Notice: _filter_block_template_part_area(): "sidebar" is not a supported wp_template_part area value and has been added as "uncategorized". in /home/ntsnews/public_html/wp-includes/functions.php on line 6131

Notice: _filter_block_template_part_area(): "sidebar" is not a supported wp_template_part area value and has been added as "uncategorized". in /home/ntsnews/public_html/wp-includes/functions.php on line 6131
Ran a .EXE that was very likely to be malware - NTS News

 

Ran a .EXE that was very likely to be malware

Ran a .EXE that was very likely to be malware – posted in Virus, Trojan, Spyware, and Malware Removal Help: Hello! Earlier today I foolishly downloaded a file from a link that was sent to me by a now-known compromised discord account, and then unzipped and ra…

Hello! Earlier today I foolishly downloaded a file from a link that was sent to me by a now-known compromised discord account, and then unzipped and ran the .exe contained within. Immediately my firefox browsers all closed, and so in an attempt to stop whatever was happening I immediately initiated shutdown on my computer followed by a hard-shutdown. Since, I have ran several different antiviruses (Malwarebytes, ADWCleaner, and Hitman Pro) but they found nothing.

I need to be completely sure that my computer is clean of malware, and would greatly appreciate any help to be assured! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-03-2026 Ran by justd (administrator) on PANDACOMP (Micro-Star International Co., Ltd. MS-7D25) (07-03-2026 21:49:22) Running from C:UsersjustdDownloadsFRST64.exe Loaded Profiles: justd Platform: Microsoft Windows 11 Home Version 25H2 26200.7840 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed.

The file will not be moved.) (C:Program Files (x86)Steamsteam.exe ->) (Valve Corp. -> Valve Corporation) C:Program Files (x86)Steambincefcef.win64steamwebhelper.exe <7> (C:Program FilesCorsairCorsair iCUE5 SoftwareiCUE.exe ->) (Corsair Memory, Inc. -> ) C:Program FilesCorsairCorsair iCUE5 Softwarecrashpad_handler.exe <3> (C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMalwarebytes.exe (C:Program FilesMozilla Firefoxfirefox.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMbamBgNativeMsg.exe (C:Program FilesMozilla Firefoxfirefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxplugin-container.exe (C:Program FilesMozilla Firefoxfirefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:Program FilesMozilla Firefoxcrashhelper.exe (Corsair Memory, Inc.

-> Corsair Memory, Inc.) C:Program FilesCorsairCorsair iCUE5 SoftwareiCUE.exe (Discord Inc. -> Discord Inc.) C:UsersjustdAppDataLocalDiscordapp-1.0.9227Discord.exe <6> (explorer.exe ->) () [File not signed] C:UsersjustdDocumentsElder Scrolls OnlineliveAddOnsEssentialHousingToolsEssentialHousingCommunityEssentialHousingCommunity.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDriveOneDrive.exe (explorer.exe ->) (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) C:Program FilesTortoiseSVNbinTSVNCache.exe (explorer.exe ->) (Valve Corp.

-> Valve Corporation) C:Program Files (x86)Steamsteam.exe (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDrive26.026.0209.0004OneDrive.Sync.Service.exe (Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <25> (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCorsair iCUE5 SoftwareCorsairCpuIdService.exe (services.exe ->) (Corsair Memory, Inc.

-> Corsair Memory, Inc.) C:Program FilesCorsairCorsair iCUE5 SoftwareiCUEUpdateService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_af50fdb80983f7bcjhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_524cec1494781ee1OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_e2d833b564372581IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorymewmiprov.inf_amd64_d51901c26227fb29WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:WindowsSysWOW64XtuService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:WindowsSystem32DriverStoreFileRepositorylogi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267logi_lamparray_service.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncHelper.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MidiSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_f55cb1d07ac1033fDisplay.NvContainerNVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp.

-> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_31dd95d009763f70RtkAudUService64.exe <2> (services.exe ->) (THX LTD. -> VisiSonics) C:WindowsSystem32VSSrv.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:Program Files (x86)Common FilesSteamsteamservice.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDrive26.026.0209.0004FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingApp_2602.1001.5.0_x64__8wekyb3d8bbweXboxPcAppFT.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32NgcIso.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32spaceman.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystemAppsMicrosoft.Windows.AppRep.ChxApp_cw5n1h2txyewyCHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystemAppsMicrosoftWindows.Client.CBS_cw5n1h2txyewyAppActions.exe (VSSrv.exe ->) (THX LTD.

-> VisiSonics) C:WindowsSystem32VSHelper.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_31dd95d009763f70RtkAudUService64.exe [3282984 2025-12-11] (Realtek Semiconductor Corp.

-> Realtek Semiconductor) HKLM…Run: [Corsair iCUE5 Software] => C:Program FilesCorsairCorsair iCUE5 SoftwareiCUE Launcher.exe [195224 2026-02-25] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKUS-1-5-19…RunOnce: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [4746640 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) HKUS-1-5-20…RunOnce: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [4746640 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Discord] => C:UsersjustdAppDataLocalDiscordUpdate.exe [1525032 2022-08-08] (Discord Inc.

-> GitHub) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [5760152 2026-01-21] (Valve Corp. -> Valve Corporation) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:Program FilesMozilla Firefoxfirefox.exe" -os-autostart [707200 2026-02-24] (Mozilla Corporation -> Mozilla Corporation) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [4746640 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Essential Housing Community] => C:UsersjustdDocumentsElder Scrolls OnlineliveAddOnsEssentialHousingToolsEssentialHousingCommunityEssentialHousingCommunity.exe [67584 2026-01-10] () [File not signed] HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Battle.net] => C:Program Files (x86)Battle.netBattle.net.exe [1008336 2026-03-03] (Blizzard Entertainment, Inc.

-> Blizzard Entertainment) HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe /StartMinimized (No File) HKLMSoftwareMicrosoftActive SetupInstalled Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:Program FilesGoogleChromeApplicationPlatformExperienceHelperplatform_experience_helper.exe [2026-01-30] (Google LLC -> Google LLC) HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication145.0.7632.160Installerchrmstp.exe [2026-03-06] (Google LLC -> Google LLC) Startup: C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMJ-189GamingMouse.lnk [2023-09-08] ShortcutTarget: MJ-189GamingMouse.lnk -> C:Program Files (x86)MOJOMJ-189 Gaming MouseMJ-189GamingMouse.exe () [File not signed] Startup: C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSend to OneNote.lnk [2025-07-03] ShortcutTarget: Send to OneNote.lnk -> C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) Task: {5165E7E7-034A-4F09-90D1-8893062BB565} – System32TasksGoogleSystemGoogleUpdaterGoogleUpdaterTaskSystem147.0.7703.0{9FC355B2-BFCA-40A2-B5CC-64E3EF571E93} => C:Program Files (x86)GoogleGoogleUpdater147.0.7703.0updater.exe [8495256 2026-02-25] (Google LLC -> Google LLC) Task: {0B4D44C8-F1B5-44EE-A28F-4225B496BE57} – System32TasksIntelIntel Telemetry 2 => C:Program FilesIntelTelemetry 2.0lrio.exe [2064744 2021-01-19] (Intel® Production Software -> Intel Corporation) Task: {C1001DD7-0C90-4C89-8F34-3CEC6E3D2844} – System32TasksMicrosoftOfficeOffice Actions Server => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16ActionsServerActionsServer.exe [16301440 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {85F1F7DD-39CC-438E-81E3-19133778F3DB} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [28604736 2026-02-22] (Microsoft Corporation -> Microsoft Corporation) Task: {312238A6-E03C-4C12-99E2-E90223AED1B8} – System32TasksMicrosoftOfficeOffice Background Push Maintenance => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16opushutil.exe [73568 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {D5E858DD-9702-40E5-8C8A-378CE169FF05} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [28604736 2026-02-22] (Microsoft Corporation -> Microsoft Corporation) Task: {92486C19-10FA-4FFD-BD12-FAB68943D2B9} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [427808 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {5D87200A-6A0C-4102-8169-E745A4BFB4C2} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [427808 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {3AABAD03-6D29-44EA-9AE1-F4E06A4102ED} – System32TasksMicrosoftOfficeOffice Performance Monitor => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16operfmon.exe [1349992 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {3E1C1AB7-EF8B-4835-A5EA-3537FFECFF57} – System32TasksMicrosoftOfficeOffice Startup Maintenance => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16ActionsServerActionsServer.exe [16301440 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} – System32TasksMicrosoftWindowsLocationNotifications => %windir%System32LocationNotificationWindows.exe  (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} – System32TasksMicrosoftWindowsUpdateOrchestratorUSO_UxBroker => %systemroot%system32MusNotification.exe  (No File) Task: {1917A7F4-7DEA-4D02-8517-22B76DE707F8} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3383E4A1-2155-4A6B-9104-0B5A98D2D88A} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4B70FE4B-7983-45E1-B5D7-2EACBB98932B} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {326A4862-9672-4BC2-B875-A5485FCA174A} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6DCF1099-550E-4D2D-82E7-E8E7D3D29642} – System32TasksMozillaFirefox Background Update S-1-5-21-1629956658-336341846-2884959028-1001 308046B0AF4A39CB => C:Program FilesMozilla Firefoxfirefox.exe [707200 2026-02-24] (Mozilla Corporation -> Mozilla Corporation) -> C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38updates308046B0AF4A39CB–MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 –MOZ_LOG_FILE C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38updates308046B0AF4A39CBbackgroundupdate.moz_log –backgroundtask background (the data entry has 6 more characters).

Task: {6A34BA81-1DA8-4AB4-B24F-F55155A60B7A} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [33920 2026-02-24] (Mozilla Corporation -> Mozilla Foundation) Task: {99A6404B-D8E5-426D-BF9D-B944AFF27638} – System32TasksNVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA AppCEFNVIDIA App.exe [3275808 2025-05-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F2E2621C-96A7-404A-AF1F-0AB6E872B0FC} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [4409704 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {22D22241-DB5D-4CCF-9CAC-F095F32D0A84} – System32TasksOneDrive Reporting Task-S-1-5-21-1629956658-336341846-2884959028-1001 => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [4409704 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {FDCBAFF8-0B56-408C-A282-99914BAF5136} – System32TasksOneDrive Startup Task-S-1-5-21-1629956658-336341846-2884959028-1001 => C:Program FilesMicrosoft OneDrive26.026.0209.0004OneDriveLauncher.exe [756072 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {F94622E4-61E7-4B93-86B8-D60DEF1ED3A3} – System32TasksZoomUpdateTaskUser-S-1-5-21-1629956658-336341846-2884959028-1001 => C:UsersjustdAppDataRoamingZoombinZoom.exe [467384 2026-02-27] (Zoom Video Communications, Inc.

-> Zoom Communications, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) TcpipParameters: [DhcpNameServer] 192.168.1.1 Tcpip..Interfaces{e9365dd7-559c-4f2b-8731-9c0e85b6ac3d}: [DhcpNameServer] 192.168.1.1 Tcpip..Interfaces{e9365dd7-559c-4f2b-8731-9c0e85b6ac3d}: [DhcpDomain] teksavvy.com FireFox: ======== FF TaskBarID: 308046B0AF4A39CB -> C:Program FilesMozilla Firefox FF DefaultProfile: 5mftf26n.default-release -> 308046B0AF4A39CB FF ProfilePath: C:UsersjustdAppDataRoamingMozillaFirefoxProfiles6sia71c2.default [2024-11-18] FF ProfilePath: C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-release [2026-03-08] FF Session Restore: MozillaFirefoxProfiles5mftf26n.default-release -> is enabled.

FF Extension: (Dark Reader) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsaddon@darkreader.org.xpi [2026-03-03] FF Extension: (Better Darker Docs) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsbatterdarkerdocs@threethan.github.io.xpi [2024-11-19] FF Extension: (Black Menu for Google™) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsblack-menu-for-google@carlosjeurissen.com.xpi [2026-03-04] FF Extension: (Enhancer for YouTube™) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsenhancerforyoutube@maximerf.addons.mozilla.org.xpi [2026-02-25] FF Extension: (Streaming enhanced Netflix Disney Prime Video) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsNetflixPrime@Autoskip.io.xpi [2026-01-29] FF Extension: (New Tab) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsnewtab@mozilla.org.xpi [2026-03-03] FF Extension: (Tab Grouper) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionstab-grouper-live@TheNamlessGuy.github.io.xpi [2025-05-03] FF Extension: (uBlock Origin) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsuBlock0@raymondhill.net.xpi [2026-01-31] FF Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-11-18] FF Extension: (Undo Close Tab) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{4853d046-c5a3-436b-bc36-220fd935ee1d}.xpi [2025-06-21] FF Extension: (Purple starfield – Animated) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{5adf2485-4acd-42a8-b04c-1b0a6b03ddd0}.xpi [2024-11-18] FF Extension: (ClearURLs) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{74145f27-f039-47ce-a470-a662b129930a}.xpi [2025-02-15] FF Extension: (Return YouTube Dislike) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2024-11-18] FF Extension: (Adblock Plus – free ad blocker) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2026-02-19] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2026-01-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation) Edge:  ======= Edge DefaultProfile: Default Edge Profile: C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefault [2026-03-07] Edge Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbojobppfploabceghnmlahpoonbcbacn [2026-03-05] Edge Extension: (Google Docs Offline) – C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-01] Edge Extension: (Edge relevant text changes) – C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsjmjflgjpcpepeafmmgdpfkogkghcpiha [2026-01-18] Edge HKLM…EdgeExtension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32…EdgeExtension: [bojobppfploabceghnmlahpoonbcbacn] Chrome:  ======= CHR DefaultProfile: Default CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataDefault [2026-03-07] CHR Notifications: Default -> hxxps://www.facebook.com CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Session Restore: Default -> is enabled.

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2026-03-07] CHR Extension: (Google Docs Offline) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-02] CHR Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2026-03-07] CHR Extension: (Google Docs Dark Mode) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionslgjhepbpjcmfmjlpkkdjlbgomamkgonb [2023-08-29] CHR Extension: (Chrome Web Store Payments) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2022-09-15] CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataGuest Profile [2023-05-10] CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1 [2025-11-09] CHR Notifications: Profile 1 -> hxxps://meet.google.com CHR Extension: (Honey: Automatic Coupons & Rewards) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2025-11-09] CHR Extension: (Google Docs Offline) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-07] CHR Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsihcjicgdanjaechkgeegckofjjedodee [2025-05-07] CHR Extension: (Marsala) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsjjlfmldcaheghnjjpgpoadjfppefjmkj [2023-12-16] CHR Extension: (Chrome Web Store Payments) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2022-09-26] CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataSystem Profile [2026-03-07] CHR HKLM…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) S3 battlenet_helpersvc; C:ProgramDataBattle.net_componentsbattlenet_helpersvcAgentHelper.exe [3386064 2026-02-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [15044872 2023-03-10] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [13270416 2026-02-22] (Microsoft Corporation -> Microsoft Corporation) R3 CorsairCpuIdService; C:Program FilesCorsairCorsair iCUE5 SoftwareCorsairCpuIdService.exe [613528 2026-02-25] (Corsair Memory, Inc.

-> Corsair Memory, Inc.) S3 CorsairDeviceListerService; C:Program FilesCorsairCorsair iCUE5 SoftwareCorsairDeviceListerService.exe [364696 2026-02-25] (Corsair Memory, Inc. -> ) S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [813032 2022-09-17] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:Program Files (x86)EasyAntiCheat_EOSEasyAntiCheat_EOS.exe [959216 2025-06-22] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesUpdater.exe [3328976 2026-01-29] (Epic Games Inc.

-> Epic Games, Inc.) S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.) R3 FileSyncHelper; C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncHelper.exe [3600784 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) S3 GameInputRedistService; C:Program FilesMicrosoft GameInputx64GameInputRedistService.exe [302504 2026-02-12] (Microsoft Corporation -> Windows ® Win 7 DDK provider) R3 iCUEUpdateService; C:Program FilesCorsairCorsair iCUE5 SoftwareiCUEUpdateService.exe [750232 2026-02-25] (Corsair Memory, Inc.

-> Corsair Memory, Inc.) R2 logi_lamparray_service; C:WINDOWSSystem32DriverStoreFileRepositorylogi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267logi_lamparray_service.exe [9903656 2024-04-18] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [11255744 2026-02-22] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:Program FilesMalwarebytesAnti-MalwareMBVpnTunnelService.exe [2788304 2024-12-25] (Malwarebytes Inc.

-> Malwarebytes) R2 MDCoreSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpDefenderCoreService.exe [2067464 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_f55cb1d07ac1033fDisplay.NvContainerNVDisplay.Container.exe [1275544 2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:Program FilesMicrosoft OneDrive26.026.0209.0004OneDriveUpdaterService.exe [3995496 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) S3 ProtonVPN Service; C:Program FilesProtonVPNv4.2.2ProtonVPNService.exe [464624 2025-08-07] (Proton AG -> ProtonVPN) S3 ProtonVPN WireGuard; C:Program FilesProtonVPNv3.4.3ProtonVPN.WireGuardService.exe [466152 2024-11-04] (Proton AG -> ProtonVPN) S3 Rockstar Service; C:Program FilesRockstar GamesLauncherRockstarService.exe [7600104 2025-05-06] (Rockstar Games, Inc.

-> Rockstar Games) R2 VSSrv; C:WINDOWSSystem32VSSrv.exe [3359600 2023-11-23] (THX LTD. -> VisiSonics) R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0NisSrv.exe [4435096 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MsMpEng.exe [290744 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) S3 BTHMODEM; C:WINDOWSSystem32driversbthmodem.sys [110592 2025-01-29] (Microsoft Corporation) [File not signed] R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [47032 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [22968 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) S3 cpuz159; C:WINDOWStempcpuz159cpuz159_x64.sys [44680 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION R3 cpuz160; C:ProgramDataCPUID SoftwaresdkQBAPt2Gq7q [44696 2026-03-08] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD.

-> Samsung Electronics Co., Ltd.) R3 e2fexpress; C:WINDOWSSystem32DriverStoreFileRepositorye2f.inf_amd64_d0d0d2073f0fc12fe2f.sys [536160 2024-05-12] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_GPIO2_ADL; C:WINDOWSSystem32DriverStoreFileRepositoryialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3diaLPSS2_GPIO2_ADL.sys [140960 2022-06-23] (Intel Corporation -> Intel Corporation) R3 IntelGNA; C:WINDOWSSystem32DriverStoreFileRepositorygna.inf_amd64_6f93b7542fd3ead9gna.sys [88656 2023-08-28] (Intel Corporation -> Intel Corporation) R3 KslD; C:WINDOWSSystem32driverswdKslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 logi_lamparray; C:WINDOWSSystem32DriverStoreFileRepositorylogi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267logi_lamparray.sys [98864 2024-04-18] (Logitech Inc -> Logitech, Inc.) R2 mbamchameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [234088 2026-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [22120 2025-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [245864 2026-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ProtonVPNCallout; C:Program FilesProtonVPNv4.2.2ResourcesProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG) S3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [64168 2022-08-18] (Razer USA Ltd.

-> Razer Inc) S3 RzDev_0521; C:WINDOWSSystem32driversRzDev_0521.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc) S3 RzDev_0f19; C:WINDOWSSystem32driversRzDev_0f19.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 sshid; C:WINDOWSSystem32driverssshid.sys [48800 2022-02-24] (SteelSeries ApS -> SteelSeries ApS) S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD.

-> Samsung Electronics Co., Ltd.) S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [21888 2026-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [635272 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [102832 2026-02-10] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:WINDOWSSystem32driverswireguard.sys [489368 2024-11-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-07 21:49 – 2026-03-07 21:49 – 000031052 _____ C:UsersjustdDownloadsFRST.txt 2026-03-07 21:40 – 2026-03-07 21:49 – 000000000 ____D C:FRST 2026-03-07 21:39 – 2026-03-07 21:39 – 002445824 _____ (Farbar) C:UsersjustdDownloadsFRST64.exe 2026-03-07 20:49 – 2026-03-07 20:49 – 009633776 _____ (Malwarebytes) C:UsersjustdDownloadsadwcleaner.exe 2026-03-07 20:49 – 2026-03-07 20:49 – 000000000 ____D C:AdwCleaner 2026-03-07 20:42 – 2026-03-07 20:48 – 000000000 ____D C:ProgramDataHitmanPro 2026-03-07 20:42 – 2026-03-07 20:44 – 014701656 _____ (Sophos B.V.) C:UsersjustdDownloadsHitmanPro_x64.exe 2026-03-07 20:13 – 2026-03-07 20:14 – 000000000 ____D C:UsersjustdAppDataRoamingexonautis 2026-03-07 20:13 – 2026-03-07 20:13 – 000002345 _____ C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsExonautis.lnk 2026-03-07 20:13 – 2026-03-07 20:13 – 000000000 ____D C:UsersjustdAppDataLocalexonautis-updater 2026-03-06 11:44 – 2026-03-07 20:14 – 000000000 ____D C:WINDOWSCbsTemp 2026-03-03 15:23 – 2026-03-03 15:23 – 000452984 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingservicesproxy_d.dll.0 2026-03-03 15:23 – 2026-03-03 15:23 – 000000000 ____D C:Program FilesMicrosoft GameInput 2026-03-03 08:29 – 2026-03-03 08:29 – 000000000 ____D C:Program FilesCommon FilesDESIGNER 2026-02-27 08:42 – 2026-02-27 08:42 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom 2026-02-24 15:13 – 2026-02-25 16:52 – 000000000 ____D C:Program FilesMozilla Firefox 2026-02-23 21:07 – 2026-02-24 09:25 – 000000000 _____ C:UsersjustdDocumentsSenalia Map2.0.wonderdraft_map 2026-02-23 20:15 – 2026-02-23 21:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWonderdraft 2026-02-23 20:15 – 2026-02-23 20:15 – 000000907 _____ C:UsersjustdDesktopWonderdraft.lnk 2026-02-23 20:15 – 2026-02-23 20:15 – 000000000 ____D C:UsersjustdAppDataRoamingWonderdraft 2026-02-23 20:15 – 2026-02-23 20:15 – 000000000 ____D C:Program FilesWonderdraft 2026-02-23 20:14 – 2026-02-23 20:14 – 199449720 _____ (Tailwind Games, LLC ) C:UsersjustdDownloadsWonderdraft-1.1.8.2b-Win64.exe 2026-02-22 15:18 – 2026-02-22 15:19 – 000000000 ____D C:UsersjustdAppDataRoaminginkarnate-desktop 2026-02-22 15:18 – 2026-02-22 15:18 – 084379032 _____ (Inkarnate) C:UsersjustdDownloadsInkarnate-latest-windows.exe 2026-02-22 15:18 – 2026-02-22 15:18 – 000000000 ____D C:UsersjustdAppDataLocalinkarnate-desktop-updater 2026-02-14 23:24 – 2026-02-28 15:55 – 000000000 ____D C:UsersjustdAppDataLocalVivox 2026-02-11 17:53 – 2026-02-11 17:53 – 000000000 ____D C:WINDOWSsystem32braille-tables 2026-02-11 16:29 – 2026-03-07 20:14 – 000000000 ____D C:ProgramDataRealtek 2026-02-09 16:32 – 2026-02-09 16:32 – 000085103 _____ C:UsersjustdDownloadsPay Advice-1.PDF ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-07 21:50 – 2024-04-01 00:26 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft 2026-03-07 21:47 – 2022-09-14 23:51 – 000000000 ____D C:Program Files (x86)Steam 2026-03-07 21:44 – 2023-05-12 18:26 – 000000000 ____D C:UsersjustdAppDataLocalMalwarebytes 2026-03-07 21:15 – 2022-09-14 23:48 – 000000000 ____D C:UsersjustdAppDataLocalDiscord 2026-03-07 20:48 – 2024-11-18 13:43 – 000000000 ____D C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2026-03-07 20:44 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSSystemTemp 2026-03-07 20:21 – 2024-08-24 15:16 – 000000000 ____D C:Steam Second Location 2026-03-07 20:15 – 2025-11-27 16:24 – 000000000 ____D C:UsersjustdAppDataLocalBattle.net 2026-03-07 20:15 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSAppReadiness 2026-03-07 20:15 – 2022-09-14 23:48 – 000000000 ____D C:UsersjustdAppDataRoamingdiscord 2026-03-07 20:15 – 2022-09-14 23:36 – 000000000 ___RD C:UsersjustdOneDrive 2026-03-07 20:14 – 2025-01-28 22:51 – 000000006 ____H C:WINDOWSTasksSA.DAT 2026-03-07 20:14 – 2025-01-28 22:50 – 000050662 _____ C:WINDOWSsystem325E37410B-D6F1-471D-AE27-563CEAC0D6B2 2026-03-07 20:14 – 2025-01-28 22:49 – 000000000 ____D C:WINDOWSsystem32SleepStudy 2026-03-07 20:14 – 2025-01-28 20:44 – 000000000 ____D C:Usersjustd 2026-03-07 20:14 – 2024-03-12 18:58 – 000000000 ____D C:UsersjustdAppDataLocalTSVNCache 2026-03-07 20:14 – 2023-11-12 23:42 – 000000000 ____D C:UsersjustdAppDataRoamingNotepad++ 2026-03-07 20:14 – 2022-09-15 00:10 – 000012288 ___SH C:DumpStack.log.tmp 2026-03-07 20:14 – 2022-09-14 23:37 – 000000000 ____D C:ProgramDataNVIDIA 2026-03-07 16:45 – 2024-04-01 00:21 – 000524288 _____ C:WINDOWSsystem32configBBI 2026-03-07 10:21 – 2022-09-14 23:35 – 000000000 ____D C:UsersjustdAppDataLocalD3DSCache 2026-03-07 09:42 – 2025-01-28 22:51 – 000003534 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA 2026-03-07 09:42 – 2025-01-28 22:51 – 000003408 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore 2026-03-06 19:51 – 2023-01-11 10:44 – 000000000 ____D C:UsersjustdAppDataRoamingAvorion 2026-03-06 19:06 – 2023-01-11 10:44 – 000000000 _____ C:UsersjustdAppDataRoamingavoriontestfile 2026-03-06 18:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSServiceState 2026-03-06 15:35 – 2024-04-01 00:26 – 000000000 ___HD C:Program FilesWindowsApps 2026-03-06 14:35 – 2022-12-03 17:54 – 000000000 ____D C:Program Files (x86)Overwatch 2026-03-06 11:45 – 2025-07-22 20:45 – 000000000 ____D C:UsersjustdAppDataRoamingGitKraken 2026-03-06 11:43 – 2025-07-22 20:45 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsGitKraken 2026-03-06 11:43 – 2025-07-22 20:45 – 000000000 ____D C:UsersjustdAppDataLocalgitkraken 2026-03-06 11:43 – 2025-07-22 20:45 – 000000000 ____D C:Usersjustd.gnupg 2026-03-06 11:34 – 2022-09-27 15:06 – 000000000 ____D C:UsersjustdAppDataRoamingparadox-launcher-v2 2026-03-05 18:35 – 2022-09-14 23:42 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk 2026-03-05 18:35 – 2022-09-14 23:42 – 000002206 _____ C:UsersPublicDesktopGoogle Chrome.lnk 2026-03-05 08:09 – 2022-09-14 23:48 – 000002243 _____ C:UsersjustdDesktopDiscord.lnk 2026-03-05 08:08 – 2024-11-22 16:08 – 000000000 ____D C:Program FilesMicrosoft OneDrive 2026-03-04 21:02 – 2022-09-15 00:09 – 000000000 ____D C:UsersjustdAppDataLocalCrashDumps 2026-03-04 20:13 – 2025-02-05 18:20 – 000003546 _____ C:WINDOWSsystem32TasksOneDrive Startup Task-S-1-5-21-1629956658-336341846-2884959028-1001 2026-03-04 20:13 – 2025-01-28 22:51 – 000003592 _____ C:WINDOWSsystem32TasksOneDrive Reporting Task-S-1-5-21-1629956658-336341846-2884959028-1001 2026-03-04 20:13 – 2025-01-28 22:51 – 000003194 _____ C:WINDOWSsystem32TasksOneDrive Per-Machine Standalone Update Task 2026-03-04 20:13 – 2024-11-22 13:12 – 000002023 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk 2026-03-03 15:23 – 2025-05-04 14:16 – 004589944 _____ (Microsoft Corporation) C:WINDOWSsystem32xgameruntime.dll 2026-03-03 15:23 – 2025-05-04 14:16 – 000911736 _____ (Microsoft Corporation) C:WINDOWSsystem32gameplatformservices.dll 2026-03-03 15:23 – 2025-05-04 14:16 – 000289144 _____ (Microsoft Corporation) C:WINDOWSsystem32gamelaunchhelper.dll 2026-03-03 15:23 – 2025-05-04 14:16 – 000260472 _____ (Microsoft Corporation) C:WINDOWSsystem32gameconfighelper.dll 2026-03-03 15:23 – 2025-05-04 14:16 – 000166264 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll 2026-03-03 15:23 – 2025-05-04 14:16 – 000153968 _____ (Microsoft Corporation) C:WINDOWSsystem32xgamehelper.exe 2026-03-03 15:23 – 2025-05-04 14:16 – 000084344 _____ (Microsoft Corporation) C:WINDOWSsystem32xgamecontrol.exe 2026-03-03 15:23 – 2024-04-01 00:24 – 000000000 ____D C:WINDOWSINF 2026-03-03 15:03 – 2025-11-27 16:23 – 000000000 ____D C:Program Files (x86)Battle.net 2026-03-03 08:28 – 2024-11-22 13:09 – 000000000 ____D C:Program FilesMicrosoft Office 2026-03-02 22:11 – 2025-07-22 19:54 – 000000000 ____D C:UsersjustdAppDataRoamingCode 2026-03-02 13:49 – 2022-09-14 23:35 – 000000000 ____D C:UsersjustdAppDataLocalPackages 2026-02-28 13:43 – 2022-09-15 00:10 – 000002440 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk 2026-02-28 13:43 – 2022-09-15 00:10 – 000002278 _____ C:UsersPublicDesktopMicrosoft Edge.lnk 2026-02-27 08:52 – 2023-01-18 10:56 – 000000000 ____D C:UsersjustdAppDataRoamingZoom 2026-02-27 08:42 – 2025-01-28 22:51 – 000004248 _____ C:WINDOWSsystem32TasksZoomUpdateTaskUser-S-1-5-21-1629956658-336341846-2884959028-1001 2026-02-26 16:47 – 2025-06-23 21:09 – 000002155 _____ C:UsersjustdDesktopgrepwin.ini 2026-02-25 17:12 – 2023-09-07 18:18 – 000000000 ____D C:UsersjustdAppDataRoamingCorsair 2026-02-25 17:12 – 2023-09-07 18:18 – 000000000 ____D C:Program FilesCorsair 2026-02-25 16:52 – 2024-11-18 13:43 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service 2026-02-25 08:12 – 2025-01-28 22:51 – 000000000 ____D C:WINDOWSsystem32TasksMozilla 2026-02-25 08:12 – 2024-11-18 13:43 – 000001065 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk 2026-02-24 15:13 – 2025-12-12 17:25 – 000392320 _____ (Mozilla Foundation) C:UsersjustdDesktopFirefox.exe 2026-02-22 11:17 – 2025-07-22 19:54 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsVisual Studio Code 2026-02-22 11:17 – 2022-09-14 23:35 – 000000000 ____D C:ProgramDataPackages 2026-02-13 22:43 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32SecurityHealth 2026-02-11 23:00 – 2025-09-24 16:57 – 001138088 _____ (Windows ® Win 7 DDK provider) C:WINDOWSsystem32GameInputRedist.dll 2026-02-11 23:00 – 2025-09-24 16:57 – 000013696 _____ (Windows ® Win 7 DDK provider) C:WINDOWSSysWOW64GameInputRedist.dll 2026-02-11 17:55 – 2025-01-28 22:48 – 000001623 _____ C:WINDOWSsystem32configVSMIDK 2026-02-11 17:54 – 2025-01-28 22:49 – 000472552 _____ C:WINDOWSsystem32FNTCACHE.DAT 2026-02-11 17:53 – 2025-12-09 22:01 – 000000000 ____D C:WINDOWSsystem32NarratorMCAT 2026-02-11 17:53 – 2025-01-28 20:41 – 000000000 ____D C:WINDOWSInboxApps 2026-02-11 17:53 – 2025-01-28 20:36 – 000000000 ____D C:WINDOWSen-GB 2026-02-11 17:53 – 2024-04-01 01:08 – 000000000 ____D C:WINDOWSsystem32OpenSSH 2026-02-11 17:53 – 2024-04-01 01:08 – 000000000 ____D C:WINDOWSsystem32Microsoft-Edge-WebView 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ___SD C:WINDOWSsystem32F12 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ___RD C:WINDOWSImmersiveControlPanel 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSWUModels 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSUUS 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSSysWOW64setup 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSSysWOW64oobe 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSSysWOW64Dism 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSSystemResources 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32WinMetadata 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32ShellExperiences 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32setup 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32SecureBootUpdates 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32oobe 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32migwiz 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32km-KH 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32Dism 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSsystem32DDFs 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSShellExperiences 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSShellComponents 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSProvisioning 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSBrowserCore 2026-02-11 17:53 – 2024-04-01 00:26 – 000000000 ____D C:WINDOWSbcastdvr 2026-02-11 17:53 – 2024-04-01 00:21 – 000000000 ____D C:WINDOWSservicing 2026-02-11 08:07 – 2022-09-15 01:41 – 000000000 ____D C:WINDOWSsystem32MRT 2026-02-11 08:06 – 2025-01-28 22:51 – 003276288 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PrintConfig.dll 2026-02-11 08:05 – 2022-09-15 01:41 – 221154392 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe 2026-02-09 21:08 – 2022-09-15 00:10 – 000000000 ____D C:WINDOWSsystem32Driverswd 2026-02-07 09:28 – 2025-10-16 21:28 – 000000000 ____D C:ProgramDataWhesvc 2026-02-06 19:31 – 2022-09-14 23:52 – 000245864 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys ==================== Files in the root of some directories ======== 2023-01-11 10:44 – 2026-03-06 19:06 – 000000000 _____ () C:UsersjustdAppDataRoamingavoriontestfile 2025-11-29 21:28 – 2025-11-29 21:28 – 000000048 ____R () C:UsersjustdAppDataLocal119AC2FC90D95AC063B177717B7B3B6 2023-04-08 00:41 – 2023-04-08 00:41 – 000007605 _____ () C:UsersjustdAppDataLocalResmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2026 Ran by justd (07-03-2026 21:50:35) Running from C:UsersjustdDownloads Microsoft Windows 11 Home Version 25H2 26200.7840 (X64) (2025-01-29 16:18:06) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1629956658-336341846-2884959028-500 – Administrators – Disabled) DefaultAccount (S-1-5-21-1629956658-336341846-2884959028-503 – Limited – Disabled) Guest (S-1-5-21-1629956658-336341846-2884959028-501 – Limited – Disabled) justd (S-1-5-21-1629956658-336341846-2884959028-1001 – Administrators – Enabled) => C:Usersjustd WDAGUtilityAccount (S-1-5-21-1629956658-336341846-2884959028-504 – Limited – Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them.

The adware programs should be uninstalled manually.) 7-Zip 24.09 (x64) (HKLM…7-Zip) (Version: 24.09 – Igor Pavlov) 7-Zip 9.20 (x64 edition) (HKLM…{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 – Igor Pavlov) AIDA64 Extreme v6.75 (HKLM-x32…AIDA64 Extreme_is1) (Version: 6.75 – FinalWire Ltd.) Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment) Corsair iCUE5 Software (HKLM…{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.41.42 – Corsair) CurseForge 1.296.4-30607 (HKUS-1-5-21-1629956658-336341846-2884959028-1001…ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.296.4-30607 – Overwolf) Discord (HKUS-1-5-21-1629956658-336341846-2884959028-1001…Discord) (Version: 1.0.9227 – Discord Inc.) Documentation Manager (HKLM…{6894E409-CB60-4A57-A8DA-01E53F497994}) (Version: 23.60.1.2 – Intel Corporation) Hidden Dynamic Application Loader Host Interface Service (HKLM…{FE08EA18-3549-49F1-8F5D-01F176DCE1CC}) (Version: 1.0.0.0 – Intel Corporation) Hidden Epic Games Launcher (HKLM-x32…{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 – Epic Games, Inc.) Epic Online Services (HKLM-x32…{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 – Epic Games, Inc.) EVE Online (HKUS-1-5-21-1629956658-336341846-2884959028-1001…{b9cea6b6-9f99-4a56-9444-9f8d49b5bdc4}) (Version: 2.11.8 – CCP) eve-online (HKUS-1-5-21-1629956658-336341846-2884959028-1001…eve-online) (Version: 1.9.4 – CCP ehf) Exonautis 2.1.1 (HKUS-1-5-21-1629956658-336341846-2884959028-1001…511b6e0-a24a-53b1-8e8e-20ea0549af40) (Version: 2.1.1 – Exonautis) Git (HKLM…Git_is1) (Version: 2.47.1 – The Git Development Community) GitKraken (HKUS-1-5-21-1629956658-336341846-2884959028-1001…gitkraken) (Version: 11.10.0 – GitKraken) Google Chrome (HKLM-x32…Google Chrome) (Version: 145.0.7632.160 – Google LLC) Intel® Chipset Device Software (HKLM…{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 – Intel Corporation) Hidden Intel® Chipset Device Software (HKLM-x32…{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 – Intel® Corporation) Intel® Extreme Tuning Utility (HKLM-x32…{1fcaa377-7547-4e70-a64f-45d58ba73cd6}) (Version: 7.4.2.9 – Intel Corporation) Intel® LMS (HKLM…{6A2335AD-315C-4ADD-BFFC-0C7D0FC8A2B9}) (Version: 1.0.0.0 – Intel Corporation) Hidden Intel® Management Engine Components (HKLM…{11107004-9658-44DB-8E95-2ECAFAE17B7B}) (Version: 1.0.0.0 – Intel Corporation) Hidden Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2201.16.0.2645 – Intel Corporation) Intel® Management Engine Driver (HKLM…{7F7FEA98-7076-40EE-A318-07C48E67385F}) (Version: 1.0.0.0 – Intel Corporation) Hidden Intel® Serial IO (HKLM…{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 – Intel Corporation) Hidden Intel® Serial IO (HKLM…{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 – Intel Corporation) Intel® Wireless Bluetooth® (HKLM-x32…{00004090-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.90.4.1 – Intel Corporation) Intel® Software Installer (HKLM-x32…{6493bd69-f9cb-4069-b7cc-4f9f6f859ff9}) (Version: 23.60.1.2 – Intel Corporation) Hidden Intel® Software Installer (HKLM-x32…{dd9edbc6-abf9-480a-9b86-c0c0c5f0e12d}) (Version: 22.90.1.1 – Intel Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden Malwarebytes version 5.4.8.232 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.8.232 – Malwarebytes) Microsoft .NET Host – 6.0.36 (x64) (HKLM…{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 – Microsoft Corporation) Hidden Microsoft .NET Host – 8.0.3 (x64) (HKLM…{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 – Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver – 6.0.36 (x64) (HKLM…{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 – Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver – 8.0.3 (x64) (HKLM…{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 – Microsoft Corporation) Hidden Microsoft .NET Runtime – 6.0.36 (x64) (HKLM…{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 – Microsoft Corporation) Hidden Microsoft .NET Runtime – 8.0.3 (x64) (HKLM…{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 – Microsoft Corporation) Hidden Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.19725.20126 – Microsoft Corporation) Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 145.0.3800.82 – Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 145.0.3800.82 – Microsoft Corporation) Hidden Microsoft GameInput (HKLM…{9F5D508B-EA43-4FA2-B0B6-8158A389442B}) (Version: 3.2.138.0 – Microsoft Corporation) Microsoft OneDrive (HKLM…OneDriveSetup.exe) (Version: 26.026.0209.0004 – Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM…{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 – Microsoft) Microsoft Update Health Tools (HKLM…{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation) Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime – 11.0.61030 (HKLM…{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime – 11.0.61030 (HKLM…{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime – 11.0.61030 (HKLM-x32…{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime – 11.0.61030 (HKLM-x32…{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime – 12.0.21005 (HKLM…{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime – 12.0.21005 (HKLM…{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime – 12.0.21005 (HKLM-x32…{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime – 12.0.21005 (HKLM-x32…{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) – 14.44.35211 (HKLM-x32…{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 – Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) – 14.44.35211 (HKLM-x32…{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 – Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime – 14.44.35211 (HKLM…{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime – 14.44.35211 (HKLM…{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime – 14.44.35211 (HKLM-x32…{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime – 14.44.35211 (HKLM-x32…{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKUS-1-5-21-1629956658-336341846-2884959028-1001…{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.109.5 – Microsoft Corporation) Microsoft Windows Desktop Runtime – 6.0.36 (x64) (HKLM…{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 – Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime – 6.0.36 (x64) (HKLM-x32…{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 – Microsoft Corporation) Microsoft Windows Desktop Runtime – 8.0.3 (x64) (HKLM…{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 – Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime – 8.0.3 (x64) (HKLM-x32…{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 – Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32…{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 – Microsoft Corporation) Minion (HKUS-1-5-21-1629956658-336341846-2884959028-1001…{Minion}}_is1) (Version: 3.0.12 – Good Game Mods LLC) MJ-189GamingMouse (HKLM-x32…MJ-189GamingMouse_is1) (Version: 1.0 – MOJO LLC) Mozilla Firefox (x64 en-CA) (HKLM…Mozilla Firefox) (Version: 148.0 – Mozilla) Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 132.0.2 – Mozilla) Mumble (client) (HKLM…{8DA03EEA-8A36-4C17-A54F-4330781D461B}) (Version: 1.4.230 – Mumble VoIP) Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 8.6 – Notepad++ Team) NVIDIA App 11.0.3.241 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.3.241 – NVIDIA Corporation) NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 – NVIDIA Corporation) NVIDIA Graphics Driver 560.94 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 – NVIDIA Corporation) NVIDIA PhysX System Software 9.23.1019 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 – NVIDIA Corporation) Obsidian (HKLM…bd400747-f0c1-5638-a859-982036102edf) (Version: 1.8.4 – Obsidian) Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19725.20014 – Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 – Microsoft Corporation) Hidden Overwatch (HKLM-x32…Overwatch) (Version:  – Blizzard Entertainment) Paint.NET (HKLM…{26FEC0F1-9EFD-4DA6-97AB-AEE5969258C3}) (Version: 5.1.11 – dotPDN LLC) Paradox Launcher v2 (HKLM…{E68BBC18-9E69-436B-B20F-E294DE62ECAB}) (Version: 2.3.0 – Paradox Interactive) Proton VPN (HKLM…Proton VPN_is1) (Version: 4.2.2 – Proton AG) pyfa version 2.51.0 (HKLM…{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 2.51.0 – pyfa) Realtek Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9336.1 – Realtek Semiconductor Corp.) REDlauncher (HKLM-x32…{DDAB335A-D2ED-45F8-A921-8597CC411E20}) (Version: 3.4.0.5 – CD Projekt RED) Hidden Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.102.2453 – Rockstar Games) Rockstar Games SDK (HKLM-x32…Rockstar Games Social Club) (Version: 2.4.0.77 – Rockstar Games) Sid Meier's Civilization IV: Realism: Invictus (HKLM-x32…Realism Invictus) (Version:  – ) Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation) The Elder Scrolls Online (HKLM-x32…The Elder Scrolls Online) (Version: 2.6.3.2901765 – Zenimax Online Studios) THX V3 APO Presets (HKLM…{18F08353-B391-408A-B879-679EE198E391}) (Version: 3.0.36.1 – THX) Hidden THX V3 APO Presets (HKLM-x32…{7d6550d7-c653-4505-a9f5-1d06c514976d}) (Version: 3.0.36.1 – THX) Hidden TortoiseSVN 1.14.6.29673 (64 bit) (HKLM…{94D65B56-F9EE-48AE-A96C-83D4CD913BC5}) (Version: 1.14.29673 – TortoiseSVN) UE Prerequisites (x64) (HKLM…{90BFD504-ACB6-4FC9-9BA5-964FA4CB76C0}) (Version: 1.0.18.0 – Epic Games, Inc.) Hidden UE Prerequisites (x64) (HKLM-x32…{2c4a7cc2-986f-41a8-a4d3-86c8177f87cf}) (Version: 1.0.18.0 – Epic Games, Inc.) Hidden Vortex (HKLM…57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.15.2 – Black Tree Gaming Ltd.) Wonderdraft version 1.1.8.2 (HKLM…Wonderdraft_is1) (Version: 1.1.8.2 – Tailwind Games, LLC) Zoom Workplace (HKUS-1-5-21-1629956658-336341846-2884959028-1001…ZoomUMX) (Version: 6.6.11 (23272) – Zoom Communications, Inc.) Packages: ========= @{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:WINDOWSSystemAppsSxSMicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] () AppUp.IntelGraphicsExperience -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-10] (INTEL CORP) [Startup Task] ARK: Survival Evolved -> C:Program FilesWindowsAppsStudioWildcard.4558480580BB9_1.212.962.2_x64__1w2mm55455e38 [2023-11-25] (Studio Wildcard) Disney+ -> C:Program FilesWindowsAppsDisney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-11] (Disney) Local AI Manager for Microsoft 365 -> C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16AI [2026-03-03] () Malwarebytes Anti-Malware -> C:Program FilesMalwarebytesAnti-Malware [2026-02-22] () Microsoft Defender -> C:Program FilesWindowsAppsMicrosoft.6365217CE6EB4_102.2409.21002.0_x64__8wekyb3d8bbwe [2024-11-30] (Microsoft Corporation) [Startup Task] Microsoft Family -> C:Program FilesWindowsAppsMicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.) Microsoft.Office.ActionsServer -> C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16ActionsServer [2026-03-03] () Minecraft for Windows -> C:Program FilesWindowsAppsMICROSOFT.MINECRAFTUWP_1.26.301.0_x64__8wekyb3d8bbwe [2026-03-02] (Microsoft Studios) Minecraft Launcher -> C:Program FilesWindowsAppsMicrosoft.4297127D64EC6_2.5.2.0_x64__8wekyb3d8bbwe [2026-01-18] (Microsoft Studios) Minecraft: Java Edition -> C:Program FilesWindowsAppsMicrosoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2026-01-18] (Microsoft Studios) MSI Center -> C:Program FilesWindowsApps9426MICRO-STARINTERNATION.MSICenter_2.0.66.0_x64__kzh8wxbdkxb8p [2026-02-05] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] Notepad++ -> C:Program FilesNotepad++contextMenu [2024-01-08] (Notepad++) NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-08] (NVIDIA Corp.) OfficePushNotificationsUtility -> C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16 [2026-03-03] () OneNote Virtual Printer -> C:Program FilesWindowsAppsMicrosoft.Office.OneNoteVirtualPrinter_1.0.0.0_x64__8wekyb3d8bbwe [2025-05-11] (Microsoft Corporation) Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.53.374.0_x64__dt26b99r8h8gj [2025-11-11] (Realtek Semiconductor Corp) SpotifyAB.SpotifyMusic -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0 [2026-02-27] (Spotify AB) [Startup Task] TortoiseSVN -> C:Program FilesTortoiseSVN [2024-03-13] () Visual Studio Code -> C:UsersjustdAppDataLocalProgramsMicrosoft VS Code72586267eappx [2026-02-22] () WinAppRuntime.Main.1.5 -> C:Program FilesWindowsAppsMicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.) WinAppRuntime.Singleton -> C:Program FilesWindowsAppsMicrosoftCorporationII.WinAppRuntime.Singleton_8000.770.947.0_x64__8wekyb3d8bbwe [2026-02-26] (Microsoft Corp.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) CustomCLSID: HKUS-1-5-21-1629956658-336341846-2884959028-1001_ClassesCLSID{04271989-C4D2-10A4-7DDF-A12A1E387B80} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKUS-1-5-21-1629956658-336341846-2884959028-1001_ClassesCLSID{50726f74-6f6e-2e56-504e-000000000000}localserver32 -> C:Program FilesProtonVPNv3.4.3ProtonVPN.exe (Proton AG -> ) CustomCLSID: HKUS-1-5-21-1629956658-336341846-2884959028-1001_ClassesCLSID{DFF20505-B08F-455B-AD70-4FBD055088E0}localserver32 -> C:Program FilesGoogleChromeApplicationPlatformExperienceHelperplatform_experience_helper.exe (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2026-02-22] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_f55cb1d07ac1033fnvshext.dll [2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2026-02-22] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed.

The file will not be moved.) HKLM…Drivers32: [MidisrvTransferComplete] => 1 HKLM…Drivers32: [midi1] => C:Windowssystem32wdmaud2.drv [126976 2026-02-11] (Microsoft Windows -> Microsoft Corporation) HKLM…Drivers32: [midi1] => C:WindowsSysWOW64wdmaud2.drv [78848 2026-02-11] (Microsoft Windows -> Microsoft Corporation) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsBattleScribeBattleScribe Help.lnk -> hxxp://www.battlescribe.net/?tab=hel ShortcutWithArgument: C:UsersjustdAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts69639df789022856Megan – Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============= 2024-11-22 13:10 – 2024-11-22 13:10 – 000000000 ____L (Microsoft Corporation) [symlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunAppvIsvSubsystems64.dll] C:Program FilesMicrosoft OfficerootOffice16AppVIsvSubsystems64.dll 2024-11-22 13:10 – 2024-11-22 13:10 – 000000000 ____L (Microsoft Corporation) [symlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunC2R64.dll] C:Program FilesMicrosoft OfficerootOffice16c2r64.dll 2025-05-25 10:52 – 2025-05-25 10:52 – 000000000 ____L (NVIDIA Corporation) [symlink -> C:Program FilesNVIDIA CorporationNVIDIA AppMessageBusNvMessageBusBroadcast.dll] C:Program FilesNVIDIA CorporationNvContainerpluginsLocalSystemNvMessageBusBroadcast.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk:BE32D07BC5 [3434] AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk:C5D586BE93 [3434] AlternateDataStreams: C:UsersPublicShared Files:VersionCache [2996] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ============= BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2026-01-31] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-06-05 05:08 – 2021-06-05 05:08 – 000000824 _____ C:WINDOWSsystem32driversetchosts ==================== Network =========================== (Currently there is no automatic fix for this section.) DNS Servers: 192.168.1.1 Windows Firewall is enabled.

Network Binding: ============= Ethernet: Intel® Ethernet Controller (3) I225-V -> e2f.sys Wi-Fi: Intel® Wi-Fi 6E AX210 160MHz -> Netwtw14.sys ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)RazerChromaBroadcastbin;C:Program FilesRazerChromaBroadcastbin;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program Filesdotnet;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesTortoiseSVNbin;C:UsersjustdAppDataLocalMicrosoftWindowsApps;C:Program FilesGitcmd;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;;C:Program FilesNVIDIA CorporationNVIDIA AppNvDLISR HKUS-1-5-21-1629956658-336341846-2884959028-1001Control PanelDesktop\Wallpaper -> C:UsersjustdAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLMSOFTWAREMicrosoftWindows DefenderFeatures => (TamperProtection: 1) (TamperProtectionSource: 5) HKLMSOFTWAREMicrosoftWindows DefenderReal-Time Protection => (DpaDisabled: 0) HKLMSOFTWAREMicrosoftWindows DefenderExclusionsPaths|D:SteamLibrarysteamappscommonFallout 4 ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{3DBB8DDD-DFD4-48D9-B535-9F5A1CEE4AB3}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe => No File FirewallRules: [TCP Query User{43030C87-DE17-4FC8-A212-C44DE43E6718}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe => No File FirewallRules: [{9F67A2E9-62AC-4166-A3AF-4109A0146D43}] => (Allow) C:Steam Second LocationsteamappscommonVictoria 3launcherdowser.exe => No File FirewallRules: [{79CF593F-9268-4A28-A674-EB145233ED9D}] => (Allow) C:Steam Second LocationsteamappscommonVictoria 3launcherdowser.exe => No File FirewallRules: [{EAB77211-3681-441E-94E4-2FD5BB1B7BA1}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3FF90A5F-5CE1-49AA-8027-A4C59A4238B1}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{328B77FB-D0DD-4D92-94DD-6F1350F33DD5}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe] => (Allow) C:steam second locationsteamappscommonred dead redemption 2rdr2.exe => No File FirewallRules: [TCP Query User{2CB0FD29-9E60-4B34-B92B-5FEFFAB1427F}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe] => (Allow) C:steam second locationsteamappscommonred dead redemption 2rdr2.exe => No File FirewallRules: [UDP Query User{4E79EC9E-3AAA-458F-AC7F-907B439DDE1F}C:program filesblack tree gaming ltdvortexvortex.exe] => (Allow) C:program filesblack tree gaming ltdvortexvortex.exe (Black Tree Gaming Ltd -> Black Tree Gaming Ltd.) FirewallRules: [TCP Query User{DF8757F5-668F-411C-A87B-4D519E19E083}C:program filesblack tree gaming ltdvortexvortex.exe] => (Allow) C:program filesblack tree gaming ltdvortexvortex.exe (Black Tree Gaming Ltd -> Black Tree Gaming Ltd.) FirewallRules: [{EF5C1ADF-28BC-48F7-A456-DAEF50B19B70}] => (Allow) C:Program Files (x86)SteamsteamappscommonFallout New VegasFalloutNVLauncher.exe => No File FirewallRules: [{BA2AE4B6-F5FA-459F-BDB8-E7D1C872F1CF}] => (Allow) C:Program Files (x86)SteamsteamappscommonFallout New VegasFalloutNVLauncher.exe => No File FirewallRules: [{40BB7652-3630-407E-8745-D969B8D92CDA}] => (Allow) C:Program Files (x86)SteamsteamappscommonZenimax OnlinezosSteamStarter.exe (Zenimax Media Inc.

-> Zenimax Online Studios) FirewallRules: [{D0B7CA5C-5CE5-43C9-883C-888DB96E7DA0}] => (Allow) C:Program Files (x86)SteamsteamappscommonZenimax OnlinezosSteamStarter.exe (Zenimax Media Inc. -> Zenimax Online Studios) FirewallRules: [{3F13704D-D21C-4309-8E09-92AF7640B6BF}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_24165.1308.3011.3930_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C29C475B-256B-42BD-B47C-3AB1CE5A6685}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_24165.1308.3011.3930_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{C23AB35A-A90B-48C1-AE1B-D6336B4D9144}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe] => (Allow) C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe => No File FirewallRules: [TCP Query User{DB3F49E4-145A-4A19-AC77-042E82F8D14C}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe] => (Allow) C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe => No File FirewallRules: [{E5878B5A-B3AE-4E1F-AE54-C25818947A02}] => (Allow) C:Program Files (x86)SteamsteamappscommonCelesteCeleste.exe (Matt Makes Games) [File not signed] FirewallRules: [{C4258BF7-5026-427F-A107-AF98D1E8A3C1}] => (Allow) C:Program Files (x86)SteamsteamappscommonCelesteCeleste.exe (Matt Makes Games) [File not signed] FirewallRules: [{418A83D8-3384-4F05-82E8-8DC9B14F8415}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File FirewallRules: [{B00A4D1E-75E2-4236-9642-F6C029D3BFE0}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{F183BB5A-032F-42A4-9C50-BC14AC788051}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{D976593C-8657-48B4-90CC-1ED322A69E0B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File FirewallRules: [{524764FD-5705-4AE7-A8C2-FF594A0FDFC8}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File FirewallRules: [{34F004F2-8668-4C68-A40C-2D0E0401308B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{5E9375CB-4A54-4B96-89B1-1D3096F63CBF}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{AF6D12EC-A76F-458A-88FB-596027ED342B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File FirewallRules: [UDP Query User{35E28B9E-BFF4-4CA9-BFE8-72D69FAD74E2}C:riot gamesriot clientriotclientelectronriot client.exe] => (Allow) C:riot gamesriot clientriotclientelectronriot client.exe => No File FirewallRules: [TCP Query User{99F366A3-9CB8-4E57-AAAB-C07EDCBC889D}C:riot gamesriot clientriotclientelectronriot client.exe] => (Allow) C:riot gamesriot clientriotclientelectronriot client.exe => No File FirewallRules: [{CE1DEEB0-7F10-4E48-9331-A42BEA76B104}] => (Allow) C:Program Files (x86)SteamsteamappscommonSid Meier's Civilization IV Beyond the SwordBeyond the SwordCiv4BeyondSword.exe (Firaxis Games) [File not signed] FirewallRules: [{7D784D49-9025-488F-B01B-DAE871B5275E}] => (Allow) C:Program Files (x86)SteamsteamappscommonSid Meier's Civilization IV Beyond the SwordBeyond the SwordCiv4BeyondSword.exe (Firaxis Games) [File not signed] FirewallRules: [{AD0E93AC-059C-450F-9030-0A3C8377C6D0}] => (Allow) C:Program Files (x86)SteamsteamappscommonAvorionbinAvorion.exe => No File FirewallRules: [{5BB01233-6786-43C5-A4C1-219E98F951B4}] => (Allow) C:Program Files (x86)SteamsteamappscommonAvorionbinAvorion.exe => No File FirewallRules: [{277998C4-F7DF-49EE-B2C2-6E8B84A7070F}] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMER IIIlauncherlauncher.exe => No File FirewallRules: [{AC5C8470-63DB-41BD-9157-2FAFA75FCB1E}] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMER IIIlauncherlauncher.exe => No File FirewallRules: [{867F3E9F-1E92-490F-9952-BCF852C9BA9C}] => (Allow) C:Program Files (x86)SteamsteamappscommonCrusader Kings IIIlauncherdowser.exe => No File FirewallRules: [{5EE50496-A8F9-4F29-8085-7D536A81C6E7}] => (Allow) C:Program Files (x86)SteamsteamappscommonCrusader Kings IIIlauncherdowser.exe => No File FirewallRules: [UDP Query User{4003A18A-A469-474E-BD8D-02901855BA55}C:program files (x86)steamsteamappscommoneuropa universalis iveu4.exe] => (Allow) C:program files (x86)steamsteamappscommoneuropa universalis iveu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [TCP Query User{E67D319F-2DB3-4C87-8F53-19399BA08F3B}C:program files (x86)steamsteamappscommoneuropa universalis iveu4.exe] => (Allow) C:program files (x86)steamsteamappscommoneuropa universalis iveu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{802745F2-5894-41BA-B475-E2DF741799F9}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp.

-> Valve Corporation) FirewallRules: [{9398E5DF-F0D1-413C-A63B-EA2CD4F19CD3}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{BA033EE7-AE68-4A7F-9F99-8D8714099853}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{AD2AC6E9-5EC0-4D5D-91E0-E33BE05B823E}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{74860456-1EF5-46A3-9D89-6702921D809F}] => (Allow) C:Program Files (x86)SteamsteamappscommonRimWorldRimWorldWin64.exe () [File not signed] FirewallRules: [{A57B019B-E46A-46D8-9FAA-DE313A00860A}] => (Allow) C:Program Files (x86)SteamsteamappscommonRimWorldRimWorldWin64.exe () [File not signed] FirewallRules: [{8AFF7CC0-7AE2-45DA-A361-699EC852A3B3}] => (Allow) C:Program Files (x86)SteamsteamappscommonEuropa Universalis IVdowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{0C2022CC-819F-48BB-8B8D-3CF996D9A878}] => (Allow) C:Program Files (x86)SteamsteamappscommonEuropa Universalis IVdowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [TCP Query User{9C82DE6C-20F2-468E-B8B3-C320A2733D20}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe] => (Allow) C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe => No File FirewallRules: [UDP Query User{66B8BB22-645D-4622-A50C-AF1944ED6C10}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe] => (Allow) C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe => No File FirewallRules: [TCP Query User{648C7DA1-B250-4619-A7D7-B798B974CC13}C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe] => (Allow) C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe (Epic Games Inc.

-> Epic Games, Inc.) FirewallRules: [UDP Query User{9D84D8EE-35C6-48CA-81E1-A60F96168CBE}C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe] => (Allow) C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{8F1B2058-03AE-46B1-8A63-82F1D0B8DE52}C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc.

-> Blizzard Entertainment) FirewallRules: [UDP Query User{4AD80733-AA6B-4A00-A00C-7D5BA55443FE}C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{AB2A1B58-0833-424C-8D3B-54BB48654B37}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe => No File FirewallRules: [{FA9DAC81-F989-4915-B195-959ABD69E3C5}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe => No File FirewallRules: [TCP Query User{59FB8443-DF98-42E6-9192-949F477C600B}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe] => (Allow) C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe => No File FirewallRules: [UDP Query User{3822140D-A806-4CE7-A387-7545BBE72754}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe] => (Allow) C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe => No File FirewallRules: [{C9041D59-4396-40A8-BCC1-6EC97D483D04}] => (Allow) C:UsersjustdAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc.

-> Zoom Communications, Inc.) FirewallRules: [{7EDC701E-C863-4B0F-B972-0CEAFDFADFB1}] => (Allow) C:UsersjustdAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{3BF350BA-4F72-4EF6-AB73-F79B0317D56D}] => (Allow) C:UsersjustdAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{63A374E0-4797-469D-B757-F9B2B62C5E45}C:program files (x86)steamsteamappscommontmodloaderdotnet6.0.0dotnet.exe] => (Allow) C:program files (x86)steamsteamappscommontmodloaderdotnet6.0.0dotnet.exe (.NET -> Microsoft Corporation) FirewallRules: [UDP Query User{D99C8BFE-A530-4FDD-95EA-2FAD3D317ED8}C:program files (x86)steamsteamappscommontmodloaderdotnet6.0.0dotnet.exe] => (Allow) C:program files (x86)steamsteamappscommontmodloaderdotnet6.0.0dotnet.exe (.NET -> Microsoft Corporation) FirewallRules: [{B5098AC4-E636-4E2B-90EB-DBA935518817}] => (Allow) C:Program Files (x86)SteamsteamappscommonFactoriobinx64factorio.exe => No File FirewallRules: [{B95975DA-A261-4B43-8BD4-7A8472A2C13B}] => (Allow) C:Program Files (x86)SteamsteamappscommonFactoriobinx64factorio.exe => No File FirewallRules: [TCP Query User{0FF2D66D-AA8A-4277-AE08-4C825563AA1F}C:program filesmozilla firefoxfirefox.exe] => (Block) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{FEC8E1B7-DB17-42E3-99DC-346C1091B583}C:program filesmozilla firefoxfirefox.exe] => (Block) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5F614BCF-9A13-4220-8FF3-585BB5483B62}] => (Allow) C:Steam Second LocationsteamappscommonTerra InvictaTerraInvicta.exe () [File not signed] FirewallRules: [{3FC18CDB-9BEC-41E9-BE32-BA936663B8CE}] => (Allow) C:Steam Second LocationsteamappscommonTerra InvictaTerraInvicta.exe () [File not signed] FirewallRules: [{B254A4AD-6B16-4B76-A8CC-6AEDC1408DD1}] => (Allow) C:Steam Second LocationsteamappscommonREPOREPO.exe () [File not signed] FirewallRules: [{F942E00B-8DBD-4658-A840-771450B077D8}] => (Allow) C:Steam Second LocationsteamappscommonREPOREPO.exe () [File not signed] FirewallRules: [{510C1855-888E-4CF9-B9C8-8B64944B2314}] => (Allow) C:Steam Second LocationsteamappscommonSkyrim Special EditionSkyrimSELauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{48D89D2A-3061-49DC-9DBF-645CA7E97C90}] => (Allow) C:Steam Second LocationsteamappscommonSkyrim Special EditionSkyrimSELauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{8D26589A-5AFF-4BBB-8387-D7BAC0730C25}] => (Allow) D:SteamLibrarysteamappscommonARK Survival AscendedShooterGameBinariesWin64ArkAscended_BE.exe (BattlEye Innovations e.K.

-> BattlEye Innovations) FirewallRules: [{E298C839-A6EC-4CDE-BEC6-2E511878F51F}] => (Allow) D:SteamLibrarysteamappscommonARK Survival AscendedShooterGameBinariesWin64ArkAscended_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{53D4798C-CC08-4089-AF0B-1D908A89ACD0}] => (Allow) D:SteamLibrarysteamappscommonARK Survival AscendedShooterGameBinariesWin64ArkAscended.exe (Wildcard Properties, LLC -> Epic Games, Inc.) FirewallRules: [{D273ADDD-0250-44C5-862E-00696BAB8750}] => (Allow) D:SteamLibrarysteamappscommonARK Survival AscendedShooterGameBinariesWin64ArkAscended.exe (Wildcard Properties, LLC -> Epic Games, Inc.) FirewallRules: [{966D4314-FAC1-4ECE-BA02-09BF4F728351}] => (Allow) D:SteamLibrarysteamappscommonAvorionbinAvorion.exe () [File not signed] FirewallRules: [{F4F59F16-47B3-492A-829E-2FF00D4C1A63}] => (Allow) D:SteamLibrarysteamappscommonAvorionbinAvorion.exe () [File not signed] FirewallRules: [TCP Query User{5986A9C9-FEFE-4BAB-B7D3-B5BCC04CB504}D:steamlibrarysteamappscommonavorionbinavorionserver.exe] => (Allow) D:steamlibrarysteamappscommonavorionbinavorionserver.exe () [File not signed] FirewallRules: [UDP Query User{BEC87A90-AC38-43FF-922C-D83569D9B39A}D:steamlibrarysteamappscommonavorionbinavorionserver.exe] => (Allow) D:steamlibrarysteamappscommonavorionbinavorionserver.exe () [File not signed] FirewallRules: [{BA9BE1E2-4180-479A-8BB4-C9AF1333D3CA}] => (Allow) D:SteamLibrarysteamappscommonPathfinder KingmakerKingmaker.exe () [File not signed] FirewallRules: [{7C896813-9140-4B40-9576-829DD9A9AD1F}] => (Allow) D:SteamLibrarysteamappscommonPathfinder KingmakerKingmaker.exe () [File not signed] FirewallRules: [{A3096E07-43CE-45CB-83D4-CD6D44F3007F}] => (Allow) D:SteamLibrarysteamappscommonHavenHaven.exe () [File not signed] FirewallRules: [{0B6159B1-0989-44FC-9B7C-02EA51800CF3}] => (Allow) D:SteamLibrarysteamappscommonHavenHaven.exe () [File not signed] FirewallRules: [{1DB50FB7-3F7D-4BF9-BC8E-43AE5CAD89C1}] => (Allow) D:SteamLibrarysteamappscommonBaldurs Gate 3LauncherLariLauncher.exe (Larian Studios Games Ltd.

-> LariLauncher) FirewallRules: [{8156400E-F393-4568-8B95-0766FBE738BC}] => (Allow) D:SteamLibrarysteamappscommonBaldurs Gate 3LauncherLariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher) FirewallRules: [TCP Query User{79BC24A6-EECD-4B18-98D3-92A1F7732FFE}D:steamlibrarysteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) D:steamlibrarysteamappscommonbaldurs gate 3binbg3_dx11.exe (Larian Studios Games Ltd.

-> ) FirewallRules: [UDP Query User{ED2FC538-6543-4CA2-94DA-A1EA96061774}D:steamlibrarysteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) D:steamlibrarysteamappscommonbaldurs gate 3binbg3_dx11.exe (Larian Studios Games Ltd. -> ) FirewallRules: [{AE6E0355-64D4-4A9C-8050-7489367B7202}] => (Allow) D:SteamLibrarysteamappscommonVictoria 3launcherdowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{D3F40BD1-D489-4ECD-87BE-421ACB66C926}] => (Allow) D:SteamLibrarysteamappscommonVictoria 3launcherdowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{DB13D677-6F19-47DE-B1E3-E445FA366B76}] => (Allow) D:SteamLibrarysteamappscommonGuild Wars 2Gw2-64.exe (ArenaNet, LLc -> ArenaNet) FirewallRules: [{EB5C4CED-741A-4DFE-8CB9-815FA122790F}] => (Allow) D:SteamLibrarysteamappscommonGuild Wars 2Gw2-64.exe (ArenaNet, LLc -> ArenaNet) FirewallRules: [TCP Query User{9F18D68F-9B4E-43F4-824B-DD4D11E166A2}C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe (Epic Games Inc.

-> Epic Games, Inc.) FirewallRules: [UDP Query User{F01B3A41-859A-47AD-8CFD-EA030DFB2486}C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{987E913D-59CC-4967-8C3B-749563E7C3D0}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F3915A71-290D-46DE-A4A0-2B620B716212}] => (Allow) C:Program Files (x86)Steambincefcef.win64steamwebhelper.exe (Valve Corp.

-> Valve Corporation) FirewallRules: [{CE23F98F-F1CD-4FB8-8B22-9F4DE2345A96}] => (Allow) C:Program Files (x86)Steambincefcef.win64steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3F9BF30A-4250-4501-AEC8-507B58EA4468}] => (Allow) D:SteamLibrarysteamappscommonEndless LegendEndlessLegend.exe () [File not signed] FirewallRules: [{C1885B83-BBD2-4612-9EE8-33E8E3635BE9}] => (Allow) D:SteamLibrarysteamappscommonEndless LegendEndlessLegend.exe () [File not signed] FirewallRules: [{53769373-FA54-48BC-BF9F-A93BF8AB6390}] => (Allow) D:SteamLibrarysteamappscommonFallout 4Fallout4Launcher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{D325C5B4-AFFF-4DA2-8EF5-29C0E80248E3}] => (Allow) D:SteamLibrarysteamappscommonFallout 4Fallout4Launcher.exe (Bethesda Softworks) [File not signed] FirewallRules: [TCP Query User{9445369E-EFBC-4D95-9B9B-861C031DDA02}C:xboxgamesminecraft for windowscontentminecraft.windows.exe] => (Allow) C:xboxgamesminecraft for windowscontentminecraft.windows.exe (Access Denied)  [File not signed?] FirewallRules: [UDP Query User{BD9B7A34-86B2-452A-8D06-F3F628ECE1ED}C:xboxgamesminecraft for windowscontentminecraft.windows.exe] => (Allow) C:xboxgamesminecraft for windowscontentminecraft.windows.exe (Access Denied)  [File not signed?] FirewallRules: [TCP Query User{E31BECE6-6998-42BD-B3E0-C24C008BDC17}C:usersjustdappdatalocalprogramscurseforge windowscurseforge.exe] => (Allow) C:usersjustdappdatalocalprogramscurseforge windowscurseforge.exe (Overwolf Ltd -> Overwolf) FirewallRules: [UDP Query User{E7659853-0320-4691-9652-242E904BDCC4}C:usersjustdappdatalocalprogramscurseforge windowscurseforge.exe] => (Allow) C:usersjustdappdatalocalprogramscurseforge windowscurseforge.exe (Overwolf Ltd -> Overwolf) FirewallRules: [TCP Query User{963A037F-593E-4F0A-8CD8-94E1F28C7766}C:usersjustdcurseforgeminecraftinstalljavajava-runtime-gammabinjavaw.exe] => (Allow) C:usersjustdcurseforgeminecraftinstalljavajava-runtime-gammabinjavaw.exe FirewallRules: [UDP Query User{3B0BDFC9-6A9E-4F80-A6BF-50043AE7074F}C:usersjustdcurseforgeminecraftinstalljavajava-runtime-gammabinjavaw.exe] => (Allow) C:usersjustdcurseforgeminecraftinstalljavajava-runtime-gammabinjavaw.exe FirewallRules: [{7C872253-D3F4-4EB4-BD68-BECD232C17B1}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B2AC4670-0F84-4D97-A1E3-F49B6485E9C0}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5CC8166D-E917-45D3-9F8F-451C4D264979}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AC730EAA-5A80-44BD-9DD4-411AC1575635}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{26425072-B43B-4CA8-9966-15966E47ABD7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8FE1BED9-EB77-458A-9C07-EE6F2564FD8C}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{138C6A9C-DAD5-4230-A584-73D1769AC034}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{DEEADA19-0C0B-4E37-B535-90EAB1D3FC96}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{52ABDE7F-F958-4C5F-A2A1-4E5930BD6943}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BBB1EA34-A8CD-4C2A-A196-ECB13A676B2D}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AFF826B0-E170-4A6F-8AC4-27E69E5F2EED}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E7B71AD5-5A65-499C-A756-1DEC4C02B808}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8C85E2B5-BC79-4958-B787-9487E9BF429B}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{DBAF5586-D57E-4C87-AE81-8F28B40829E6}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 03-03-2026 08:28:55 Microsoft Visual C++ 2015-2022 Redistributable (x64) – 14.44.35211 03-03-2026 08:29:03 Microsoft Visual C++ 2015-2022 Redistributable (x86) – 14.44.35211 06-03-2026 15:35:36 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (03/04/2026 09:02:12 PM) (Source: Application Error) (EventID: 1000) (User: PANDACOMP) Description: Faulting application name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Faulting module name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Exception code: 0xc0000005 Fault offset: 0x0000000000e2fbf2 Faulting process id: 0x49a4 Faulting application start time: 0x1dcac48a48ae993 Faulting application path: C:Program FilesWonderdraftWonderdraft.exe Faulting module path: C:Program FilesWonderdraftWonderdraft.exe Report Id: a76ac09a-bcf7-44c3-ae23-8aabc0b93b00 Faulting package full name:  Faulting package-relative application ID: Error: (03/04/2026 04:32:53 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY) Description: The program Avorion.exe version 0.0.0.0 stopped interacting with Windows and was closed.

To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Error: (02/27/2026 09:09:29 AM) (Source: Application Error) (EventID: 1000) (User: PANDACOMP) Description: Faulting application name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Faulting module name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Exception code: 0xc0000005 Fault offset: 0x0000000000e2fbf2 Faulting process id: 0x4fe4 Faulting application start time: 0x1dca80350278ca3 Faulting application path: C:Program FilesWonderdraftWonderdraft.exe Faulting module path: C:Program FilesWonderdraftWonderdraft.exe Report Id: d963feb8-59b0-4c34-b594-e3487cb62ad5 Faulting package full name:  Faulting package-relative application ID: Error: (02/25/2026 08:16:36 PM) (Source: Application Error) (EventID: 1000) (User: PANDACOMP) Description: Faulting application name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Faulting module name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Exception code: 0xc0000005 Fault offset: 0x0000000000f2d92c Faulting process id: 0x2d88 Faulting application start time: 0x1dca6cba000e3f8 Faulting application path: C:Program FilesWonderdraftWonderdraft.exe Faulting module path: C:Program FilesWonderdraftWonderdraft.exe Report Id: cb130ab0-3368-4cd1-91a3-a6e252d182fa Faulting package full name:  Faulting package-relative application ID: Error: (02/25/2026 07:28:24 PM) (Source: Application Error) (EventID: 1000) (User: PANDACOMP) Description: Faulting application name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Faulting module name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Exception code: 0xc0000005 Fault offset: 0x0000000000f2d92c Faulting process id: 0x3890 Faulting application start time: 0x1dca6c2dafe5a68 Faulting application path: C:Program FilesWonderdraftWonderdraft.exe Faulting module path: C:Program FilesWonderdraftWonderdraft.exe Report Id: b0a2e351-f0fb-4e7e-9860-16f1f4aabd31 Faulting package full name:  Faulting package-relative application ID: Error: (02/24/2026 10:30:00 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY) Description: The program Bethesda.net_Launcher.exe version 7.1.46.0 stopped interacting with Windows and was closed.

To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Error: (02/24/2026 09:25:47 AM) (Source: Application Error) (EventID: 1000) (User: PANDACOMP) Description: Faulting application name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Faulting module name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Exception code: 0xc0000005 Fault offset: 0x0000000000f2d92c Faulting process id: 0x74e4 Faulting application start time: 0x1dca5aa031c7864 Faulting application path: C:Program FilesWonderdraftWonderdraft.exe Faulting module path: C:Program FilesWonderdraftWonderdraft.exe Report Id: 05b03e0c-0913-48e2-a853-c69da5ce6cc4 Faulting package full name:  Faulting package-relative application ID: Error: (02/23/2026 09:34:37 PM) (Source: Application Error) (EventID: 1000) (User: PANDACOMP) Description: Faulting application name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Faulting module name: Wonderdraft.exe, version: 1.1.8.2, time stamp: 0x609d7702 Exception code: 0xc0000005 Fault offset: 0x0000000000f2d92c Faulting process id: 0x5e34 Faulting application start time: 0x1dca544971cc706 Faulting application path: C:Program FilesWonderdraftWonderdraft.exe Faulting module path: C:Program FilesWonderdraftWonderdraft.exe Report Id: 91f53862-f5f2-4826-af82-de8a3ebec971 Faulting package full name:  Faulting package-relative application ID: System errors: ============= Error: (03/07/2026 08:21:07 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware.

Review the published guidance to complete the update and maintain full protection. This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.10;OEMModelBaseBoard:PRO Z690-A (MS-7D25);OEMManufacturerName:Micro-Star International Co., Ltd.;OSArchitecture:amd64; BucketId: 55864bb8f17560ae80c6b509d198ce2ea2d5c4d4205d830dd37d89275156663f BucketConfidenceLevel: Under Observation – More Data Needed UpdateType:  For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/07/2026 08:15:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The cpuz160 service failed to start due to the following error:  The system cannot find the file specified. Error: (03/07/2026 08:14:36 PM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1. Error: (03/07/2026 08:14:46 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 7:47:05 PM on ‎3/‎7/‎2026 was unexpected.

Error: (03/07/2026 07:52:06 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.10;OEMModelBaseBoard:PRO Z690-A (MS-7D25);OEMManufacturerName:Micro-Star International Co., Ltd.;OSArchitecture:amd64; BucketId: 55864bb8f17560ae80c6b509d198ce2ea2d5c4d4205d830dd37d89275156663f BucketConfidenceLevel: Under Observation – More Data Needed UpdateType:  For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/07/2026 07:46:55 PM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1. Error: (03/07/2026 10:53:12 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection.

This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.10;OEMModelBaseBoard:PRO Z690-A (MS-7D25);OEMManufacturerName:Micro-Star International Co., Ltd.;OSArchitecture:amd64; BucketId: 55864bb8f17560ae80c6b509d198ce2ea2d5c4d4205d830dd37d89275156663f BucketConfidenceLevel: Under Observation – More Data Needed UpdateType:  For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/07/2026 10:48:01 AM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1. Windows Defender: ================ Date: 2026-03-07 10:21:21 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-03-06 11:43:06 Description:  Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-03-04 16:42:16 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-02-28 21:26:53 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-02-27 21:32:39 Description:  Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days  Event[0] Date: 2026-02-18 16:59:38 Description:  Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version. Security intelligence Attempted: Current Error Code: 0x80501102 Error description: An unexpected problem occurred.

Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.  Security intelligence Version: 1.445.123.0;1.445.123.0 Engine Version: 1.1.26010.1  Date: 2025-09-09 17:31:46 Description:  Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version:  Previous security intelligence Version: 1.435.656.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version:  Previous Engine Version: 1.1.25070.4 Error code: 0x80072f8f Error description: A security error occurred   CodeIntegrity: =============== Date: 2025-11-14 19:20:05 Description:  Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16AIaimgr.exe) attempted to load DeviceHarddiskVolume3WindowsSystem32nvspcap64.dll that did not meet the Microsoft signing level requirements.  Date: 2025-11-05 17:01:13 Description:  Code Integrity determined that a process (DeviceHarddiskVolume3ProgramDataMicrosoftWindows DefenderPlatform4.18.25090.3009-0MsMpEng.exe) attempted to load DeviceHarddiskVolume3WindowsSystem32ControlLib.dll that did not meet the Custom 3 / Antimalware signing level requirements.  ==================== Memory info ===========================  BIOS: American Megatrends International, LLC.

A.10 12/06/2021 Motherboard: Micro-Star International Co., Ltd. PRO Z690-A (MS-7D25) Processor: 12th Gen Intel® Core™ i5-12600K Percentage of memory in use: 45% Total physical RAM: 32559.87 MB Available physical RAM: 17792.21 MB Total Virtual: 72559.87 MB Available Virtual: 57035.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1862.04 GB) (Free:735.19 GB) (Model: WD_BLACK SN850X HS 2000GB) NTFS Drive d: (Secondary) (Fixed) (Total:1862.73 GB) (Free:1062.99 GB) (Model: Microsoft Storage Space Device) NTFS \?Volume{7ba7c570-b71a-4cfe-a75c-c2dd0e1142d4} () (Fixed) (Total:0.86 GB) (Free:0.11 GB) NTFS \?Volume{848a2666-fdb6-49e5-b461-4f9bcf00c2e1} () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT.

========================================================== Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 1862.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ======================= Thank you for the support! I have ran the Fix, though I had to do so twice, and ran DoesNotBelong: Fix result of Farbar Recovery Scan Tool (x64) Version: 07-03-2026 Ran by justd (08-03-2026 00:37:58) Run:1 Running from C:UsersjustdDownloads Loaded Profiles: justd Boot Mode: Normal ============================================== fixlist content: ***************** Start:: SystemRestore: CreateRestorePoint: CloseProcesses: AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk:BE32D07BC5 [3434] AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk:C5D586BE93 [3434] AlternateDataStreams: C:UsersPublicShared Files:VersionCache [2996] FirewallRules: [{277998C4-F7DF-49EE-B2C2-6E8B84A7070F}] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMER IIIlauncherlauncher.exe => No File FirewallRules: [{34F004F2-8668-4C68-A40C-2D0E0401308B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{418A83D8-3384-4F05-82E8-8DC9B14F8415}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File FirewallRules: [{524764FD-5705-4AE7-A8C2-FF594A0FDFC8}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File FirewallRules: [{5BB01233-6786-43C5-A4C1-219E98F951B4}] => (Allow) C:Program Files (x86)SteamsteamappscommonAvorionbinAvorion.exe => No File FirewallRules: [{5E9375CB-4A54-4B96-89B1-1D3096F63CBF}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{5EE50496-A8F9-4F29-8085-7D536A81C6E7}] => (Allow) C:Program Files (x86)SteamsteamappscommonCrusader Kings IIIlauncherdowser.exe => No File FirewallRules: [{79CF593F-9268-4A28-A674-EB145233ED9D}] => (Allow) C:Steam Second LocationsteamappscommonVictoria 3launcherdowser.exe => No File FirewallRules: [{867F3E9F-1E92-490F-9952-BCF852C9BA9C}] => (Allow) C:Program Files (x86)SteamsteamappscommonCrusader Kings IIIlauncherdowser.exe => No File FirewallRules: [{9F67A2E9-62AC-4166-A3AF-4109A0146D43}] => (Allow) C:Steam Second LocationsteamappscommonVictoria 3launcherdowser.exe => No File FirewallRules: [{AB2A1B58-0833-424C-8D3B-54BB48654B37}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe => No File FirewallRules: [{AC5C8470-63DB-41BD-9157-2FAFA75FCB1E}] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMER IIIlauncherlauncher.exe => No File FirewallRules: [{AD0E93AC-059C-450F-9030-0A3C8377C6D0}] => (Allow) C:Program Files (x86)SteamsteamappscommonAvorionbinAvorion.exe => No File FirewallRules: [{AD2AC6E9-5EC0-4D5D-91E0-E33BE05B823E}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{AF6D12EC-A76F-458A-88FB-596027ED342B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File FirewallRules: [{B00A4D1E-75E2-4236-9642-F6C029D3BFE0}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{B5098AC4-E636-4E2B-90EB-DBA935518817}] => (Allow) C:Program Files (x86)SteamsteamappscommonFactoriobinx64factorio.exe => No File FirewallRules: [{B95975DA-A261-4B43-8BD4-7A8472A2C13B}] => (Allow) C:Program Files (x86)SteamsteamappscommonFactoriobinx64factorio.exe => No File FirewallRules: [{BA033EE7-AE68-4A7F-9F99-8D8714099853}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{BA2AE4B6-F5FA-459F-BDB8-E7D1C872F1CF}] => (Allow) C:Program Files (x86)SteamsteamappscommonFallout New VegasFalloutNVLauncher.exe => No File FirewallRules: [{D976593C-8657-48B4-90CC-1ED322A69E0B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File FirewallRules: [{EF5C1ADF-28BC-48F7-A456-DAEF50B19B70}] => (Allow) C:Program Files (x86)SteamsteamappscommonFallout New VegasFalloutNVLauncher.exe => No File FirewallRules: [{F183BB5A-032F-42A4-9C50-BC14AC788051}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{FA9DAC81-F989-4915-B195-959ABD69E3C5}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe => No File FirewallRules: [TCP Query User{2CB0FD29-9E60-4B34-B92B-5FEFFAB1427F}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe] => (Allow) C:steam second locationsteamappscommonred dead redemption 2rdr2.exe => No File FirewallRules: [TCP Query User{43030C87-DE17-4FC8-A212-C44DE43E6718}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe => No File FirewallRules: [TCP Query User{59FB8443-DF98-42E6-9192-949F477C600B}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe] => (Allow) C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe => No File FirewallRules: [TCP Query User{99F366A3-9CB8-4E57-AAAB-C07EDCBC889D}C:riot gamesriot clientriotclientelectronriot client.exe] => (Allow) C:riot gamesriot clientriotclientelectronriot client.exe => No File FirewallRules: [TCP Query User{9C82DE6C-20F2-468E-B8B3-C320A2733D20}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe] => (Allow) C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe => No File FirewallRules: [TCP Query User{DB3F49E4-145A-4A19-AC77-042E82F8D14C}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe] => (Allow) C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe => No File FirewallRules: [UDP Query User{328B77FB-D0DD-4D92-94DD-6F1350F33DD5}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe] => (Allow) C:steam second locationsteamappscommonred dead redemption 2rdr2.exe => No File FirewallRules: [UDP Query User{35E28B9E-BFF4-4CA9-BFE8-72D69FAD74E2}C:riot gamesriot clientriotclientelectronriot client.exe] => (Allow) C:riot gamesriot clientriotclientelectronriot client.exe => No File FirewallRules: [UDP Query User{3822140D-A806-4CE7-A387-7545BBE72754}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe] => (Allow) C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe => No File FirewallRules: [UDP Query User{3DBB8DDD-DFD4-48D9-B535-9F5A1CEE4AB3}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe => No File FirewallRules: [UDP Query User{66B8BB22-645D-4622-A50C-AF1944ED6C10}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe] => (Allow) C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe => No File FirewallRules: [UDP Query User{C23AB35A-A90B-48C1-AE1B-D6336B4D9144}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe] => (Allow) C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe => No File HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe /StartMinimized (No File) S3 cpuz159; C:WINDOWStempcpuz159cpuz159_x64.sys [44680 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} – System32TasksMicrosoftWindowsLocationNotifications => %windir%System32LocationNotificationWindows.exe  (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} – System32TasksMicrosoftWindowsUpdateOrchestratorUSO_UxBroker => %systemroot%system32MusNotification.exe  (No File) 2026-03-07 20:13 – 2026-03-07 20:14 – 000000000 ____D C:UsersjustdAppDataRoamingexonautis 2026-03-07 20:13 – 2026-03-07 20:13 – 000002345 _____ C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsExonautis.lnk 2026-03-07 20:13 – 2026-03-07 20:13 – 000000000 ____D C:UsersjustdAppDataLocalexonautis-updater 2023-01-11 10:44 – 2026-03-06 19:06 – 000000000 _____ () C:UsersjustdAppDataRoamingavoriontestfile 2025-11-29 21:28 – 2025-11-29 21:28 – 000000048 ____R () C:UsersjustdAppDataLocal119AC2FC90D95AC063B177717B7B3B6 2023-04-08 00:41 – 2023-04-08 00:41 – 000007605 _____ () C:UsersjustdAppDataLocalResmon.ResmonCfg Removeproxy: Hosts: CMD: netsh winsock reset catalog CMD: netsh int ip reset resetlog.txt CMD: reg export HKEY_LOCAL_MACHINESystemCurrentControlSetServicesSharedAccessDefaultsFirewallPolicyFirewallRules C:FirewallBackup.reg C:FirewallBackup.reg CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns Emptytemp: End:: ***************** SystemRestore: => Error: No automatic fix found for this entry.

Restore point was successfully created. Processes closed successfully. C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk => ":C5D586BE93" ADS removed successfully C:UsersPublicShared Files => ":VersionCache" ADS removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{277998C4-F7DF-49EE-B2C2-6E8B84A7070F}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{34F004F2-8668-4C68-A40C-2D0E0401308B}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{418A83D8-3384-4F05-82E8-8DC9B14F8415}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{524764FD-5705-4AE7-A8C2-FF594A0FDFC8}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{5BB01233-6786-43C5-A4C1-219E98F951B4}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{5E9375CB-4A54-4B96-89B1-1D3096F63CBF}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{5EE50496-A8F9-4F29-8085-7D536A81C6E7}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{79CF593F-9268-4A28-A674-EB145233ED9D}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{867F3E9F-1E92-490F-9952-BCF852C9BA9C}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{9F67A2E9-62AC-4166-A3AF-4109A0146D43}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AB2A1B58-0833-424C-8D3B-54BB48654B37}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AC5C8470-63DB-41BD-9157-2FAFA75FCB1E}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AD0E93AC-059C-450F-9030-0A3C8377C6D0}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AD2AC6E9-5EC0-4D5D-91E0-E33BE05B823E}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AF6D12EC-A76F-458A-88FB-596027ED342B}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{B00A4D1E-75E2-4236-9642-F6C029D3BFE0}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{B5098AC4-E636-4E2B-90EB-DBA935518817}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{B95975DA-A261-4B43-8BD4-7A8472A2C13B}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{BA033EE7-AE68-4A7F-9F99-8D8714099853}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{BA2AE4B6-F5FA-459F-BDB8-E7D1C872F1CF}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{D976593C-8657-48B4-90CC-1ED322A69E0B}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{EF5C1ADF-28BC-48F7-A456-DAEF50B19B70}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{F183BB5A-032F-42A4-9C50-BC14AC788051}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{FA9DAC81-F989-4915-B195-959ABD69E3C5}" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{2CB0FD29-9E60-4B34-B92B-5FEFFAB1427F}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{43030C87-DE17-4FC8-A212-C44DE43E6718}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{59FB8443-DF98-42E6-9192-949F477C600B}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{99F366A3-9CB8-4E57-AAAB-C07EDCBC889D}C:riot gamesriot clientriotclientelectronriot client.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{9C82DE6C-20F2-468E-B8B3-C320A2733D20}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{DB3F49E4-145A-4A19-AC77-042E82F8D14C}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{328B77FB-D0DD-4D92-94DD-6F1350F33DD5}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{35E28B9E-BFF4-4CA9-BFE8-72D69FAD74E2}C:riot gamesriot clientriotclientelectronriot client.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{3822140D-A806-4CE7-A387-7545BBE72754}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{3DBB8DDD-DFD4-48D9-B535-9F5A1CEE4AB3}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{66B8BB22-645D-4622-A50C-AF1944ED6C10}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe" => removed successfully "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{C23AB35A-A90B-48C1-AE1B-D6336B4D9144}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe" => removed successfully "HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionRun\Synapse3" => removed successfully HKLMSystemCurrentControlSetServicescpuz159 => removed successfully cpuz159 => service removed successfully "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCachePlain{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully C:WINDOWSSystem32TasksMicrosoftWindowsLocationNotifications => moved successfully "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeMicrosoftWindowsLocationNotifications" => removed successfully "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCachePlain{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully C:WINDOWSSystem32TasksMicrosoftWindowsUpdateOrchestratorUSO_UxBroker => moved successfully "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeMicrosoftWindowsUpdateOrchestratorUSO_UxBroker" => removed successfully "C:UsersjustdAppDataRoamingexonautis" Folder move: C:UsersjustdAppDataRoamingexonautis => moved successfully C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsExonautis.lnk => moved successfully "C:UsersjustdAppDataLocalexonautis-updater" Folder move: C:UsersjustdAppDataLocalexonautis-updater => moved successfully C:UsersjustdAppDataRoamingavoriontestfile => moved successfully C:UsersjustdAppDataLocal119AC2FC90D95AC063B177717B7B3B6 => moved successfully C:UsersjustdAppDataLocalResmon.ResmonCfg => moved successfully ========= RemoveProxy: ========= "HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\SavedLegacySettings" => removed successfully "HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\SavedLegacySettings" => removed successfully "HKUS-1-5-21-1629956658-336341846-2884959028-1001SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKUS-1-5-21-1629956658-336341846-2884959028-1001SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:WindowsSystem32Driversetchosts => moved successfully Hosts restored successfully.

========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ip reset resetlog.txt ========= Resetting Compartment Forwarding, OK! Resetting Compartment, OK! Resetting Control Protocol, OK! Resetting Echo Sequence Request, OK! Resetting Global, OK! Resetting Interface, OK!

Resetting Anycast Address, OK! Resetting Multicast Address, OK! Resetting Unicast Address, OK! Resetting Neighbor, OK! Resetting Path, OK! Resetting Potential, OK! Resetting Prefix Policy, OK! Resetting Proxy Neighbor, OK! Resetting Route, OK! Resetting Site Prefix, OK! Resetting Subinterface, OK! Resetting Wakeup Pattern, OK! Resetting Resolve Neighbor, OK! Resetting , OK! Resetting , OK! Resetting , OK!

Resetting , OK! Resetting , failed. Access is denied. Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= reg export HKEY_LOCAL_MACHINESystemCurrentControlSetServicesSharedAccessDefaultsFirewallPolicyFirewallRules C:FirewallBackup.reg ========= The operation completed successfully.

========= End of CMD: ========= C:FirewallBackup.reg => moved successfully ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Ok. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. © Copyright Microsoft Corp. 0 out of 0 jobs canceled.

========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== FlushDNS => completed BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 85030458 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 475079343 B Windows/system/drivers => 150881373 B Edge => 262999169 B Chrome => 3245643483 B Firefox => 247082168 B Opera => 0 B LocalTemp, Local*.tmp, LocalLowTemp, RoamingTemp, Roaming*.tmp , IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 947125193 B systemprofile32 => 264622 B LocalService => 0 B NetworkService => 378330 B justd => 873317813 B   Fix result of Farbar Recovery Scan Tool (x64) Version: 07-03-2026 Ran by justd (08-03-2026 08:55:57) Run:2 Running from C:UsersjustdDesktop Loaded Profiles: justd Boot Mode: Normal ============================================== fixlist content: ***************** Start:: SystemRestore: CreateRestorePoint: CloseProcesses: AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk:BE32D07BC5 [3434] AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk:C5D586BE93 [3434] AlternateDataStreams: C:UsersPublicShared Files:VersionCache [2996] FirewallRules: [{277998C4-F7DF-49EE-B2C2-6E8B84A7070F}] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMER IIIlauncherlauncher.exe => No File FirewallRules: [{34F004F2-8668-4C68-A40C-2D0E0401308B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{418A83D8-3384-4F05-82E8-8DC9B14F8415}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File FirewallRules: [{524764FD-5705-4AE7-A8C2-FF594A0FDFC8}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File FirewallRules: [{5BB01233-6786-43C5-A4C1-219E98F951B4}] => (Allow) C:Program Files (x86)SteamsteamappscommonAvorionbinAvorion.exe => No File FirewallRules: [{5E9375CB-4A54-4B96-89B1-1D3096F63CBF}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{5EE50496-A8F9-4F29-8085-7D536A81C6E7}] => (Allow) C:Program Files (x86)SteamsteamappscommonCrusader Kings IIIlauncherdowser.exe => No File FirewallRules: [{79CF593F-9268-4A28-A674-EB145233ED9D}] => (Allow) C:Steam Second LocationsteamappscommonVictoria 3launcherdowser.exe => No File FirewallRules: [{867F3E9F-1E92-490F-9952-BCF852C9BA9C}] => (Allow) C:Program Files (x86)SteamsteamappscommonCrusader Kings IIIlauncherdowser.exe => No File FirewallRules: [{9F67A2E9-62AC-4166-A3AF-4109A0146D43}] => (Allow) C:Steam Second LocationsteamappscommonVictoria 3launcherdowser.exe => No File FirewallRules: [{AB2A1B58-0833-424C-8D3B-54BB48654B37}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe => No File FirewallRules: [{AC5C8470-63DB-41BD-9157-2FAFA75FCB1E}] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMER IIIlauncherlauncher.exe => No File FirewallRules: [{AD0E93AC-059C-450F-9030-0A3C8377C6D0}] => (Allow) C:Program Files (x86)SteamsteamappscommonAvorionbinAvorion.exe => No File FirewallRules: [{AD2AC6E9-5EC0-4D5D-91E0-E33BE05B823E}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{AF6D12EC-A76F-458A-88FB-596027ED342B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File FirewallRules: [{B00A4D1E-75E2-4236-9642-F6C029D3BFE0}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{B5098AC4-E636-4E2B-90EB-DBA935518817}] => (Allow) C:Program Files (x86)SteamsteamappscommonFactoriobinx64factorio.exe => No File FirewallRules: [{B95975DA-A261-4B43-8BD4-7A8472A2C13B}] => (Allow) C:Program Files (x86)SteamsteamappscommonFactoriobinx64factorio.exe => No File FirewallRules: [{BA033EE7-AE68-4A7F-9F99-8D8714099853}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File FirewallRules: [{BA2AE4B6-F5FA-459F-BDB8-E7D1C872F1CF}] => (Allow) C:Program Files (x86)SteamsteamappscommonFallout New VegasFalloutNVLauncher.exe => No File FirewallRules: [{D976593C-8657-48B4-90CC-1ED322A69E0B}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File FirewallRules: [{EF5C1ADF-28BC-48F7-A456-DAEF50B19B70}] => (Allow) C:Program Files (x86)SteamsteamappscommonFallout New VegasFalloutNVLauncher.exe => No File FirewallRules: [{F183BB5A-032F-42A4-9C50-BC14AC788051}] => (Allow) C:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File FirewallRules: [{FA9DAC81-F989-4915-B195-959ABD69E3C5}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe => No File FirewallRules: [TCP Query User{2CB0FD29-9E60-4B34-B92B-5FEFFAB1427F}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe] => (Allow) C:steam second locationsteamappscommonred dead redemption 2rdr2.exe => No File FirewallRules: [TCP Query User{43030C87-DE17-4FC8-A212-C44DE43E6718}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe => No File FirewallRules: [TCP Query User{59FB8443-DF98-42E6-9192-949F477C600B}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe] => (Allow) C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe => No File FirewallRules: [TCP Query User{99F366A3-9CB8-4E57-AAAB-C07EDCBC889D}C:riot gamesriot clientriotclientelectronriot client.exe] => (Allow) C:riot gamesriot clientriotclientelectronriot client.exe => No File FirewallRules: [TCP Query User{9C82DE6C-20F2-468E-B8B3-C320A2733D20}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe] => (Allow) C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe => No File FirewallRules: [TCP Query User{DB3F49E4-145A-4A19-AC77-042E82F8D14C}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe] => (Allow) C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe => No File FirewallRules: [UDP Query User{328B77FB-D0DD-4D92-94DD-6F1350F33DD5}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe] => (Allow) C:steam second locationsteamappscommonred dead redemption 2rdr2.exe => No File FirewallRules: [UDP Query User{35E28B9E-BFF4-4CA9-BFE8-72D69FAD74E2}C:riot gamesriot clientriotclientelectronriot client.exe] => (Allow) C:riot gamesriot clientriotclientelectronriot client.exe => No File FirewallRules: [UDP Query User{3822140D-A806-4CE7-A387-7545BBE72754}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe] => (Allow) C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe => No File FirewallRules: [UDP Query User{3DBB8DDD-DFD4-48D9-B535-9F5A1CEE4AB3}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe] => (Allow) C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe => No File FirewallRules: [UDP Query User{66B8BB22-645D-4622-A50C-AF1944ED6C10}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe] => (Allow) C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe => No File FirewallRules: [UDP Query User{C23AB35A-A90B-48C1-AE1B-D6336B4D9144}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe] => (Allow) C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe => No File HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe /StartMinimized (No File) S3 cpuz159; C:WINDOWStempcpuz159cpuz159_x64.sys [44680 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} – System32TasksMicrosoftWindowsLocationNotifications => %windir%System32LocationNotificationWindows.exe  (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} – System32TasksMicrosoftWindowsUpdateOrchestratorUSO_UxBroker => %systemroot%system32MusNotification.exe  (No File) 2026-03-07 20:13 – 2026-03-07 20:14 – 000000000 ____D C:UsersjustdAppDataRoamingexonautis 2026-03-07 20:13 – 2026-03-07 20:13 – 000002345 _____ C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsExonautis.lnk 2026-03-07 20:13 – 2026-03-07 20:13 – 000000000 ____D C:UsersjustdAppDataLocalexonautis-updater 2023-01-11 10:44 – 2026-03-06 19:06 – 000000000 _____ () C:UsersjustdAppDataRoamingavoriontestfile 2025-11-29 21:28 – 2025-11-29 21:28 – 000000048 ____R () C:UsersjustdAppDataLocal119AC2FC90D95AC063B177717B7B3B6 2023-04-08 00:41 – 2023-04-08 00:41 – 000007605 _____ () C:UsersjustdAppDataLocalResmon.ResmonCfg Removeproxy: Hosts: CMD: netsh winsock reset catalog CMD: netsh int ip reset resetlog.txt CMD: reg export HKEY_LOCAL_MACHINESystemCurrentControlSetServicesSharedAccessDefaultsFirewallPolicyFirewallRules C:FirewallBackup.reg C:FirewallBackup.reg CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns Emptytemp: End:: ***************** SystemRestore: => Error: No automatic fix found for this entry.

Restore point was successfully created. Processes closed successfully. "C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk" => ":BE32D07BC5" ADS not found. "C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk" => ":C5D586BE93" ADS not found. "C:UsersPublicShared Files" => ":VersionCache" ADS not found. "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{277998C4-F7DF-49EE-B2C2-6E8B84A7070F}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{34F004F2-8668-4C68-A40C-2D0E0401308B}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{418A83D8-3384-4F05-82E8-8DC9B14F8415}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{524764FD-5705-4AE7-A8C2-FF594A0FDFC8}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{5BB01233-6786-43C5-A4C1-219E98F951B4}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{5E9375CB-4A54-4B96-89B1-1D3096F63CBF}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{5EE50496-A8F9-4F29-8085-7D536A81C6E7}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{79CF593F-9268-4A28-A674-EB145233ED9D}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{867F3E9F-1E92-490F-9952-BCF852C9BA9C}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{9F67A2E9-62AC-4166-A3AF-4109A0146D43}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AB2A1B58-0833-424C-8D3B-54BB48654B37}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AC5C8470-63DB-41BD-9157-2FAFA75FCB1E}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AD0E93AC-059C-450F-9030-0A3C8377C6D0}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AD2AC6E9-5EC0-4D5D-91E0-E33BE05B823E}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{AF6D12EC-A76F-458A-88FB-596027ED342B}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{B00A4D1E-75E2-4236-9642-F6C029D3BFE0}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{B5098AC4-E636-4E2B-90EB-DBA935518817}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{B95975DA-A261-4B43-8BD4-7A8472A2C13B}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{BA033EE7-AE68-4A7F-9F99-8D8714099853}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{BA2AE4B6-F5FA-459F-BDB8-E7D1C872F1CF}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{D976593C-8657-48B4-90CC-1ED322A69E0B}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{EF5C1ADF-28BC-48F7-A456-DAEF50B19B70}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{F183BB5A-032F-42A4-9C50-BC14AC788051}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\{FA9DAC81-F989-4915-B195-959ABD69E3C5}" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{2CB0FD29-9E60-4B34-B92B-5FEFFAB1427F}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{43030C87-DE17-4FC8-A212-C44DE43E6718}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{59FB8443-DF98-42E6-9192-949F477C600B}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{99F366A3-9CB8-4E57-AAAB-C07EDCBC889D}C:riot gamesriot clientriotclientelectronriot client.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{9C82DE6C-20F2-468E-B8B3-C320A2733D20}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\TCP Query User{DB3F49E4-145A-4A19-AC77-042E82F8D14C}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{328B77FB-D0DD-4D92-94DD-6F1350F33DD5}C:steam second locationsteamappscommonred dead redemption 2rdr2.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{35E28B9E-BFF4-4CA9-BFE8-72D69FAD74E2}C:riot gamesriot clientriotclientelectronriot client.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{3822140D-A806-4CE7-A387-7545BBE72754}C:program files (x86)steamsteamappscommonavorionbinavorionserver.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{3DBB8DDD-DFD4-48D9-B535-9F5A1CEE4AB3}C:steam second locationsteamappscommonbaldurs gate 3binbg3_dx11.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{66B8BB22-645D-4622-A50C-AF1944ED6C10}C:program files (x86)steamsteamappscommontotal war warhammer iiiwarhammer3.exe" => not found "HKLMSYSTEMCurrentControlSetservicesSharedAccessParametersFirewallPolicyFirewallRules\UDP Query User{C23AB35A-A90B-48C1-AE1B-D6336B4D9144}C:program files (x86)steamsteamappscommoncyberpunk 2077binx64cyberpunk2077.exe" => not found "HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionRun\Synapse3" => not found cpuz159 => service not found.

"HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => not found "C:WINDOWSSystem32TasksMicrosoftWindowsLocationNotifications" => not found "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeMicrosoftWindowsLocationNotifications" => not found "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => not found "C:WINDOWSSystem32TasksMicrosoftWindowsUpdateOrchestratorUSO_UxBroker" => not found "HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeMicrosoftWindowsUpdateOrchestratorUSO_UxBroker" => not found "C:UsersjustdAppDataRoamingexonautis" => not found "C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsExonautis.lnk" => not found "C:UsersjustdAppDataLocalexonautis-updater" => not found "C:UsersjustdAppDataRoamingavoriontestfile" => not found "C:UsersjustdAppDataLocal119AC2FC90D95AC063B177717B7B3B6" => not found "C:UsersjustdAppDataLocalResmon.ResmonCfg" => not found ========= RemoveProxy: ========= "HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKUS-1-5-21-1629956658-336341846-2884959028-1001SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\DefaultConnectionSettings" => removed successfully "HKUS-1-5-21-1629956658-336341846-2884959028-1001SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsConnections\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:WindowsSystem32Driversetchosts => moved successfully Hosts restored successfully.

========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ip reset resetlog.txt ========= Resetting Compartment Forwarding, OK! Resetting Compartment, OK! Resetting Control Protocol, OK! Resetting Echo Sequence Request, OK! Resetting Global, OK! Resetting Interface, OK!

Resetting Anycast Address, OK! Resetting Multicast Address, OK! Resetting Unicast Address, OK! Resetting Neighbor, OK! Resetting Path, OK! Resetting Potential, OK! Resetting Prefix Policy, OK! Resetting Proxy Neighbor, OK! Resetting Route, OK! Resetting Site Prefix, OK! Resetting Subinterface, OK! Resetting Wakeup Pattern, OK! Resetting Resolve Neighbor, OK! Resetting , OK! Resetting , OK! Resetting , OK!

Resetting , OK! Resetting , failed. Access is denied. Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= reg export HKEY_LOCAL_MACHINESystemCurrentControlSetServicesSharedAccessDefaultsFirewallPolicyFirewallRules C:FirewallBackup.reg ========= The operation completed successfully.

========= End of CMD: ========= C:FirewallBackup.reg => moved successfully ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Ok. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. © Copyright Microsoft Corp. 0 out of 0 jobs canceled.

========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== FlushDNS => completed BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12833078 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 124803502 B Windows/system/drivers => 793893 B Edge => 0 B Chrome => 0 B Firefox => 20234322 B Opera => 0 B LocalTemp, Local*.tmp, LocalLowTemp, RoamingTemp, Roaming*.tmp , IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B justd => 67401663 B RecycleBin => 28983957219 B EmptyTemp: => 27.2 GB temporary data Removed.

================================ The system needed a reboot. ==== End of Fixlog 08:56:34 ==== _________________________________________________________________ # DoesNotBelong v10.6.5 # https://furtivex.net – https://github.com/furtivex/DoesNotBelong-Issues # OS: Microsoft Windows 11 Home x64 25H2 English – 0409 – 1252 – 437 # Username: justd -> S-1-5-21-1629956658-336341846-2884959028-1001 # Computername: PANDACOMP # Date: 2026_03_08__09_00_23 _________________________________________________________________ # Processes: # Services: # Browsers: Chrome – Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataDefault Chrome – Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataGuest Profile Chrome – Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataProfile  Chrome – Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataSystem Profile Edge – Profile: C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefault Firefox – Profile: C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-release # Files: C:UsersjustdAppDataLocalads_event_reporter633F6FEB30E043F2A56B0D1C13F1109 C:UsersjustdAppDataLocalads_event_reporter9833981716B6BF3AD0122A72BCA18A07 C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBGAUpsellAssetsBanner-img.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBGAUpsellAssetsDark-logo.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBGAUpsellAssetsLight-logo.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBGAUpsellBrowserSettings.dll C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerAssetsBanner-img.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerAssetsDark-logo.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerAssetsHero.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerAssetsLight-logo.png C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerAssetsStoreLogo44.ico C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerBrowserSettings.dll C:UsersjustdAppDataLocalMicrosoftBGAHelperLibBingChatInstallerofferparams.bin C:WINDOWSNvContainerRecovery.bat # Folders: C:UsersjustdAppDataLocalads_event_reporter  C:UsersjustdAppDataLocalMicrosoftBGAHelperLib  C:UsersjustdAppDataRoamingLauncher  C:WINDOWSInstallerMSI21CD.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI3DAD.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI4281.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI439B.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI5DA4.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI7351.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI7390.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI76B0.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSI9BC2.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSICA23.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIE3F1.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIE76C.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIEE83.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIF157.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIF530.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIF9F4.tmp- (JUNK.EmptyInstaller) C:WINDOWSInstallerMSIFDED.tmp- (JUNK.EmptyInstaller) # Tasks: MicrosoftOfficeOffice Feature Updates Logon MicrosoftOfficeOffice Performance Monitor MicrosoftWindowsAccountHealthRecoverabilityToastTask MicrosoftWindowsAppIDEDP Policy Manager MicrosoftWindowsApplication ExperienceMareBackup MicrosoftWindowsApplication ExperienceMicrosoft Compatibility Appraiser Exp MicrosoftWindowsApplication ExperienceSdbinstMergeDbTask MicrosoftWindowsApplication ExperienceStartupAppTask MicrosoftWindowsApplicationDataappuriverifierdaily MicrosoftWindowsApplicationDataappuriverifierinstall MicrosoftWindowsApplicationDataDsSvcCleanup MicrosoftWindowsAutochkProxy MicrosoftWindowscapabilityaccessmanagermaintenancetasks MicrosoftWindowsChkdskProactiveScan MicrosoftWindowsCloudExperienceHostCreateObjectTask MicrosoftWindowsCustomer Experience Improvement ProgramUsbCeip MicrosoftWindowsDefragScheduledDefrag MicrosoftWindowsDiagnosisRecommendedTroubleshootingScanner MicrosoftWindowsDiagnosisScheduled MicrosoftWindowsDiagnosisUnexpectedCodepath MicrosoftWindowsDiskFootprintDiagnostics MicrosoftWindowsDiskFootprintStorageSense MicrosoftWindowsEnterpriseMgmtMDMMaintenenceTask MicrosoftWindowsFeedbackSiufDmClient MicrosoftWindowsFeedbackSiufDmClientOnScenarioDownload MicrosoftWindowsFlightingFeatureConfigGovernedFeatureUsageProcessing MicrosoftWindowsFlightingFeatureConfigReconcileConfigs MicrosoftWindowsFlightingFeatureConfigReconcileFeatures MicrosoftWindowsFlightingFeatureConfigUsageDataFlushing MicrosoftWindowsFlightingFeatureConfigUsageDataReceiver MicrosoftWindowsFlightingFeatureConfigUsageDataReporting MicrosoftWindowsinputRemoteMouseSyncDataAvailable MicrosoftWindowsinputRemotePenSyncDataAvailable MicrosoftWindowsinputRemoteTouchpadSyncDataAvailable MicrosoftWindowsInstallServiceRestoreDevice MicrosoftWindowsInstallServiceScanForUpdatesAsUser MicrosoftWindowsInstallServiceSmartRetry MicrosoftWindowsMaintenanceWinSAT MicrosoftWindowsMapsMapsToastTask MicrosoftWindowsMemoryDiagnosticAutomaticOfflineMemoryDiagnostic MicrosoftWindowsMemoryDiagnosticProcessMemoryDiagnosticEvents MicrosoftWindowsNetwork Connectivity Status IndicatorNcsiIdentifyUserProxies MicrosoftWindowsPCRPFPCR Prediction Framework Firmware Update Task MicrosoftWindowsPerformanceTraceRequestTrace MicrosoftWindowsPerformanceTraceWhesvcToast MicrosoftWindowsPlutonPluton-Ksp-Provisioning MicrosoftWindowsPower Efficiency DiagnosticsAnalyzeSystem MicrosoftWindowsPushToInstallLoginCheck MicrosoftWindowsReFsDedupSvcInitialization MicrosoftWindowsRemoteAssistanceRemoteAssistanceTask MicrosoftWindowsSetupPITRTask MicrosoftWindowsShellCreateObjectTask MicrosoftWindowsShellFamilySafetyMonitor MicrosoftWindowsShellFamilySafetyRefreshTask MicrosoftWindowsShellIndexerAutomaticMaintenance MicrosoftWindowsShellThemesSyncedImageDownload MicrosoftWindowsShellUpdateUserPictureTaskContained MicrosoftWindowsSMBUninstallSMB1ClientTask MicrosoftWindowsSMBUninstallSMB1ServerTask MicrosoftWindowsSubscriptionEnableLicenseAcquisition MicrosoftWindowsSustainabilitySustainabilityTelemetry MicrosoftWindowsTPMTpm-PreAttestationHealthCheck MicrosoftWindowsWindows Media SharingUpdateLibrary MicrosoftWindowsWindowsAIRecallPolicyConfiguration MicrosoftWindowsWindowsAISettingsInitialConfiguration MicrosoftWindowsWindowsUpdateRefresh Group Policy Cache MicrosoftWindowsWindowsUpdateScheduled Start MicrosoftWindowsWOFWIM-Hash-Management MicrosoftWindowsWwanSvcNotificationTask MicrosoftWindowsWwanSvcOobeDiscovery MicrosoftXblGameSaveXblGameSaveTask NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Startup Task-S-1-5-21-1629956658-336341846-2884959028-1001 # Registry: HKLMSoftwareMicrosoftTracingAutoUpdate_RASAPI32 HKLMSoftwareMicrosoftTracingAutoUpdate_RASMANCS HKLMSoftwareMicrosoftTracingGameManagerService_RASAPI32 HKLMSoftwareMicrosoftTracingGameManagerService_RASMANCS HKLMSoftwareMicrosoftTracingMSI_Driver_Utility_Installer_RASAPI32 HKLMSoftwareMicrosoftTracingMSI_Driver_Utility_Installer_RASMANCS HKLMSoftwareMicrosoftTracingRazer Central_RASAPI32 HKLMSoftwareMicrosoftTracingRazer Central_RASMANCS HKLMSoftwareMicrosoftTracingRazer Synapse 3_RASAPI32 HKLMSoftwareMicrosoftTracingRazer Synapse 3_RASMANCS HKLMSoftwareMicrosoftTracingRazer Synapse Service Process_RASAPI32 HKLMSoftwareMicrosoftTracingRazer Synapse Service Process_RASMANCS HKLMSoftwareMicrosoftTracingRazer Synapse Service_RASAPI32 HKLMSoftwareMicrosoftTracingRazer Synapse Service_RASMANCS HKLMSoftwareMicrosoftTracingRazerCentralService_RASAPI32 HKLMSoftwareMicrosoftTracingRazerCentralService_RASMANCS HKLMSoftwareMicrosoftTracingRazerInstaller_RASAPI32 HKLMSoftwareMicrosoftTracingRazerInstaller_RASMANCS HKLMSoftwareMicrosoftBingSvc HKCUSoftwareMicrosoftWindowsCurrentVersionContentDeliveryManager\SubscribedContent-338388Enabled HKCUSoftwareMicrosoftWindowsCurrentVersionContentDeliveryManager\SubscribedContent-338389Enabled HKCUSoftwareMicrosoftWindowsCurrentVersionContentDeliveryManager\SubscribedContent-88000326Enabled HKCUSoftwareMicrosoftWindowsCurrentVersionContentDeliveryManager\SystemPaneSuggestionsEnabled [1] => [0] HKCRLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoft.BingNews_8wekyb3d8bbwe HKCRLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoft.Copilot_8wekyb3d8bbwe HKCRLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoft.Edge.GameAssist_8wekyb3d8bbwe HKCRLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKCUSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoft.BingNews_8wekyb3d8bbwe HKCUSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoft.Copilot_8wekyb3d8bbwe HKCUSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoft.Edge.GameAssist_8wekyb3d8bbwe HKCUSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelPolicyCacheMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKCUSoftwareMicrosoftWindows NTCurrentVersionHostActivityManagerCommitHistoryClipchamp.Clipchamp_yxz26nhyzhsrt!App HKCUSoftwareMicrosoftWindows NTCurrentVersionHostActivityManagerCommitHistoryMicrosoft.Copilot_8wekyb3d8bbwe!App HKCUSoftwareMicrosoftWindows NTCurrentVersionHostActivityManagerCommitHistoryMicrosoft.Edge.GameAssist_8wekyb3d8bbwe!App HKCUSoftwareMicrosoftWindows NTCurrentVersionHostActivityManagerCommitHistoryMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy!Widgets HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplications9426MICRO-STARINTERNATION.MSICenter_kzh8wxbdkxb8p HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsClipchamp.Clipchamp_yxz26nhyzhsrt HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoft.BingNews_8wekyb3d8bbwe HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoft.BingSearch_8wekyb3d8bbwe HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoft.BingWeather_8wekyb3d8bbwe HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoft.Copilot_8wekyb3d8bbwe HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoft.Edge.GameAssist_8wekyb3d8bbwe HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoftWindows.Client.CoPilot_cw5n1h2txyewy HKCUSoftwareMicrosoftWindowsCurrentVersionBackgroundAccessApplicationsMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun\Discord HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun\EpicGamesLauncher HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun\OneDrive HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun\Steam HKCUSoftwareMicrosoftWindowsCurrentVersionRun\Steam HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun\RtkAudUService HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun\SecurityHealth HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun32\MSIRegister HKLMSystemSetupUpgradeAppxAppxAllUserStoreStagedMicrosoft.BingNews_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxAppxAllUserStoreStagedMicrosoft.BingSearch_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreApplications9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_neutral_~_kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreApplicationsClipchamp.Clipchamp_3.1.11920.0_neutral_~_yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreApplicationsMicrosoft.BingNews_4.8.11001.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreApplicationsMicrosoft.BingWeather_4.54.63007.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreApplicationsMicrosoftWindows.Client.WebExperience_524.34401.20.0_neutral_~_cw5n1h2txyewy HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-18Clipchamp.Clipchamp_3.1.11920.0_neutral_~_yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-18Microsoft.BingNews_4.8.11001.0_neutral_~_8wekyb3d8bbwe HKLMSYSTEMSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-21-1629956658-336341846-2884959028-10019426MICRO-STARINTERNATION.MSICenter_2.0.47.0_neutral_~_kzh8wxbdkxb8p HKLMSYSTEMSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-21-1629956658-336341846-2884959028-1001Clipchamp.Clipchamp_3.1.11920.0_neutral_~_yxz26nhyzhsrt HKLMSYSTEMSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-21-1629956658-336341846-2884959028-1001Microsoft.BingNews_4.8.11001.0_neutral_~_8wekyb3d8bbwe HKLMSYSTEMSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-21-1629956658-336341846-2884959028-1001Microsoft.BingWeather_4.54.63007.0_neutral_~_8wekyb3d8bbwe HKLMSYSTEMSetupUpgradeAppxDownlevelGatherAppxAllUserStoreS-1-5-21-1629956658-336341846-2884959028-1001MicrosoftWindows.Client.WebExperience_524.34401.20.0_neutral_~_cw5n1h2txyewy HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallState9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_neutral_~_kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallState9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_neutral_split.scale-100_kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallState9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_x64__kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateClipchamp.Clipchamp_3.1.11920.0_neutral__yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateClipchamp.Clipchamp_3.1.11920.0_neutral_~_yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateClipchamp.Clipchamp_3.1.11920.0_neutral_split.scale-100_yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingNews_4.55.62231.0_neutral_split.scale-100_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingNews_4.8.11001.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingSearch_1.1.3.0_neutral_split.scale-100_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingSearch_1.1.3.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingSearch_2022.1.3.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingWeather_4.54.63007.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingWeather_4.54.63007.0_neutral_split.scale-100_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.BingWeather_4.54.63007.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.Copilot_1.24123.47.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoft.Copilot_1.24123.47.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoftWindows.Client.WebExperience_524.34401.20.0_neutral_~_cw5n1h2txyewy HKLMSystemSetupUpgradeAppxDownlevelGatherPackageInstallStateMicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectory9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_neutral_~_kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectory9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_neutral_split.scale-100_kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectory9426MICRO-STARINTERNATION.MSICenter_2.0.47.0_x64__kzh8wxbdkxb8p HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryClipchamp.Clipchamp_3.1.11920.0_neutral__yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryClipchamp.Clipchamp_3.1.11920.0_neutral_~_yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryClipchamp.Clipchamp_3.1.11920.0_neutral_split.scale-100_yxz26nhyzhsrt HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingNews_4.55.62231.0_neutral_split.scale-100_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingNews_4.8.11001.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingSearch_1.1.3.0_neutral_split.scale-100_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingSearch_1.1.3.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingSearch_2022.1.3.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingWeather_4.54.63007.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingWeather_4.54.63007.0_neutral_split.scale-100_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.BingWeather_4.54.63007.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.Copilot_1.24123.47.0_neutral_~_8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoft.Copilot_1.24123.47.0_x64__8wekyb3d8bbwe HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoftWindows.Client.WebExperience_524.34401.20.0_neutral_~_cw5n1h2txyewy HKLMSystemSetupUpgradeAppxDownlevelGatherSisDirectoryMicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppData9426MICRO-STARINTERNATION.MSICenter_kzh8wxbdkxb8p HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataClipchamp.Clipchamp_yxz26nhyzhsrt HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingNews_8wekyb3d8bbwe HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingSearch_8wekyb3d8bbwe HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingWeather_8wekyb3d8bbwe HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.Copilot_8wekyb3d8bbwe HKU.DEFAULTSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppData9426MICRO-STARINTERNATION.MSICenter_kzh8wxbdkxb8p HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataClipchamp.Clipchamp_yxz26nhyzhsrt HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingNews_8wekyb3d8bbwe HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingSearch_8wekyb3d8bbwe HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingWeather_8wekyb3d8bbwe HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.Copilot_8wekyb3d8bbwe HKUS-1-5-18SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppData9426MICRO-STARINTERNATION.MSICenter_kzh8wxbdkxb8p HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataClipchamp.Clipchamp_yxz26nhyzhsrt HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingNews_8wekyb3d8bbwe HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingSearch_8wekyb3d8bbwe HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingWeather_8wekyb3d8bbwe HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.Copilot_8wekyb3d8bbwe HKUS-1-5-19SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKUS-1-5-19SoftwareMicrosoftWindowsCurrentVersionRunOnce\OneDrive HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppData9426MICRO-STARINTERNATION.MSICenter_kzh8wxbdkxb8p HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataClipchamp.Clipchamp_yxz26nhyzhsrt HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingNews_8wekyb3d8bbwe HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingSearch_8wekyb3d8bbwe HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.BingWeather_8wekyb3d8bbwe HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoft.Copilot_8wekyb3d8bbwe HKUS-1-5-20SoftwareClassesLocal SettingsSoftwareMicrosoftWindowsCurrentVersionAppModelSystemAppDataMicrosoftWindows.Client.WebExperience_cw5n1h2txyewy HKUS-1-5-20SoftwareMicrosoftWindowsCurrentVersionRunOnce\OneDrive HKLMSystemCurrentControlSetControlCrashControl\AutoReboot [1] => [0] # Caches: C:Program Files (x86)Overwatchdatacascconfig (D-7) C:Program Files (x86)Overwatchdatacascindices (F-913) C:ProgramDataBlizzard EntertainmentBattle.netCache (D-36) C:ProgramDataMicrosoftSearchDataApplicationsWindowsGatherLogsSystemIndex (F-1013) C:UsersjustdAppDataLocalD3DSCache (D-25) C:UsersjustdAppDataLocalGoogleChromeUser DataGuest ProfileCache (F-5) C:UsersjustdAppDataLocalGoogleChromeUser DataGuest ProfileCode Cache (F-6) C:UsersjustdAppDataLocalGoogleChromeUser DataSystem ProfileCache (F-5) C:UsersjustdAppDataLocalGoogleChromeUser DataSystem ProfileCode Cache (F-6) C:UsersjustdAppDataLocalMicrosoftTokenBrokerCache (F-37) C:UsersjustdAppDataLocalMicrosoftWindowsActionCenterCache (F-0) C:UsersjustdAppDataLocalMicrosoftWindowsINetCacheIE (D-1) C:UsersjustdAppDataLocalMozillaFirefoxProfiles<Profile>cache2entries (F-74) C:UsersjustdAppDataLocalNVIDIADxCache (F-705) C:UsersjustdAppDataLocalNVIDIAGLCache (F-18) C:UsersjustdAppDataLocalTemp (D-4) C:UsersjustdAppDataRoamingCurseForgeCacheCache_Data (F-547) C:UsersjustdAppDataRoamingCurseForgeCode Cachejs (F-135) C:UsersjustdAppDataRoamingdiscordCacheCache_Data (F-66) C:UsersjustdAppDataRoamingdiscordCode Cachejs (F-132) C:UsersjustdAppDataRoamingMozillaFirefoxProfiles<Profile>shader-cache (F-40) C:WINDOWSLogsCBS (F-6) C:WINDOWSLogsSIH (F-8) C:WINDOWSLogsWindowsUpdate (F-59) C:WINDOWSServiceProfilesLocalServiceAppDataLocalFontCacheFonts (F-1) C:WINDOWSServiceProfilesLocalServiceAppDataLocalNVIDIADxCache (F-0) C:WINDOWSServiceProfilesLocalServiceAppDataLocalTemp (F-0) C:WINDOWSServiceProfilesNetworkServiceAppDataLocalMicrosoftWindowsDeliveryOptimizationLogs (F-525) C:WINDOWSServiceProfilesNetworkServiceAppDataLocalMicrosoftWindowsINetCache (F-0) C:WINDOWSServiceProfilesNetworkServiceAppDataLocalTemp (F-0) C:WINDOWSServiceStateWinHttpAutoProxySvcData (F-0) C:WINDOWSSystem32configsystemprofileAppDataLocal (D-6446) C:WINDOWSSystem32configsystemprofileAppDataLocalD3DSCache (D-4) C:WINDOWSSystem32configsystemprofileAppDataLocalNVIDIADxCache (F-6) C:WINDOWSSystemTemp (D-0) C:WINDOWSSystemTemp (F-1) C:WINDOWSTemp (F-5) # Packages: 9426MICRO-STARINTERNATION.MSICenter_2.0.66.0_x64__kzh8wxbdkxb8p Clipchamp.Clipchamp_4.5.10220.0_x64__yxz26nhyzhsrt Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe Microsoft.BingSearch_1.1.43.0_x64__8wekyb3d8bbwe Microsoft.BingWeather_4.54.63029.0_x64__8wekyb3d8bbwe Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe MicrosoftWindows.Client.WebExperience_526.1202.40.0_x64__cw5n1h2txyewy # Miscellaneous: [?] AntiVirus Software: Windows Defender [?] Event Viewer Logs were cleared HKLMSYSTEMCurrentControlSetControlDeviceGuardScenariosHypervisorEnforcedCodeIntegrity     Enabled    REG_DWORD    0x1 HKLMSoftwareMicrosoftWindows DefenderExclusionsExtensions HKLMSoftwareMicrosoftWindows DefenderExclusionsIpAddresses HKLMSoftwareMicrosoftWindows DefenderExclusionsPaths     D:SteamLibrarysteamappscommonFallout 4    REG_DWORD    0x0 HKLMSoftwareMicrosoftWindows DefenderExclusionsProcesses HKLMSoftwareMicrosoftWindows DefenderExclusionsTemporaryPaths ___ C:ProgramDataMicrosoftWindows DefenderPlatform4.18.25110.6-0 C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0 C:Program FilesGoogleChromeApplication145.0.7632.160 C:Program Files (x86)MicrosoftEdgeApplication145.0.3800.82 Event[0]   Log Name: Microsoft-Windows-Diagnostics-Performance/Operational   Source: Microsoft-Windows-Diagnostics-Performance   Date: 2025-01-29T09:19:51.6650000Z   Event ID: 100   Task: Boot Performance Monitoring   Level: Error   Opcode: Boot Information   Keyword: Event Log,   User: S-1-5-19   User Name: NT AUTHORITYLOCAL SERVICE   Computer: PandaComp   Description:  Windows has started up:       Boot Duration        :    122526ms      IsDegradation        :    false      Incident Time (UTC)    :    ?2025?-?01?-?29T16:17:41.866953300Z Event[1]   Log Name: Microsoft-Windows-Diagnostics-Performance/Operational   Source: Microsoft-Windows-Diagnostics-Performance   Date: 2025-02-01T08:02:35.5350000Z   Event ID: 100   Task: Boot Performance Monitoring   Level: Error   Opcode: Boot Information   Keyword: Event Log,   User: S-1-5-19   User Name: NT AUTHORITYLOCAL SERVICE   Computer: PandaComp   Description:  Windows has started up:       Boot Duration        :    69298ms      IsDegradation        :    true      Incident Time (UTC)    :    ?2025?-?02?-?01T15:00:27.878640700Z Event[2]   Log Name: Microsoft-Windows-Diagnostics-Performance/Operational   Source: Microsoft-Windows-Diagnostics-Performance   Date: 2025-02-14T17:57:47.5740000Z   Event ID: 100   Task: Boot Performance Monitoring   Level: Error   Opcode: Boot Information   Keyword: Event Log,   User: S-1-5-19   User Name: NT AUTHORITYLOCAL SERVICE   Computer: PandaComp   Description:  Windows has started up:       Boot Duration        :    65728ms      IsDegradation        :    true      Incident Time (UTC)    :    ?2025?-?02?-?15T00:55:19.882476800Z C:FRSTQuarantineCFirewallBackup.reg.xBAD C:FRSTQuarantineCUsersjustdAppDataLocal119AC2FC90D95AC063B177717B7B3B6.xBAD C:FRSTQuarantineCUsersjustdAppDataLocalResmon.ResmonCfg.xBAD C:FRSTQuarantineCUsersjustdAppDataLocalexonautis-updaterinstaller.exe C:FRSTQuarantineCUsersjustdAppDataRoamingavoriontestfile.xBAD C:FRSTQuarantineCUsersjustdAppDataRoamingexonautisLocal State C:FRSTQuarantineCUsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsExonautis.lnk.xBAD C:FRSTQuarantineCWINDOWSSystem32Driversetchosts.xBAD C:FRSTQuarantineCWINDOWSSystem32TasksMicrosoftWindowsLocationNotifications.xBAD C:FRSTQuarantineCWINDOWSSystem32TasksMicrosoftWindowsUpdateOrchestratorUSO_UxBroker.xBAD C:ProgramDataHitmanProLogsHitmanPro_20260307_2048.log C:UsersjustdAppDataLocalCrashDumpsbackgroundTaskHost.exe.25184.dmp C:UsersjustdAppDataLocalCrashDumpsCiv4BeyondSword.exe.22808.dmp C:UsersjustdAppDataLocalCrashDumpsFallout4.exe.18172.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.11656.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.14480.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.18852.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.20452.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.22392.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.24116.dmp C:UsersjustdAppDataLocalCrashDumpsWonderdraft.exe.29924.dmp C:WINDOWSSystem32configsystemprofileAppDataLocalCrashDumpsNVDisplay.Container.exe.2552.dmp C:WINDOWSSystem32configsystemprofileAppDataLocalCrashDumpssvchost.exe.9776.dmp ___________________________ EOF DNB __________________________   Can you please attach C:ProgramDataHitmanProLogsHitmanPro_20260307_2048.log for review?

Thanks The computer appears to be working fine and fully functionally without issue. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-03-2026 Ran by justd (administrator) on PANDACOMP (Micro-Star International Co., Ltd. MS-7D25) (08-03-2026 14:49:59) Running from C:UsersjustdDesktopFRST64.exe Loaded Profiles: justd Platform: Microsoft Windows 11 Home Version 25H2 26200.7922 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed.

The file will not be moved.) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:ProgramDataBattle.netAgentAgent.9390Agent.exe (C:Program FilesCorsairCorsair iCUE5 SoftwareiCUE.exe ->) (Corsair Memory, Inc. -> ) C:Program FilesCorsairCorsair iCUE5 Softwarecrashpad_handler.exe <3> (C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMalwarebytes.exe (C:Program FilesMozilla Firefoxfirefox.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMbamBgNativeMsg.exe (C:Program FilesMozilla Firefoxfirefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:Program FilesMozilla Firefoxcrashhelper.exe (Corsair Memory, Inc.

-> Corsair Memory, Inc.) C:Program FilesCorsairCorsair iCUE5 SoftwareiCUE.exe (Discord Inc. -> Discord Inc.) C:UsersjustdAppDataLocalDiscordapp-1.0.9227Discord.exe <6> (explorer.exe ->) () [File not signed] C:UsersjustdDocumentsElder Scrolls OnlineliveAddOnsEssentialHousingToolsEssentialHousingCommunityEssentialHousingCommunity.exe (explorer.exe ->) (Blizzard Entertainment, Inc.

-> Blizzard Entertainment) C:Program Files (x86)Battle.netBattle.net.exe <4> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDriveOneDrive.exe (explorer.exe ->) (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) C:Program FilesTortoiseSVNbinTSVNCache.exe (Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <14> (services.exe ->) (Corsair Memory, Inc.

-> Corsair Memory, Inc.) C:Program FilesCorsairCorsair iCUE5 SoftwareCorsairCpuIdService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCorsair iCUE5 SoftwareiCUEUpdateService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_af50fdb80983f7bcjhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_524cec1494781ee1OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_e2d833b564372581IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorymewmiprov.inf_amd64_d51901c26227fb29WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:WindowsSysWOW64XtuService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:WindowsSystem32DriverStoreFileRepositorylogi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267logi_lamparray_service.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncHelper.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MidiSrv.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32msiexec.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_f55cb1d07ac1033fDisplay.NvContainerNVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp.

-> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_31dd95d009763f70RtkAudUService64.exe <2> (services.exe ->) (THX LTD. -> VisiSonics) C:WindowsSystem32VSSrv.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDrive26.026.0209.0004FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <8> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32NgcIso.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SpaceAgent.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32spaceman.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsUUSPackagesPreviewamd64MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.7911_none_a4ec25d37778e59eTiWorker.exe (VSSrv.exe ->) (THX LTD.

-> VisiSonics) C:WindowsSystem32VSHelper.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_31dd95d009763f70RtkAudUService64.exe [3282984 2025-12-11] (Realtek Semiconductor Corp.

-> Realtek Semiconductor) HKLM…Run: [Corsair iCUE5 Software] => C:Program FilesCorsairCorsair iCUE5 SoftwareiCUE Launcher.exe [195224 2026-02-25] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Discord] => C:UsersjustdAppDataLocalDiscordUpdate.exe [1525032 2022-08-08] (Discord Inc. -> GitHub) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:Program FilesMozilla Firefoxfirefox.exe" -os-autostart [707200 2026-02-24] (Mozilla Corporation -> Mozilla Corporation) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [4746640 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Essential Housing Community] => C:UsersjustdDocumentsElder Scrolls OnlineliveAddOnsEssentialHousingToolsEssentialHousingCommunityEssentialHousingCommunity.exe [67584 2026-01-10] () [File not signed] HKUS-1-5-21-1629956658-336341846-2884959028-1001…Run: [Battle.net] => C:Program Files (x86)Battle.netBattle.net.exe [1008336 2026-03-03] (Blizzard Entertainment, Inc.

-> Blizzard Entertainment) HKLMSoftwareMicrosoftActive SetupInstalled Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:Program FilesGoogleChromeApplicationPlatformExperienceHelperplatform_experience_helper.exe [2026-01-30] (Google LLC -> Google LLC) HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication145.0.7632.160Installerchrmstp.exe [2026-03-06] (Google LLC -> Google LLC) Startup: C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMJ-189GamingMouse.lnk [2023-09-08] ShortcutTarget: MJ-189GamingMouse.lnk -> C:Program Files (x86)MOJOMJ-189 Gaming MouseMJ-189GamingMouse.exe () [File not signed] Startup: C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSend to OneNote.lnk [2025-07-03] ShortcutTarget: Send to OneNote.lnk -> C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) Task: {A3280B83-A1F5-4B77-B2FC-24DE1AF889DC} – System32TasksCreateExplorerShellUnelevatedTask => C:Windowsexplorer.exe [3257480 2026-03-08] (Microsoft Windows -> Microsoft Corporation) Task: {5165E7E7-034A-4F09-90D1-8893062BB565} – System32TasksGoogleSystemGoogleUpdaterGoogleUpdaterTaskSystem147.0.7703.0{9FC355B2-BFCA-40A2-B5CC-64E3EF571E93} => C:Program Files (x86)GoogleGoogleUpdater147.0.7703.0updater.exe [8495256 2026-02-25] (Google LLC -> Google LLC) Task: {0B4D44C8-F1B5-44EE-A28F-4225B496BE57} – System32TasksIntelIntel Telemetry 2 => C:Program FilesIntelTelemetry 2.0lrio.exe [2064744 2021-01-19] (Intel® Production Software -> Intel Corporation) Task: {C1001DD7-0C90-4C89-8F34-3CEC6E3D2844} – System32TasksMicrosoftOfficeOffice Actions Server => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16ActionsServerActionsServer.exe [16301440 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {85F1F7DD-39CC-438E-81E3-19133778F3DB} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [28604736 2026-02-22] (Microsoft Corporation -> Microsoft Corporation) Task: {312238A6-E03C-4C12-99E2-E90223AED1B8} – System32TasksMicrosoftOfficeOffice Background Push Maintenance => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16opushutil.exe [73568 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {D5E858DD-9702-40E5-8C8A-378CE169FF05} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [28604736 2026-02-22] (Microsoft Corporation -> Microsoft Corporation) Task: {92486C19-10FA-4FFD-BD12-FAB68943D2B9} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [427808 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {3E1C1AB7-EF8B-4835-A5EA-3537FFECFF57} – System32TasksMicrosoftOfficeOffice Startup Maintenance => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16ActionsServerActionsServer.exe [16301440 2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Task: {4BC51B4B-9CE0-44D4-B35C-9B66C759C9E4} – System32TasksMicrosoftWindowsSetupSetupRecoveryDataTask => {717aa9c3-17e5-483b-81cc-8e27ed927763} C:WINDOWSsystem32oobeSetupRecoveryDataTask.dll [106496 2026-03-08] (Microsoft Windows -> Microsoft Corporation) Task: {1917A7F4-7DEA-4D02-8517-22B76DE707F8} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3383E4A1-2155-4A6B-9104-0B5A98D2D88A} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4B70FE4B-7983-45E1-B5D7-2EACBB98932B} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {326A4862-9672-4BC2-B875-A5485FCA174A} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6DCF1099-550E-4D2D-82E7-E8E7D3D29642} – System32TasksMozillaFirefox Background Update S-1-5-21-1629956658-336341846-2884959028-1001 308046B0AF4A39CB => C:Program FilesMozilla Firefoxfirefox.exe [707200 2026-02-24] (Mozilla Corporation -> Mozilla Corporation) -> C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38updates308046B0AF4A39CB–MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 –MOZ_LOG_FILE C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38updates308046B0AF4A39CBbackgroundupdate.moz_log –backgroundtask background (the data entry has 6 more characters).

Task: {6A34BA81-1DA8-4AB4-B24F-F55155A60B7A} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [33920 2026-02-24] (Mozilla Corporation -> Mozilla Foundation) Task: {F2E2621C-96A7-404A-AF1F-0AB6E872B0FC} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [4409704 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {22D22241-DB5D-4CCF-9CAC-F095F32D0A84} – System32TasksOneDrive Reporting Task-S-1-5-21-1629956658-336341846-2884959028-1001 => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [4409704 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {F94622E4-61E7-4B93-86B8-D60DEF1ED3A3} – System32TasksZoomUpdateTaskUser-S-1-5-21-1629956658-336341846-2884959028-1001 => C:UsersjustdAppDataRoamingZoombinZoom.exe [467384 2026-02-27] (Zoom Video Communications, Inc.

-> Zoom Communications, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) TcpipParameters: [DhcpNameServer] 192.168.1.1 Tcpip..Interfaces{a5e7a118-ab10-48f8-abdb-ead82ea54116}: [DhcpNameServer] 192.168.1.1 Tcpip..Interfaces{a5e7a118-ab10-48f8-abdb-ead82ea54116}: [DhcpDomain] teksavvy.com Tcpip..Interfaces{e9365dd7-559c-4f2b-8731-9c0e85b6ac3d}: [DhcpNameServer] 192.168.1.1 Tcpip..Interfaces{e9365dd7-559c-4f2b-8731-9c0e85b6ac3d}: [DhcpDomain] teksavvy.com FireFox: ======== FF TaskBarID: 308046B0AF4A39CB -> C:Program FilesMozilla Firefox FF DefaultProfile: 5mftf26n.default-release -> 308046B0AF4A39CB FF ProfilePath: C:UsersjustdAppDataRoamingMozillaFirefoxProfiles6sia71c2.default [2026-03-08] FF ProfilePath: C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-release [2026-03-08] FF Session Restore: MozillaFirefoxProfiles5mftf26n.default-release -> is enabled.

FF Extension: (Dark Reader) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsaddon@darkreader.org.xpi [2026-03-03] FF Extension: (Better Darker Docs) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsbatterdarkerdocs@threethan.github.io.xpi [2024-11-19] FF Extension: (Black Menu for Google™) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsblack-menu-for-google@carlosjeurissen.com.xpi [2026-03-04] FF Extension: (Enhancer for YouTube™) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsenhancerforyoutube@maximerf.addons.mozilla.org.xpi [2026-02-25] FF Extension: (Streaming enhanced Netflix Disney Prime Video) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsNetflixPrime@Autoskip.io.xpi [2026-01-29] FF Extension: (New Tab) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsnewtab@mozilla.org.xpi [2026-03-03] FF Extension: (Tab Grouper) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionstab-grouper-live@TheNamlessGuy.github.io.xpi [2025-05-03] FF Extension: (uBlock Origin) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensionsuBlock0@raymondhill.net.xpi [2026-01-31] FF Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-11-18] FF Extension: (Undo Close Tab) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{4853d046-c5a3-436b-bc36-220fd935ee1d}.xpi [2025-06-21] FF Extension: (Purple starfield – Animated) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{5adf2485-4acd-42a8-b04c-1b0a6b03ddd0}.xpi [2024-11-18] FF Extension: (ClearURLs) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{74145f27-f039-47ce-a470-a662b129930a}.xpi [2025-02-15] FF Extension: (Return YouTube Dislike) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2024-11-18] FF Extension: (Adblock Plus – free ad blocker) – C:UsersjustdAppDataRoamingMozillaFirefoxProfiles5mftf26n.default-releaseExtensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2026-02-19] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2026-01-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation) Edge:  ======= Edge DefaultProfile: Default Edge Profile: C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefault [2026-03-08] Edge Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbojobppfploabceghnmlahpoonbcbacn [2026-03-05] Edge Extension: (Google Docs Offline) – C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-01] Edge Extension: (Edge relevant text changes) – C:UsersjustdAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsjmjflgjpcpepeafmmgdpfkogkghcpiha [2026-01-18] Edge HKLM…EdgeExtension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32…EdgeExtension: [bojobppfploabceghnmlahpoonbcbacn] Chrome:  ======= CHR DefaultProfile: Default CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataDefault [2026-03-08] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Session Restore: Default -> is enabled.

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2026-03-07] CHR Extension: (Google Docs Offline) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-02] CHR Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2026-03-07] CHR Extension: (Google Docs Dark Mode) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionslgjhepbpjcmfmjlpkkdjlbgomamkgonb [2023-08-29] CHR Extension: (Chrome Web Store Payments) – C:UsersjustdAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2022-09-15] CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataGuest Profile [2026-03-08] CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1 [2026-03-08] CHR Extension: (Honey: Automatic Coupons & Rewards) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2025-11-09] CHR Extension: (Google Docs Offline) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-07] CHR Extension: (Malwarebytes Browser Guard) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsihcjicgdanjaechkgeegckofjjedodee [2025-05-07] CHR Extension: (Marsala) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsjjlfmldcaheghnjjpgpoadjfppefjmkj [2023-12-16] CHR Extension: (Chrome Web Store Payments) – C:UsersjustdAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2022-09-26] CHR Profile: C:UsersjustdAppDataLocalGoogleChromeUser DataSystem Profile [2026-03-08] CHR HKLM…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) S3 battlenet_helpersvc; C:ProgramDataBattle.net_componentsbattlenet_helpersvcAgentHelper.exe [3386064 2026-02-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [15044872 2023-03-10] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [13270416 2026-02-22] (Microsoft Corporation -> Microsoft Corporation) R3 CorsairCpuIdService; C:Program FilesCorsairCorsair iCUE5 SoftwareCorsairCpuIdService.exe [613528 2026-02-25] (Corsair Memory, Inc.

-> Corsair Memory, Inc.) S3 CorsairDeviceListerService; C:Program FilesCorsairCorsair iCUE5 SoftwareCorsairDeviceListerService.exe [364696 2026-02-25] (Corsair Memory, Inc. -> ) S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [813032 2022-09-17] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:Program Files (x86)EasyAntiCheat_EOSEasyAntiCheat_EOS.exe [959216 2025-06-22] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesUpdater.exe [3328976 2026-01-29] (Epic Games Inc.

-> Epic Games, Inc.) S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.) R3 FileSyncHelper; C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncHelper.exe [3600784 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) S3 GameInputRedistService; C:Program FilesMicrosoft GameInputx64GameInputRedistService.exe [302504 2026-02-12] (Microsoft Corporation -> Windows ® Win 7 DDK provider) R3 iCUEUpdateService; C:Program FilesCorsairCorsair iCUE5 SoftwareiCUEUpdateService.exe [750232 2026-02-25] (Corsair Memory, Inc.

-> Corsair Memory, Inc.) R2 logi_lamparray_service; C:WINDOWSSystem32DriverStoreFileRepositorylogi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267logi_lamparray_service.exe [9903656 2024-04-18] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [11255744 2026-02-22] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:Program FilesMalwarebytesAnti-MalwareMBVpnTunnelService.exe [2788304 2024-12-25] (Malwarebytes Inc.

-> Malwarebytes) R2 MDCoreSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MpDefenderCoreService.exe [2067464 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_f55cb1d07ac1033fDisplay.NvContainerNVDisplay.Container.exe [1275544 2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:Program FilesMicrosoft OneDrive26.026.0209.0004OneDriveUpdaterService.exe [3995496 2026-03-05] (Microsoft Corporation -> Microsoft Corporation) S3 ProtonVPN Service; C:Program FilesProtonVPNv4.2.2ProtonVPNService.exe [464624 2025-08-07] (Proton AG -> ProtonVPN) S3 ProtonVPN WireGuard; C:Program FilesProtonVPNv3.4.3ProtonVPN.WireGuardService.exe [466152 2024-11-04] (Proton AG -> ProtonVPN) S3 Rockstar Service; C:Program FilesRockstar GamesLauncherRockstarService.exe [7600104 2025-05-06] (Rockstar Games, Inc.

-> Rockstar Games) R2 VSSrv; C:WINDOWSSystem32VSSrv.exe [3359600 2023-11-23] (THX LTD. -> VisiSonics) R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0NisSrv.exe [4435096 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.26010.5-0MsMpEng.exe [290744 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) S3 BTHMODEM; C:WINDOWSSystem32driversbthmodem.sys [110592 2025-01-29] (Microsoft Corporation) [File not signed] R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [47032 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [22968 2025-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz160; C:ProgramDataCPUID SoftwaresdkpZnCM96UJbKm [44696 2026-03-08] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD.

-> Samsung Electronics Co., Ltd.) R3 e2fexpress; C:WINDOWSSystem32DriverStoreFileRepositorye2f.inf_amd64_d0d0d2073f0fc12fe2f.sys [536160 2024-05-12] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_GPIO2_ADL; C:WINDOWSSystem32DriverStoreFileRepositoryialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3diaLPSS2_GPIO2_ADL.sys [140960 2022-06-23] (Intel Corporation -> Intel Corporation) R3 IntelGNA; C:WINDOWSSystem32DriverStoreFileRepositorygna.inf_amd64_6f93b7542fd3ead9gna.sys [88656 2023-08-28] (Intel Corporation -> Intel Corporation) R3 KslD; C:WINDOWSSystem32driverswdKslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 logi_lamparray; C:WINDOWSSystem32DriverStoreFileRepositorylogi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267logi_lamparray.sys [98864 2024-04-18] (Logitech Inc -> Logitech, Inc.) R2 mbamchameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [234088 2026-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [22120 2025-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [245864 2026-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ProtonVPNCallout; C:Program FilesProtonVPNv4.2.2ResourcesProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG) S3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [64168 2022-08-18] (Razer USA Ltd.

-> Razer Inc) S3 RzDev_0521; C:WINDOWSSystem32driversRzDev_0521.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc) S3 RzDev_0f19; C:WINDOWSSystem32driversRzDev_0f19.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 sshid; C:WINDOWSSystem32driverssshid.sys [48800 2022-02-24] (SteelSeries ApS -> SteelSeries ApS) S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD.

-> Samsung Electronics Co., Ltd.) S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [21888 2026-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [635272 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [102832 2026-02-10] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:WINDOWSSystem32driverswireguard.sys [489368 2024-11-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-08 14:49 – 2026-03-08 14:50 – 000029197 _____ C:UsersjustdDesktopFRST.txt 2026-03-08 14:40 – 2026-03-08 14:49 – 000000000 ____D C:WINDOWSCbsTemp 2026-03-08 14:37 – 2026-03-08 14:37 – 000083946 _____ C:WINDOWSSysWOW64ctac.json 2026-03-08 14:37 – 2026-03-08 14:37 – 000083946 _____ C:WINDOWSsystem32ctac.json 2026-03-08 14:37 – 2026-03-08 14:37 – 000036382 _____ C:WINDOWSSysWOW64IntegratedServicesRegionPolicySet.json 2026-03-08 14:37 – 2026-03-08 14:37 – 000036382 _____ C:WINDOWSsystem32IntegratedServicesRegionPolicySet.json 2026-03-08 14:21 – 2026-03-08 14:21 – 000000000 ____D C:UsersjustdDownloadsSecurityCheck 2026-03-08 14:20 – 2026-03-08 14:21 – 000000000 ____D C:SecurityCheck 2026-03-08 14:18 – 2026-03-08 14:19 – 000498825 _____ C:UsersjustdDownloadsSecurityCheck.zip 2026-03-08 12:59 – 2026-03-08 13:00 – 000000000 _____ C:UsersjustdAppDataRoamingavoriontestfile 2026-03-08 09:01 – 2026-03-08 09:01 – 000030441 _____ C:UsersjustdDesktopDoesNotBelong_2026_03_08__09_00_23.txt 2026-03-08 09:01 – 2026-03-08 09:01 – 000030441 _____ C:DoesNotBelong_2026_03_08__09_00_23.txt 2026-03-08 09:00 – 2026-03-08 09:01 – 000000000 ____D C:DNB_Quarantine 2026-03-08 09:00 – 2026-03-08 09:00 – 000003644 _____ C:WINDOWSsystem32TasksCreateExplorerShellUnelevatedTask 2026-03-08 08:59 – 2026-03-08 08:59 – 004860523 _____ (>Thisisu<) C:UsersjustdDownloadsDoesNotBelong.exe 2026-03-08 08:55 – 2026-03-08 08:56 – 000020672 _____ C:UsersjustdDesktopFixlog.txt 2026-03-08 01:37 – 2026-03-08 01:38 – 000021961 _____ C:UsersjustdDownloadsFixlog.txt 2026-03-08 01:37 – 2026-03-08 01:37 – 000008774 _____ C:UsersjustdDownloadsczcjkdxzrwwf.txt 2026-03-07 22:50 – 2026-03-07 22:51 – 000073591 _____ C:UsersjustdDownloadsAddition.txt 2026-03-07 22:49 – 2026-03-07 22:50 – 000045127 _____ C:UsersjustdDownloadsFRST.txt 2026-03-07 22:40 – 2026-03-08 14:50 – 000000000 ____D C:FRST 2026-03-07 22:39 – 2026-03-07 22:39 – 002445824 _____ (Farbar) C:UsersjustdDesktopFRST64.exe 2026-03-07 21:49 – 2026-03-07 21:49 – 009633776 _____ (Malwarebytes) C:UsersjustdDownloadsadwcleaner.exe 2026-03-07 21:49 – 2026-03-07 21:49 – 000000000 ____D C:AdwCleaner 2026-03-07 21:42 – 2026-03-07 21:48 – 000000000 ____D C:ProgramDataHitmanPro 2026-03-07 21:42 – 2026-03-07 21:44 – 014701656 _____ (Sophos B.V.) C:UsersjustdDownloadsHitmanPro_x64.exe 2026-03-03 16:23 – 2026-03-03 16:23 – 000452984 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingservicesproxy_d.dll.0 2026-03-03 16:23 – 2026-03-03 16:23 – 000000000 ____D C:Program FilesMicrosoft GameInput 2026-03-03 09:29 – 2026-03-03 09:29 – 000000000 ____D C:Program FilesCommon FilesDESIGNER 2026-02-27 09:42 – 2026-02-27 09:42 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom 2026-02-24 16:13 – 2026-02-25 17:52 – 000000000 ____D C:Program FilesMozilla Firefox 2026-02-23 22:07 – 2026-02-24 10:25 – 000000000 _____ C:UsersjustdDocumentsSenalia Map2.0.wonderdraft_map 2026-02-23 21:15 – 2026-02-23 22:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWonderdraft 2026-02-23 21:15 – 2026-02-23 21:15 – 000000907 _____ C:UsersjustdDesktopWonderdraft.lnk 2026-02-23 21:15 – 2026-02-23 21:15 – 000000000 ____D C:UsersjustdAppDataRoamingWonderdraft 2026-02-23 21:15 – 2026-02-23 21:15 – 000000000 ____D C:Program FilesWonderdraft 2026-02-23 21:14 – 2026-02-23 21:14 – 199449720 _____ (Tailwind Games, LLC ) C:UsersjustdDownloadsWonderdraft-1.1.8.2b-Win64.exe 2026-02-22 16:18 – 2026-02-22 16:19 – 000000000 ____D C:UsersjustdAppDataRoaminginkarnate-desktop 2026-02-22 16:18 – 2026-02-22 16:18 – 084379032 _____ (Inkarnate) C:UsersjustdDownloadsInkarnate-latest-windows.exe 2026-02-22 16:18 – 2026-02-22 16:18 – 000000000 ____D C:UsersjustdAppDataLocalinkarnate-desktop-updater 2026-02-15 00:24 – 2026-02-28 16:55 – 000000000 ____D C:UsersjustdAppDataLocalVivox 2026-02-11 18:53 – 2026-02-11 18:53 – 000000000 ____D C:WINDOWSsystem32braille-tables 2026-02-11 17:29 – 2026-03-08 14:49 – 000000000 ____D C:ProgramDataRealtek 2026-02-09 17:32 – 2026-02-09 17:32 – 000085103 _____ C:UsersjustdDownloadsPay Advice-1.PDF ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-08 14:50 – 2025-11-27 17:24 – 000000000 ____D C:UsersjustdAppDataLocalBattle.net 2026-03-08 14:50 – 2024-11-18 14:43 – 000000000 ____D C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2026-03-08 14:50 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSSystemTemp 2026-03-08 14:49 – 2025-01-28 23:51 – 000000006 ____H C:WINDOWSTasksSA.DAT 2026-03-08 14:49 – 2025-01-28 23:50 – 000051684 _____ C:WINDOWSsystem325E37410B-D6F1-471D-AE27-563CEAC0D6B2 2026-03-08 14:49 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSAppReadiness 2026-03-08 14:49 – 2024-04-01 01:26 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft 2026-03-08 14:49 – 2024-04-01 01:24 – 000000000 ____D C:WINDOWSINF 2026-03-08 14:49 – 2024-03-12 19:58 – 000000000 ____D C:UsersjustdAppDataLocalTSVNCache 2026-03-08 14:49 – 2023-05-12 19:26 – 000000000 ____D C:UsersjustdAppDataLocalMalwarebytes 2026-03-08 14:49 – 2022-09-15 00:48 – 000000000 ____D C:UsersjustdAppDataRoamingdiscord 2026-03-08 14:49 – 2022-09-15 00:48 – 000000000 ____D C:UsersjustdAppDataLocalDiscord 2026-03-08 14:49 – 2022-09-15 00:37 – 000000000 ____D C:ProgramDataNVIDIA 2026-03-08 14:49 – 2022-09-15 00:36 – 000000000 ___RD C:UsersjustdOneDrive 2026-03-08 14:48 – 2025-01-28 23:48 – 000001623 _____ C:WINDOWSsystem32configVSMIDK 2026-03-08 14:48 – 2024-04-01 01:21 – 000524288 _____ C:WINDOWSsystem32configBBI 2026-03-08 14:48 – 2022-09-15 01:10 – 000012288 ___SH C:DumpStack.log.tmp 2026-03-08 14:47 – 2025-01-28 23:49 – 000472552 _____ C:WINDOWSsystem32FNTCACHE.DAT 2026-03-08 14:47 – 2025-01-28 21:41 – 000000000 ____D C:WINDOWSInboxApps 2026-03-08 14:47 – 2025-01-28 21:36 – 000000000 ____D C:WINDOWSsystem32Driversen-GB 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ___SD C:WINDOWSsystem32F12 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ___RD C:WINDOWSImmersiveControlPanel 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSUUS 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSSysWOW64setup 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSSysWOW64oobe 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSSysWOW64Dism 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSSystemResources 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32WinMetadata 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32ShellExperiences 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32setup 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32SecureBootUpdates 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32oobe 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32migwiz 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32Dism 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32appraiser 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSShellExperiences 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSShellComponents 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSBrowserCore 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSbcastdvr 2026-03-08 14:47 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSappcompat 2026-03-08 14:47 – 2024-04-01 01:21 – 000000000 ____D C:WINDOWSservicing 2026-03-08 14:46 – 2025-01-29 10:20 – 000851580 _____ C:WINDOWSsystem32PerfStringBackup.INI 2026-03-08 14:46 – 2024-04-01 01:26 – 000282624 _____ (Microsoft Corporation) C:WINDOWSsystem32msclmd.dll 2026-03-08 14:46 – 2024-04-01 01:26 – 000235520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msclmd.dll 2026-03-08 14:37 – 2025-01-28 23:51 – 003270144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PrintConfig.dll 2026-03-08 14:31 – 2022-09-15 00:35 – 000000000 ____D C:UsersjustdAppDataLocalD3DSCache 2026-03-08 14:30 – 2023-11-13 00:42 – 000000000 ____D C:UsersjustdAppDataRoamingNotepad++ 2026-03-08 14:18 – 2023-01-11 11:44 – 000000000 ____D C:UsersjustdAppDataRoamingAvorion 2026-03-08 14:18 – 2022-09-15 00:51 – 000000000 ____D C:Program Files (x86)Steam 2026-03-08 12:28 – 2024-08-24 16:16 – 000000000 ____D C:Steam Second Location 2026-03-08 10:45 – 2022-09-15 00:57 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam 2026-03-08 10:36 – 2025-06-23 22:09 – 000002091 _____ C:UsersjustdDesktopgrepwin.ini 2026-03-08 10:02 – 2022-09-15 01:10 – 000002440 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk 2026-03-08 10:02 – 2022-09-15 01:10 – 000002278 _____ C:UsersPublicDesktopMicrosoft Edge.lnk 2026-03-08 09:55 – 2022-09-15 00:38 – 000000000 ____D C:UsersjustdAppDataLocalNVIDIA 2026-03-08 09:01 – 2024-04-01 01:26 – 000000000 ___HD C:Program FilesWindowsApps 2026-03-08 09:01 – 2022-09-15 00:35 – 000000000 ____D C:UsersjustdAppDataLocalPackages 2026-03-08 09:01 – 2022-09-15 00:35 – 000000000 ____D C:ProgramDataPackages 2026-03-08 08:59 – 2022-09-15 00:52 – 000000000 ____D C:UsersjustdAppDataLocalSteam 2026-03-08 08:58 – 2025-01-28 21:44 – 000000000 ____D C:Usersjustd 2026-03-08 08:54 – 2025-01-28 23:49 – 000000000 ____D C:WINDOWSsystem32SleepStudy 2026-03-07 10:42 – 2025-01-28 23:51 – 000003534 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA 2026-03-07 10:42 – 2025-01-28 23:51 – 000003408 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore 2026-03-06 19:53 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSServiceState 2026-03-06 15:35 – 2022-12-03 18:54 – 000000000 ____D C:Program Files (x86)Overwatch 2026-03-06 12:45 – 2025-07-22 21:45 – 000000000 ____D C:UsersjustdAppDataRoamingGitKraken 2026-03-06 12:43 – 2025-07-22 21:45 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsGitKraken 2026-03-06 12:43 – 2025-07-22 21:45 – 000000000 ____D C:UsersjustdAppDataLocalgitkraken 2026-03-06 12:43 – 2025-07-22 21:45 – 000000000 ____D C:Usersjustd.gnupg 2026-03-06 12:34 – 2022-09-27 16:06 – 000000000 ____D C:UsersjustdAppDataRoamingparadox-launcher-v2 2026-03-05 19:35 – 2022-09-15 00:42 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk 2026-03-05 19:35 – 2022-09-15 00:42 – 000002206 _____ C:UsersPublicDesktopGoogle Chrome.lnk 2026-03-05 09:09 – 2022-09-15 00:48 – 000002243 _____ C:UsersjustdDesktopDiscord.lnk 2026-03-05 09:08 – 2024-11-22 17:08 – 000000000 ____D C:Program FilesMicrosoft OneDrive 2026-03-04 22:02 – 2022-09-15 01:09 – 000000000 ____D C:UsersjustdAppDataLocalCrashDumps 2026-03-04 21:13 – 2025-01-28 23:51 – 000003592 _____ C:WINDOWSsystem32TasksOneDrive Reporting Task-S-1-5-21-1629956658-336341846-2884959028-1001 2026-03-04 21:13 – 2025-01-28 23:51 – 000003194 _____ C:WINDOWSsystem32TasksOneDrive Per-Machine Standalone Update Task 2026-03-04 21:13 – 2024-11-22 14:12 – 000002023 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk 2026-03-03 16:23 – 2025-05-04 15:16 – 004589944 _____ (Microsoft Corporation) C:WINDOWSsystem32xgameruntime.dll 2026-03-03 16:23 – 2025-05-04 15:16 – 000911736 _____ (Microsoft Corporation) C:WINDOWSsystem32gameplatformservices.dll 2026-03-03 16:23 – 2025-05-04 15:16 – 000289144 _____ (Microsoft Corporation) C:WINDOWSsystem32gamelaunchhelper.dll 2026-03-03 16:23 – 2025-05-04 15:16 – 000260472 _____ (Microsoft Corporation) C:WINDOWSsystem32gameconfighelper.dll 2026-03-03 16:23 – 2025-05-04 15:16 – 000166264 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll 2026-03-03 16:23 – 2025-05-04 15:16 – 000153968 _____ (Microsoft Corporation) C:WINDOWSsystem32xgamehelper.exe 2026-03-03 16:23 – 2025-05-04 15:16 – 000084344 _____ (Microsoft Corporation) C:WINDOWSsystem32xgamecontrol.exe 2026-03-03 16:03 – 2025-11-27 17:23 – 000000000 ____D C:Program Files (x86)Battle.net 2026-03-03 09:28 – 2024-11-22 14:09 – 000000000 ____D C:Program FilesMicrosoft Office 2026-03-02 23:11 – 2025-07-22 20:54 – 000000000 ____D C:UsersjustdAppDataRoamingCode 2026-02-27 09:52 – 2023-01-18 11:56 – 000000000 ____D C:UsersjustdAppDataRoamingZoom 2026-02-27 09:42 – 2025-01-28 23:51 – 000004248 _____ C:WINDOWSsystem32TasksZoomUpdateTaskUser-S-1-5-21-1629956658-336341846-2884959028-1001 2026-02-25 18:12 – 2023-09-07 19:18 – 000000000 ____D C:UsersjustdAppDataRoamingCorsair 2026-02-25 18:12 – 2023-09-07 19:18 – 000000000 ____D C:Program FilesCorsair 2026-02-25 17:52 – 2024-11-18 14:43 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service 2026-02-25 09:12 – 2025-01-28 23:51 – 000000000 ____D C:WINDOWSsystem32TasksMozilla 2026-02-25 09:12 – 2024-11-18 14:43 – 000001065 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk 2026-02-24 16:13 – 2025-12-12 18:25 – 000392320 _____ (Mozilla Foundation) C:UsersjustdDesktopFirefox.exe 2026-02-22 12:17 – 2025-07-22 20:54 – 000000000 ____D C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsVisual Studio Code 2026-02-13 23:43 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32SecurityHealth 2026-02-12 00:00 – 2025-09-24 17:57 – 001138088 _____ (Windows ® Win 7 DDK provider) C:WINDOWSsystem32GameInputRedist.dll 2026-02-12 00:00 – 2025-09-24 17:57 – 000013696 _____ (Windows ® Win 7 DDK provider) C:WINDOWSSysWOW64GameInputRedist.dll 2026-02-11 18:53 – 2025-12-09 23:01 – 000000000 ____D C:WINDOWSsystem32NarratorMCAT 2026-02-11 18:53 – 2025-01-28 21:36 – 000000000 ____D C:WINDOWSen-GB 2026-02-11 18:53 – 2024-04-01 02:08 – 000000000 ____D C:WINDOWSsystem32OpenSSH 2026-02-11 18:53 – 2024-04-01 02:08 – 000000000 ____D C:WINDOWSsystem32Microsoft-Edge-WebView 2026-02-11 18:53 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSWUModels 2026-02-11 18:53 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation 2026-02-11 18:53 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32km-KH 2026-02-11 18:53 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSsystem32DDFs 2026-02-11 18:53 – 2024-04-01 01:26 – 000000000 ____D C:WINDOWSProvisioning 2026-02-11 09:07 – 2022-09-15 02:41 – 000000000 ____D C:WINDOWSsystem32MRT 2026-02-11 09:05 – 2022-09-15 02:41 – 221154392 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe 2026-02-09 22:08 – 2022-09-15 01:10 – 000000000 ____D C:WINDOWSsystem32Driverswd 2026-02-07 10:28 – 2025-10-16 22:28 – 000000000 ____D C:ProgramDataWhesvc 2026-02-06 20:31 – 2022-09-15 00:52 – 000245864 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys ==================== Files in the root of some directories ======== 2026-03-08 12:59 – 2026-03-08 13:00 – 000000000 _____ () C:UsersjustdAppDataRoamingavoriontestfile ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2026 Ran by justd (08-03-2026 14:51:28) Running from C:UsersjustdDesktop Microsoft Windows 11 Home Version 25H2 26200.7922 (X64) (2025-01-29 16:18:06) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1629956658-336341846-2884959028-500 – Administrators – Disabled) DefaultAccount (S-1-5-21-1629956658-336341846-2884959028-503 – Limited – Disabled) Guest (S-1-5-21-1629956658-336341846-2884959028-501 – Limited – Disabled) justd (S-1-5-21-1629956658-336341846-2884959028-1001 – Administrators – Enabled) => C:Usersjustd WDAGUtilityAccount (S-1-5-21-1629956658-336341846-2884959028-504 – Limited – Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them.

The adware programs should be uninstalled manually.) 7-Zip 24.09 (x64) (HKLM…7-Zip) (Version: 24.09 – Igor Pavlov) 7-Zip 9.20 (x64 edition) (HKLM…{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 – Igor Pavlov) AIDA64 Extreme v6.75 (HKLM-x32…AIDA64 Extreme_is1) (Version: 6.75 – FinalWire Ltd.) Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment) Corsair iCUE5 Software (HKLM…{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.41.42 – Corsair) CurseForge 1.296.4-30607 (HKUS-1-5-21-1629956658-336341846-2884959028-1001…ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.296.4-30607 – Overwolf) Discord (HKUS-1-5-21-1629956658-336341846-2884959028-1001…Discord) (Version: 1.0.9227 – Discord Inc.) Documentation Manager (HKLM…{6894E409-CB60-4A57-A8DA-01E53F497994}) (Version: 23.60.1.2 – Intel Corporation) Hidden Dynamic Application Loader Host Interface Service (HKLM…{FE08EA18-3549-49F1-8F5D-01F176DCE1CC}) (Version: 1.0.0.0 – Intel Corporation) Hidden Epic Games Launcher (HKLM-x32…{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 – Epic Games, Inc.) Epic Online Services (HKLM-x32…{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 – Epic Games, Inc.) EVE Online (HKUS-1-5-21-1629956658-336341846-2884959028-1001…{b9cea6b6-9f99-4a56-9444-9f8d49b5bdc4}) (Version: 2.11.8 – CCP) eve-online (HKUS-1-5-21-1629956658-336341846-2884959028-1001…eve-online) (Version: 1.9.4 – CCP ehf) Exonautis 2.1.1 (HKUS-1-5-21-1629956658-336341846-2884959028-1001…511b6e0-a24a-53b1-8e8e-20ea0549af40) (Version: 2.1.1 – Exonautis) Git (HKLM…Git_is1) (Version: 2.47.1 – The Git Development Community) GitKraken (HKUS-1-5-21-1629956658-336341846-2884959028-1001…gitkraken) (Version: 11.10.0 – GitKraken) Google Chrome (HKLM-x32…Google Chrome) (Version: 145.0.7632.160 – Google LLC) Intel® Chipset Device Software (HKLM…{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 – Intel Corporation) Hidden Intel® Chipset Device Software (HKLM-x32…{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 – Intel® Corporation) Intel® Extreme Tuning Utility (HKLM-x32…{1fcaa377-7547-4e70-a64f-45d58ba73cd6}) (Version: 7.4.2.9 – Intel Corporation) Intel® LMS (HKLM…{6A2335AD-315C-4ADD-BFFC-0C7D0FC8A2B9}) (Version: 1.0.0.0 – Intel Corporation) Hidden Intel® Management Engine Components (HKLM…{11107004-9658-44DB-8E95-2ECAFAE17B7B}) (Version: 1.0.0.0 – Intel Corporation) Hidden Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2201.16.0.2645 – Intel Corporation) Intel® Management Engine Driver (HKLM…{7F7FEA98-7076-40EE-A318-07C48E67385F}) (Version: 1.0.0.0 – Intel Corporation) Hidden Intel® Serial IO (HKLM…{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 – Intel Corporation) Hidden Intel® Serial IO (HKLM…{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 – Intel Corporation) Intel® Wireless Bluetooth® (HKLM-x32…{00004090-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.90.4.1 – Intel Corporation) Intel® Software Installer (HKLM-x32…{6493bd69-f9cb-4069-b7cc-4f9f6f859ff9}) (Version: 23.60.1.2 – Intel Corporation) Hidden Intel® Software Installer (HKLM-x32…{dd9edbc6-abf9-480a-9b86-c0c0c5f0e12d}) (Version: 22.90.1.1 – Intel Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden Malwarebytes version 5.4.8.232 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.8.232 – Malwarebytes) Microsoft .NET Host – 6.0.36 (x64) (HKLM…{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 – Microsoft Corporation) Hidden Microsoft .NET Host – 8.0.3 (x64) (HKLM…{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 – Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver – 6.0.36 (x64) (HKLM…{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 – Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver – 8.0.3 (x64) (HKLM…{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 – Microsoft Corporation) Hidden Microsoft .NET Runtime – 6.0.36 (x64) (HKLM…{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 – Microsoft Corporation) Hidden Microsoft .NET Runtime – 8.0.3 (x64) (HKLM…{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 – Microsoft Corporation) Hidden Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.19725.20126 – Microsoft Corporation) Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 145.0.3800.97 – Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 145.0.3800.97 – Microsoft Corporation) Hidden Microsoft GameInput (HKLM…{9F5D508B-EA43-4FA2-B0B6-8158A389442B}) (Version: 3.2.138.0 – Microsoft Corporation) Microsoft OneDrive (HKLM…OneDriveSetup.exe) (Version: 26.026.0209.0004 – Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM…{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 – Microsoft) Microsoft Update Health Tools (HKLM…{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation) Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime – 11.0.61030 (HKLM…{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime – 11.0.61030 (HKLM…{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime – 11.0.61030 (HKLM-x32…{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime – 11.0.61030 (HKLM-x32…{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime – 12.0.21005 (HKLM…{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime – 12.0.21005 (HKLM…{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime – 12.0.21005 (HKLM-x32…{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime – 12.0.21005 (HKLM-x32…{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 – Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) – 14.44.35211 (HKLM-x32…{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 – Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) – 14.44.35211 (HKLM-x32…{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 – Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime – 14.44.35211 (HKLM…{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime – 14.44.35211 (HKLM…{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime – 14.44.35211 (HKLM-x32…{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime – 14.44.35211 (HKLM-x32…{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 – Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKUS-1-5-21-1629956658-336341846-2884959028-1001…{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.109.5 – Microsoft Corporation) Microsoft Windows Desktop Runtime – 6.0.36 (x64) (HKLM…{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 – Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime – 6.0.36 (x64) (HKLM-x32…{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 – Microsoft Corporation) Microsoft Windows Desktop Runtime – 8.0.3 (x64) (HKLM…{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 – Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime – 8.0.3 (x64) (HKLM-x32…{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 – Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32…{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 – Microsoft Corporation) Minion (HKUS-1-5-21-1629956658-336341846-2884959028-1001…{Minion}}_is1) (Version: 3.0.12 – Good Game Mods LLC) MJ-189GamingMouse (HKLM-x32…MJ-189GamingMouse_is1) (Version: 1.0 – MOJO LLC) Mozilla Firefox (x64 en-CA) (HKLM…Mozilla Firefox) (Version: 148.0 – Mozilla) Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 132.0.2 – Mozilla) Mumble (client) (HKLM…{8DA03EEA-8A36-4C17-A54F-4330781D461B}) (Version: 1.4.230 – Mumble VoIP) Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 8.6 – Notepad++ Team) NVIDIA App 11.0.3.241 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.3.241 – NVIDIA Corporation) NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 – NVIDIA Corporation) NVIDIA Graphics Driver 560.94 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 – NVIDIA Corporation) NVIDIA PhysX System Software 9.23.1019 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 – NVIDIA Corporation) Obsidian (HKLM…bd400747-f0c1-5638-a859-982036102edf) (Version: 1.8.4 – Obsidian) Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19725.20014 – Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 – Microsoft Corporation) Hidden Overwatch (HKLM-x32…Overwatch) (Version:  – Blizzard Entertainment) Paint.NET (HKLM…{26FEC0F1-9EFD-4DA6-97AB-AEE5969258C3}) (Version: 5.1.11 – dotPDN LLC) Paradox Launcher v2 (HKLM…{E68BBC18-9E69-436B-B20F-E294DE62ECAB}) (Version: 2.3.0 – Paradox Interactive) Proton VPN (HKLM…Proton VPN_is1) (Version: 4.2.2 – Proton AG) pyfa version 2.51.0 (HKLM…{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 2.51.0 – pyfa) Realtek Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9336.1 – Realtek Semiconductor Corp.) REDlauncher (HKLM-x32…{DDAB335A-D2ED-45F8-A921-8597CC411E20}) (Version: 3.4.0.5 – CD Projekt RED) Hidden Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.102.2453 – Rockstar Games) Rockstar Games SDK (HKLM-x32…Rockstar Games Social Club) (Version: 2.4.0.77 – Rockstar Games) Sid Meier's Civilization IV: Realism: Invictus (HKLM-x32…Realism Invictus) (Version:  – ) Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation) The Elder Scrolls Online (HKLM-x32…The Elder Scrolls Online) (Version: 2.6.3.2901765 – Zenimax Online Studios) THX V3 APO Presets (HKLM…{18F08353-B391-408A-B879-679EE198E391}) (Version: 3.0.36.1 – THX) Hidden THX V3 APO Presets (HKLM-x32…{7d6550d7-c653-4505-a9f5-1d06c514976d}) (Version: 3.0.36.1 – THX) Hidden TortoiseSVN 1.14.6.29673 (64 bit) (HKLM…{94D65B56-F9EE-48AE-A96C-83D4CD913BC5}) (Version: 1.14.29673 – TortoiseSVN) UE Prerequisites (x64) (HKLM…{90BFD504-ACB6-4FC9-9BA5-964FA4CB76C0}) (Version: 1.0.18.0 – Epic Games, Inc.) Hidden UE Prerequisites (x64) (HKLM-x32…{2c4a7cc2-986f-41a8-a4d3-86c8177f87cf}) (Version: 1.0.18.0 – Epic Games, Inc.) Hidden Vortex (HKLM…57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.15.2 – Black Tree Gaming Ltd.) Wonderdraft version 1.1.8.2 (HKLM…Wonderdraft_is1) (Version: 1.1.8.2 – Tailwind Games, LLC) Zoom Workplace (HKUS-1-5-21-1629956658-336341846-2884959028-1001…ZoomUMX) (Version: 6.6.11 (23272) – Zoom Communications, Inc.) Packages: ========= @{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:WINDOWSSystemAppsSxSMicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] () AppUp.IntelGraphicsExperience -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-10] (INTEL CORP) [Startup Task] ARK: Survival Evolved -> C:Program FilesWindowsAppsStudioWildcard.4558480580BB9_1.212.962.2_x64__1w2mm55455e38 [2023-11-25] (Studio Wildcard) Disney+ -> C:Program FilesWindowsAppsDisney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-11] (Disney) Local AI Manager for Microsoft 365 -> C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16AI [2026-03-03] () Malwarebytes Anti-Malware -> C:Program FilesMalwarebytesAnti-Malware [2026-02-22] () Microsoft Defender -> C:Program FilesWindowsAppsMicrosoft.6365217CE6EB4_102.2409.21002.0_x64__8wekyb3d8bbwe [2024-11-30] (Microsoft Corporation) [Startup Task] Microsoft Family -> C:Program FilesWindowsAppsMicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.) Microsoft.Office.ActionsServer -> C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16ActionsServer [2026-03-03] () Minecraft for Windows -> C:Program FilesWindowsAppsMICROSOFT.MINECRAFTUWP_1.26.301.0_x64__8wekyb3d8bbwe [2026-03-02] (Microsoft Studios) Minecraft Launcher -> C:Program FilesWindowsAppsMicrosoft.4297127D64EC6_2.5.2.0_x64__8wekyb3d8bbwe [2026-01-18] (Microsoft Studios) Minecraft: Java Edition -> C:Program FilesWindowsAppsMicrosoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2026-01-18] (Microsoft Studios) Notepad++ -> C:Program FilesNotepad++contextMenu [2024-01-08] (Notepad++) NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-08] (NVIDIA Corp.) OfficePushNotificationsUtility -> C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16 [2026-03-03] () OneNote Virtual Printer -> C:Program FilesWindowsAppsMicrosoft.Office.OneNoteVirtualPrinter_1.0.0.0_x64__8wekyb3d8bbwe [2025-05-11] (Microsoft Corporation) Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.53.374.0_x64__dt26b99r8h8gj [2025-11-11] (Realtek Semiconductor Corp) SpotifyAB.SpotifyMusic -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.284.476.0_x64__zpdnekdrzrea0 [2026-02-27] (Spotify AB) [Startup Task] TortoiseSVN -> C:Program FilesTortoiseSVN [2024-03-13] () Visual Studio Code -> C:UsersjustdAppDataLocalProgramsMicrosoft VS Code72586267eappx [2026-02-22] () WinAppRuntime.Main.1.5 -> C:Program FilesWindowsAppsMicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.) WinAppRuntime.Singleton -> C:Program FilesWindowsAppsMicrosoftCorporationII.WinAppRuntime.Singleton_8000.770.947.0_x64__8wekyb3d8bbwe [2026-02-26] (Microsoft Corp.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) CustomCLSID: HKUS-1-5-21-1629956658-336341846-2884959028-1001_ClassesCLSID{04271989-C4D2-10A4-7DDF-A12A1E387B80} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKUS-1-5-21-1629956658-336341846-2884959028-1001_ClassesCLSID{50726f74-6f6e-2e56-504e-000000000000}localserver32 -> C:Program FilesProtonVPNv3.4.3ProtonVPN.exe (Proton AG -> ) CustomCLSID: HKUS-1-5-21-1629956658-336341846-2884959028-1001_ClassesCLSID{DFF20505-B08F-455B-AD70-4FBD055088E0}localserver32 -> C:Program FilesGoogleChromeApplicationPlatformExperienceHelperplatform_experience_helper.exe (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:Program FilesCommon FilesTortoiseOverlaysTortoiseOverlays.dll [2022-08-30] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2026-02-22] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive26.026.0209.0004FileSyncShell64.dll [2026-03-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_f55cb1d07ac1033fnvshext.dll [2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2026-02-22] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:Program FilesTortoiseSVNbinTortoiseStub.dll [2023-12-26] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed.

The file will not be moved.) HKLM…Drivers32: [MidisrvTransferComplete] => 1 HKLM…Drivers32: [midi1] => C:Windowssystem32wdmaud2.drv [143360 2026-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM…Drivers32: [midi1] => C:WindowsSysWOW64wdmaud2.drv [91648 2026-03-08] (Microsoft Windows -> Microsoft Corporation) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:UsersjustdAppDataRoamingMicrosoftWindowsStart MenuProgramsBattleScribeBattleScribe Help.lnk -> hxxp://www.battlescribe.net/?tab=hel ShortcutWithArgument: C:UsersjustdAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts69639df789022856Megan – Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============= 2024-11-22 14:10 – 2024-11-22 14:10 – 000000000 ____L (Microsoft Corporation) [symlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunAppvIsvSubsystems64.dll] C:Program FilesMicrosoft OfficerootOffice16AppVIsvSubsystems64.dll 2024-11-22 14:10 – 2024-11-22 14:10 – 000000000 ____L (Microsoft Corporation) [symlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunC2R64.dll] C:Program FilesMicrosoft OfficerootOffice16c2r64.dll 2025-05-25 11:52 – 2025-05-25 11:52 – 000000000 ____L (NVIDIA Corporation) [symlink -> C:Program FilesNVIDIA CorporationNVIDIA AppMessageBusNvMessageBusBroadcast.dll] C:Program FilesNVIDIA CorporationNvContainerpluginsLocalSystemNvMessageBusBroadcast.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ============= BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2026-01-31] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2026-03-03] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-06-05 06:08 – 2026-03-08 08:56 – 000000027 _____ C:WINDOWSsystem32driversetchosts 127.0.0.1       localhost ==================== Network =========================== (Currently there is no automatic fix for this section.) DNS Servers: 192.168.1.1 Windows Firewall is enabled.

Network Binding: ============= Ethernet: Intel® Ethernet Controller (3) I225-V -> e2f.sys Wi-Fi: Intel® Wi-Fi 6E AX210 160MHz -> Netwtw14.sys ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)RazerChromaBroadcastbin;C:Program FilesRazerChromaBroadcastbin;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program Filesdotnet;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesTortoiseSVNbin;C:UsersjustdAppDataLocalMicrosoftWindowsApps;C:Program FilesGitcmd;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;;C:Program FilesNVIDIA CorporationNVIDIA AppNvDLISR HKUS-1-5-21-1629956658-336341846-2884959028-1001Control PanelDesktop\Wallpaper -> C:UsersjustdAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLMSOFTWAREMicrosoftWindows DefenderFeatures => (TamperProtection: 1) (TamperProtectionSource: 5) HKLMSOFTWAREMicrosoftWindows DefenderReal-Time Protection => (DpaDisabled: 0) HKLMSOFTWAREMicrosoftWindows DefenderExclusionsPaths|D:SteamLibrarysteamappscommonFallout 4 ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.) FirewallRules: [{B16C8972-D48B-46DA-8AA7-E8D48061B7EE}] => (Allow) C:Program Files (x86)Steamsteam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{935B1B40-CDEA-4AA0-8C6F-46398FAD9B5B}] => (Allow) C:Program Files (x86)Steamsteam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{2213E5B9-14A1-4ECE-984C-07950CEDA0A1}] => (Allow) C:Program Files (x86)Steambincefcef.win64steamwebhelper.exe (Valve Corp.

-> Valve Corporation) FirewallRules: [{30C189C4-D779-41BD-AD3B-9BF5DA26489E}] => (Allow) C:Program Files (x86)Steambincefcef.win64steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{889DF91C-ABE2-4A8A-A66C-63586DB5B297}D:steamlibrarysteamappscommonavorionbinavorionserver.exe] => (Allow) D:steamlibrarysteamappscommonavorionbinavorionserver.exe () [File not signed] FirewallRules: [UDP Query User{F9374CD9-38E8-4EFC-8899-1DA65F42E37F}D:steamlibrarysteamappscommonavorionbinavorionserver.exe] => (Allow) D:steamlibrarysteamappscommonavorionbinavorionserver.exe () [File not signed] ==================== Restore Points ========================= 06-03-2026 16:35:36 Windows Update 08-03-2026 14:33:17 Windows Modules Installer ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (03/08/2026 02:20:46 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY) Description: The program SecurityCheck.exe version 1.4.0.58 stopped interacting with Windows and was closed.

To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. System errors: ============= Error: (03/08/2026 02:48:50 PM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1. Error: (03/08/2026 02:48:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Update Orchestrator Service service terminated with the following error:  %%2149884192 Error: (03/08/2026 02:47:44 PM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1.

Error: (03/08/2026 02:35:35 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.10;OEMModelBaseBoard:PRO Z690-A (MS-7D25);OEMManufacturerName:Micro-Star International Co., Ltd.;OSArchitecture:amd64; BucketId: 55864bb8f17560ae80c6b509d198ce2ea2d5c4d4205d830dd37d89275156663f BucketConfidenceLevel: Under Observation – More Data Needed UpdateType:  For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/08/2026 02:30:24 PM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1. Error: (03/08/2026 09:59:23 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection.

This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.10;OEMModelBaseBoard:PRO Z690-A (MS-7D25);OEMManufacturerName:Micro-Star International Co., Ltd.;OSArchitecture:amd64; BucketId: 55864bb8f17560ae80c6b509d198ce2ea2d5c4d4205d830dd37d89275156663f BucketConfidenceLevel: Under Observation – More Data Needed UpdateType:  For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/08/2026 09:54:12 AM) (Source: stornvme) (EventID: 11) (User: ) Description: The driver detected a controller error on DeviceRaidPort1. Error: (03/08/2026 09:03:40 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection.

This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:Micro-Star International Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:A.10;OEMModelBaseBoard:PRO Z690-A (MS-7D25);OEMManufacturerName:Micro-Star International Co., Ltd.;OSArchitecture:amd64; BucketId: 55864bb8f17560ae80c6b509d198ce2ea2d5c4d4205d830dd37d89275156663f BucketConfidenceLevel: Under Observation – More Data Needed UpdateType:  For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Windows Defender: ================ Date: 2026-03-07 10:21:21 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-03-06 11:43:06 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-03-04 16:42:16 Description:  Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-02-28 21:26:53 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: RPC connection rundown  Date: 2026-02-27 21:32:39 Description:  Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days  Event[0] Date: 2026-02-18 16:59:38 Description:  Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.

Security intelligence Attempted: Current Error Code: 0x80501102 Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.  Security intelligence Version: 1.445.123.0;1.445.123.0 Engine Version: 1.1.26010.1  Date: 2025-09-09 17:31:46 Description:  Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:  Previous security intelligence Version: 1.435.656.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version:  Previous Engine Version: 1.1.25070.4 Error code: 0x80072f8f Error description: A security error occurred   CodeIntegrity: =============== Date: 2025-11-14 19:20:05 Description:  Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOffice16AIaimgr.exe) attempted to load DeviceHarddiskVolume3WindowsSystem32nvspcap64.dll that did not meet the Microsoft signing level requirements.  Date: 2025-11-05 17:01:13 Description:  Code Integrity determined that a process (DeviceHarddiskVolume3ProgramDataMicrosoftWindows DefenderPlatform4.18.25090.3009-0MsMpEng.exe) attempted to load DeviceHarddiskVolume3WindowsSystem32ControlLib.dll that did not meet the Custom 3 / Antimalware signing level requirements.  ==================== Memory info ===========================  BIOS: American Megatrends International, LLC.

A.10 12/06/2021 Motherboard: Micro-Star International Co., Ltd. PRO Z690-A (MS-7D25) Processor: 12th Gen Intel® Core™ i5-12600K Percentage of memory in use: 28% Total physical RAM: 32559.87 MB Available physical RAM: 23334.33 MB Total Virtual: 72559.87 MB Available Virtual: 62914.14 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1862.04 GB) (Free:818.8 GB) (Model: WD_BLACK SN850X HS 2000GB) NTFS Drive d: (Secondary) (Fixed) (Total:1862.73 GB) (Free:1068.83 GB) (Model: Microsoft Storage Space Device) NTFS \?Volume{7ba7c570-b71a-4cfe-a75c-c2dd0e1142d4} () (Fixed) (Total:0.86 GB) (Free:0.11 GB) NTFS \?Volume{848a2666-fdb6-49e5-b461-4f9bcf00c2e1} () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT.

========================================================== Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 1862.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ======================= Here is our final step and some additional information to consider.

===================================================KpRm by Kernel-panik ————– ===================================================All Clean! ————– Your computer is now clean. Please consider this going forward. Thank you for placing your trust in BleepingComputer. It was a pleasure serving you.

Summary

This report covers the latest developments in samsung. The information presented highlights key changes and updates that are relevant to those following this topic.

Original Source: BleepingComputer | Published: March 8, 2026, 4:57 am

Leave a Reply

blank

Category Name

Recent Posts

Categories

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by