B019} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8410EB9F-63F3-44F9-9595-AA02B3DDE746} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {06812ED2-33FB-4CE9-BD99-D49545FD762E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {26349585-AF71-427B-9906-239CC0A6752C} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4191029877-289302484-2075726046-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2a102f1d-ebd1-4076-af7e-a61feb727f94}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{73c3aa80-e907-4ccc-8043-a4f61360916f}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\jeffl\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-06] Edge Notifications: Default -> hxxps://www.ticketmaster.com Edge HomePage: Default -> hxxp://google.com/ Edge StartupUrls: Default -> "hxxps://www.google.com/" Edge Extension: (Amazon Assistant) - C:\Users\jeffl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2023-03-29] Edge Extension: (Edge relevant text changes) - C:\Users\jeffl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-26] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-26] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11816840 2023-07-30] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-03-14] (Dell Inc -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-03-14] (Dell Inc -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-03-14] (Dell Inc -> Dell Technologies Inc.) R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2023-05-15] (Dell Inc -> ) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-06-07] (Dell Inc -> Dell INC.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-05-08] (Dell Inc -> ) R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_e2f37014c00c6170\\AS\\IAS\\IntelAudioService.exe [543352 ] (Intel Corporation -> Intel) R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [56832 2022-07-28] (Rivet Networks, LLC.) [File not signed] S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [56832 2022-07-28] (Rivet Networks, LLC.) [File not signed] R2 SessionSvc; C:\WINDOWS\System32\drivers\GoodixSessionService.exe [44160 2021-03-18] (Shenzhen Goodix Technology Co., Ltd. -> Goodix) R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1623552 2022-07-28] (Rivet Networks) [File not signed] R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2381824 2022-07-28] (Rivet Networks) [File not signed] R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-04-07] (Dell Inc -> Dell Inc.) R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256608 2022-06-29] (Intel Corporation -> Intel Corporation) R2 WavesAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_95df2d92a65cad35\WavesAudioService.exe [160896 2023-02-15] (Waves Inc -> Waves Audio Ltd) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2023-07-02] (Microsoft Windows -> Microsoft Corporation) S3 AX88179; C:\WINDOWS\System32\DriverStore\FileRepository\netax88179_178a.inf_amd64_a8bb8a6e92764769\ax88179_178a.sys [79872 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed] R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46528 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [137040 2021-01-20] (GENESYS LOGIC, INC. -> Genesys Logic) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [128664 2021-01-28] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [201376 2021-01-28] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1548488 2022-10-27] (Intel Corporation -> Intel Corporation) R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_cb2075debe05eee2\IntcUSB.sys [920688 2022-11-24] (Intel Corporation -> Intel(R) Corporation) R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88784 2022-08-10] (Intel Corporation -> Intel Corporation) R3 MpKsl796a3a37; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73893C4B-5D4C-4D69-82EE-FE2B2E153183}\MpKslDrv.sys [221480 2023-08-06] (Microsoft Windows -> Microsoft Corporation) S3 mvusbews; C:\WINDOWS\System32\Drivers\ptusbews.sys [76280 2022-03-31] (WDKTestCert han.yu,130842677139774357 -> Zhuhai Pantum Electronics Co.,Ltd.) R3 rtu53cx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtu53cx22x64.inf_amd64_23312dee5c4e1993\rtu53cx22x64.sys [1008872 2022-09-20] (Realtek Semiconductor Corp. -> Realtek Corporation) R3 t6sta; C:\WINDOWS\System32\Drivers\t6sta.sys [166696 2022-05-31] (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-07-24] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-24] (Microsoft Windows -> Microsoft Corporation) R3 WiManH; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_f54d0a27ac206b8c\WiManH\WiManH.sys [175672 2021-07-28] (Intel Corporation -> Intel Corporation) S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-08-06 18:34 - 2023-08-06 18:34 - 002384896 _____ (Farbar) C:\Users\jeffl\Desktop\FRST64.exe 2023-08-02 20:37 - 2023-08-02 20:38 - 000031947 _____ C:\Users\jeffl\Desktop\Addition.txt 2023-08-02 20:36 - 2023-08-06 18:35 - 000023675 _____ C:\Users\jeffl\Desktop\FRST.txt 2023-08-02 20:35 - 2023-08-06 18:35 - 000000000 ____D C:\FRST 2023-08-02 20:35 - 2023-08-06 18:34 - 000000000 ____D C:\Users\jeffl\Desktop\FRST-OlderVersion 2023-08-02 20:19 - 2023-08-02 20:19 - 000000000 ____D C:\Users\jeffl\AppData\Local\MBAM 2023-08-02 20:17 - 2023-08-02 20:17 - 002606880 _____ (Malwarebytes) C:\Users\jeffl\Downloads\MBSetup-5.5.exe 2023-08-02 20:09 - 2023-08-02 20:09 - 002606880 _____ (Malwarebytes) C:\Users\jeffl\Downloads\MBSetup-4.4 (2).exe 2023-08-02 20:09 - 2023-08-02 20:09 - 002606880 _____ (Malwarebytes) C:\Users\jeffl\Downloads\MBSetup-4.4 (1).exe 2023-08-02 20:08 - 2023-08-02 20:08 - 002606880 _____ (Malwarebytes) C:\Users\jeffl\Downloads\MBSetup-4.4.exe 2023-08-02 20:06 - 2023-08-02 20:06 - 000000000 ____D C:\AdwCleaner 2023-08-02 20:05 - 2023-08-02 20:05 - 008791352 _____ (Malwarebytes) C:\Users\jeffl\Downloads\adwcleaner.exe 2023-08-02 20:02 - 2023-08-02 20:02 - 000470400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-08-01 08:14 - 2023-08-01 08:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4191029877-289302484-2075726046-1001 2023-08-01 08:14 - 2023-08-01 08:14 - 000002381 _____ C:\Users\jeffl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-08-06 18:35 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-08-06 18:33 - 2022-10-09 12:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-08-06 11:30 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-08-06 11:30 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-08-06 11:28 - 2022-04-16 18:20 - 000000000 ____D C:\Users\jeffl\AppData\Local\Packages 2023-08-06 11:28 - 2022-03-16 22:24 - 000000000 ____D C:\ProgramData\Packages 2023-08-06 11:26 - 2022-10-09 12:56 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-08-06 11:26 - 2022-05-07 01:22 - 000000000 ____D C:\WINDOWS\INF 2023-08-06 11:24 - 2022-03-16 22:14 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services 2023-08-04 21:24 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-08-04 21:07 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-08-04 21:07 - 2022-04-16 18:22 - 000000000 ___RD C:\Users\jeffl\OneDrive 2023-08-04 21:07 - 2022-04-16 18:20 - 000000000 __SHD C:\Users\jeffl\IntelGraphicsProfiles 2023-08-03 13:10 - 2022-10-09 12:59 - 000000000 ____D C:\Users\jeffl\AppData\Local\D3DSCache 2023-08-02 20:51 - 2022-05-07 01:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-08-02 20:21 - 2022-05-07 01:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-08-02 20:15 - 2022-04-16 18:34 - 000000000 ____D C:\Users\jeffl\AppData\Local\Google 2023-08-02 20:15 - 2022-04-16 18:34 - 000000000 ____D C:\Program Files (x86)\Google 2023-08-02 20:11 - 2023-04-03 20:27 - 000012288 ___SH C:\DumpStack.log.tmp 2023-08-02 20:11 - 2022-10-09 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-08-02 20:11 - 2022-05-07 01:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-08-02 20:11 - 2022-03-16 22:10 - 000000000 ____D C:\Intel 2023-08-02 19:28 - 2022-03-16 22:22 - 000000000 ____D C:\Program Files\Microsoft Office 2023-07-31 19:24 - 2023-05-11 15:42 - 000000000 ____D C:\Users\jeffl\AppData\Local\CrashDumps 2023-07-30 13:00 - 2023-04-27 09:56 - 000000000 ____D C:\Users\jeffl\AppData\Local\Spark Desktop 2023-07-29 13:33 - 2022-10-09 12:55 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4191029877-289302484-2075726046-1001 2023-07-27 20:14 - 2022-03-16 22:21 - 000000000 ____D C:\ProgramData\Package Cache 2023-07-27 19:31 - 2022-10-20 21:12 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2023-07-27 19:30 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-07-27 19:20 - 2022-04-17 19:53 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2023-07-27 19:20 - 2022-03-16 22:10 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-07-26 18:57 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\USOPrivate 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\UUS 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemApps 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\id-ID 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-07-26 18:40 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\appcompat 2023-07-26 18:19 - 2022-10-09 12:52 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-07-24 18:29 - 2022-03-16 22:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-07-15 09:44 - 2023-04-27 09:56 - 000002599 _____ C:\Users\jeffl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spark Desktop.lnk 2023-07-12 18:10 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-07-12 18:10 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-07-12 18:10 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-07-12 07:31 - 2022-04-16 18:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-07-12 07:29 - 2022-04-16 18:39 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-07-11 17:31 - 2022-10-09 12:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-07-11 17:31 - 2022-10-09 12:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================