Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2026 Ran by Jacob (administrator) on DESKTOP-D1L7NF6 (ASUS System Product Name) (30-03-2026 21:41:54) Running from C:\Users\Jacob\Desktop\FRST64.exe Loaded Profiles: Jacob Platform: Microsoft Windows 11 Pro Version 25H2 26200.8037 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Users\Jacob\AppData\Local\RuneLite\RuneLite.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <37> (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <7> (C:\Program Files (x86)\Rick and Morty\RickAndMorty.exe ->) (Unity Technologies Aps -> ) C:\Program Files (x86)\Rick and Morty\UnityCrashHandler64.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe <7> (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.UserSessionHelper.exe (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI\aimgr.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe (C:\Program Files\Parsec\pservice.exe ->) (Unity Technologies SF -> Parsec) [File not signed] C:\Program Files\Parsec\parsecd.exe <2> (C:\Program Files\TeamViewer\TeamViewer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\146.0.3856.72\msedgewebview2.exe <12> (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe <2> (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe (C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2607.106.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\145.0.3800.97\msedgewebview2.exe <6> (C:\Program Files\WindowsApps\MSTeams_26043.2016.4478.2773_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\146.0.3856.62\msedgewebview2.exe <6> (cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Discord Inc. -> Discord Inc.) C:\Users\Jacob\AppData\Local\Discord\app-1.0.9228\Discord.exe <6> (DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\atieclxx.exe (explorer.exe ->) () [File not signed] C:\Program Files (x86)\Rick and Morty\RickAndMorty.exe (explorer.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (explorer.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <6> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (explorer.exe ->) (PreSonus Audio Electronics, Inc. -> PreSonus) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (Jagex Limited -> Jagex) C:\Program Files (x86)\Jagex Launcher\JagexLauncher.exe <6> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\26.035.0222.0002\OneDrive.Sync.Service.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) C:\ProgramData\StreamA32.exe (services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\atiesrxx.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\1.2.40\AsusCertService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.45\AsusFanControlService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.06.14\atkexComSvc.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe (services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray_service.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrsr.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (PreSonus Audio Electronics, Inc. -> PreSonus) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6e7542ceb248e4b2\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Unity Technologies SF -> Parsec) [File not signed] C:\Program Files\Parsec\pservice.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (sihost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2607.106.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe (svchost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.4.10.0_x64__qmba6cd70vzyy\ArmouryCrate.exe (svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2602.1001.5.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe (TeamViewer Germany GmbH -> ) C:\Windows\Temp\nsz615B.tmp\TvUpdateInfo.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6e7542ceb248e4b2\RtkAudUService64.exe [1510248 2023-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [923304 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-04] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1706224 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File) HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\146.0.3856.84\Installer\setup.exe [5063720 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Jacob\AppData\Local\Microsoft\Teams\Update.exe [2593600 2024-08-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [19953808 2023-04-06] (PreSonus Audio Electronics, Inc. -> PreSonus) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24773784 2026-01-30] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [Discord] => C:\Users\Jacob\AppData\Local\Discord\Update.exe [1525016 2023-08-28] (Discord Inc. -> GitHub) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [51342776 2026-03-24] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3827872 2026-03-12] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [164840 2024-06-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\146.0.7680.165\Installer\chrmstp.exe [7359128 2026-03-26] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\146.1.88.136\Installer\chrmstp.exe [5937744 2026-03-24] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AltDriver_i386.lnk [2026-03-27] ShortcutTarget: AltDriver_i386.lnk -> C:\ProgramData\MgrMaintain\CircuitPilot.exe (No File) Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jagex Launcher.lnk [2026-03-16] ShortcutTarget: Jagex Launcher.lnk -> C:\Program Files (x86)\Jagex Launcher\JagexLauncher.exe (Jagex Limited -> Jagex) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00551c90-79a3-4263-ac38-9a40f8c0efd3} - no filepath. <==== ATTENTION Task: {007eb672-1585-4bc7-8b61-e59784afd804} - no filepath. <==== ATTENTION Task: {017229cd-fb6f-4eef-8d88-dffd26074e8f} - no filepath. <==== ATTENTION Task: {027eef92-9e23-4fe2-862e-4d4f192b18ab} - no filepath. <==== ATTENTION Task: {05472a50-115e-4ec7-ba3f-b2925a4ca2dc} - no filepath. <==== ATTENTION Task: {063c7d85-693c-41d7-90a8-442e6a506837} - no filepath. <==== ATTENTION Task: {0871799e-9690-416f-9f4e-c8b07cb3a242} - no filepath. <==== ATTENTION Task: {0993d8c5-d08d-48e9-9b77-5911e451e578} - no filepath. <==== ATTENTION Task: {09dbd4eb-5122-48be-ac6f-fa3c217e6029} - no filepath. <==== ATTENTION Task: {0beb2027-37d9-4793-a22d-3bcd22218426} - no filepath. <==== ATTENTION Task: {0c4c85ce-718c-4c27-8ac1-473a16166acc} - no filepath. <==== ATTENTION Task: {0d577471-7ba6-4e15-bff1-94da5cc5b616} - no filepath. <==== ATTENTION Task: {0f0564bd-0890-40ed-ae69-7c7fc770af7b} - no filepath. <==== ATTENTION Task: {115c9f42-f4b9-4ac0-b428-5cefda147839} - no filepath. <==== ATTENTION Task: {11d149ef-4e36-4288-b7cd-d998669a5cc8} - no filepath. <==== ATTENTION Task: {12f555fe-1349-4553-9355-754ab3963205} - no filepath. <==== ATTENTION Task: {15178606-36f4-44dc-a3c4-30cd3e95df4b} - no filepath. <==== ATTENTION Task: {153cc1eb-bb1b-4a60-8460-52d4c3d643e2} - no filepath. <==== ATTENTION Task: {16436b93-6f72-47a0-9e8d-43ccd8e3dc2d} - no filepath. <==== ATTENTION Task: {16ed2dbe-d39f-4383-9472-9f8424c62b5a} - no filepath. <==== ATTENTION Task: {182e393a-a272-4889-b0d8-5882756c6a44} - no filepath. <==== ATTENTION Task: {18b15697-6c36-4511-8ac3-c4353e1e47bf} - no filepath. <==== ATTENTION Task: {1a63f41d-d92f-4b1b-b280-bc40f89cc727} - no filepath. <==== ATTENTION Task: {1aa895ab-b457-4080-b748-a9f87276322e} - no filepath. <==== ATTENTION Task: {1bbc33c7-745a-46a7-b66e-99b8b56ba3cf} - no filepath. <==== ATTENTION Task: {1bbdb9cb-956a-4d5d-b2a3-1eb605500e83} - no filepath. <==== ATTENTION Task: {1d78f894-9575-42f3-9a09-0481a299ae29} - no filepath. <==== ATTENTION Task: {21622452-48a3-4cb6-9ac4-9bbb7d9702a4} - no filepath. <==== ATTENTION Task: {21b29864-af24-49b7-ac89-49aa577344d2} - no filepath. <==== ATTENTION Task: {22932134-8a01-440e-96ec-25c14f117481} - no filepath. <==== ATTENTION Task: {23227567-3467-47ec-8a12-c3c3f617d684} - no filepath. <==== ATTENTION Task: {27db3243-093b-452f-8fd7-61e12939769f} - no filepath. <==== ATTENTION Task: {28909c3b-ff34-4831-94f6-5c88aabf41e1} - no filepath. <==== ATTENTION Task: {2b07bfbb-7e36-4eb6-9a58-7578500160b2} - no filepath. <==== ATTENTION Task: {2cddee6e-154b-4ada-a2e7-a661e092e2a5} - no filepath. <==== ATTENTION Task: {2dffbdf9-1a5f-4637-aaca-5fca8a10cde2} - no filepath. <==== ATTENTION Task: {2e1025a0-3f27-4a85-83c9-344ccef98224} - no filepath. <==== ATTENTION Task: {2f4632f9-482b-4554-916e-d341f3248759} - no filepath. <==== ATTENTION Task: {2f4f06ad-938f-4b7e-a9d4-e43fa5a8a617} - no filepath. <==== ATTENTION Task: {30646108-9841-442e-b180-c3393119644c} - no filepath. <==== ATTENTION Task: {32e08bfe-3c9e-4156-bcf1-20ef96e9ea1e} - no filepath. <==== ATTENTION Task: {3307ba7e-44f6-4ff2-9c47-f82a35d4dddc} - no filepath. <==== ATTENTION Task: {331e5174-8daa-4ab4-b252-47270d4638b6} - no filepath. <==== ATTENTION Task: {336f9dd7-09c5-4a53-b741-83670270ab5d} - no filepath. <==== ATTENTION Task: {35b02611-eea9-442f-ad3d-3d1e6cf163bf} - no filepath. <==== ATTENTION Task: {3648624b-2253-4961-9d0d-247174ed3750} - no filepath. <==== ATTENTION Task: {378fc235-add5-4bb5-8bfd-3db4ec386956} - no filepath. <==== ATTENTION Task: {37a841d2-22ee-421c-8012-a89651fb5752} - no filepath. <==== ATTENTION Task: {39435da3-1b1b-449c-a10a-9e7cb4c7ee67} - no filepath. <==== ATTENTION Task: {3a51708c-1785-4f7d-9c80-76b829d6ec76} - no filepath. <==== ATTENTION Task: {3afa3a63-01b6-4ed9-a085-182b90824afa} - no filepath. <==== ATTENTION Task: {3b04c8fb-76a0-4257-8756-f330473a377c} - no filepath. <==== ATTENTION Task: {3d65e0c4-5024-4508-b5bd-9800c724c64e} - no filepath. <==== ATTENTION Task: {3e17de06-589a-4c2f-8a92-7cbd2fbda9e6} - no filepath. <==== ATTENTION Task: {3f0ff860-e6de-4d78-9629-a170afc19a0b} - no filepath. <==== ATTENTION Task: {42ad3362-9911-49da-bd46-4637a080e5e3} - no filepath. <==== ATTENTION Task: {43b9f4ea-761d-4755-b13a-e243f8ec903c} - no filepath. <==== ATTENTION Task: {443ce9ff-3969-4220-8069-40b5c3b2ba4b} - no filepath. <==== ATTENTION Task: {44e2c31a-a50a-48de-9b6b-548f93290b42} - no filepath. <==== ATTENTION Task: {44e3ee76-2f87-436c-896e-503543d765d6} - no filepath. <==== ATTENTION Task: {46337191-ab08-4efd-9619-edddc7bdc4e8} - no filepath. <==== ATTENTION Task: {4869f8cb-6bea-45f8-bdc0-3c2a1c7309ce} - no filepath. <==== ATTENTION Task: {4875e6ac-f51c-448b-a7d8-68bd6ff68a4f} - no filepath. <==== ATTENTION Task: {48b9aa43-3cca-44bf-a9d3-6318e3e4cfd3} - no filepath. <==== ATTENTION Task: {4e1c6624-1975-411c-8b88-64f4c758d74e} - no filepath. <==== ATTENTION Task: {4f91c7dc-333c-4c8e-bd28-65eecef399be} - no filepath. <==== ATTENTION Task: {4ff6fa6d-ef36-44df-a21e-6e8b8ed18766} - no filepath. <==== ATTENTION Task: {50f34005-56f4-4484-bb35-e525f136bd4a} - no filepath. <==== ATTENTION Task: {523c9ab9-b43b-486d-a7f4-58b70ee642fe} - no filepath. <==== ATTENTION Task: {5254a718-47a3-4f78-b8e6-64988dc7d9ba} - no filepath. <==== ATTENTION Task: {5360f630-0e5c-4893-81b2-5cb17243432e} - no filepath. <==== ATTENTION Task: {5472e6cf-5cda-48fe-a6ea-789742405327} - no filepath. <==== ATTENTION Task: {54f7db4c-484d-49db-abc9-cb246a46b4df} - no filepath. <==== ATTENTION Task: {56072bf6-fdc8-4aaa-a485-7eea9afcc300} - no filepath. <==== ATTENTION Task: {581b0ba4-755c-4d45-900b-154771d7d5fb} - no filepath. <==== ATTENTION Task: {583f0be5-d7e8-47dd-98dc-950d0f0175f1} - no filepath. <==== ATTENTION Task: {5863164c-dd13-4536-a372-ed265b87819e} - no filepath. <==== ATTENTION Task: {589e6b71-1ec7-459f-aad1-73447aca1e11} - no filepath. <==== ATTENTION Task: {598c5583-7e03-4fb1-a56a-83f0ce28ee78} - no filepath. <==== ATTENTION Task: {5bcb61fe-d485-48e5-b7bc-9df0242f912b} - no filepath. <==== ATTENTION Task: {5cbb5630-18b4-4621-bd01-f52746c50ed8} - no filepath. <==== ATTENTION Task: {5dab39b0-9272-44d3-b801-10c0f3bf4041} - no filepath. <==== ATTENTION Task: {5e1a84fa-5deb-42e8-9ce3-f0fba8b77fb4} - no filepath. <==== ATTENTION Task: {5ebba22c-aa19-43ee-b72c-7ecae6a74e05} - no filepath. <==== ATTENTION Task: {5f2283e3-4ed1-47ef-a4b6-41da4eee89d6} - no filepath. <==== ATTENTION Task: {5f590973-3338-467f-a912-8bdb11c4030f} - no filepath. <==== ATTENTION Task: {6218662d-7a50-4785-9956-b1404c240897} - no filepath. <==== ATTENTION Task: {63ee9138-066b-4414-9754-6eba8c42f46a} - no filepath. <==== ATTENTION Task: {63feba9b-9893-49bd-9722-41dbebd6dd8d} - no filepath. <==== ATTENTION Task: {6438db20-4e37-400d-ba37-ec6ceb96d84f} - no filepath. <==== ATTENTION Task: {643bb4c0-01f5-4767-993a-4e4a5c10e73d} - no filepath. <==== ATTENTION Task: {64b6fcfa-5bdb-45f5-a7ef-762a1d9b3339} - no filepath. <==== ATTENTION Task: {6776c8d9-dcf7-4187-91e7-bc47d0e274cb} - no filepath. <==== ATTENTION Task: {6b80f9a7-f05e-4323-a852-9f607d0ea708} - no filepath. <==== ATTENTION Task: {6ba58441-8479-4ac0-8970-75ff3707435e} - no filepath. <==== ATTENTION Task: {6d6286f9-068d-4716-8a8e-336638c7ea71} - no filepath. <==== ATTENTION Task: {6dc0d695-ef2c-49e8-9c36-fe6a0bd1351b} - no filepath. <==== ATTENTION Task: {6f003abd-1cc0-4b82-80d3-f58c1bede7cc} - no filepath. <==== ATTENTION Task: {727d0d21-a58f-4993-952a-fe5fb8c9c122} - no filepath. <==== ATTENTION Task: {74f4e5eb-1fa8-468e-aa89-f2f4900616fc} - no filepath. <==== ATTENTION Task: {78a8c9eb-3863-4758-b818-e2ad7cbc5c2d} - no filepath. <==== ATTENTION Task: {78f99fbd-4357-466e-827c-22b323e05a03} - no filepath. <==== ATTENTION Task: {794f17c7-0693-4939-8cfc-b0984f3cbe4b} - no filepath. <==== ATTENTION Task: {7a10e7b8-0523-4ba1-ac4e-30f1aeef0952} - no filepath. <==== ATTENTION Task: {7a1fcbaa-d7d5-400e-9403-12231ad471b3} - no filepath. <==== ATTENTION Task: {7a914eba-9752-45ed-b715-d521eeb9a1d2} - no filepath. <==== ATTENTION Task: {7bc0983b-381c-4bf3-b016-5c837eb16a0a} - no filepath. <==== ATTENTION Task: {7e791a6e-babd-4745-9384-a6012c9e2b1d} - no filepath. <==== ATTENTION Task: {7edfe126-659c-4fb7-a33c-a813a63f7507} - no filepath. <==== ATTENTION Task: {818ea129-d0d5-4bdd-bfd5-889b2ecff655} - no filepath. <==== ATTENTION Task: {839e6f09-378c-4979-8bd8-cc305be6a027} - no filepath. <==== ATTENTION Task: {83af404f-4aa3-4adc-80fe-2d6904f8dfcd} - no filepath. <==== ATTENTION Task: {8733c143-76f6-498f-96cc-d4153a16b2d4} - no filepath. <==== ATTENTION Task: {87f240c0-3e95-4ee0-8fdf-ad60df20d116} - no filepath. <==== ATTENTION Task: {87fccbbe-4114-443a-a9da-0fa809866b42} - no filepath. <==== ATTENTION Task: {89a845ac-08d2-4e86-8d0e-c4895e372d19} - no filepath. <==== ATTENTION Task: {8ac3fe43-4e9e-4e96-9513-1ed504c67779} - no filepath. <==== ATTENTION Task: {8b32894d-f4b6-47e8-9202-f75b1a7c0239} - no filepath. <==== ATTENTION Task: {8bb429ac-2572-4d21-84ba-4a2743f101d4} - no filepath. <==== ATTENTION Task: {8d19291b-a945-47c2-b9c2-ccf5bd793bee} - no filepath. <==== ATTENTION Task: {8d5b4a17-71d3-4034-af18-55b621784cf2} - no filepath. <==== ATTENTION Task: {8d69e699-bfeb-4704-9d4f-7bef40627d3d} - no filepath. <==== ATTENTION Task: {8e9244f1-b9de-4f7a-8102-4b03e177cea4} - no filepath. <==== ATTENTION Task: {903fcf36-e964-4c4e-aa0c-8c8940e45b5f} - no filepath. <==== ATTENTION Task: {9079e084-774d-4566-bd6a-7e1d2d3e21b6} - no filepath. <==== ATTENTION Task: {90eba163-a5d7-49a9-8c96-a232aced07ad} - no filepath. <==== ATTENTION Task: {922d1542-c2c3-49a2-a694-3ea2baf953b6} - no filepath. <==== ATTENTION Task: {938e02d2-b532-4266-b328-7124c88ae120} - no filepath. <==== ATTENTION Task: {93b450d7-229a-44f2-9e4f-afcd0ec303f0} - no filepath. <==== ATTENTION Task: {94054617-28ee-45d0-a389-4fc47a53929d} - no filepath. <==== ATTENTION Task: {944e28e5-af81-49c4-a3c6-278850638a32} - no filepath. <==== ATTENTION Task: {950f6bcb-5f39-4332-922c-4ecac04bb843} - no filepath. <==== ATTENTION Task: {95bb9ddb-ad6d-4d92-8105-a90de8e7d49b} - no filepath. <==== ATTENTION Task: {9776f175-b0c0-42f8-97ae-3b586b477786} - no filepath. <==== ATTENTION Task: {97dd5a58-8afc-4c73-85ae-95e42996ba1a} - no filepath. <==== ATTENTION Task: {98c357b5-942d-4d47-aee6-83f8d0e2481c} - no filepath. <==== ATTENTION Task: {98cb77a7-07a6-4943-9c1a-1afedcd8e8b4} - no filepath. <==== ATTENTION Task: {99204895-4e39-4a2e-bf3e-4906e1f83d9d} - no filepath. <==== ATTENTION Task: {99c84faa-a5cb-4ed8-a1dd-40edf39b456e} - no filepath. <==== ATTENTION Task: {9cd3c19e-b9e8-41fa-834c-2e62db395fcb} - no filepath. <==== ATTENTION Task: {9e090ac6-3bb5-4944-bf3b-b0d28b291035} - no filepath. <==== ATTENTION Task: {9e855632-5125-491a-a736-92936a1e33e0} - no filepath. <==== ATTENTION Task: {9f16f94d-71ab-4bea-838d-6d062ab28693} - no filepath. <==== ATTENTION Task: {a028e956-5d19-47fb-bb91-c1a3012c785b} - no filepath. <==== ATTENTION Task: {a1581203-3855-4b9a-9d07-8fd6437639ec} - no filepath. <==== ATTENTION Task: {a4078f32-fa95-4524-9d61-72e1a73699ea} - no filepath. <==== ATTENTION Task: {a4204bdb-881e-4b0c-9954-4e1b9ae422b0} - no filepath. <==== ATTENTION Task: {a43f7c41-c262-4957-901e-734380af874c} - no filepath. <==== ATTENTION Task: {a4491668-9c90-42fc-8f7a-4cb581acca0e} - no filepath. <==== ATTENTION Task: {a5101829-8d61-48d5-bb8a-11df87e22b11} - no filepath. <==== ATTENTION Task: {a53b11e7-c3b9-4be7-aa25-90c39d6ad825} - no filepath. <==== ATTENTION Task: {a6166c30-7ba6-4922-817b-44df8e85aaeb} - no filepath. <==== ATTENTION Task: {a6e835bc-7acc-4b79-a93c-5801cdb029a2} - no filepath. <==== ATTENTION Task: {a71fa5cd-4591-41d6-88ee-20c5efe2f867} - no filepath. <==== ATTENTION Task: {a7f93b56-5f89-4069-9e12-0a086f5fa4ab} - no filepath. <==== ATTENTION Task: {a878e93c-7ed5-493d-a9c7-70c1a8e7ef2b} - no filepath. <==== ATTENTION Task: {a8e96e7a-ea76-498e-9641-061da81ea9a0} - no filepath. <==== ATTENTION Task: {a9594947-8a8d-4c59-86e2-d37a11f0ea98} - no filepath. <==== ATTENTION Task: {ac86eaaf-01ab-48ca-8ae1-744e3f9357c9} - no filepath. <==== ATTENTION Task: {ad34f479-f31e-4d90-b32c-cebef95d20a4} - no filepath. <==== ATTENTION Task: {aef659d1-1f08-46b6-a3e2-f2e0024efa88} - no filepath. <==== ATTENTION Task: {af6957a9-dbf3-4780-9490-1675df372715} - no filepath. <==== ATTENTION Task: {b3449d3a-ac9e-4099-881b-ecdd58b6f243} - no filepath. <==== ATTENTION Task: {b3f45388-7de4-4776-9efa-811307f1cbd9} - no filepath. <==== ATTENTION Task: {b58405da-041b-4445-986a-09e9dc7a35ba} - no filepath. <==== ATTENTION Task: {b5a87cc0-4ac9-4f08-a2da-33761a5f1d28} - no filepath. <==== ATTENTION Task: {b932b04c-2b30-4c23-9015-7e767251e42a} - no filepath. <==== ATTENTION Task: {ba30c74e-1d2f-4b89-a487-5a0eb4750d18} - no filepath. <==== ATTENTION Task: {bb03d930-3152-48f7-acd7-5596553d06f9} - no filepath. <==== ATTENTION Task: {bcca0905-38f4-4e7a-8be7-b7ebfd7adb5e} - no filepath. <==== ATTENTION Task: {c2df6d60-7b24-4ade-bee2-6fff5064fa96} - no filepath. <==== ATTENTION Task: {c388e040-52c5-433f-a59c-9c49c7a9421b} - no filepath. <==== ATTENTION Task: {c3f17d6c-5eaf-489f-b94e-9ac4c46ff49c} - no filepath. <==== ATTENTION Task: {c4b4c020-915e-4035-a3ba-35ac6a2e07aa} - no filepath. <==== ATTENTION Task: {c7c9d25a-fac2-4a71-83c0-aee8a4992bc2} - no filepath. <==== ATTENTION Task: {c7dd3404-b7c9-4620-8e19-33a3c38561c2} - no filepath. <==== ATTENTION Task: {c87f0299-43c6-4994-8a9d-da1f481a8eb5} - no filepath. <==== ATTENTION Task: {c8b803bc-d2b2-420c-86eb-ebbc6206b1e2} - no filepath. <==== ATTENTION Task: {c8f4f09c-341e-467a-8ca4-26187794c953} - no filepath. <==== ATTENTION Task: {c9a42240-5e02-4466-98b9-6a077b14e36a} - no filepath. <==== ATTENTION Task: {cae5f3c5-9714-4e44-b405-68ea9db2638c} - no filepath. <==== ATTENTION Task: {cb8017d4-23ab-440c-ae7e-f9a9c0194b0a} - no filepath. <==== ATTENTION Task: {ceb459b0-b11d-47a5-8627-5badd27feda2} - no filepath. <==== ATTENTION Task: {cf09071a-0b3d-468a-b6c2-11c77c2c46b5} - no filepath. <==== ATTENTION Task: {d14746aa-ea89-4741-a3f8-4656bf658a97} - no filepath. <==== ATTENTION Task: {d4151cab-443d-4b31-837d-ba70e1de6e19} - no filepath. <==== ATTENTION Task: {d453c454-8b2b-4508-9883-116122406c4a} - no filepath. <==== ATTENTION Task: {d4563bf4-4b87-4b73-ad91-1ffe7eb494d3} - no filepath. <==== ATTENTION Task: {d5ed0209-5da6-4681-b07c-ad3b09658020} - no filepath. <==== ATTENTION Task: {d7992b08-48d4-4b21-a3c3-cd4452b8ecd8} - no filepath. <==== ATTENTION Task: {d8eee4d3-5167-42c9-a093-a2e45ed41aad} - no filepath. <==== ATTENTION Task: {d9948539-c6f1-4f56-8937-2a1a89c4c3e5} - no filepath. <==== ATTENTION Task: {d9e6498d-6057-4ea4-90d2-1fe300a4ac36} - no filepath. <==== ATTENTION Task: {da1333b3-18e5-4791-8845-5391b1acc75d} - no filepath. <==== ATTENTION Task: {da5340fd-04df-4797-ad2d-3d5f5f632df6} - no filepath. <==== ATTENTION Task: {dbacc65b-0690-4227-aeff-725d641d9998} - no filepath. <==== ATTENTION Task: {dd3ba4e8-3541-42df-86ed-3d5f07c83d3b} - no filepath. <==== ATTENTION Task: {dd4f0ac7-61b5-4ee7-b057-79d52dd9c280} - no filepath. <==== ATTENTION Task: {deb8b0ee-1e1a-44a1-9e7f-f5d35f098eda} - no filepath. <==== ATTENTION Task: {e031b4bb-90b7-4224-9b1d-52bd6f249805} - no filepath. <==== ATTENTION Task: {e11dbadd-4690-4f5a-a951-466732a37436} - no filepath. <==== ATTENTION Task: {e1b6e3b8-88c1-4ab9-bb68-06b405c5ac64} - no filepath. <==== ATTENTION Task: {e3a12504-0934-4708-8cc7-c971844ef0b8} - no filepath. <==== ATTENTION Task: {e3bdffab-5405-49eb-ab7c-35795b45d315} - no filepath. <==== ATTENTION Task: {e5df5ed5-4917-44d8-9edb-df13934d1198} - no filepath. <==== ATTENTION Task: {e5f7709b-d958-4d60-b10a-8fc0a9c03b5f} - no filepath. <==== ATTENTION Task: {e6155a96-f0a8-4cbd-9fc5-cbd77d42ff40} - no filepath. <==== ATTENTION Task: {e9117d9b-f63f-40f6-9393-7fe123a989a5} - no filepath. <==== ATTENTION Task: {e99bed11-8f24-49a3-bbab-4ed6b92cbb05} - no filepath. <==== ATTENTION Task: {ea5ac84c-e18a-4937-b4b7-bdde527a980f} - no filepath. <==== ATTENTION Task: {eb117061-1096-4b5f-b0cb-bc1fc4e5df14} - no filepath. <==== ATTENTION Task: {eb120f07-69fc-4866-bd88-dae8a386b84b} - no filepath. <==== ATTENTION Task: {eda9899f-0136-4d86-8f79-ebe8ded250ec} - no filepath. <==== ATTENTION Task: {ee1ef361-eb24-44ba-aff8-c50053d6056f} - no filepath. <==== ATTENTION Task: {ef462b39-ea6e-468a-ab27-378542ca9055} - no filepath. <==== ATTENTION Task: {f70ebc4a-5dce-45b7-919b-f7b73aa7e4b5} - no filepath. <==== ATTENTION Task: {f79e5580-4964-43b0-8343-88f0024b1749} - no filepath. <==== ATTENTION Task: {f8b8618e-46ce-4832-937c-45926ee57af6} - no filepath. <==== ATTENTION Task: {fb93bbaa-0791-4e14-8ba2-8c5e5ba87277} - no filepath. <==== ATTENTION Task: {fc73039a-9f8d-41e7-a83c-17d0ea49cf24} - no filepath. <==== ATTENTION Task: {fca82c2e-2a9f-4c56-aec1-c30554adfbbc} - no filepath. <==== ATTENTION Task: {fd9929fd-3c91-4b18-9e62-dd821129de53} - no filepath. <==== ATTENTION Task: {6347B478-A34A-49C6-8281-8C9591C586B2} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1035472 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {50DEE15D-C113-40FA-A96F-0D837D189F5B} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [191184 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {BECDDB83-1AA4-4F8E-85CD-D4C39697A722} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [401304 2025-09-10] (ASUSTeK COMPUTER INC. -> ASUS) Task: {D3294765-19F5-48FF-BA8E-05F6AE0D7A1D} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\TaskSchedulerTool_ArmourySocketServer.exe [120728 2025-09-10] (ASUSTeK COMPUTER INC. -> TODO: <公司名稱>) Task: {9218DEE2-4107-4314-BA53-A21798ABA71E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1db9743d4f7ae0c => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) Task: {A6A1E63B-3FA9-43F8-9B2E-D1521B68CC1A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) Task: {161D93CA-004D-46E9-BD89-900D6B1F2697} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS) Task: {62E26E37-6BED-4D72-A382-84BB1858114F} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File) Task: {E242261F-7FBC-4280-88DE-7D51423A6A87} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [9321328 2026-02-24] (Gen Digital Inc. -> Gen Digital Inc.) Task: {AE3400DF-D9B6-4DE4-AA8A-AA125870C1F7} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5656744 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) Task: {8FB15F87-683D-4F3D-9FAD-8D5E164ED5E6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2977504 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) Task: {F5D5D2B7-3DCE-4BC5-82B7-55B84FD52228} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{7C9CC484-CDAE-4BC1-9D8B-32DDE4131D8B} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-03-05] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {CEE786D9-09C6-40CF-B5EC-3AEDC19176C0} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{ADB4F01E-AF23-4984-B346-FB5D99868167} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-03-05] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {0927308E-A6EC-445E-A537-10A2E5BC3BBB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jacob\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15205744 2026-03-28] (ESET, spol. s r.o. -> ESET) Task: {D5854BD4-72D1-40E3-9582-17869B27BC05} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jacob\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15205744 2026-03-28] (ESET, spol. s r.o. -> ESET) Task: {D1CD796C-3ADB-4D8E-9DBF-EB471AFDB0D5} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{4FD81F61-9FFC-490B-BD03-6ED5EF1DBC75} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC) Task: {76582D37-DE00-4E7F-9E6A-A3E3A40D6F91} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16300336 2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Task: {00FAEBE3-1DB6-43E0-9B21-44FDF29C5C6E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604736 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {E155D67C-7766-4164-8AF7-694028101030} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Task: {2AB93136-E6D2-4D3E-B86E-5DFF59FDB389} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604736 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {8FA6E43D-EB46-4972-93B4-53941963445F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [427808 2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Task: {48078ECA-4DDB-4E26-B799-149E4EB9D5C6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [427808 2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Task: {46EE2907-8017-4D5B-9BFC-93B21B23F363} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1349992 2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Task: {F6B16DA6-925A-4860-A79A-02B895E833DC} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4448800 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {B0C4E2AF-B2EF-43FC-AB3D-2032595981BF} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16300336 2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File) Task: {1DB96DC5-AB6C-45BB-9D03-9D50B576AE33} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File) Task: {2F734185-4C01-4FA7-A755-7EBEC77EC004} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File) Task: {586EE958-B0AF-4915-ABC9-741BACF40B6B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {19917F1D-A14C-42F7-B2E5-303070BDE715} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1035472 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {EC6792D2-87BA-44FF-9E3A-61323A067AA7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-12-09] (Mozilla Corporation -> Mozilla Foundation) Task: {6158D0FA-4795-42F8-8FC2-B0A15D21CFBB} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CC177C48-58CB-4AEC-9C9E-A1C8ADDC90C6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3EC3B096-8FF2-4515-A87F-58FB176DC1D2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {337392AF-5512-47D8-AB3F-B0FE11397674} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4428648 2026-03-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F5FA3F28-106A-4FED-81B0-200B68EF0C50} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2459745976-1025811126-4102104030-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4428648 2026-03-23] (Microsoft Corporation -> Microsoft Corporation) Task: {022BD690-18ED-486B-9CA5-694FF02122C9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2459745976-1025811126-4102104030-1001 => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\OneDriveLauncher.exe [757608 2026-03-23] (Microsoft Corporation -> Microsoft Corporation) Task: {9180AD71-D6A7-4FFA-9659-C36182537F95} - System32\Tasks\SoftLanding\S-1-5-21-2459745976-1025811126-4102104030-1001\SoftLandingDeferralTask-{5366b90f-df71-40bd-b0b2-1cf99a52f205} => {AF28889E-B0FD-494C-9FB0-D3B058A96B34} Task: {8E87E6BF-ABA0-4240-A86D-7C6141C057F2} - System32\Tasks\SoftLanding\S-1-5-21-2459745976-1025811126-4102104030-1001\SoftLandingTriggerTask-128000000001627409-render-{a335b62e-7ce9-47b5-a417-140a8c3520cc} => {F47D8C53-0B74-4A66-959D-367710AB1F84} Task: {5733CBA9-9286-4A66-9AA1-E5D8276EA752} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [139472 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {BDDBE01A-E508-46AF-AE57-D05521E1DB10} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [309968 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {B43BD524-9547-4058-BBE8-BD8DFC2DF303} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2459745976-1025811126-4102104030-1001 => C:\Users\Jacob\AppData\Roaming\Zoom\bin\Zoom.exe [507784 2026-03-18] (Zoom Communications, Inc. -> Zoom Communications, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 127.0.0.1 gen-webserver.com www.gen-webserver.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4cde88e6-c991-496a-922c-d1ea7c07704d}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4cde88e6-c991-496a-922c-d1ea7c07704d}\A41636F62691023702960586F6E656: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{a85f690c-a1ba-41f5-8ae1-465d20ec373d}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox FF DefaultProfile: i4wq9uej.default-release -> 308046B0AF4A39CB FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\sbmtwlsb.default [2024-12-20] FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\i4wq9uej.default-release [2025-02-24] FF Extension: (AdBlock — block ads across the web) - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\i4wq9uej.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2025-02-24] FF Extension: (uBlock Origin) - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\i4wq9uej.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-02-24] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-02-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2026-01-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) Edge: ======= Edge Profile: C:\Users\Jacob\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-27] Edge Extension: (Google Docs Offline) - C:\Users\Jacob\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-05] Edge Extension: (Edge relevant text changes) - C:\Users\Jacob\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-01-08] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default [2026-03-29] CHR HomePage: Default -> hxxp://searchou.com/?id=2ce4c40b0000000000002e2a70650579&affilt=5 CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.netflix.com/","hxxps://www.facebook.com/","hxxp://www.v9.com/?type=hp&ts=1404673932&from=irs&uid=SAMSUNGXSSDXPM830X2X5XX7mmX256GB_S0TZNSAD100167100167&i=psd&t=345403b81","hxxps://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&es_th=1&ie=UTF-8","hxxp://lib.ecu.edu/" CHR Extension: (Adjust Page Brightness) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjiagkgnilmcngacjlfhmpdmbhbjcah [2026-01-19] CHR Extension: (Honey: Automated Coupons & Rewards) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2026-03-04] CHR Extension: (Dark Mode) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2026-03-29] CHR Extension: (Google Docs Offline) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-24] CHR Extension: (AdBlock — block ads across the web) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2026-03-27] CHR Extension: (WhatsApp Web Chat List Resizer) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnmpgeigaomcfkjmknmbcbidhialnfoe [2025-12-18] CHR Extension: (Video Speed Controller) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2025-09-15] CHR Extension: (Video Downloader PLUS) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2026-03-29] CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-15] CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2026-03-27] CHR Extension: (Hulu Ad Skipper | Ad Blocker [QVI]) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2026-03-04] CHR Profile: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-10-14] CHR Extension: (Google Docs Offline) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-21] CHR Profile: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\System Profile [2026-03-29] Brave: ======= BRA Profile: C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2026-03-31] BRA Extension: (Adjust Page Brightness) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bcjiagkgnilmcngacjlfhmpdmbhbjcah [2026-01-19] BRA Extension: (Honey: Automated Coupons & Rewards) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2026-03-04] BRA Extension: (uBlock Origin) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2026-03-16] BRA Extension: (Dark Mode) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2025-12-18] BRA Extension: (AdBlock — block ads across the web) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2026-03-27] BRA Extension: (P-Stream extension) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gnheenieicoichghfmjlpofcaebbgclh [2025-06-26] BRA Extension: (Office - Enable Copy and Paste) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2025-03-05] BRA Extension: (WhatsApp Web Chat List Resizer) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lnmpgeigaomcfkjmknmbcbidhialnfoe [2025-12-18] BRA Extension: (TabXpert - session and tab manager) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\maomempcdmkfcjgeabecfpkebghcigac [2026-03-04] BRA Extension: (Video Speed Controller) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2025-11-04] BRA Extension: (Video Downloader PLUS) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2025-03-05] BRA Extension: (Netflix Party is now Teleparty) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2026-03-27] BRA Extension: (Hulu Ad Skipper | Ad Blocker [QVI]) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2026-03-04] BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2026-03-29] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2026-03-29] BRA Extension: (Brave NTP background images) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2026-01-19] BRA Extension: (Brave Ad Block Updater (Mobile app promo blocker (plaintext))) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2026-03-27] BRA Extension: (Brave Ad Block Updater (Cookie notice blocker (plaintext))) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2026-03-30] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2025-11-03] BRA Extension: (Brave NTP sponsored images) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2026-03-30] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2026-03-04] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2025-03-05] BRA Extension: (Brave Ads Resources) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2026-03-04] BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2026-03-31] BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2026-03-31] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2026-03-28] BRA Extension: (Brave User Agent) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2026-03-30] BRA Extension: (P3A Configuration) - C:\Users\Jacob\AppData\Local\BraveSoftware\Brave-Browser\User Data\P3AConfig [2025-10-19] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ArmouryCrateService; C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe [444520 2025-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.06.14\atkexComSvc.exe [1000344 2025-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\1.2.40\AsusCertService.exe [497560 2025-09-15] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.45\AsusFanControlService.exe [1858400 2024-10-22] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1157088 2026-03-16] (ASUSTeK COMPUTER INC. -> ) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7882920 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1040040 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2635432 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1092776 2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2026-03-29] (Avast Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20285608 2025-11-15] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-03-05] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\146.1.88.136\elevation_service.exe [4431440 2026-03-24] (Brave Software, Inc. -> Brave Software, Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-03-05] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13270336 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20499616 2026-03-12] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [964336 2024-10-04] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3407800 2026-03-24] (Epic Games Inc. -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1601952 2026-01-21] (Epic Games Inc. -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncHelper.exe [3600784 2026-03-23] (Microsoft Corporation -> Microsoft Corporation) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [20112536 2026-01-30] (Logitech Inc -> Logitech, Inc.) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray_service.exe [11524960 2025-12-05] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11420952 2026-03-29] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-03-29] (Malwarebytes Inc. -> Malwarebytes) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\MpDefenderCoreService.exe [2088128 2026-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\146.0.3856.80\elevation_service.exe [3499048 2026-03-24] (Microsoft Corporation -> Microsoft Corporation) S3 Muse Hub Updater Service; C:\Program Files\WindowsApps\Muse.MuseHub_2.0.22.1414_x64__rb9pth70m6nz6\Muse.Updater.exe [6213200 2024-10-29] (Musecy SM Ltd. -> Muse.Updater) S2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1926840 2023-05-15] (A-Volute SAS -> Nahimic) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\Display.NvContainer\NVDisplay.Container.exe [1275536 2025-01-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\26.035.0222.0002\OneDriveUpdaterService.exe [3996008 2026-03-23] (Microsoft Corporation -> Microsoft Corporation) R2 Parsec; C:\Program Files\Parsec\pservice.exe [436120 2026-02-04] (Unity Technologies SF -> Parsec) [File not signed] R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [449680 2023-04-06] (PreSonus Audio Electronics, Inc. -> PreSonus) R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2769512 2026-01-15] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [811360 2026-03-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [26383216 2026-03-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\NisSrv.exe [4451664 2026-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\MsMpEng.exe [290704 2026-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ACSEHIDRemap; C:\WINDOWS\System32\drivers\ACSEHIDRemap.sys [135160 2025-09-30] (WDKTestCert Ken,133462420546156706 -> ) R3 ACSEVirtualBus; C:\WINDOWS\System32\drivers\ACSEVirtualBus.sys [47088 2025-09-30] (WDKTestCert Ken,133462420546156706 -> ) R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrmgr.sys [36016 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc) R2 AMDRyzenMasterDriverV26; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [61264 2024-11-27] (Advanced Micro Devices -> Advanced Micro Devices) S2 AMDRyzenMasterDriverV27; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [61264 2024-11-27] (Advanced Micro Devices -> Advanced Micro Devices) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys [112952 2024-06-15] (AMD Test Build -> Advanced Micro Devices) R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\amdkmdag.sys [110965144 2024-12-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [60040 2025-09-15] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [296544 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [439904 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [304736 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [88152 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2026-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [33888 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [290912 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [585312 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97888 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [905824 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1287264 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [242272 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [458848 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [94712 2023-05-15] (A-Volute -> Windows (R) Win 7 DDK provider) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-04-09] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-04-09] (Microsoft Corporation) [File not signed] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-03-08] (Microsoft Corporation) [File not signed] R3 cpuz159; C:\WINDOWS\temp\cpuz159\cpuz159_x64.sys [44680 2026-03-16] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34920 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_fcb868ac03f43b71\e2fn.sys [1427528 2023-07-03] (Intel Corporation -> Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [55416 2024-12-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-15] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-05-15] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-15] (Logitech Inc -> Logitech) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray.sys [89440 2025-12-05] (Logitech Inc -> Logitech, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234600 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [214632 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [81000 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-03-29] (Malwarebytes Inc -> Malwarebytes) R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [361472 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1617920 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio.sys [425568 2023-04-06] (PreSonus Audio Electronics, Inc. -> ) R3 paeusbaudioks; C:\WINDOWS\System32\drivers\paeusbaudioks.sys [66152 2023-04-06] (PreSonus Audio Electronics, Inc. -> ) S3 parsecvirtualds; C:\WINDOWS\System32\drivers\parsecvirtualds.sys [26784 2024-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Parsec) R3 parsecvusba; C:\WINDOWS\System32\drivers\parsecvusba.sys [275624 2024-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Parsec) R3 RtkUsbAD_2333; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_asus.inf_amd64_cfa6c3362ae35992\RtUsbA64.sys [494432 2023-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-08] (Tobias Erichsen -> Tobias Erichsen) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [21888 2026-03-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [641416 2026-03-26] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [103816 2026-03-26] (Microsoft Windows -> Microsoft Corporation) S3 aswArDisk; no ImagePath S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-30 21:41 - 2026-03-30 21:42 - 000069473 _____ C:\Users\Jacob\Desktop\FRST.txt 2026-03-30 21:41 - 2026-03-30 21:42 - 000000000 ____D C:\FRST 2026-03-30 21:41 - 2026-03-30 21:41 - 002445824 _____ (Farbar) C:\Users\Jacob\Desktop\FRST64.exe 2026-03-30 21:37 - 2026-03-30 21:37 - 000000000 ____D C:\ProgramData\A-Volute 2026-03-28 21:03 - 2026-03-28 21:03 - 000251560 _____ (Gen Digital Inc.) C:\Users\Jacob\Desktop\avast_premium_security_setup_online.exe 2026-03-28 21:03 - 2026-03-28 21:03 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk 2026-03-28 21:03 - 2026-03-28 21:03 - 000002122 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk 2026-03-28 21:02 - 2026-03-28 20:58 - 000323752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe 2026-03-28 20:59 - 2026-03-28 21:04 - 000000000 ____D C:\Users\Jacob\AppData\Local\Avast Software 2026-03-28 20:59 - 2026-03-28 21:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2026-03-28 20:59 - 2026-03-28 20:59 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Avast Software 2026-03-28 20:58 - 2026-03-28 21:02 - 000000000 ____D C:\Program Files\Avast Software 2026-03-28 20:58 - 2026-03-28 20:59 - 000000000 ____D C:\ProgramData\Avast Software 2026-03-28 20:58 - 2026-03-28 20:58 - 000251560 _____ (Gen Digital Inc.) C:\Users\Jacob\Desktop\avast_free_antivirus_setup_online.exe 2026-03-28 20:58 - 2026-03-28 20:58 - 000056128 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe 2026-03-28 20:58 - 2026-03-28 20:58 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2026-03-28 20:53 - 2026-03-28 20:53 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Suqake 2026-03-28 20:52 - 2026-03-28 20:52 - 002848568 _____ (Malwarebytes) C:\Users\Jacob\Desktop\MBSetup.exe 2026-03-28 20:52 - 2026-03-28 20:52 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2026-03-28 20:52 - 2026-03-28 20:52 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2026-03-28 20:52 - 2026-03-28 20:52 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2026-03-28 20:52 - 2026-03-28 20:52 - 000000000 ____D C:\ProgramData\Malwarebytes 2026-03-28 20:52 - 2026-03-28 20:52 - 000000000 ____D C:\Program Files\Malwarebytes 2026-03-28 20:46 - 2026-03-28 20:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2026-03-28 20:46 - 2026-03-28 20:46 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2026-03-28 19:48 - 2026-03-28 19:48 - 000000000 ____D C:\Users\Jacob\Degoho 2026-03-28 19:26 - 2026-03-28 19:26 - 000000000 ____D C:\Users\Jacob\Teje 2026-03-28 18:39 - 2026-03-28 18:39 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Lebete 2026-03-28 18:37 - 2026-03-28 18:37 - 000000000 ____D C:\ProgramData\Lubojazi 2026-03-28 18:33 - 2026-03-28 18:34 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Gilihoy 2026-03-28 18:15 - 2026-03-28 18:15 - 000000000 ____D C:\Users\Jacob\Wakojopi 2026-03-28 17:50 - 2026-03-28 17:50 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Qoy 2026-03-28 17:39 - 2026-03-28 17:39 - 000000000 ____D C:\ProgramData\Dod 2026-03-28 17:00 - 2026-03-28 17:01 - 000000000 ____D C:\Users\Jacob\Tedekovoga 2026-03-28 16:49 - 2026-03-28 16:49 - 000000000 ____D C:\ProgramData\Subavi 2026-03-28 16:23 - 2026-03-28 16:24 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Jok 2026-03-28 15:05 - 2026-03-28 15:06 - 000000000 ____D C:\ProgramData\Mutiyam 2026-03-28 13:59 - 2026-03-28 13:59 - 000000000 ____D C:\Users\Jacob\Dare 2026-03-28 13:49 - 2026-03-28 13:49 - 000000000 ____D C:\Users\Jacob\Fekikiyaj 2026-03-28 13:41 - 2026-03-28 13:44 - 000001276 _____ C:\Users\Jacob\Desktop\ESET Online Scanner.lnk 2026-03-28 13:40 - 2026-03-28 13:44 - 000001382 _____ C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2026-03-28 13:40 - 2026-03-28 13:40 - 008412528 _____ (ESET) C:\Users\Jacob\Downloads\esetonlinescanner.exe 2026-03-28 13:40 - 2026-03-28 13:40 - 000000000 ____D C:\Users\Jacob\AppData\Local\ESET 2026-03-28 13:23 - 2026-03-30 21:36 - 000000000 ____D C:\Users\Jacob\AppData\Local\D3DSCache 2026-03-28 13:16 - 2026-03-28 13:17 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Buzagi 2026-03-28 12:49 - 2026-03-28 12:49 - 000000000 ____D C:\ProgramData\Mifewugone 2026-03-28 12:23 - 2026-03-30 17:38 - 000000000 ____D C:\WINDOWS\CbsTemp 2026-03-28 11:59 - 2026-03-28 14:07 - 000000000 ____D C:\ProgramData\Cozo 2026-03-28 11:31 - 2026-03-28 11:31 - 000000000 ____D C:\ProgramData\Qusapeto 2026-03-28 11:25 - 2026-03-28 11:26 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Kumiliku 2026-03-28 10:47 - 2026-03-28 10:47 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Xijisuwob 2026-03-28 10:39 - 2026-03-28 14:07 - 000000000 ____D C:\ProgramData\Kal 2026-03-28 09:38 - 2026-03-28 09:39 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Wexoji 2026-03-28 08:49 - 2026-03-28 08:50 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Len 2026-03-28 08:32 - 2026-03-28 08:32 - 000000000 ____D C:\Users\Jacob\AppData\Local\Yandex 2026-03-28 07:30 - 2026-03-28 14:07 - 000000000 ____D C:\ProgramData\Navivefuju 2026-03-28 07:03 - 2026-03-28 07:04 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Vowaruxob 2026-03-28 06:43 - 2026-03-28 06:43 - 000000000 ____D C:\ProgramData\Mezepisabi 2026-03-28 06:18 - 2026-03-28 06:18 - 000000000 ____D C:\ProgramData\Misigideqi 2026-03-28 05:39 - 2026-03-28 05:39 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Xisunu 2026-03-28 05:38 - 2026-03-28 05:38 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Kiyexinuqu 2026-03-28 05:27 - 2026-03-28 05:28 - 000000000 ____D C:\ProgramData\Lovuroduy 2026-03-28 04:47 - 2026-03-28 04:48 - 000000000 ____D C:\ProgramData\Tum 2026-03-28 04:05 - 2026-03-28 04:06 - 000000000 ____D C:\ProgramData\Zalekexulu 2026-03-28 03:37 - 2026-03-28 03:38 - 000000000 ____D C:\ProgramData\Muki 2026-03-28 01:37 - 2026-03-28 01:38 - 000000000 ____D C:\ProgramData\Voniwihu 2026-03-28 00:19 - 2026-03-28 00:20 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Qojiw 2026-03-27 23:57 - 2026-03-27 23:57 - 000000000 ____D C:\ProgramData\Rod 2026-03-27 23:11 - 2026-03-27 23:11 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Leyekaqa 2026-03-27 23:07 - 2026-03-28 13:49 - 000000000 ____D C:\ProgramData\Whesvc 2026-03-27 15:14 - 2026-03-28 14:24 - 000000000 ____D C:\Users\Jacob\mq.exe 2026-03-27 15:14 - 2026-03-27 15:14 - 000255400 _____ (360.cn) C:\ProgramData\StreamA32.exe 2026-03-27 15:14 - 2026-03-27 15:14 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\MgrMaintain 2026-03-18 05:30 - 2026-03-18 05:30 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2026-03-16 20:32 - 2026-03-16 20:32 - 001440358 _____ C:\Users\Jacob\Desktop\pdfcoffee.com_the-amulet-of-samarkand-pdfdrive-pdf-free.pdf 2026-03-16 15:38 - 2026-03-16 15:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding 2026-03-16 06:17 - 2026-03-16 06:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2026-03-14 12:46 - 2026-03-14 12:46 - 005081684 _____ C:\Users\Jacob\Desktop\Eternum_ColoredWT_0.9.5rev1.pdf 2026-03-12 20:35 - 2026-03-12 20:35 - 000121389 _____ C:\Users\Jacob\Desktop\Noelle Vallario Resume.pdf 2026-03-12 13:52 - 2026-03-23 11:54 - 000000000 ____D C:\ProgramData\Parsec 2026-03-12 13:52 - 2026-03-12 13:53 - 000000000 ____D C:\Program Files\Parsec 2026-03-12 13:52 - 2026-03-12 13:52 - 004377632 _____ C:\Users\Jacob\Desktop\parsec-windows.exe 2026-03-12 13:52 - 2026-03-12 13:52 - 000000000 ____D C:\ProgramData\ParsecPersistent 2026-03-12 13:52 - 2026-03-12 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parsec 2026-03-12 13:52 - 2026-03-12 13:52 - 000000000 ____D C:\Program Files\Parsec Virtual USB Adapter Driver 2026-03-12 13:52 - 2026-03-12 13:52 - 000000000 ____D C:\Program Files\Parsec Virtual Display Driver 2026-03-11 13:36 - 2026-03-11 13:36 - 000000000 ____D C:\Users\Public\Documents\OnlineFix 2026-03-10 23:30 - 2026-03-10 23:30 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2026-03-10 23:30 - 2026-03-10 23:30 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2026-03-10 23:29 - 2026-03-10 23:29 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json 2026-03-10 23:29 - 2026-03-10 23:29 - 000083946 _____ C:\WINDOWS\system32\ctac.json 2026-03-05 12:16 - 2026-03-05 12:16 - 000000000 ____D C:\Users\Public\Documents\Steam 2026-03-05 12:16 - 2026-03-05 12:16 - 000000000 ____D C:\Users\Jacob\AppData\LocalLow\Black Salt Games 2026-03-04 10:12 - 2026-03-04 10:12 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk 2026-03-04 10:12 - 2026-03-04 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2026-03-04 10:12 - 2026-03-04 10:12 - 000000000 ____D C:\ProgramData\LGHUBData 2026-03-04 10:12 - 2026-03-04 10:12 - 000000000 ____D C:\Program Files\LGHUB 2026-03-04 07:06 - 2026-03-04 07:06 - 000000000 ____D C:\WINDOWS\system32\braille-tables 2026-02-28 22:10 - 2026-02-28 22:10 - 003099763 _____ C:\Users\Jacob\Desktop\Kirkegaard Acoustic & AV Report 020226.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-30 21:41 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2026-03-30 21:35 - 2025-03-08 12:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2026-03-30 21:33 - 2023-06-27 18:34 - 000000000 ____D C:\Program Files (x86)\Steam 2026-03-30 21:01 - 2024-04-01 03:26 - 000000000 ___HD C:\Program Files\WindowsApps 2026-03-30 21:01 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2026-03-28 22:27 - 2025-02-03 20:54 - 000000000 ____D C:\Users\Jacob\AppData\Local\Malwarebytes 2026-03-28 21:02 - 2024-04-01 03:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2026-03-28 20:54 - 2025-06-03 10:06 - 000000567 _____ C:\Users\Jacob\Desktop\Start Vortex Profile_jtfrgncdT(witcher3).lnk 2026-03-28 20:54 - 2025-03-08 00:49 - 000002511 _____ C:\Users\Jacob\Desktop\Enjoytown.lnk 2026-03-28 20:54 - 2024-01-21 19:42 - 000002334 _____ C:\Users\Jacob\Desktop\Jacob - Chrome.lnk 2026-03-28 20:54 - 2023-12-24 20:58 - 000002675 _____ C:\Users\Jacob\Desktop\Snapchat.lnk 2026-03-28 20:53 - 2023-05-15 11:35 - 000000000 ____D C:\Users\Jacob\AppData\Local\RuneLite 2026-03-28 20:52 - 2024-04-01 03:24 - 000000000 ____D C:\WINDOWS\INF 2026-03-28 20:52 - 2023-05-15 10:59 - 000000000 ____D C:\Users\Jacob\AppData\Local\Packages 2026-03-28 20:52 - 2023-05-15 10:59 - 000000000 ____D C:\ProgramData\Packages 2026-03-28 19:48 - 2025-03-08 12:10 - 000000000 ____D C:\Users\Jacob 2026-03-28 17:17 - 2023-05-15 10:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2026-03-28 13:44 - 2023-06-09 13:17 - 000000000 ____D C:\Users\Jacob\AppData\Local\CrashDumps 2026-03-28 13:42 - 2025-06-30 13:06 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2026-03-27 19:39 - 2025-02-06 02:31 - 000000000 ___DC C:\WINDOWS\Panther 2026-03-27 18:32 - 2025-03-08 12:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2026-03-26 04:56 - 2023-05-15 10:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2026-03-26 00:47 - 2023-05-15 11:07 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2026-03-26 00:47 - 2023-05-15 11:07 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2026-03-25 23:00 - 2023-05-25 01:38 - 000000000 ____D C:\Program Files\TeamViewer 2026-03-24 15:21 - 2025-03-04 22:16 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2026-03-24 15:21 - 2025-03-04 22:16 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk 2026-03-23 19:01 - 2025-03-08 12:13 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2459745976-1025811126-4102104030-1001 2026-03-23 19:01 - 2025-03-08 12:13 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2459745976-1025811126-4102104030-1001 2026-03-23 19:01 - 2025-03-08 12:13 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2026-03-23 19:01 - 2023-05-16 14:14 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2026-03-23 19:01 - 2023-05-15 11:36 - 000002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2026-03-19 19:41 - 2024-07-06 19:36 - 000000000 ____D C:\Users\Jacob\AppData\Local\AMD_Common 2026-03-18 17:42 - 2023-05-16 19:54 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Zoom 2026-03-18 15:38 - 2023-09-07 21:35 - 000000000 ____D C:\Users\Jacob\AppData\Local\Discord 2026-03-18 05:30 - 2025-03-08 12:13 - 000004254 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2459745976-1025811126-4102104030-1001 2026-03-18 05:30 - 2024-10-06 14:50 - 000001951 _____ C:\Users\Jacob\Desktop\Zoom Workplace.lnk 2026-03-17 14:38 - 2025-03-08 12:13 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2026-03-16 16:06 - 2023-05-23 15:31 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Word 2026-03-16 15:40 - 2024-08-28 21:29 - 000000000 ____D C:\Program Files (x86)\Jagex Launcher 2026-03-16 15:40 - 2023-05-15 11:34 - 000000000 ____D C:\Users\Jacob\AppData\Local\Jagex Launcher 2026-03-16 15:39 - 2025-03-08 12:18 - 000836650 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2026-03-16 15:39 - 2024-04-08 17:53 - 000000000 ____D C:\ProgramData\EA Desktop 2026-03-16 15:38 - 2025-03-19 04:01 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\asus_framework 2026-03-16 15:38 - 2023-08-01 20:58 - 000002247 _____ C:\Users\Jacob\Desktop\Discord.lnk 2026-03-16 15:38 - 2023-08-01 20:58 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\discord 2026-03-16 06:17 - 2025-03-08 12:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2026-03-16 06:17 - 2025-03-08 12:12 - 000005694 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2026-03-16 06:17 - 2025-03-08 12:09 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2026-03-16 06:17 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\ServiceState 2026-03-16 06:17 - 2023-05-15 10:53 - 001205104 _____ () C:\WINDOWS\system32\wpbbin.exe 2026-03-16 06:17 - 2023-05-15 10:53 - 001157088 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2026-03-16 06:17 - 2023-05-15 10:53 - 000012288 ___SH C:\DumpStack.log.tmp 2026-03-16 06:17 - 2023-05-15 10:53 - 000000000 ____D C:\ProgramData\NVIDIA 2026-03-16 06:16 - 2025-03-17 09:52 - 000000000 ____D C:\Program Files\ASUS 2026-03-16 06:16 - 2025-03-08 12:09 - 000482264 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2026-03-16 06:16 - 2024-04-01 03:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2026-03-16 06:16 - 2023-05-15 11:33 - 000000000 ____D C:\Program Files\Microsoft Office 2026-03-16 06:15 - 2024-04-01 04:03 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2026-03-16 06:15 - 2024-04-01 04:03 - 000000000 ____D C:\WINDOWS\InboxApps 2026-03-16 06:15 - 2024-04-01 04:03 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\UUS 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SystemResources 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\setup 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2026-03-16 06:15 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\appcompat 2026-03-16 06:15 - 2024-04-01 03:21 - 000000000 ____D C:\WINDOWS\servicing 2026-03-13 22:06 - 2023-05-23 17:02 - 000000000 ____D C:\Users\Jacob\Desktop\Applications 2026-03-13 00:33 - 2024-04-01 03:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2026-03-13 00:33 - 2024-04-01 03:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2026-03-10 23:29 - 2025-03-08 12:11 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2026-03-10 00:02 - 2023-05-15 12:19 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\lghub 2026-03-08 01:11 - 2025-03-08 12:13 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2026-03-08 01:11 - 2025-03-08 12:13 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2026-03-04 16:23 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2026-03-04 16:10 - 2023-05-15 11:35 - 000000000 ____D C:\Users\Jacob\.runelite 2026-03-04 10:12 - 2023-09-01 16:11 - 000000000 ____D C:\Users\Jacob\AppData\Roaming\G HUB 2026-03-04 10:12 - 2023-05-15 12:19 - 000000000 ____D C:\Users\Jacob\AppData\Local\LGHUB 2026-03-04 07:06 - 2025-12-18 19:33 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT 2026-03-04 07:06 - 2024-04-01 04:03 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2026-03-04 07:06 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\WUModels 2026-03-04 07:06 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2026-03-04 07:06 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\km-KH 2026-03-04 07:06 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\DDFs 2026-03-04 07:06 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\Provisioning ==================== Files in the root of some directories ======== 2026-03-27 15:14 - 2026-03-27 15:14 - 000255400 _____ (360.cn) C:\ProgramData\StreamA32.exe 2023-05-15 12:45 - 2025-02-03 20:57 - 000007610 _____ () C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2026 Ran by Jacob (30-03-2026 21:42:49) Running from C:\Users\Jacob\Desktop Microsoft Windows 11 Pro Version 25H2 26200.8037 (X64) (2025-03-08 16:13:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-2459745976-1025811126-4102104030-500 - Administrators - Disabled) DefaultAccount (S-1-5-21-2459745976-1025811126-4102104030-503 - Limited - Disabled) Guest (S-1-5-21-2459745976-1025811126-4102104030-501 - Limited - Disabled) Jacob (S-1-5-21-2459745976-1025811126-4102104030-1001 - Administrators - Enabled) => C:\Users\Jacob WDAGUtilityAccount (S-1-5-21-2459745976-1025811126-4102104030-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.124 - Advanced Micro Devices, Inc.) Hidden AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.27 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.26.0.0 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.12.1 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{42e5a8d4-8fb0-48a1-9063-fc159c7566a0}) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) Hidden Armoury Crate Service (HKLM\...\Armoury Crate Service) (Version: 6.3.9.0 - ASUSTeK COMPUTER INC.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.16 - tippach engineering) ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.4.7.0 - ASUSTeK COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{58727f8d-1cdf-4f22-8a49-390ca0792831}) (Version: 1.4.7.0 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.6.0.0 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{8d998bca-1552-4762-beae-c6fef377314b}) (Version: 1.6.0.0 - ASUSTeK COMPUTER INC.) Hidden ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.4.7 - ASUSTeK Computer Inc.) ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.05.08 - ASUSTek Computer Inc.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.155 - ASUSTeK Computer Inc.) Hidden Audacity 3.3.3 (HKLM\...\Audacity_is1) (Version: 3.3.3 - Audacity Team) AURA DRAM Component (HKLM\...\{86D4C8A2-DB22-4948-950D-28DD5145F91C}) (Version: 1.1.29 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{f70a8a88-540d-485d-9aa8-001486fb050e}) (Version: 1.1.29 - ASUS) Hidden Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 26.2.10802.3464 - Gen Digital Inc.) Being a DIK - Season 1 (HKLM-x32\...\1181224050_is1) (Version: 0.4.8.14 - GOG.com) Being a DIK - Season 2 (HKLM-x32\...\1551491732_is1) (Version: 0.4.8.14 - GOG.com) Being a DIK: Season 2 - The complete official guide (HKLM-x32\...\1972422227_is1) (Version: 0.4.8.14 - GOG.com) Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 146.1.88.136 - Brave Software Inc) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.01075 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{F4C97B53-97C8-43B6-A6A1-97CE0286BAE0}) (Version: 4.10.01075 - Cisco Systems, Inc.) Hidden Copilot (HKLM-x32\...\Microsoft Copilot) (Version: 146.0.3856.80 - Microsoft Corporation) Dead Space™ 2 (HKLM-x32\...\{C549C2A2-574F-4ABC-933C-BD11D027C16A}) (Version: 1.0.941.0 - Electronic Arts) Discord (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Discord) (Version: 1.0.9229 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.661.0.6174 - Electronic Arts) Hidden EA app (HKLM-x32\...\{c3d1a34e-884e-4029-acbf-94684808334d}) (Version: 13.661.0.6174 - Electronic Arts) ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.57.0 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{aed74e04-f110-4d4d-bcfc-e8e9ad5fc0aa}) (Version: 1.1.57.0 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{c1d017c2-8846-4000-9254-5689eccd462e}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{6730F587-C259-4C4C-A527-F7FF31D970F8}) (Version: 4.2.1 - Epic Games, Inc.) Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - ) Freelancer: HD Edition v0.6 (HKLM-x32\...\{F40FDCDA-3A45-4CC3-9FDA-167EE480A1E0}_is1) (Version: 0.6 - Freelancer: HD Edition Development Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 146.0.7680.165 - Google LLC) HandBrake 1.6.1 (HKLM-x32\...\HandBrake) (Version: 1.6.1 - ) Jagex Launcher (HKLM-x32\...\Jagex Launcher) (Version: 1.2.0.0 - Jagex Ltd) Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.39 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{20c88a0d-98f7-40db-b062-3f319a507889}) (Version: 1.1.39 - KINGSTON COMPONENTS INC.) Hidden Knossos.NET (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Knossos.NET) (Version: 1.2.3 - KnossosNET) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2026.1.828335 - Logitech) Logitech Unifying Software 2.52 (HKLM\...\Logitech Unifying) (Version: 2.52.33 - Logitech) loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden LOOT version 0.26.1 (HKLM\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.26.1 - LOOT Team) Malwarebytes version 5.5.2.242 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.2.242 - Malwarebytes) Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host - 8.0.8 (x64) (HKLM\...\{3BA242F8-BDB5-4096-9FBC-333CD663BBAD}) (Version: 64.32.18380 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.8 (x64) (HKLM\...\{7FE24458-0796-4428-99C2-9A0F8DAB93CC}) (Version: 64.32.18380 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.8 (x64) (HKLM\...\{9ACB23DB-4D32-49ED-A5E3-F4E2F8D9D2AA}) (Version: 64.32.18380 - Microsoft Corporation) Hidden Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.19725.20170 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 146.0.3856.84 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 146.0.3856.84 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 26.035.0222.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\Teams) (Version: 1.7.00.21751 - Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.26.02603 - Microsoft) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM\...\{663E7053-3B36-4AE5-8223-234867FAEAE6}) (Version: 64.32.18376 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM-x32\...\{33832ff3-5583-4b81-b270-d9fd42760e1a}) (Version: 8.0.8.33916 - Microsoft Corporation) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 133.0.3 (x64 en-US)) (Version: 133.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 133.0.3 - Mozilla) MuseScore Studio 4 (HKLM\...\{03CDF685-8D6E-4A8F-BBC7-2A97F0E19C51}) (Version: 4.3.0.241231433 - MuseScore BVBA and Others) NMM (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.88.2 - DuskDweller) NVIDIA App 11.0.5.420 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.420 - NVIDIA Corporation) NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation) NVIDIA Graphics Driver 572.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.16 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation) NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19725.20170 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20244 - Microsoft Corporation) Hidden Parsec (HKLM-x32\...\Parsec) (Version: 150-102b - Parsec Cloud Inc.) Parsec Virtual Display Driver (HKLM\...\ParsecVDD) (Version: 0.45.0.0 - Parsec Cloud Inc.) Parsec Virtual USB Adapter Driver (HKLM\...\ParsecVUD) (Version: 0.3.10.0 - Parsec Cloud Inc.) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden PCSX2 (HKLM\...\{13CEE6E5-8EB3-47D3-882E-E9DBB6A3251C}}_is1) (Version: 2.2.0 - PCSX2 Team) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden REDlauncher (HKLM-x32\...\{26CB5876-63BD-4753-B436-FD5BA65E94E8}) (Version: 3.3.0.18 - CD Projekt RED) Hidden Rick and Morty version 4_2 (HKLM-x32\...\{F32CDB02-560F-4D47-9730-1A7C9FF541B4}_is1) (Version: 4_2 - Ferdafs) ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.02.05 - ASUSTek Computer Inc.) ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 3.4.12.0 - ASUSTek COMPUTER INC.) rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden RuneLite (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\RuneLite Launcher_is1) (Version: 2.6.4 - RuneLite) RyzenMasterSDK (HKLM\...\{8550DA97-C688-45A2-B080-36B97D867DBC}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.10.0 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SumatraPDF (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\SumatraPDF) (Version: 3.5.2 - Krzysztof Kowalczyk) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation) TeamViewer (HKLM\...\TeamViewer) (Version: 15.76.3 - TeamViewer) teVirtualMIDI for Presonus (HKLM-x32\...\{c13c2c35-8a4f-4de2-87c4-c7c3413d61c1}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden teVirtualMIDI64 (HKLM\...\{2F802731-3731-453E-B30B-4381BEED22AC}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden Universal Control (HKLM\...\Universal Control) (Version: 4.1.0.93124 - PreSonus Audio Electronics) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.15.2 - Black Tree Gaming Ltd.) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden WinRAR 7.13 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.13.0 - win.rar GmbH) Xbox 360 Controller Emulator (HKLM\...\{66F1BC10-A109-47A5-918D-61023175C03E}) (Version: 1.0.0.15 - ASUSTek COMPUTER INC.) Hidden Xbox 360 Controller Emulator (HKLM\...\{6B45AA6A-7060-4A48-91B9-A085A897E483}) (Version: 1.0.0.15 - ASUSTek COMPUTER INC.) Hidden Zoom Workplace (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\ZoomUMX) (Version: 6.7.8 (32670) - Zoom Communications, Inc.) Chrome apps: ============ Enjoytown (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\85cea3b23e4d5dfdf9fad681c5287353) (Version: 1.0 - Google\Chrome) Snapchat (HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\85054e945804411c8d6c339ebdff9919) (Version: 1.0 - Google\Chrome) Packages: ========= @{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-25] () AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2025-02-04] (Advanced Micro Devices Inc.) Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.4.10.0_x64__qmba6cd70vzyy [2026-03-07] (ASUSTeK COMPUTER INC.) Bluetooth® Profile Pack -> C:\Program Files\WindowsApps\Microsoft.BluetoothProfilePack_0.23082.3.0_x64__8wekyb3d8bbwe [2025-03-07] (Microsoft Corporation) Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_4.2209.41991.0_x64__8wekyb3d8bbwe [2025-02-04] (Microsoft Corporation) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-14] (Disney) freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_5.3.5.0_x64__ypmq2qh89vmny [2025-07-14] (Turnipsoft) GameSir Nexus -> C:\Program Files\WindowsApps\GuangzhouChickenRunNetwor.16460D2A87234_2.3.4.0_x64__0zmrycy25r4k8 [2026-03-07] (Guangzhou Chicken Run Network Technology Co., Ltd) Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.1121.1848.0_x64__8wekyb3d8bbwe [2026-02-02] (Microsoft Corporation) Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.1121.1848.0_x86__8wekyb3d8bbwe [2026-02-02] (Microsoft Corporation) Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.1121.1848.0_x64__8wekyb3d8bbwe [2026-02-05] (Microsoft Corporation) Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI [2026-03-16] () Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-03-29] () Microsoft 365 companion apps -> C:\Program Files\WindowsApps\Microsoft.M365Companions_2.2511.25000.0_x64__8wekyb3d8bbwe [2025-12-23] (Microsoft Corporation) Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-03-16] () Muse Hub -> C:\Program Files\WindowsApps\Muse.MuseHub_2.0.22.1414_x64__rb9pth70m6nz6 [2024-11-12] (Muse) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-09] (NVIDIA Corp.) OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-03-16] () Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2024-05-23] (Realtek Semiconductor Corp) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2607.106.0_x64__cv1g1gvanyjgm [2026-03-15] (WhatsApp Inc.) [Startup Task] WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2024-07-21] (Microsoft Corp.) WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-24] (Microsoft Corp.) WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-11] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.770.947.0_x64__8wekyb3d8bbwe [2026-02-26] (Microsoft Corp.) WinRAR -> C:\Program Files\WinRAR [2025-10-27] (win.rar GmbH) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2459745976-1025811126-4102104030-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed] CustomCLSID: HKU\S-1-5-21-2459745976-1025811126-4102104030-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jacob\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2459745976-1025811126-4102104030-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2459745976-1025811126-4102104030-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\Jacob\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.26.02603\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-29] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.035.0222.0002\FileSyncShell64.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\nvshext.dll [2025-01-27] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-03-29] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-29] (Malwarebytes Inc -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [MidisrvTransferComplete] => 1 HKLM\...\Drivers32: [midi1] => C:\WINDOWS\system32\wdmaud2.drv [143360 2026-03-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [91648 2026-03-11] (Microsoft Windows -> Microsoft Corporation) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ijmnaogpmpehkcpgbmnkpjkhggkcdcdk\Enjoytown.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ijmnaogpmpehkcpgbmnkpjkhggkcdcdk ShortcutWithArgument: C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_abdndmcckigaeepaljhpcngbfdkbiggb\Snapchat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=abdndmcckigaeepaljhpcngbfdkbiggb ==================== Loaded Modules (Whitelisted) ============= 2025-06-24 18:34 - 2025-02-03 17:17 - 000349184 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node 2024-08-28 21:29 - 2026-03-16 15:40 - 167478784 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\libcef.dll 2024-08-28 21:30 - 2026-03-16 15:40 - 000372736 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\libegl.dll 2024-08-28 21:30 - 2026-03-16 15:40 - 006593536 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\libglesv2.dll 2024-08-28 21:30 - 2026-03-16 15:40 - 004323328 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\vk_swiftshader.dll 2023-05-15 11:35 - 2023-05-09 22:09 - 000192512 _____ () [File not signed] C:\Users\Jacob\AppData\Local\RuneLite\launcher_amd64.dll 2026-03-28 20:53 - 2026-03-28 20:53 - 000139264 _____ () [File not signed] C:\Users\Jacob\AppData\Local\Temp\14870004313314377202rlawt.dll 2026-03-28 20:54 - 2026-03-28 20:54 - 000131072 _____ () [File not signed] C:\Users\Jacob\AppData\Local\Temp\1626274423071851401rlicn_amd64.dll 2026-03-28 20:53 - 2026-03-28 20:53 - 000012800 ____N () [File not signed] C:\Users\Jacob\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-10894218782820000.dll 2026-03-28 20:54 - 2026-03-28 20:54 - 000476672 _____ () [File not signed] C:\Users\Jacob\AppData\Local\Temp\lwjgl-rl\3.3.2+13\x64\lwjgl.dll 2026-03-28 20:54 - 2026-03-28 20:54 - 000364032 _____ () [File not signed] C:\Users\Jacob\AppData\Local\Temp\lwjgl-rl\3.3.2+13\x64\lwjgl_opengl.dll 2026-03-28 20:53 - 2026-03-28 20:53 - 000254464 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Jacob\AppData\Local\Temp\jna-71328959\jna11663854376086840523.dll 2024-05-17 00:06 - 2024-05-17 00:06 - 000126976 ____N (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll 2023-05-15 11:34 - 2023-05-15 11:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll 2023-05-15 11:34 - 2023-05-15 11:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2023-05-15 11:34 - 2023-05-15 11:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll 2023-05-15 11:34 - 2023-05-15 11:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2026-01-08 18:08 - 2026-01-08 18:08 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\plugins\NVIDIA Overlay\MessageBusRouter.dll 2026-01-08 18:08 - 2026-01-08 18:08 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll 2024-08-28 21:29 - 2026-03-16 15:40 - 001143296 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Jagex Launcher\chrome_elf.dll 2026-03-23 10:54 - 2026-03-23 10:54 - 006193048 _____ (Unity Technologies SF -> Parsec) [File not signed] [File is in use] C:\ProgramData\Parsec\parsecd-150-102b.dll 2026-03-12 13:53 - 2026-03-23 10:54 - 006193048 _____ (Unity Technologies SF -> Parsec) [File not signed] C:\Program Files\Parsec\wcam\wcam_0.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Jacob\Desktop\avast_free_antivirus_setup_online.exe:MBAM.Zone.Identifier [116] AlternateDataStreams: C:\Users\Jacob\Desktop\FRST64.exe:MBAM.Zone.Identifier [138] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3628] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ============= BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-15] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\sharepoint.com -> hxxps://pcmorristown-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 05:14 - 2026-03-28 21:03 - 000000875 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 gen-webserver.com www.gen-webserver.com 2023-05-24 20:21 - 2023-05-25 01:36 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Network =========================== (Currently there is no automatic fix for this section.) DNS Servers: 192.168.1.1 Windows Firewall is enabled. Network Binding: ============= Ethernet: Intel(R) Ethernet Controller (3) I225-V -> e2fn.sys Ethernet 2: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 -> vpnva64-6.sys Wi-Fi: RZ608 Wi-Fi 6E 80MHz -> mtkwl6ex.sys ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2) HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0) ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows" HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\StartupApproved\StartupFolder: => "Jagex Launcher.lnk" HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_600DF6E9D922889B25B53D84BC6AD98A" HKU\S-1-5-21-2459745976-1025811126-4102104030-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2AA7AD13-0888-42C9-A621-A5C47E719D9E}] => (Allow) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe (PreSonus Audio Electronics, Inc. -> PreSonus) FirewallRules: [{378DAAC8-92DB-49F6-8E0C-F8B8596C07F8}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (PreSonus Audio Electronics, Inc. -> PreSonus) FirewallRules: [{7EAA6245-0136-4A54-82F3-5A5F014E1EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed] FirewallRules: [{6787439D-2347-4456-9D46-78A1C5455F78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed] FirewallRules: [{4C7F91B4-6A23-4170-A3FA-4B57DEB01035}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{46890FC3-AC22-4E11-8EE3-3A6E66EAFB2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{10E39F2B-6552-416A-9718-AE247E6E34CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{8BA851FE-67F5-4DE2-AA8E-1332DC31A50D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{B335CB14-D494-4A67-AD47-B202E51BBA55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{D6A2B4C1-09F6-480B-A389-49A9FD81C334}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{FC114145-C319-4D4E-90EC-C7367A51CFE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{E6CADCEF-6963-4917-970A-C4C8100DA519}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{A2C1F7F1-C5B9-4F7A-A8F0-9A6D353E4D5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{A0EFD807-9921-484C-977C-246E86B0D7D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => No File FirewallRules: [{A48CD860-124D-49A3-BD72-4F805A7F971E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E539850A-311D-452A-B363-8305483C477F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C8433C9B-0EDC-4601-977E-1717F959E34C}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_2.0.22.1414_x64__rb9pth70m6nz6\Muse.exe (Musecy SM Ltd. -> Muse) FirewallRules: [UDP Query User{62542774-385B-4E5E-8DEB-DDD463BCE610}E:\steamlibrary\steamapps\common\freespace 2\bin\fso-24.0.2\windows\x64_avx\fs2_open_24_0_2_x64_avx.exe] => (Allow) E:\steamlibrary\steamapps\common\freespace 2\bin\fso-24.0.2\windows\x64_avx\fs2_open_24_0_2_x64_avx.exe (Volition Inc.) [File not signed] FirewallRules: [TCP Query User{669C522D-18CD-4D43-B228-3F3D097F28F8}E:\steamlibrary\steamapps\common\freespace 2\bin\fso-24.0.2\windows\x64_avx\fs2_open_24_0_2_x64_avx.exe] => (Allow) E:\steamlibrary\steamapps\common\freespace 2\bin\fso-24.0.2\windows\x64_avx\fs2_open_24_0_2_x64_avx.exe (Volition Inc.) [File not signed] FirewallRules: [UDP Query User{91D02324-BF66-4E26-AC57-9CC4F1539FCB}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{1D5CBD9D-1251-4AFE-92FE-9EA9DAE23B31}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.) FirewallRules: [{72F1D09D-161D-471D-89C8-19E835BF3102}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED) FirewallRules: [{74A1FBF3-5C38-40A7-A0DE-6996139CA10C}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED) FirewallRules: [{50CEF8C8-F7ED-4DD6-B3B5-87BD5CCD1FAC}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe (Aspyr Media, Inc. -> Lucas Arts, Inc.) FirewallRules: [{C5286A6C-9221-4173-B687-22D694C88357}] => (Allow) D:\SteamLibrary\steamapps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe (Aspyr Media, Inc. -> Lucas Arts, Inc.) FirewallRules: [{B231BC19-0826-4FBD-99E9-57D77A3E0FBE}] => (Allow) E:\Dead Space 2\deadspace2.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{3C0A8F53-6D27-4194-8665-31E03737223F}] => (Allow) E:\Dead Space 2\deadspace2.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [UDP Query User{5B07610D-F873-45DF-97C0-CEB8CA6B2325}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{A63A2BF1-DCCA-41B0-905E-8FD1B51F928C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{5CA76714-1105-4CC5-9C15-933227040240}] => (Allow) E:\SteamLibrary\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed] FirewallRules: [{2E810699-9447-42E7-90E4-810BEFB7B641}] => (Allow) E:\SteamLibrary\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed] FirewallRules: [UDP Query User{3645A873-B0C1-47A9-87C4-95FC1BC704EC}E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [TCP Query User{DDD9ACFB-BEB0-45DA-AF3B-ED54A80DA852}E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [UDP Query User{99B95173-9691-4F05-81C8-C182086EAE6C}E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [TCP Query User{8FBE7975-6CE5-4A67-9485-4C166E745084}E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) E:\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [UDP Query User{65D1F89D-9EFE-4B0F-87F7-9F67511E2A0F}E:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) E:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe () [File not signed] FirewallRules: [TCP Query User{504B8E9B-7342-4C1C-ACEF-4E0A8FA458F0}E:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) E:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe () [File not signed] FirewallRules: [{D427CB42-190A-4355-99EA-149E4FA8331D}] => (Allow) E:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed] FirewallRules: [{94BA15D6-FF1B-404E-ABB3-8B4CFD7D308C}] => (Allow) E:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed] FirewallRules: [{611ACEEE-5F90-49C0-9729-98B3969B8631}] => (Allow) D:\SteamLibrary\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{D7A1950F-C5B0-4AA4-B693-A7FA08D40FDC}] => (Allow) D:\SteamLibrary\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{7257987D-4AE2-4079-B273-3083D3EC080A}] => (Allow) E:\SteamLibrary\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed] FirewallRules: [{10431702-67A9-4C1B-8EB6-69411BAAC4A4}] => (Allow) E:\SteamLibrary\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed] FirewallRules: [{50610F94-FEB8-49FC-890A-3A193148E68D}] => (Allow) C:\Users\Jacob\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Communications, Inc. -> Zoom Communications, Inc.) FirewallRules: [{56C6A0DC-D6F5-4E67-82E1-CA8CD476FE6A}] => (Allow) C:\Users\Jacob\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{34D912D7-AA43-4FB1-A78F-36096163A2D2}] => (Allow) C:\Users\Jacob\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{F6FD15F6-F302-41DD-B2AF-B5265C96C776}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{63D54043-0C9E-429E-8EEB-29C5EAD7A390}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{44602368-061E-46FD-8031-29604C62FC1B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{25110456-104E-44E0-AD52-109ED8800684}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{5B70C8B0-576B-4C8F-BDE2-051BD2A99673}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{55A4ADE0-B70A-4D0C-9BCF-9F56C56564D4}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{1FDD7104-24AE-4EBF-B483-0C3CAF26DCA7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25045.406.3471.2143_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5D88A70A-DF76-476B-8990-9994EDCB0402}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25045.406.3471.2143_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3CC9D2DB-AB5D-45A2-BECE-83FCBD4D2FF2}] => (Allow) C:\Users\Jacob\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File FirewallRules: [{F9773A53-57AE-472E-875F-E84A6E489C70}] => (Allow) C:\Users\Jacob\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File FirewallRules: [{AD5AADD6-D8DC-45BA-9EAC-63A37344CAD0}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed] FirewallRules: [{038B5C1A-5DA8-4A3F-946C-1796F92B820D}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed] FirewallRules: [{0CBE26EF-2B70-4468-B069-7EB91F4240F1}] => (Allow) E:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed] FirewallRules: [{327028D1-2FEF-4EBD-9E43-CDB918ECE0A6}] => (Allow) E:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed] FirewallRules: [{1C3C7180-2862-4487-8A09-D36EAE23182B}] => (Allow) D:\SteamLibrary\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe (Traveller's Tales (UK) Ltd) [File not signed] FirewallRules: [{38FFF349-AC1C-4F39-86D2-1AC335C53B3D}] => (Allow) D:\SteamLibrary\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe (Traveller's Tales (UK) Ltd) [File not signed] FirewallRules: [TCP Query User{9D1FBECA-D67E-476A-8490-21F2B98A9E91}C:\program files\electronic arts\ea desktop\ea desktop\eacefsubprocess.exe] => (Allow) C:\program files\electronic arts\ea desktop\ea desktop\eacefsubprocess.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{58F4F713-F395-4298-96C1-2F43F6D7F914}C:\program files\electronic arts\ea desktop\ea desktop\eacefsubprocess.exe] => (Allow) C:\program files\electronic arts\ea desktop\ea desktop\eacefsubprocess.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{8D4A5E35-4FC4-4AEE-A910-F32CE89F619B}] => (Allow) E:\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe => No File FirewallRules: [{EF3A588B-8AA1-45FE-A327-288D1AD0536C}] => (Allow) E:\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe => No File FirewallRules: [{7CB3C0AB-F7B9-4040-9C66-F18088F8038B}] => (Allow) E:\STAR WARS Battlefront II\starwarsbattlefrontii.exe => No File FirewallRules: [{FC015B29-1363-415B-9AF4-DFFEF193E805}] => (Allow) E:\STAR WARS Battlefront II\starwarsbattlefrontii.exe => No File FirewallRules: [{483A938E-30FF-4ED2-937C-1DF7605858BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CC6C7638-07C5-4C70-869D-9005099DAC07}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0AB2B158-E64E-4531-9C43-BE73A6301930}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DB714AF6-ABC6-4A53-ABF6-995F6422C3A7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{312CCC57-1CD6-4C06-85AE-75466E29EB14}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [TCP Query User{BD50F504-1AC1-41DA-AFD7-F52B6661BD96}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{BB061482-C1F1-4F3F-8233-277FA8912B6B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{D1EA832A-903C-41D0-A512-20DE283657B3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{AD18997D-D060-4EC3-992E-6AC15449979A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{2D496677-E974-4F28-9991-18C69E9B68EB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F42967F0-FA1C-4B35-9861-44140B984B22}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4E286742-2AC7-4809-8ADA-1E5C1BBE5E43}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{3F9B3206-934E-4067-8654-2ABFA06351CB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{6493ECEB-F15D-42C1-89D1-17CDE6E688D1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{ABF60CE0-0DEA-41A3-8F3B-05BC1A5F3625}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{6F4B849E-CA77-4646-8657-0CC7D89AB7F6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A03C18D6-773B-4CA5-A61A-3D2A356CFD43}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F5060F24-E7EC-4A90-A95D-8DC67DA58572}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{629526C0-8C82-4479-93F4-65CB1B2AFD27}E:\steamlibrary\steamapps\common\the witcher 3\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 3\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe () [File not signed] FirewallRules: [UDP Query User{D1967781-A87A-4E44-884B-4FE11CC4A240}E:\steamlibrary\steamapps\common\the witcher 3\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 3\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe () [File not signed] FirewallRules: [{8EC23C21-D29E-4328-9948-8F8150042EBB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{B41C55AB-ED76-47BC-A508-6608A8B04650}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E53DB3E1-11BE-4025-97E3-FFCCA0DBE318}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{0098D00B-18C1-46A4-A2A0-6C98BC11E894}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{78A5A757-DF7D-4BE5-B3BB-85A84CCBFE3B}] => (Allow) E:\SteamLibrary\steamapps\common\War Thunder\beac_wt_mlauncher.exe (Gaijin Entertainment) [File not signed] FirewallRules: [{C52D1B16-C6DD-4A04-8966-6731FC0A1697}] => (Allow) E:\SteamLibrary\steamapps\common\War Thunder\beac_wt_mlauncher.exe (Gaijin Entertainment) [File not signed] FirewallRules: [{3BA814B1-55D5-44F4-B371-EB12D86F8D92}] => (Allow) E:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin) FirewallRules: [{054DF72C-B6FB-4E63-89C5-FAFC19A70F41}] => (Allow) E:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin) FirewallRules: [{E49B46A4-2D42-4982-8E93-EEA5417FA6BD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9B36F8C2-8E31-4CA2-8623-836C9D66A590}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{C2E1D359-CAED-4706-BCA4-AA51AC6F171F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{BF21D8BE-EE72-4BCB-97DD-2317D0385107}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F4BAD61B-749D-4D7F-B9F5-822C19053CEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8F032ADF-2163-4A87-893E-C505CEDE67F4}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{C2C9DD63-FA1C-4492-989D-0F278997CC0A}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{D3C99813-C5BF-4DDD-B8ED-EC1600BF107C}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Unity Technologies SF -> Parsec) [File not signed] FirewallRules: [{31F17F96-E0A7-4C3E-850F-6E300B17FA87}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{1F457E6C-B96E-4D3D-A88D-B7A4FEB219F6}] => (Allow) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EE010B27-1945-43F9-88DA-21DF3E14E26D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E54BF610-120A-4D55-9B69-E3F2E527CAC3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{2B13F842-7276-4B63-9DB9-DD905A05F1A5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{80E587AE-F120-4A06-9094-53CAD7D33474}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{0B0BDDDB-05BB-47A4-B000-C7847CB95BFB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{34FC8B0B-E7AA-4F9A-971A-0E25B58FBC20}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.) FirewallRules: [{F4073536-F496-4659-A26B-6E608658167A}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.) ==================== Restore Points ========================= 25-03-2026 18:13:25 Windows Update 30-03-2026 20:58:06 Windows Update ==================== Faulty Device Manager Devices ============ Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ======================== Application errors: ================== Error: (03/28/2026 01:44:23 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-D1L7NF6) Description: Faulting application name: EACefSubProcess.exe, version: 13.661.0.6174, time stamp: 0x69b05284 Faulting module name: KERNELBASE.dll, version: 10.0.26100.7920, time stamp: 0x0cc2a083 Exception code: 0xe0000008 Fault offset: 0x00000000000c73fa Faulting process id: 0x9f1c Faulting application start time: 0x1dcb57c96051a02 Faulting application path: C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 2e1130ec-1944-4246-a33a-10bd0b086a42 Faulting package full name: Faulting package-relative application ID: Error: (03/28/2026 01:44:23 PM) (Source: Application Error) (EventID: 1000) (User: Window Manager) Description: Faulting application name: dwm.exe, version: 10.0.26100.7920, time stamp: 0x5188d5ef Faulting module name: dwmcore.dll, version: 10.0.26100.7920, time stamp: 0xd11c934e Exception code: 0xc00001ad Fault offset: 0x000000000019ec54 Faulting process id: 0xcc60 Faulting application start time: 0x1dcbeda35a36098 Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\system32\dwmcore.dll Report Id: 64e6e143-178c-44df-b004-f5ccdde37cba Faulting package full name: Faulting package-relative application ID: Error: (03/28/2026 01:42:10 PM) (Source: Application Error) (EventID: 1000) (User: Window Manager) Description: Faulting application name: dwm.exe, version: 10.0.26100.7920, time stamp: 0x5188d5ef Faulting module name: dwmcore.dll, version: 10.0.26100.7920, time stamp: 0xd11c934e Exception code: 0xc00001ad Fault offset: 0x000000000019ec54 Faulting process id: 0x27a4 Faulting application start time: 0x1dcbeda0d4a6e70 Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\system32\dwmcore.dll Report Id: e7f3da68-bfc6-4bd9-bc62-ccbe2fa7ee7e Faulting package full name: Faulting package-relative application ID: Error: (03/28/2026 01:41:02 PM) (Source: Application Error) (EventID: 1000) (User: Window Manager) Description: Faulting application name: dwm.exe, version: 10.0.26100.7920, time stamp: 0x5188d5ef Faulting module name: dwmcore.dll, version: 10.0.26100.7920, time stamp: 0xd11c934e Exception code: 0xc00001ad Fault offset: 0x000000000019ec54 Faulting process id: 0x1394 Faulting application start time: 0x1dcbeda0b6cc3a0 Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\system32\dwmcore.dll Report Id: f86a2870-dc78-4b78-a92a-67a3aefe27dd Faulting package full name: Faulting package-relative application ID: Error: (03/28/2026 01:33:43 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-D1L7NF6) Description: Faulting application name: chrome.exe, version: 146.0.7680.165, time stamp: 0x69bdd92e Faulting module name: KERNELBASE.dll, version: 10.0.26100.7920, time stamp: 0x0cc2a083 Exception code: 0xe0000008 Fault offset: 0x00000000000c73fa Faulting process id: 0xac94 Faulting application start time: 0x1dcbed8eff1429b Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 8716ea60-b4fb-4584-be1f-03c9b3e3e0e2 Faulting package full name: Faulting package-relative application ID: Error: (03/27/2026 07:37:58 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY) Description: Faulting application name: MoUsoCoreWorker.exe, version: 1507.2601.30012.0, time stamp: 0xe8c9d7a7 Faulting module name: ucrtbase.dll, version: 10.0.26100.7623, time stamp: 0x53a0792e Exception code: 0xc0000409 Fault offset: 0x00000000000a4ace Faulting process id: 0xa61c Faulting application start time: 0x1dcbe42b53ab55b Faulting application path: C:\WINDOWS\uus\packages\preview\AMD64\MoUsoCoreWorker.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: bd16b127-04d4-4451-958f-476df5d60b25 Faulting package full name: Faulting package-relative application ID: Error: (03/27/2026 07:04:11 PM) (Source: ESENT) (EventID: 482) (User: ) Description: qmgr.dll (46700,D,19,0) QmgrDatabaseInstance: An attempt to write to the file "C:\ProgramData\Microsoft\Network\Downloader\qmgr.db" at offset 1310720 (0x0000000000140000) for 0 (0x00000000) bytes failed after 0.000 seconds with system error 1224 (0x000004c8): "The requested operation cannot be performed on a file with a user-mapped section open. ". The write operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (03/27/2026 07:04:11 PM) (Source: ESENT) (EventID: 482) (User: ) Description: qmgr.dll (46700,D,19,0) QmgrDatabaseInstance: An attempt to write to the file "C:\ProgramData\Microsoft\Network\Downloader\qmgr.db" at offset 1310720 (0x0000000000140000) for 0 (0x00000000) bytes failed after 0.000 seconds with system error 1224 (0x000004c8): "The requested operation cannot be performed on a file with a user-mapped section open. ". The write operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup. System errors: ============= Error: (03/30/2026 09:37:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Nahimic service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service. Error: (03/30/2026 09:37:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The EABackgroundService service terminated unexpectedly. It has done this 1 time(s). Error: (03/27/2026 11:10:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9MV0B5HZVK9Z-Microsoft.GamingApp. Error: (03/26/2026 06:20:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9MV0B5HZVK9Z-Microsoft.GamingApp. Error: (03/24/2026 05:38:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9MV0B5HZVK9Z-Microsoft.GamingApp. Error: (03/22/2026 05:35:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9MV0B5HZVK9Z-Microsoft.GamingApp. Error: (03/22/2026 02:35:19 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (03/20/2026 04:47:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9MV0B5HZVK9Z-Microsoft.GamingApp. Windows Defender: ================ Date: 2026-03-28 19:57:27 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\AppData\Local\Temp\Pah\Mebe.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 19:48:46 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\Degoho\Baku.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 19:26:10 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\Teje\Xoko.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 18:39:27 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\AppData\Roaming\Lebete\Xevu.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 18:37:21 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\ProgramData\Lubojazi\Bifoxada.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Event[0] Date: 2026-03-28 12:00:02 Description: Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\ProgramData\Cozo\Vabu.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Security intelligence Version: AV: 1.447.49.0, AS: 1.447.49.0, NIS: 1.447.49.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 10:39:20 Description: Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\ProgramData\Kal\Tali.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Security intelligence Version: AV: 1.447.49.0, AS: 1.447.49.0, NIS: 1.447.49.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 10:37:25 Description: Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\Zogumedej\Kinu.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Security intelligence Version: AV: 1.447.49.0, AS: 1.447.49.0, NIS: 1.447.49.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 08:30:12 Description: Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\AppData\Local\Temp\Deqera\Veyilumu.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Security intelligence Version: AV: 1.447.49.0, AS: 1.447.49.0, NIS: 1.447.49.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-28 08:00:45 Description: Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Severe Category: Trojan Path: file:_C:\Users\Jacob\AppData\Local\Temp\Wizosir\Voyozura.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070070 Error description: There is not enough space on the disk. Security intelligence Version: AV: 1.447.49.0, AS: 1.447.49.0, NIS: 1.447.49.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 CodeIntegrity: =============== Date: 2026-03-30 21:43:10 Description: Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume9\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-30 21:40:31 Description: Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files (x86)\Microsoft\EdgeWebView\Application\145.0.3800.97\msedgewebview2.exe) attempted to load \Device\HarddiskVolume9\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1602 05/04/2023 Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B650E-F GAMING WIFI Processor: AMD Ryzen 9 7900X 12-Core Processor Percentage of memory in use: 76% Total physical RAM: 31892.32 MB Available physical RAM: 7384.56 MB Total Virtual: 42449.14 MB Available Virtual: 3019.05 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.38 GB) (Free:0.23 GB) (Model: Samsung SSD 970 EVO 500GB) NTFS Drive d: (HDD 1TB) (Fixed) (Total:931.51 GB) (Free:122.29 GB) (Model: WDC WD10EZEX-00WN4A0) NTFS Drive e: (SSD 2TB) (Fixed) (Total:1863 GB) (Free:181.61 GB) (Model: Samsung SSD 870 QVO 2TB) NTFS Drive f: (Empty Small) (Fixed) (Total:110.52 GB) (Free:6.92 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS \\?\Volume{2453e272-f824-4539-a3f9-e51f9b85f689}\ () (Fixed) (Total:0.77 GB) (Free:0.1 GB) NTFS \\?\Volume{1c9dbd4c-d741-432c-a963-7114ebbbf253}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{ff399e72-0000-0000-0000-40a11b000000}\ () (Fixed) (Total:0.83 GB) (Free:0.44 GB) NTFS \\?\Volume{ff399e72-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS \\?\Volume{9a168dc9-4fd9-4d0d-9766-775d02ff272f}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2633FC0D) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: FF399E72) Partition 1: (Active) - (Size=110.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=848 MB) - (Type=27) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ========================================================== Disk: 3 (Size: 465.8 GB) (Disk ID: F1FA36F5) Partition: GPT. ==================== End of Addition.txt =======================