Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2026 Ran by Steve (administrator) on STEVES-DELL-XPS (Dell Inc. XPS 17 9710) (20-01-2026 12:34:08) Running from C:\Users\Steve\Downloads\FRST64.exe Loaded Profiles: Steve Platform: Microsoft Windows 11 Home Version 24H2 26100.7623 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.26\DiscoverySrv.exe (C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe (C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4> (C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe (C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.44.2010.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel(R) Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.44.2010.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\PresentMonService.exe (cmd.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackersnmh.exe (drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe (drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe (DriverStore\FileRepository\cui_dch.inf_amd64_2bc98a6ec673dd0a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2bc98a6ec673dd0a\igfxEMN.exe (DriverStore\FileRepository\dptf_cpu.inf_amd64_fa6b3fb2c05394c2\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_fa6b3fb2c05394c2\dptf_helper.exe (explorer.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe (explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_26005.204.4249.1621_x64__8wekyb3d8bbwe\ms-teams.exe <2> (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_db3f3288eba6a142\WavesSvc64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Microsoft Corporation -> Microsoft Corporation) C:\Users\Steve\AppData\Local\Microsoft\OneDrive\25.238.1204.0001_1\OneDrive.Sync.Service.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3> (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe (services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe (services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe (services.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.44.2010.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2bc98a6ec673dd0a\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_fa6b3fb2c05394c2\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dc93d38ec2e03f7d\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_2c17521ca0d3f79c\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_c1500df85efb6d72\Intel_PIE_Service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_489fc014fa89f138\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe (services.exe ->) (INTUIT INC. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v5\IntuitUpdateService.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_9776d570f62d96e5\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_babf1584c40a3d53\RtkAudUService64.exe <3> (services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\DriverStore\FileRepository\goodixmocusb.inf_amd64_3805321af5ed6949\GoodixSessionService.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_db3f3288eba6a142\WavesAudioService.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_db3f3288eba6a142\WavesSysSvc64.exe (sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\CrossDeviceResume.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.27.350.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Steve\AppData\Local\Microsoft\OneDrive\25.238.1204.0001_1\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_babf1584c40a3d53\RtkAudUService64.exe [2019672 2024-06-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_db3f3288eba6a142\WavesSvc64.exe [5295368 2025-01-17] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088832 2026-01-09] (Bitdefender SRL -> Bitdefender) HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [501424 2025-03-20] (Bitdefender SRL -> Bitdefender) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2765952 2024-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\Run: [MicrosoftEdgeAutoLaunch_4F818F892294890EF542182335708906] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4314192 2026-01-16] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\Run: [Teams] => C:\Users\Steve\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teams.exe [0 0] () [symlink -> ] HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [29014352 2026-01-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Steve\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File) HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Steve\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File) HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\RunOnce: [Uninstall 25.238.1204.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve\AppData\Local\Microsoft\OneDrive\25.238.1204.0001" [0 2026-01-17] () <==== ATTENTION [zero byte File/Folder] HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\RunOnce: [Uninstall 25.224.1116.0003_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve\AppData\Local\Microsoft\OneDrive\25.224.1116.0003_1" [0 2026-01-17] () <==== ATTENTION [zero byte File/Folder] HKU\S-1-5-21-72651951-3613567033-1124285146-1001\...\MountPoints2: {d091a530-5a9d-11ee-b99e-ac74b18a3bf2} - "D:\WD SmartWare.exe" autoplay=true HKLM\...\Print\Monitors\EPSON ET-2850 Series 64MonitorBE: C:\Windows\system32\E_YLMBYNE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [3167256 2024-08-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {172AA72F-D4E9-45F6-8786-E667CD1D2072} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.26\WatchDog.exe [1172984 2025-12-11] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.26\repair Task: {D375345A-82B2-47BA-9147-36FA2372AC70} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate Task: {417D7D69-8F99-48BC-AD3D-90BCC4DBE579} - System32\Tasks\Epson PowerENGAGE => C:\Program Files (x86)\Epson PowerENGAGE\\Epson PowerENGAGE.exe [83606232 2020-04-15] (Aviata, Inc. -> Aviata, Inc.) -> C:\Program Files (x86)\Epson PowerENGAGE\\scheduled-run Task: {BE85FCD7-9DA5-40DA-AEC8-C48F2CEA3613} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31056 2026-01-06] (Garmin International, Inc. -> ) Task: {6E410ECF-FD06-4898-9770-72E3D2EDECE3} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16242992 2026-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {EFB42E43-6FE3-4ABE-892E-45C858049BA9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28635464 2026-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {097DB1C8-59A4-43CC-9FBA-D0BD298D298D} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [73560 2026-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {55C8C23F-28E6-4283-A1C2-229BF85D2B5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28635464 2026-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {A7793767-5303-4363-98B7-C39C9FF74C2C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310552 2026-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {27DB8DCE-6293-456E-8D6F-C97036037668} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310552 2026-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {C9157299-0838-4C38-A57D-0CE465F37A28} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1347320 2026-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {47FD2359-62FF-4666-B224-F0854428A5D9} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16242992 2026-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {FFC4A962-0410-4223-B2BF-D799CF7D856E} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File) Task: {C85B872F-E904-4F76-91EE-9BA28447A0FF} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200} Task: {6B2DAFFA-3305-4777-A2AB-547C6CE997B6} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\WINDOWS\system32\oobe\PITRTask.dll [118784 2025-12-09] (Microsoft Windows -> Microsoft Corporation) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {DC6119B4-9B03-4424-BDB9-C159F3CE298B} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6390703A-ED74-4986-9699-364231C73D30} - System32\Tasks\OneDrive Startup Task-S-1-5-21-72651951-3613567033-1124285146-1001 => C:\Users\Steve\AppData\Local\Microsoft\OneDrive\25.238.1204.0001_1\OneDriveLauncher.exe [746856 2026-01-17] (Microsoft Corporation -> Microsoft Corporation) Task: {2D3267EC-5764-46B2-9378-FC71529FB875} - System32\Tasks\RNIdle Task => C:\Windows\System32\drivers\RivetNetworks\Killer\RNIdleTask.exe [32192 2024-10-30] (Intel Corporation -> ) Task: {A648D919-F0CB-4871-8A3D-4F0D26514630} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-72651951-3613567033-1124285146-1001 => C:\Users\Steve\AppData\Roaming\Zoom\bin\Zoom.exe [462768 2025-11-26] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 18.161.21.128 1uzxr3b3jraw5nlmnvbsikiioud2vilw5.web-networking.com Tcpip\Parameters: [DhcpNameServer] 192.168.12.1 Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}: [DhcpNameServer] 192.168.12.1 Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}: [DhcpDomain] lan Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}\34D41424: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}\37D69646: [DhcpNameServer] 192.168.50.1 Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}\45D2D4F62696C656D293641443: [DhcpNameServer] 192.168.12.1 Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}\45D2D4F62696C656D293641443: [DhcpDomain] lan Tcpip\..\Interfaces\{0ed63dba-59ea-45c4-b9fe-d34ae39b5468}\D416272796F6474724F6E667F697: [DhcpNameServer] 172.20.0.1 FireFox: ======== FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2024-10-23] [Legacy] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-11-23] (Microsoft Corporation -> Microsoft Corporation) Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Steve\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-20] Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://californiamilkadvisoryboard3.lightning.force.com; hxxps://www.facebook.com; hxxps://www.nvidia.com Edge HomePage: Default -> hxxps://www.foxnews.com/ Edge StartupUrls: Default -> "hxxps://www.foxnews.com/" Edge Extension: (Bitdefender Anti-tracker) - C:\Users\Steve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-11-12] Edge Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-24] Edge Extension: (Bitdefender Password Manager) - C:\Users\Steve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hjiaiapigbnlahicmcacnmhfckgjdgbl [2024-11-09] Edge Extension: (Norton Safe Search Enhanced) - C:\Users\Steve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jebkgpihojmadmnlaokjjpkllaeiaoib [2026-01-20] [UpdateUrl:0] <==== ATTENTION Edge Extension: (Edge relevant text changes) - C:\Users\Steve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-09] Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl] Edge HKLM-x32\...\Edge\Extension: [fdhgeoginicibhagdmblfikbgbkahibd] Edge crx: C:\Program Files (x86)\Microsoft\Edge\Application\Extensions\dsue.crx [2026-01-20] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851704 2026-01-09] (Bitdefender SRL -> Bitdefender) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2026-01-09] (Bitdefender SRL -> Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2026-01-09] (Bitdefender SRL -> Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966176 2023-07-20] (Bitdefender SRL -> Bitdefender) R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2426992 2025-07-03] (Bitdefender SRL -> Bitdefender) R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851704 2026-01-09] (Bitdefender SRL -> Bitdefender) R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [516928 2025-03-20] (Bitdefender SRL -> Bitdefender) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13165880 2026-01-09] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [460176 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [154512 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [482704 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [59160 2025-08-29] (Dell Technologies Inc. -> ) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> ) R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [154544 2024-11-14] (Dell Technologies Inc. -> Dell) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2021-06-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_489fc014fa89f138\AS\IAS\IntelAudioService.exe [540728 2025-01-21] (Intel Corporation -> Intel) R2 IntelGraphicsSoftwareService; C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.44.2010.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [300544 2025-12-30] (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) R2 IntuitUpdateServiceV5; C:\Program Files\Common Files\Intuit\Update Service v5\IntuitUpdateService.exe [17632 2024-09-26] (INTUIT INC. -> Intuit Inc.) R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78248 2024-10-30] (Intel Corporation -> Intel® Corporation) R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2456000 2024-10-30] (Intel Corporation -> Intel) R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2614720 2024-10-30] (Intel Corporation -> Intel) S2 Killer Provider Data Helper Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerProviderDataHelperService.exe [1212352 2024-10-30] (Intel Corporation -> Intel) R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78272 2024-10-30] (Intel Corporation -> Intel® Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11233480 2026-01-20] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-01-20] (Malwarebytes Inc. -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [963968 2026-01-16] (McAfee, LLC -> McAfee, LLC) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_9776d570f62d96e5\Display.NvContainer\NVDisplay.Container.exe [1275624 2025-12-31] (NVIDIA Corporation -> NVIDIA Corporation) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [758176 2025-12-11] (Bitdefender SRL -> Bitdefender) R2 SessionSvc; C:\WINDOWS\System32\DriverStore\FileRepository\goodixmocusb.inf_amd64_3805321af5ed6949\GoodixSessionService.exe [45336 2025-03-05] (Shenzhen Goodix Technology Co., Ltd. -> Goodix) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [149832 2024-12-20] (Dell Technologies Inc. -> Dell Inc.) R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256608 2022-06-29] (Intel Corporation -> Intel Corporation) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [303648 2026-01-09] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2026-01-09] (Bitdefender SRL -> Bitdefender) R2 WavesAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo10de.inf_amd64_db3f3288eba6a142\WavesAudioService.exe [163592 2025-01-17] (Waves Inc -> Waves Audio Ltd) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R1 atc; C:\WINDOWS\System32\drivers\atc.sys [8502344 2025-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci4; C:\WINDOWS\System32\drivers\bddci4.sys [1380416 2026-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2025-02-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) R3 bdprivmon; C:\WINDOWS\System32\drivers\bdprivmon.sys [49208 2025-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 bduefiscan; C:\WINDOWS\System32\drivers\bduefiscan.sys [53808 2025-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-02-21] (Microsoft Corporation) [File not signed] S3 CXPLRCAP; C:\WINDOWS\system32\drivers\elvidcap.sys [162488 2021-11-03] (Corsair Memory, Inc. -> Elgato Systems GmbH) R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [44472 2024-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories) R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1793112 2025-08-25] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [128664 2021-01-27] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [201376 2021-01-27] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_12f2c96f94a4a861\iaLPSS2_SPI_TGL.sys [155816 2020-12-28] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_e32cdcbb873042f0\iaLPSS2_UART2_TGL.sys [310440 2020-12-28] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1548488 2022-10-27] (Intel Corporation -> Intel Corporation) R2 Ignisv2; C:\WINDOWS\System32\drivers\ignisv2.sys [848456 2025-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) R3 IntcSDW; C:\WINDOWS\System32\DriverStore\FileRepository\intcsdw.inf_amd64_42c8d85e3f50b9ee\IntcSDW.sys [973496 2025-01-21] (Intel Corporation -> Intel(R) Corporation) R3 IntcSdwBus; C:\WINDOWS\System32\DriverStore\FileRepository\intcsdwbus.inf_amd64_83b00d30ddce5c3a\IntcSdwBus.sys [535632 2025-01-21] (Intel Corporation -> Intel(R) Corporation) R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_27bd5372217a9816\IntcUSB.sys [946848 2025-01-21] (Intel Corporation -> Intel(R) Corporation) S3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-06-23] (Intel Corporation -> Intel Corporation) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [217024 2024-10-30] (Intel Corporation -> Rivet Networks, LLC.) S3 LT6911Au; C:\WINDOWS\System32\DriverStore\FileRepository\lt6911au.inf_amd64_62449180becc5735\LT6911Au.sys [76368 2023-05-15] (Intel Corporation -> Intel(R) Corporation) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234088 2026-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245336 2026-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [303848 2025-12-30] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTKSdWHwCodec; C:\WINDOWS\System32\DriverStore\FileRepository\rtksdwhwcodec_dell.inf_amd64_0e2d96a678cbac69\RTKSdWHwCodec.sys [519528 2024-06-07] (Realtek Semiconductor Corp. -> Realtek) R3 rtu53cx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtu53cx22x64sta.inf_amd64_0c8f2dd85a3ebc81\rtu53cx22x64.sys [1166272 2025-03-03] (Realtek Semiconductor Corp. -> Realtek Corporation) R2 Trufos; C:\WINDOWS\System32\drivers\Trufos.sys [630320 2025-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) R0 vlflt; C:\WINDOWS\System32\drivers\vlflt.sys [1445440 2026-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2024-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2024-11-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-09] (Microsoft Windows -> Microsoft Corporation) R3 WiManH; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_ed5a224638687261\WiManH\WiManH.sys [184248 2024-08-12] (Intel Corporation -> Intel Corporation) S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2025-08-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-02-21] (Microsoft Windows -> Microsoft Corporation) R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2026-01-20 12:08 - 2026-01-20 12:08 - 000000000 ____D C:\Users\Steve\AppData\Local\Malwarebytes 2026-01-20 12:07 - 2026-01-20 12:07 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2026-01-20 12:06 - 2026-01-20 12:06 - 002844952 _____ (Malwarebytes) C:\Users\Steve\Downloads\MBSetup (1).exe 2026-01-20 12:06 - 2026-01-20 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2026-01-20 12:06 - 2026-01-20 12:06 - 000000000 ____D C:\Program Files\Malwarebytes 2026-01-20 11:53 - 2026-01-20 12:29 - 000042698 _____ C:\Users\Steve\Downloads\Addition.txt 2026-01-20 11:52 - 2026-01-20 12:34 - 000037360 _____ C:\Users\Steve\Downloads\FRST.txt 2026-01-20 11:52 - 2026-01-20 12:34 - 000000000 ____D C:\FRST 2026-01-20 11:48 - 2026-01-20 11:48 - 002442752 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe 2026-01-19 20:10 - 2026-01-19 20:15 - 000000000 ____D C:\Users\Steve\Downloads\predit 2026-01-19 20:08 - 2026-01-19 20:08 - 000040704 _____ C:\Users\Steve\Downloads\predit.zip 2026-01-19 10:33 - 2026-01-19 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2026-01-16 18:57 - 2026-01-16 18:57 - 000000000 ____D C:\Users\Steve\Downloads\predit21 2026-01-16 18:39 - 2026-01-16 18:57 - 000041115 _____ C:\Users\Steve\Downloads\predit21.zip 2026-01-14 09:46 - 2026-01-20 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2026-01-14 08:12 - 2026-01-20 12:33 - 000000130 _____ C:\Users\Steve\AppData\LocalLow\ad28ab0c8038857d949925b24d5cb8cba2cdcbb4ea8b9b1bed49c2f66547ea9a 2026-01-14 08:12 - 2026-01-14 09:27 - 000156518 _____ C:\Users\Steve\AppData\LocalLow\ec08f04a5fab75c6afddbacf130f6c31a29cd3ca28ba2e51f799c9899ce5d8a3 2026-01-13 17:36 - 2026-01-13 17:36 - 000621760 _____ C:\Users\Steve\Downloads\26-13_SteveMcGinnis_StandardAgreement_encrypted_.pdf 2026-01-07 08:03 - 2026-01-07 08:03 - 000002264 _____ C:\Users\Steve\AppData\LocalLow\870ddecf63d47e4cc6b7901f0aaded425d7a29a4dbeaa6379fff83e50dc6d4a2 2026-01-06 06:38 - 2025-12-30 11:59 - 000303848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpcf.sys 2026-01-06 06:33 - 2025-12-31 12:57 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2026-01-06 06:33 - 2025-12-31 12:57 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo.exe 2026-01-06 06:33 - 2025-12-31 12:57 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2026-01-06 06:33 - 2025-12-31 12:57 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2026-01-06 06:33 - 2025-12-31 12:57 - 001625648 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2026-01-06 06:33 - 2025-12-31 12:57 - 001625648 _____ C:\WINDOWS\system32\vulkan-1.dll 2026-01-06 06:33 - 2025-12-31 12:57 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2026-01-06 06:33 - 2025-12-31 12:57 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2026-01-06 06:33 - 2025-12-31 12:57 - 000478952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2026-01-06 06:33 - 2025-12-31 12:57 - 000375016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2026-01-06 06:33 - 2025-12-31 12:53 - 001574632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2026-01-06 06:33 - 2025-12-31 12:53 - 001344744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2026-01-06 06:33 - 2025-12-31 12:53 - 001224936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2026-01-06 06:33 - 2025-12-31 12:53 - 000675048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2026-01-06 06:33 - 2025-12-31 12:53 - 000509160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2026-01-06 06:33 - 2025-12-31 12:52 - 027559656 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2026-01-06 06:33 - 2025-12-31 12:52 - 002319080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2026-01-06 06:33 - 2025-12-31 12:52 - 001716968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2026-01-06 06:33 - 2025-12-31 12:52 - 001616104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2026-01-06 06:33 - 2025-12-31 12:52 - 001055976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2026-01-06 06:33 - 2025-12-31 12:52 - 000812264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 022613224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 018277608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 007908072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 005924072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 005586664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 004288232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2026-01-06 06:33 - 2025-12-31 12:51 - 000853736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2026-01-06 06:33 - 2025-12-31 12:51 - 000469224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2026-01-06 06:33 - 2025-12-31 12:50 - 005687448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2026-01-06 06:33 - 2025-12-31 12:50 - 004975632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2026-01-06 06:33 - 2025-12-30 11:59 - 000153562 _____ C:\WINDOWS\system32\nvinfo.pb 2026-01-06 06:30 - 2026-01-06 06:30 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2026-01-06 06:30 - 2026-01-06 06:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2026-01-06 06:30 - 2025-10-15 14:22 - 001310832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2026-01-06 06:30 - 2025-10-15 14:22 - 001115248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2026-01-06 06:29 - 2025-10-15 14:05 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2026-01-05 07:23 - 2026-01-05 07:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander Privateer [GOG.com] 2026-01-05 07:23 - 2026-01-05 07:23 - 000000000 ____D C:\GOG Games 2026-01-05 07:20 - 2026-01-19 17:19 - 000000000 ___RD C:\Users\Steve\OneDrive\Documents\Privateer 2025-12-24 08:42 - 2025-12-24 08:42 - 000000787 _____ C:\Users\Steve\Downloads\URGENT CARE VISIT.ics ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2026-01-20 12:18 - 2025-09-14 05:24 - 000000802 _____ C:\Users\Steve\AppData\LocalLow\6939ff300f72ddfb26c75fc181cd6dce58a873a24b56142e3edb54a32d1a5122 2026-01-20 12:12 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2026-01-20 12:07 - 2024-03-31 23:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2026-01-20 12:07 - 2024-03-31 23:26 - 000000000 ___HD C:\Program Files\WindowsApps 2026-01-20 12:07 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2026-01-20 12:07 - 2024-03-31 23:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2026-01-20 12:07 - 2024-03-31 23:24 - 000000000 ____D C:\WINDOWS\INF 2026-01-20 11:29 - 2025-12-04 07:36 - 000347192 _____ C:\Users\Steve\AppData\LocalLow\0b82d821069d9d3fb6a055117690bcf62ea4325b732e22ef8a66d2b8480d8eca 2026-01-20 11:07 - 2025-02-22 06:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2026-01-20 07:00 - 2021-11-10 17:09 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services 2026-01-19 18:31 - 2024-11-09 08:49 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps 2026-01-19 10:37 - 2025-08-27 06:20 - 000000000 ____D C:\ProgramData\Garmin 2026-01-19 10:33 - 2025-08-27 06:20 - 000003624 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask 2026-01-19 10:33 - 2025-08-27 06:20 - 000000000 ____D C:\Program Files (x86)\Garmin 2026-01-19 10:33 - 2021-11-10 17:08 - 000000000 ____D C:\ProgramData\Package Cache 2026-01-17 14:10 - 2024-11-09 07:32 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2026-01-17 08:04 - 2025-02-22 06:54 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-72651951-3613567033-1124285146-1001 2026-01-17 08:04 - 2025-02-22 06:54 - 000003568 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-72651951-3613567033-1124285146-1001 2026-01-17 08:04 - 2025-02-22 06:54 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-72651951-3613567033-1124285146-1001 2026-01-17 08:04 - 2024-11-09 07:44 - 000002381 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2026-01-17 08:04 - 2022-05-27 11:49 - 000000000 ___RD C:\Users\Steve\OneDrive 2026-01-17 06:37 - 2025-02-22 06:55 - 000836650 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2026-01-17 06:35 - 2025-12-04 07:36 - 000000130 _____ C:\Users\Steve\AppData\LocalLow\d59acdd821494d133a06f9f71df89c7ccc3405fc13a6550c79c8f53df8d69b69 2026-01-17 06:33 - 2025-02-22 06:52 - 000005694 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2026-01-17 06:33 - 2024-03-31 23:21 - 000131072 _____ C:\WINDOWS\system32\config\ELAM 2026-01-17 06:32 - 2025-02-22 06:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2026-01-17 06:32 - 2024-11-09 07:32 - 000000000 ____D C:\ProgramData\NVIDIA 2026-01-17 06:32 - 2024-11-04 06:42 - 000012288 ___SH C:\DumpStack.log.tmp 2026-01-17 06:32 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\ServiceState 2026-01-17 06:32 - 2024-03-31 23:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2026-01-17 06:32 - 2022-05-27 11:48 - 000000000 __SHD C:\Users\Steve\IntelGraphicsProfiles 2026-01-17 06:32 - 2021-11-10 17:02 - 000000000 ____D C:\Intel 2026-01-16 08:46 - 2021-10-04 19:48 - 000000000 ____D C:\Program Files\Microsoft Office 2026-01-16 06:51 - 2022-12-11 12:01 - 000000000 ___RD C:\Users\Steve\OneDrive\Documents\CMAB 2026-01-14 08:29 - 2024-11-09 07:42 - 000000000 ____D C:\Users\Steve\AppData\Local\D3DSCache 2026-01-14 08:08 - 2025-09-14 05:24 - 001449330 _____ C:\Users\Steve\AppData\LocalLow\d16ea069431ba1e2db07f5335fd10165af89fa2108f848b198e4613b21055d25 2026-01-14 05:23 - 2024-11-09 07:42 - 000000000 ____D C:\Users\Steve\AppData\Local\Packages 2026-01-14 05:21 - 2025-02-22 06:50 - 000480752 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2026-01-13 21:51 - 2025-02-21 03:41 - 000000000 ____D C:\Users\Steve 2026-01-13 21:51 - 2024-04-01 00:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\SystemResources 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\system32\setup 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2026-01-13 21:51 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2026-01-13 21:14 - 2025-02-22 06:53 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2026-01-09 02:17 - 2024-11-12 04:50 - 000000000 ____D C:\ProgramData\Bitdefender 2026-01-09 02:14 - 2024-11-12 04:50 - 001445440 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys 2026-01-09 02:14 - 2024-11-12 04:50 - 001380416 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci4.sys 2026-01-08 07:29 - 2025-12-04 07:36 - 000009303 _____ C:\Users\Steve\AppData\LocalLow\fe39b5cac6e9c526d9b5d143c5d94b9c3eb02351ed594695a6743b4838db4d70 2026-01-07 08:42 - 2024-11-09 08:48 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Excel 2026-01-07 08:37 - 2024-11-09 08:55 - 000000000 ____D C:\Users\Steve\AppData\Local\NVIDIA 2026-01-06 09:57 - 2025-11-07 06:01 - 000000000 ____D C:\ProgramData\Whesvc 2026-01-06 06:39 - 2024-04-17 08:51 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\NVIDIA 2026-01-06 06:38 - 2024-11-09 07:42 - 000000000 ____D C:\Users\Steve\AppData\Local\NVIDIA Corporation 2026-01-06 06:38 - 2021-11-10 17:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2026-01-06 06:38 - 2021-11-10 17:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2026-01-06 06:30 - 2024-11-09 07:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2026-01-05 08:37 - 2025-09-15 06:47 - 000112654 _____ C:\Users\Steve\AppData\LocalLow\f9e8f8be8b283829f749de89ff09908e167826be4ee9d2fa9123b0a46c334530 2025-12-24 06:22 - 2024-03-31 23:26 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc 2025-12-23 03:04 - 2025-02-22 06:54 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-12-23 03:04 - 2025-02-22 06:54 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-12-22 05:33 - 2025-12-20 05:23 - 000000000 ____D C:\WINDOWS\Minidump 2025-12-22 05:33 - 2025-12-18 13:06 - 018800305 ____N C:\WINDOWS\Minidump\122225-32453-01.dmp 2025-12-21 10:31 - 2021-10-04 19:47 - 000000000 ____D C:\ProgramData\Packages ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================