Question Help with FRST.txt to fix some issues with Windows 11 ?

[Amatex]

Good afternoon all,

I have been having some issues with Windows 11 freezing and a lot of issues have just run the FRST64.exe and need some help reading/ understanding the txt file.

I will add, yes this system is not Windows 11 compatible but it was working fine until recently .

I also do not know how to add the log files to this thread, or if its even possible.

I might add them as a reply to this comment one for each file

First being FRST.txt

Second reply will be Additional.txt

 

[Amatex]

Good afternoon all,

I have been having some issues with windows 11 freezing and a lot of issues have just run the FRST64.exe and need some help reading/ understanding the txt file.

I will add, yes this system is not windows 11 compatible but it was working fine until recently .

I also do not know how to add the log files to this thread, or if its even possible.

I might add them as a reply to this comment one for each file

First being FRST.txt

Second reply will be Additional.txt

FRST.txt:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by Maria (administrator) on MSI (Micro-Star International Co., Ltd. GT72VR 7RE) (14-06-2025 13:23:46)
Running from C:\Users\user\Desktop\FRST64.exe
Loaded Profiles: Maria
Platform: Microsoft Windows 11 Home Version 24H2 26100.4202 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe <19>
(Dism.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism\DismHost.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2025.604.100_x64__8wekyb3d8bbwe\olk.exe
(explorer.exe ->) (Now.gg, INC -> now.gg, Inc.) C:\Users\user\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe <4>
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_4c8d93c71af1b9d3\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_0ce29d36fc8607e6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (MEDIATEK INC. -> ) C:\Program Files (x86)\MediatekSwitchUSB\MediatekSwitchUSB.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_8e2b7f872a9cdacc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.4193_none_a54a744177310c9b\TiWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(WindowsPowerShell\v1.0\powershell.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [693432 2016-10-15] (A-Volute -> )
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2016-10-07] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217016 2017-04-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45715776 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4141136 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\Run: [electron.app.BlueStacks Services] => C:\Users\user\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\137.0.7151.104\Installer\chrmstp.exe [2025-06-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E664BC6-2406-4B3A-811C-27C5590E0E3C} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302960 2025-05-18] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {44A40A67-EE7A-40A6-A034-7221C3BEE656} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {836CB427-E81B-4A51-88A6-8468BB860E66} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139704 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "83209a43-8a19-4099-8cdc-98406a768cc8" --version "6.36.0.11508" --silent
Task: {2980FDFA-1561-4E8D-B7BF-8F6E8706A8C2} - System32\Tasks\CCleanerSkipUAC - Maria => C:\Program Files\CCleaner\CCleaner.exe [39558464 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {3D2A4B61-82D2-49E1-A000-2F1500F2CC15} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [39558464 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4F3C892A-2238-44BC-9072-BE444742EE18} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2943472 2025-06-01] (Microsoft Windows -> Microsoft Corporation)
Task: {6354CDE6-B7E7-48BE-8A11-36350F04732F} - System32\Tasks\DualSafe Password Manager Init SkipUAC(Maria) => "D:\Program Files (x86)\DualSafe Password Manager\DPMInit.exe" -> D:\Program Files (x86)\DualSafe Password Manager\\/skipuac
Task: {1790BA08-0C96-4798-A10B-8004E25164C7} - System32\Tasks\DualSafe Password Manager Task => "D:\Program Files (x86)\DualSafe Password Manager\DPMInit.exe" -> D:\Program Files (x86)\DualSafe Password Manager\\/startpc
Task: {37A86F4A-952D-4322-A49D-BEE7796A02A6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{A0C4C783-F2F9-4DE3-AFBD-DDD12EE88690} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {84FB5B87-2E3C-477F-8A03-011671088BCB} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe /pushregistration (No File)
Task: {85050F75-C908-4368-B7CD-DA76FF20B1F9} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {9E085A9D-3188-4785-B7DF-E1E973E58BE4} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\WINDOWS\system32\cmd.exe [376832 2025-06-01] (Microsoft Windows -> Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {3329755D-763E-447D-8D8F-93D4289FD17F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe (No File)
Task: {F05ACCE4-8AA4-4D62-869C-615442DEFDE9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {48EC3D40-00B6-4094-9F44-E416E477C819} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {D2F144B0-1B84-41C0-ACC8-FC15C24FE0E9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {C4F22E21-0342-4153-8A95-675C1785A7F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8699D2E-1EB3-4756-A392-6B2D61F21810} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86DA8085-EE50-43F0-BD60-FAC8BFA1CB31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28B445BE-1065-40A4-BA97-542CCF973E70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A355AA2-0279-42EA-894B-552667693F4C} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {89AFBD72-C4E7-474E-9B28-AFE971E66889} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2024632 2016-10-15] (A-Volute -> )
Task: {BFFB23D5-3780-4DC2-9223-C52BA0D4ACEB} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [495288 2016-10-15] (A-Volute -> )
Task: {B7743F25-0AEB-40B6-B7C2-E429F9491F0E} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [693432 2016-10-15] (A-Volute -> )
Task: {A65BF612-3109-4D0F-8AC3-FD24790B1E96} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (No File)
Task: {3F780669-1A6A-4D56-9EA6-DAD0E0AE5777} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3322400 2025-06-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C8E4C6E-72B6-41D3-86BE-34B027E34302} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2367702636-586777576-2407885215-1004 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File) <==== ATTENTION
Task: {9D8E849D-D86D-46DD-B64C-26898AB6B6AE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2367702636-586777576-2407885215-1004 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {053256B5-7013-499F-B1CB-CBCA2F7F3727} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2367702636-586777576-2407885215-1004 => C:\Users\Maria 2\AppData\Local\Microsoft\OneDrive\25.085.0504.0002\OneDriveLauncher.exe /startInstances (No File)
Task: {BEAF9BAB-2471-4DAF-8893-33432BDF0DF5} - System32\Tasks\RNIdle Task => C:\Windows\System32\drivers\RivetNetworks\Killer\RNIdleTask.exe [33224 2025-02-18] (Intel Corporation -> Intel)
Task: {C3C78633-7C1E-4F05-89D1-60F405421489} - System32\Tasks\S-1-5-21-2367702636-586777576-2407885215-1002\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\RNIdle Task.job => C:\Windows\System32\drivers\RivetNetworks\Killer\RNIdleTask.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 %SystemRoot%\system32\pnrpnsp.dll => No File
Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => No File
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog5-x64 02 %SystemRoot%\system32\pnrpnsp.dll => No File
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll => No File
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{07930dfb-22b4-448d-a6f4-06c023153ed6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{07930dfb-22b4-448d-a6f4-06c023153ed6}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{9648ad34-cb12-4ac9-b818-f72d1c83274d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Profile 2
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-23]
Edge Extension: (DualSafe Password Manager & Digital Vault) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobgdmjpamhpbiobbklajbdkgmmmbcja [2024-08-06]
Edge Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-30]
Edge Extension: (Edge relevant text changes) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-06]
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2025-06-14]
Edge Notifications: Profile 2 -> hxxps://www.msn.com
Edge HomePage: Profile 2 -> hxxps://google.com.au/
Edge StartupUrls: Profile 2 -> "hxxps://google.com.au/"
Edge Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-08]
Edge Extension: (Edge relevant text changes) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-06]
Edge HKLM\...\Edge\Extension: [bobgdmjpamhpbiobbklajbdkgmmmbcja]
Edge HKU\S-1-5-21-2367702636-586777576-2407885215-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [bobgdmjpamhpbiobbklajbdkgmmmbcja]
Edge HKLM-x32\...\Edge\Extension: [bobgdmjpamhpbiobbklajbdkgmmmbcja]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2025-06-14]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://google.com.au/
CHR StartupUrls: Default -> "hxxps://google.com.au/"
CHR Extension: (AdGuard AdBlocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2025-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-10]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-10]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [lgbjhdkjmpgjgcbcdlhkokkckpjmedgc]
CHR HKU\S-1-5-21-2367702636-586777576-2407885215-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lgbjhdkjmpgjgcbcdlhkokkckpjmedgc]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [lgbjhdkjmpgjgcbcdlhkokkckpjmedgc]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1079608 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
S3 hpatchmon; C:\WINDOWS\system32\hpatchmon.dll [173472 2025-06-01] (Microsoft Windows -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-06] (HP Inc. -> HP Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78272 2025-02-18] (Intel Corporation -> Intel® Corporation)
S3 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2456008 2025-02-18] (Intel Corporation -> Intel)
S3 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2622920 2025-02-18] (Intel Corporation -> Intel)
S3 Killer Provider Data Helper Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerProviderDataHelperService.exe [1211848 2025-02-18] (Intel Corporation -> Intel)
S3 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [77744 2025-02-18] (Intel Corporation -> Rivet Networks, LLC.)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78280 2025-02-18] (Intel Corporation -> Intel® Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe [2050904 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MediatekSwitchUSB; C:\Program Files (x86)\MediatekSwitchUSB\MediatekSwitchUSB.exe [1219704 2023-11-28] (MEDIATEK INC. -> )
R2 Micro Star SCM; C:\Windows\SysWoW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [58296 2016-08-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [181776 2025-04-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_8e2b7f872a9cdacc\Display.NvContainer\NVDisplay.Container.exe [1275544 2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189800 2023-03-19] (Qualcomm Atheros, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe [4525976 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe [278304 2025-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394312 2025-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [213448 2025-02-18] (Intel Corporation -> Rivet Networks, LLC.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 mtkwl6eux; C:\WINDOWS\System32\drivers\mtkwl6eux.sys [1409560 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 PlutonHeci; C:\WINDOWS\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_f74945e2fcb1d3d7\pluton-heci.sys [75168 2025-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-18] (Bruce James -> Scarlet.Crush Productions)
S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [43888 2017-05-12] (SteelSeries ApS -> SteelSeries ApS)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-05-16] (SteelSeries ApS -> )
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-05-31] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [19984 2025-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606568 2025-05-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100736 2025-05-31] (Microsoft Windows -> Microsoft Corporation)
R0 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [169400 2024-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-09-06] (Microsoft Windows -> Microsoft Corporation)
U3 aswArDisk; no ImagePath
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-06-14 13:23 - 2025-06-14 13:24 - 000026695 _____ C:\Users\user\Desktop\FRST.txt
2025-06-14 13:18 - 2025-06-14 13:24 - 000000000 ____D C:\FRST
2025-06-14 13:17 - 2025-06-14 13:17 - 002406912 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2025-06-14 13:09 - 2025-06-14 13:10 - 002728228 _____ C:\Users\user\Downloads\chipset_10.1.1.38_public.zip
2025-06-14 13:08 - 2025-06-14 13:08 - 000002306 _____ C:\Users\Public\Desktop\Intel® Rapid Storage Technology.lnk
2025-06-14 13:08 - 2025-06-14 13:08 - 000000092 _____ C:\Users\user\Desktop\MSI Global - The Leading Brand in High-end Gaming & Professional Creation - MSI Global - The Leading Brand in High-end Gaming.url
2025-06-14 13:08 - 2025-06-14 13:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-06-14 13:08 - 2025-06-14 13:08 - 000000000 ____D C:\Users\user\Downloads\ASMUSBHost_V116381WHQL
2025-06-14 13:00 - 2025-06-14 13:00 - 000000000 ____D C:\Users\user\Downloads\imsm_SetupRST_15.9.0.1015_0x17be985a
2025-06-14 12:59 - 2025-06-14 12:59 - 018265249 _____ C:\Users\user\Downloads\imsm_SetupRST_15.9.0.1015_0x17be985a.zip
2025-06-14 12:58 - 2025-06-14 12:58 - 009887217 _____ C:\Users\user\Downloads\ASMUSBHost_V116381WHQL.zip
2025-06-14 12:54 - 2025-06-14 12:54 - 011833040 _____ (Intel Corporation) C:\Users\user\Downloads\SetupRST (1).exe
2025-06-14 12:53 - 2025-06-14 12:53 - 015118552 _____ (Intel Corporation) C:\Users\user\Downloads\SetupRST.exe
2025-06-14 12:19 - 2025-06-14 12:19 - 004362260 _____ C:\Users\user\Downloads\SAVPP-007899_T1693435.pdf
2025-06-10 20:05 - 2025-06-10 20:05 - 001386096 _____ C:\Users\user\Downloads\NDIS Pricing Arrangements and Price Limits 2024-25 v1.3.pdf
2025-06-06 09:59 - 2025-06-06 10:00 - 000053075 _____ C:\Users\user\Downloads\Invoice (3).pdf
2025-06-05 10:28 - 2025-06-05 10:28 - 000052902 _____ C:\Users\user\Downloads\Invoice (2).pdf
2025-06-02 22:19 - 2025-06-02 22:19 - 000052912 _____ C:\Users\user\Downloads\Invoice (1).pdf
2025-06-02 11:56 - 2025-06-02 11:56 - 000053075 _____ C:\Users\user\Downloads\Invoice.pdf
2025-06-02 09:07 - 2025-06-02 09:08 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2025-06-02 08:51 - 2025-06-02 08:51 - 549949900 _____ C:\Users\user\Downloads\MSI-Center.zip
2025-06-02 08:51 - 2025-06-02 08:51 - 000000000 ____D C:\Users\user\Downloads\MSI-Center
2025-06-01 16:04 - 2025-06-01 16:04 - 000000000 ____D C:\Users\user\AppData\Roaming\NVIDIA
2025-06-01 15:35 - 2025-06-14 12:04 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-06-01 15:26 - 2025-06-01 15:26 - 000000000 ___HD C:\$SysReset
2025-06-01 15:22 - 2025-06-14 13:15 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-06-01 14:40 - 2025-06-02 09:11 - 000003088 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2367702636-586777576-2407885215-1004
2025-06-01 14:39 - 2025-06-02 09:11 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2367702636-586777576-2407885215-1004
2025-06-01 14:39 - 2025-06-02 09:11 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2367702636-586777576-2407885215-1004
2025-06-01 14:29 - 2025-06-01 14:30 - 000000000 ____D C:\Program Files\Unlocker
2025-06-01 14:29 - 2025-06-01 14:29 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2025-06-01 13:53 - 2025-06-01 13:53 - 000388465 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2025-06-01 13:42 - 2025-06-01 13:42 - 000000000 ____D C:\Users\user\AppData\Local\ASP.NET
2025-06-01 13:41 - 2025-06-11 10:45 - 000000000 ____D C:\Program Files\dotnet
2025-06-01 13:41 - 2025-06-11 10:45 - 000000000 ____D C:\Program Files (x86)\dotnet
2025-06-01 13:06 - 2025-06-01 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Apps
2025-06-01 12:35 - 2025-06-01 12:35 - 000000000 ____D C:\Users\user\Downloads\Autoruns
2025-06-01 12:30 - 2025-06-01 12:30 - 000000000 ____D C:\Users\user\Downloads\Portable
2025-06-01 12:17 - 2025-06-01 12:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2025-06-01 12:13 - 2025-05-16 10:47 - 002072448 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-06-01 12:13 - 2025-05-16 10:47 - 002072448 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-06-01 12:13 - 2025-05-16 10:47 - 001614208 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-06-01 12:13 - 2025-05-16 10:47 - 001614208 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-06-01 12:13 - 2025-05-16 10:47 - 001576832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-06-01 12:13 - 2025-05-16 10:47 - 001576832 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-06-01 12:13 - 2025-05-16 10:47 - 001389952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-06-01 12:13 - 2025-05-16 10:47 - 001389952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-06-01 12:13 - 2025-05-16 10:47 - 000477832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2025-06-01 12:13 - 2025-05-16 10:47 - 000374936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2025-06-01 12:12 - 2025-05-16 10:43 - 001259632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2025-06-01 12:12 - 2025-05-16 10:43 - 000674408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2025-06-01 12:12 - 2025-05-16 10:43 - 000509056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 026002056 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2025-06-01 12:12 - 2025-05-16 10:42 - 002313352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 001713824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 001569416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 001220232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 001053848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 000942208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2025-06-01 12:12 - 2025-05-16 10:42 - 000809576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2025-06-01 12:12 - 2025-05-16 10:42 - 000467056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2025-06-01 12:12 - 2025-05-16 10:41 - 023034480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2025-06-01 12:12 - 2025-05-16 10:41 - 020517528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2025-06-01 12:12 - 2025-05-16 10:41 - 007322760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2025-06-01 12:12 - 2025-05-16 10:41 - 005913736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2025-06-01 12:12 - 2025-05-16 10:41 - 005240480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2025-06-01 12:12 - 2025-05-16 10:41 - 003994264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2025-06-01 12:12 - 2025-05-16 10:41 - 000853664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2025-06-01 12:12 - 2025-05-16 10:32 - 005601560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2025-06-01 12:12 - 2025-05-16 10:32 - 004901616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2025-06-01 12:12 - 2025-05-15 10:45 - 000143016 _____ C:\WINDOWS\system32\nvinfo.pb
2025-06-01 12:12 - 2025-05-15 10:45 - 000125048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2025-06-01 12:10 - 2025-06-01 12:10 - 000000000 ____D C:\NVIDIA
2025-06-01 11:13 - 2025-06-01 11:13 - 000001555 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-06-01 11:12 - 2025-06-01 11:12 - 000033224 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-06-01 11:12 - 2025-06-01 11:12 - 000033224 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-06-01 10:55 - 2025-06-01 13:08 - 000000000 ____D C:\Program Files (x86)\Belarc
2025-06-01 10:46 - 2011-01-12 13:36 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2025-06-01 10:46 - 2011-01-12 13:19 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2025-06-01 10:46 - 2011-01-12 12:53 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2025-06-01 10:46 - 2007-02-01 22:13 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2025-06-01 02:05 - 2025-06-01 02:05 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-06-01 02:05 - 2025-06-01 02:05 - 000000000 ____D C:\inetpub
2025-05-31 18:02 - 2025-05-31 18:02 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-05-31 18:02 - 2025-05-31 18:02 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-05-31 17:08 - 2025-06-03 11:03 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK
2025-05-31 16:19 - 2016-11-01 06:46 - 000149888 _____ (ASMedia Technology Inc) C:\WINDOWS\system32\Drivers\asmthub3.sys
2025-05-31 16:16 - 2016-09-02 02:20 - 000453504 _____ (ASMedia Technology Inc) C:\WINDOWS\system32\Drivers\asmtxhci.sys
2025-05-31 15:58 - 2025-05-31 15:58 - 000242724 _____ C:\WINDOWS\ntbtlog.txt
2025-05-31 14:25 - 2025-06-01 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2025-05-31 14:25 - 2025-05-31 14:25 - 000000000 ____D C:\Users\user\AppData\Local\VS Revo Group
2025-05-29 09:32 - 2025-05-29 09:32 - 000000000 ____D C:\Users\user\Documents\temp
2025-05-28 12:40 - 2025-05-28 12:40 - 000000000 ____D C:\ProgramData\bst_boost_interprocess
2025-05-28 12:39 - 2025-06-13 16:52 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2025-05-28 12:39 - 2025-06-01 08:35 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2025-05-28 12:39 - 2025-05-28 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Store
2025-05-28 10:44 - 2025-05-28 10:44 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2025-05-28 10:40 - 2025-06-07 11:53 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-05-28 10:40 - 2025-06-04 23:04 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-05-28 10:40 - 2025-06-03 11:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-28 10:40 - 2025-06-02 09:11 - 000002972 _____ C:\WINDOWS\system32\Tasks\DualSafe Password Manager Init SkipUAC(Maria)
2025-05-28 10:40 - 2025-06-02 09:11 - 000002930 _____ C:\WINDOWS\system32\Tasks\DualSafe Password Manager Task
2025-05-28 10:40 - 2025-06-02 09:11 - 000002566 _____ C:\WINDOWS\system32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-05-28 10:40 - 2025-06-01 12:38 - 000002396 _____ C:\WINDOWS\system32\Tasks\Nahimic2UILauncherRun
2025-05-28 10:40 - 2025-06-01 12:38 - 000002384 _____ C:\WINDOWS\system32\Tasks\Nahimic2Svc64Run
2025-05-28 10:40 - 2025-06-01 12:38 - 000002376 _____ C:\WINDOWS\system32\Tasks\Nahimic2Svc32Run
2025-05-28 10:40 - 2025-06-01 12:38 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2025-05-28 10:40 - 2025-05-29 12:23 - 000002956 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2025-05-28 10:40 - 2025-05-28 10:40 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-28 10:40 - 2025-05-28 10:40 - 000003238 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-28 10:40 - 2025-05-28 10:40 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2025-05-28 10:40 - 2025-05-28 10:40 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Maria
2025-05-28 10:40 - 2025-05-28 10:40 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - user
2025-05-28 10:40 - 2025-05-28 10:40 - 000002070 _____ C:\WINDOWS\system32\Tasks\RNIdle Task
2025-05-28 10:40 - 2025-05-28 10:40 - 000000020 ___SH C:\Users\user\ntuser.ini
2025-05-28 10:40 - 2025-05-28 10:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-2367702636-586777576-2407885215-1002
2025-05-28 10:40 - 2025-05-28 10:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2025-05-28 10:40 - 2025-05-28 10:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2025-05-28 10:40 - 2025-05-28 10:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-05-28 10:39 - 2025-06-03 11:07 - 000789742 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-28 10:39 - 2025-05-28 10:39 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2025-05-28 10:36 - 2025-06-03 11:03 - 000005548 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-05-28 10:35 - 2025-05-28 10:35 - 000000326 _____ C:\WINDOWS\Tasks\RNIdle Task.job
2025-05-28 10:35 - 2025-05-28 10:35 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2025-05-28 10:34 - 2025-06-03 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-05-28 10:34 - 2025-06-01 15:56 - 000296880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-05-28 10:28 - 2025-05-28 10:34 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Crypto
2025-05-28 10:28 - 2025-05-28 10:28 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates
2025-05-28 10:28 - 2025-05-28 10:28 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Network
2025-05-28 10:25 - 2025-05-28 10:43 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows
2025-05-28 10:25 - 2025-05-28 10:40 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Spelling
2025-05-28 10:25 - 2025-05-28 10:34 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2025-05-28 10:24 - 2025-05-28 10:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2025-05-28 10:24 - 2025-05-28 10:24 - 000000000 ____D C:\WINDOWS\Firmware
2025-05-28 10:23 - 2025-05-28 10:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2025-05-28 10:23 - 2025-05-28 10:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2025-05-28 10:16 - 2025-05-28 10:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2025-05-28 10:07 - 2025-06-09 11:27 - 000000000 ___DC C:\WINDOWS\Panther
2025-05-28 09:38 - 2025-05-28 09:38 - 000162025 _____ C:\Users\user\Desktop\Budget Overview.pdf
2025-05-25 12:22 - 2025-05-25 12:22 - 000001347 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2025-05-25 12:22 - 2025-05-25 12:22 - 000000000 ____D C:\Users\user\AppData\Local\PCHealthCheck
2025-05-24 16:59 - 2025-05-24 17:00 - 000000000 ____D C:\Program Files (x86)\mtkwl6eux
2025-05-24 16:59 - 2025-05-24 16:59 - 000000000 ____D C:\Program Files (x86)\NETGEAR_A7500
2025-05-24 16:59 - 2025-05-24 16:59 - 000000000 ____D C:\Program Files (x86)\MTKOEMX
2025-05-24 16:59 - 2025-05-24 16:59 - 000000000 ____D C:\Program Files (x86)\MediatekSwitchUSB
2025-05-23 12:55 - 2025-06-07 18:48 - 000002592 _____ C:\Users\user\Desktop\Homescapes.lnk
2025-05-23 12:55 - 2025-06-07 18:47 - 000002716 _____ C:\Users\user\Desktop\Gardenscapes.lnk
2025-05-23 12:06 - 2025-05-23 12:06 - 000000000 ___HD C:\$AV_ASW
2025-05-23 10:46 - 2025-05-31 16:14 - 000000000 ____D C:\Users\user\AppData\Roaming\Avast Software
2025-05-16 23:07 - 2025-05-16 23:07 - 000002054 _____ C:\Users\user\Desktop\Lilys Garden (1).lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-06-14 13:12 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-14 13:08 - 2024-04-01 16:54 - 000000000 ____D C:\WINDOWS\INF
2025-06-14 13:08 - 2016-11-29 02:16 - 000000000 ____D C:\Program Files\Intel
2025-06-14 13:02 - 2016-11-29 02:16 - 000000000 ____D C:\Program Files (x86)\Intel
2025-06-14 12:54 - 2024-04-01 16:56 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-14 12:54 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-14 12:52 - 2024-04-01 16:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-14 12:27 - 2020-05-21 15:32 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2025-06-14 12:04 - 2024-03-10 10:19 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-06-14 11:59 - 2019-08-01 07:17 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2025-06-14 11:52 - 2025-04-12 20:18 - 000000000 ____D C:\Users\user\AppData\Roaming\bluestacks-services
2025-06-14 02:00 - 2019-07-26 12:51 - 000000000 ____D C:\ProgramData\NVIDIA
2025-06-13 11:59 - 2020-05-21 00:23 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-12 20:21 - 2025-04-12 20:27 - 000002038 _____ C:\Users\user\Desktop\Heart of Vegas.lnk
2025-06-11 16:00 - 2025-04-12 20:27 - 000002054 _____ C:\Users\user\Desktop\Lightning Link.lnk
2025-06-11 10:45 - 2016-11-29 02:13 - 000000000 ____D C:\ProgramData\Package Cache
2025-06-11 10:44 - 2019-07-31 19:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-06-11 10:43 - 2019-07-31 19:00 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-06-08 10:59 - 2020-10-27 15:16 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-08 10:59 - 2020-10-27 15:16 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-06-07 18:40 - 2021-10-02 15:25 - 000000000 ____D C:\Program Files\CCleaner
2025-06-06 19:17 - 2025-04-12 20:32 - 000002086 _____ C:\Users\user\Desktop\Lightning Link (1).lnk
2025-06-05 13:12 - 2019-07-31 16:10 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2025-06-04 23:04 - 2019-07-26 12:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-06-04 14:12 - 2025-04-12 20:26 - 000002014 _____ C:\Users\user\Desktop\Lilys Garden.lnk
2025-06-03 11:03 - 2020-10-27 17:34 - 000012288 ___SH C:\DumpStack.log.tmp
2025-06-02 18:50 - 2024-09-07 15:10 - 003175968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-06-02 18:50 - 2024-09-07 15:10 - 002522144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-06-02 18:50 - 2020-10-27 14:10 - 000271392 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-06-02 18:50 - 2020-10-27 14:10 - 000245792 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-06-02 18:23 - 2016-11-29 02:13 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-06-02 18:23 - 2016-11-29 02:13 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-06-02 18:21 - 2021-08-29 19:44 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2025-06-02 09:28 - 2024-03-09 12:31 - 000000000 ____D C:\Users\user\AppData\Local\BlueStacks X
2025-06-02 09:00 - 2024-04-01 16:51 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-06-02 08:57 - 2020-06-08 20:38 - 000000000 ____D C:\MSI
2025-06-02 08:56 - 2019-07-26 13:04 - 000000000 ____D C:\ProgramData\Packages
2025-06-02 08:56 - 2016-11-29 02:28 - 000000000 ____D C:\Program Files (x86)\MSI
2025-06-01 16:04 - 2020-05-21 12:09 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2025-06-01 15:22 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-06-01 14:47 - 2016-08-03 03:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-06-01 14:21 - 2025-04-11 11:05 - 000000000 ____D C:\Users\user\AppData\Local\Malwarebytes
2025-06-01 14:12 - 2024-08-15 11:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2025-06-01 13:42 - 2016-11-29 02:16 - 000000000 ____D C:\ProgramData\Intel
2025-06-01 12:17 - 2024-04-01 16:56 - 000000000 ___SD C:\WINDOWS\system32\lxss
2025-06-01 12:17 - 2024-03-05 20:28 - 000000000 ____D C:\Users\user\AppData\LocalLow\NVIDIA
2025-06-01 12:17 - 2019-07-26 12:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ___RD C:\Program Files\Windows Defender
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\UUS
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SystemResources
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\setup
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\Com
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-06-01 11:44 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-06-01 08:35 - 2019-07-31 17:23 - 000000000 ____D C:\Program Files\Common Files\AV
2025-06-01 08:35 - 2016-11-29 02:57 - 000000000 ____D C:\Program Files (x86)\SCM
2025-06-01 08:35 - 2016-11-29 02:29 - 000000000 ____D C:\ProgramData\MSI
2025-06-01 08:35 - 2016-11-29 02:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2025-06-01 08:28 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\registration
2025-06-01 02:05 - 2024-09-06 13:40 - 000000000 ____D C:\WINDOWS\InboxApps
2025-06-01 02:05 - 2024-04-01 17:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-06-01 02:05 - 2024-04-01 17:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-06-01 02:05 - 2024-04-01 17:38 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-06-01 02:05 - 2024-04-01 17:38 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\Provisioning
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\IME
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\ProgramData\USOPrivate
2025-06-01 02:05 - 2024-04-01 16:56 - 000000000 ____D C:\Program Files\Common Files\System
2025-06-01 02:05 - 2024-04-01 16:51 - 000000000 ____D C:\WINDOWS\servicing
2025-05-31 21:47 - 2024-04-01 16:56 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-05-31 21:47 - 2024-04-01 16:56 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2025-05-31 17:07 - 2022-01-12 08:34 - 000002487 _____ C:\Users\user\Desktop\Xbox.lnk
2025-05-31 16:53 - 2024-04-01 16:56 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-05-31 16:41 - 2017-08-31 03:57 - 000047832 _____ (STMicroelectronics) C:\WINDOWS\system32\Drivers\STTub30.sys
2025-05-31 16:36 - 2019-07-31 16:12 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\MMC
2025-05-31 16:18 - 2019-07-26 12:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-05-29 11:50 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SystemApps
2025-05-29 10:45 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-05-29 10:33 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2025-05-29 10:02 - 2016-11-29 02:30 - 000000000 ____D C:\Program Files\Portrait Displays
2025-05-29 09:35 - 2021-05-02 15:49 - 000000000 ____D C:\Users\user\AppData\Local\Nox
2025-05-28 17:00 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\appcompat
2025-05-28 12:40 - 2025-04-12 20:19 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2025-05-28 12:40 - 2025-04-12 20:19 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk
2025-05-28 12:40 - 2025-04-12 20:19 - 000002082 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
2025-05-28 12:40 - 2025-04-12 20:19 - 000001976 _____ C:\Users\Public\Desktop\BlueStacks 5.lnk
2025-05-28 12:39 - 2025-04-12 20:17 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2025-05-28 12:39 - 2020-11-12 12:44 - 000000000 ____D C:\Users\user\AppData\Local\Bluestacks
2025-05-28 11:02 - 2019-07-31 17:21 - 000000000 ____D C:\Users\user\AppData\Local\PlaceholderTileLogoFolder
2025-05-28 10:41 - 2020-05-21 00:23 - 000002339 _____ C:\Users\user\Desktop\Google Chrome.lnk
2025-05-28 10:36 - 2024-04-01 16:56 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-05-28 10:34 - 2024-09-07 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-05-28 10:34 - 2024-08-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2025-05-28 10:34 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2025-05-28 10:34 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\WCN
2025-05-28 10:34 - 2024-04-01 16:56 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2025-05-28 10:34 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-05-28 10:34 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\spool
2025-05-28 10:34 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-05-28 10:34 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-28 10:34 - 2021-10-02 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2025-05-28 10:34 - 2020-06-01 18:48 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-05-28 10:34 - 2020-06-01 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-05-28 10:34 - 2020-05-21 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2025-05-28 10:34 - 2019-12-07 19:22 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2025-05-28 10:34 - 2019-12-07 18:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2025-05-28 10:34 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2025-05-28 10:34 - 2019-08-01 06:52 - 000000000 ____D C:\Program Files\UNP
2025-05-28 10:34 - 2019-07-26 13:36 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2025-05-28 10:34 - 2019-07-26 12:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2025-05-28 10:34 - 2019-07-26 12:51 - 000000000 ____D C:\WINDOWS\system32\DAX3
2025-05-28 10:34 - 2019-07-26 12:51 - 000000000 ____D C:\WINDOWS\system32\DAX2
2025-05-28 10:34 - 2016-11-29 02:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2025-05-28 10:34 - 2016-11-29 02:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2025-05-28 10:34 - 2016-11-29 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2025-05-28 10:34 - 2016-11-29 02:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nahimic 2
2025-05-28 10:33 - 2024-04-01 16:59 - 000000000 ____D C:\WINDOWS\Setup
2025-05-28 10:28 - 2024-04-01 16:56 - 000000000 __RHD C:\Users\Public\Libraries
2025-05-28 10:27 - 2024-04-01 16:56 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2025-05-28 10:26 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2025-05-28 10:26 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2025-05-28 10:26 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2025-05-28 10:26 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\winrm
2025-05-28 10:26 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\slmgr
2025-05-28 10:26 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2025-05-28 10:26 - 2024-04-01 16:56 - 000000000 ___SD C:\WINDOWS\system32\dsc
2025-05-28 10:26 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2025-05-28 10:26 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\system32\MUI
2025-05-28 10:26 - 2019-12-07 18:44 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2025-05-28 10:26 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2025-05-28 10:26 - 2019-07-26 12:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2025-05-28 10:26 - 2016-08-03 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2025-05-28 10:25 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\schemas
2025-05-28 10:25 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\Resources
2025-05-28 10:25 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\OCR
2025-05-28 10:25 - 2024-04-01 16:56 - 000000000 ____D C:\WINDOWS\Help
2025-05-28 10:25 - 2016-11-29 02:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizing Options
2025-05-28 10:25 - 2016-11-29 02:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2025-05-26 20:51 - 2025-04-12 20:27 - 000002054 _____ C:\Users\user\Desktop\Cashman Casino.lnk
2025-05-26 20:50 - 2025-04-12 20:27 - 000002042 _____ C:\Users\user\Desktop\Mighty Fu Casino.lnk
2025-05-23 10:59 - 2024-05-03 13:46 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Office
2025-05-23 10:59 - 2021-05-02 15:51 - 000000000 ____D C:\Users\user\vmlogs
2025-05-16 10:17 - 2021-10-25 21:13 - 000000295 _____ C:\Users\user\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2025-05-16 10:14 - 2021-05-02 15:51 - 000000000 ____D C:\Users\user\AppData\Local\NoxSrv
2025-05-16 10:14 - 2021-05-02 15:51 - 000000000 ____D C:\Users\user\.android

==================== Files in the root of some directories ========

2025-05-24 16:59 - 2025-05-28 22:06 - 000371894 _____ () C:\Program Files\A7500.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

[Amatex]

Additional.txt



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by Maria (14-06-2025 13:27:13)
Running from C:\Users\user\Desktop
Microsoft Windows 11 Home Version 24H2 26100.4202 (X64) (2025-05-28 01:10:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2367702636-586777576-2407885215-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2367702636-586777576-2407885215-503 - Limited - Disabled)
Guest (S-1-5-21-2367702636-586777576-2407885215-501 - Limited - Disabled)
Maria (S-1-5-21-2367702636-586777576-2407885215-1002 - Administrator - Enabled) => C:\Users\user
nmich (S-1-5-21-2367702636-586777576-2407885215-1003 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2367702636-586777576-2407885215-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks (HKLM\...\BlueStacks_nxt) (Version: 5.22.75.1026 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.36 - Piriform)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM\...\{07074146-BF43-3FFE-9593-776EA44F5EE0}) (Version: 137.0.7151.104 - Google LLC)
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 - Micro-Star International Co., Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{4EB05024-F740-48CF-B9B0-62A041E22D5C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DD04783C-E206-46DB-97A7-1155B1C76038}) (Version: 11.6.0.1025 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.0.1015 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E262E6F2-0F11-49C7-A144-18FE8FE0376E}) (Version: 15.9.0.1015 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup (HKLM\...\{8A3AB174-539E-44A6-9A2A-479FA6E75477}) (Version: 2.3.801 - Nahimic) Hidden
Microsoft .NET Host - 8.0.17 (x64) (HKLM\...\{F9A48374-07E7-499E-AFD5-345FB3B78C09}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.17 (x86) (HKLM-x32\...\{0CE15C0D-37A0-483E-BBF1-35C322A66419}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.17 (x64) (HKLM\...\{B73795E1-2391-49EB-A3E8-C2E16B2CEAC4}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.17 (x86) (HKLM-x32\...\{9D7A4E22-2CFF-430B-B541-EEF048192992}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.17 (x64) (HKLM\...\{685320E7-FDFC-4BC6-91B3-E16746AFA1A0}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.17 (x64) (HKLM-x32\...\{40e14e49-3507-4d90-84bb-2ccc84cc3a02}) (Version: 8.0.17.34916 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.17 (x86) (HKLM-x32\...\{CF67D6DD-D815-430F-BAB2-72B0CBF7935A}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.17 - Shared Framework (x64) (HKLM-x32\...\{a393eafd-a4ac-4ef8-a06d-79731a473eea}) (Version: 8.0.17.25266 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.17 - Shared Framework (x86) (HKLM-x32\...\{9ee718fb-d8bd-4d41-b2e4-8694f63d2846}) (Version: 8.0.17.25266 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.17 Shared Framework (x64) (HKLM\...\{BAAD9150-F166-3536-AD2B-6AEA5F707AA9}) (Version: 8.0.17.25266 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.17 Shared Framework (x86) (HKLM-x32\...\{C44EA07A-EC04-39C0-AB0D-335BAF4B639E}) (Version: 8.0.17.25266 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.68 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B409944C-1493-4B0D-A92C-2CE3C5F5F289}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0E8D087B-5654-4010-AF4D-DE1250B8C1EB}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35208 (HKLM-x32\...\{9387bec2-2f2b-48d1-a0ce-692c5df7042d}) (Version: 14.44.35208.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35208 (HKLM-x32\...\{e90abaf0-d749-437b-ba99-cda1c84b6754}) (Version: 14.44.35208.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35208 (HKLM\...\{7E35F76C-5801-4A4A-817C-66AF46D3E5AD}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35208 (HKLM\...\{130A991B-6E86-4D62-86F4-656E6C9DA867}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35208 (HKLM-x32\...\{5A76FFAE-36C5-4648-80BD-4BB5B6E971F0}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35208 (HKLM-x32\...\{491C67BA-2F2F-4A90-B9DD-4C76BFDBEA02}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.17 (x86) (HKLM-x32\...\{a62b7c6b-ecc0-430b-a2d2-c4f67e803dc5}) (Version: 8.0.17.34917 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.17 (x86) (HKLM-x32\...\{CA21776F-F718-4A03-AC6A-35A1922442B7}) (Version: 64.68.34385 - Microsoft Corporation) Hidden
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2025.0514.01 - MSI)
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nahimic 2 (HKLM-x32\...\{dc4a4fd1-d700-43a0-b667-f0b5c5a5e20c}) (Version: 2.3.8 - Nahimic)
Nahimic2UISetup (HKLM\...\{3392EE33-6A54-44F2-9C0E-6F587CFF30C4}) (Version: 2.3.801 - Nahimic) Hidden
NETGEAR A7500 WiFi 6 Adapter (HKLM-x32\...\{447A0742-9947-4909-AD72-AE217A810588}) (Version: 1.0.0.125 - NETGEAR)
NVIDIA App 11.0.4.148 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.4.148 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 - NVIDIA Corporation)
NVIDIA Graphics Driver 576.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 576.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
ProductDaemonSetup (HKLM\...\{848FA406-FBF6-49E2-A980-D4E6AC130D0A}) (Version: 2.3.801 - Nahimic) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{C532FCEC-75CD-477D-94E1-61B50BC679F0}) (Version: 13.016.10073 - Application)
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
UIInstallUpgrade (HKLM\...\{3662E39E-63C8-4C6F-ABA6-08859C2CA92B}) (Version: 2.3.801 - Nahimic) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B008D72C-0326-421E-BB2F-98BA5F9DDE9C}) (Version: 4.0.2410.23001 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
XSplit Gamecaster (HKLM-x32\...\{9E8A3821-032E-4230-9C12-C14D3FC8685E}) (Version: 2.8.1605.2342 - SplitmediaLabs)

Packages:
=========
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-01] (Microsoft Windows)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2025-05-31] (Canon Inc.)
Click to Do (preview) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-01] (Microsoft Windows)
Gardenscapes -> C:\Program Files\WindowsApps\PLRWorldwideSales.Gardenscapes-NewAcres_8.8.0.0_x64__1feq88045d2v2 [2025-06-03] (Playrix)
Homescapes -> C:\Program Files\WindowsApps\PLRWorldwideSales.Homescapes_8.0.3.0_x64__1feq88045d2v2 [2025-06-05] (Playrix)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2025-05-31] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2025-05-31] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-05-31] (Microsoft Corporation)
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-05-31] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.54.0_x64__kzh8wxbdkxb8p [2025-06-01] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_3.0.20.0_x64__kzh8wxbdkxb8p [2025-06-01] (MICRO-STAR INTERNATIONAL CO., LTD)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2025-05-31] (MAGIX)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-12] (NVIDIA Corp.)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0 [2025-06-05] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-01] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-01] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-01] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-01] (Microsoft Windows)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2504.2504.15001.0_x64__8wekyb3d8bbwe [2025-05-31] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2025-05-31] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_8e2b7f872a9cdacc\nvshext.dll [2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e4ed22b324357c2e\Profile 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2025-06-14 11:52 - 2025-06-14 11:52 - 002338304 _____ () [File not signed] \\?\C:\Users\user\AppData\Local\Temp\b57d0b51-36ca-4d53-a1ff-82e26fdf0414.tmp.node
2025-04-12 20:18 - 2024-05-08 17:48 - 002862080 _____ () [File not signed] C:\Users\user\AppData\Local\Programs\bluestacks-services\ffmpeg.dll
2025-04-12 20:18 - 2024-05-08 17:48 - 000479232 _____ () [File not signed] C:\Users\user\AppData\Local\Programs\bluestacks-services\libegl.dll
2025-04-12 20:18 - 2024-05-08 17:48 - 007513600 _____ () [File not signed] C:\Users\user\AppData\Local\Programs\bluestacks-services\libglesv2.dll
2025-04-12 20:18 - 2024-05-08 17:48 - 005209088 _____ () [File not signed] C:\Users\user\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll
2024-09-07 15:10 - 2025-06-04 23:04 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\user\Desktop\Image.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\user\Desktop\Image.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\user\Documents\Image (2).jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\user\Documents\Image (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\user\Documents\Image.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\user\Documents\Image.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\user\Documents\Image2.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\user\Documents\Image2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\user\Documents\Image3.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\user\Documents\Image3.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 21:17 - 2025-06-01 14:11 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Desktop\kittens_sofa_cats_99559_1366x768.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Bluetooth Network Connection 3: Bluetooth Device (Personal Area Network) #3 -> bthpan.sys
A7500_NETGEAR: NETGEAR A7500 WiFi 6 Adapter -> mtkwl6eux.sys
Ethernet: Killer E2500 Gigabit Ethernet Controller -> e2xw10x64.sys
Wi-Fi: Killer Wireless-n/a/ac 1435 Wireless Network Adapter -> Qcamain10x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 3
MSCONFIG\Services: KAPSService => 3
MSCONFIG\Services: MSI_ActiveX_Service => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: ssh-agent => 3
MSCONFIG\Services: xTendSoftAPService => 3
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "MsiTrueColor"
HKLM\...\StartupApproved\Run: => "Nahimic2UILauncher"
HKLM\...\StartupApproved\Run: => "SCM"
HKLM\...\StartupApproved\Run: => "SteelSeriesGG"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18"
HKU\S-1-5-21-2367702636-586777576-2407885215-1002\...\StartupApproved\Run: => "NoxMultiPlayer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CF5090BF-013A-4ED5-84F3-1805310CD327}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD2932C8-D921-41BF-A0E2-F906B437CB0B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{935C843F-00B5-4617-9EF4-BF5905652923}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7055FB53-DB1E-47C4-BEBA-F18D602F6A14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A0E69FF-C302-490A-B15C-EC4020176CC3}] => (Allow) C:\Users\user\AppData\Local\Apps\2.0\MBQ8NNCC.JYA\NN5PTVR9.55K\frit..tion_4b253d3c7789a3f0_0002.0003_7e4432cefc686a99\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{6BEDC6FB-96DE-4C4C-B038-BBF1223939F9}] => (Allow) C:\Users\user\AppData\Local\Apps\2.0\MBQ8NNCC.JYA\NN5PTVR9.55K\frit..tion_4b253d3c7789a3f0_0002.0003_7e4432cefc686a99\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{45A4688C-2F57-4781-A0D1-FDD73AA935BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2AD6073F-058A-4D0B-BFFD-AC9D414B057C}] => (Allow) LPort=32682
FirewallRules: [{23C73EC8-2A9D-4871-B606-17CD16D85942}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{580CA3D8-F98B-47E3-ABD4-6E01EBC2F495}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DC4ED72-12D8-48EF-BCD1-9E64D7326507}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{BA24D25B-06C2-428D-B467-B135F172A03E}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{56199863-F80C-466E-9E3F-46C9591A779A}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{2D3B2FF5-1977-4BF6-86BD-84739BB95359}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3B65379B-014A-4F1F-B1BD-EE9B6F2372EE}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E15A001C-2309-4A5C-916E-1A08991DFCBC}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C711236B-B862-4416-ACA1-82557F842383}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DF21463D-C33E-4078-A07C-D12D1D53623B}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{77B9B0E5-6728-4D6C-A52A-B74A1AAB5BB0}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B5FD6732-05ED-405D-8931-735B62AF16EF}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8EBB5791-32DD-48CF-8E7A-4D585D7D1A68}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1901C25D-EEC2-453A-BFF9-C59C58E99B1C}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CB8DB3F8-AB46-4FD7-B463-2060EFBE3DDA}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{02BC1FD7-EAC3-4F7C-BF2A-6EBA691CF328}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{65B270C9-9D38-4718-BE83-FA8859274F12}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7910DDB5-2B52-4ED0-9A1B-49A76D9CE0ED}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{04411879-03EC-46F9-B8D2-5F308A57F196}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{26B988BA-7BFE-4A5C-B198-94B70A715522}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{847BEE44-4957-4262-9A7B-3D033B2212C8}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DEAF2380-FF38-4909-83AD-BFA0F66A2320}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EEC1A002-E31C-475D-B576-43F7E184629F}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{08AE1000-C1ED-47E3-AADD-1DA33E8A1DFC}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{118D3B14-1621-49A7-98A5-D105BCF9F2B3}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{08DA2F5B-E70C-4658-B130-70C0D0C92CCD}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F43ED7CE-C085-453B-9CA9-7A7836587CC3}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3479187B-5ACB-4E46-92BC-AFA1AA5EAD12}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{27C94FD3-0602-41D0-BCB7-1954A01844AD}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8AF8A5E0-9547-4B34-A980-F94117DB1C9E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5A191136-6E1A-4AD5-8828-BB6125F0CF44}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8CB4660E-58A2-4F5E-8E1B-17143A1817B6}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3F576FED-E99B-4899-B5C2-BD7EB61481CB}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{74122E53-6657-4247-81D8-2B3F76CD8ED0}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3F714D29-CFB2-419C-B079-EA4EAA5C2F4E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{92B69098-21D2-4A68-B2E9-36160F2C234D}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2A6D12BE-6893-4CCB-AEE0-0522DCF68295}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{45E95F8D-40DC-415D-B5DA-535E5C27843D}] => (Allow) LPort=32683
FirewallRules: [{4E6E7BCC-B85C-4112-8C73-A2C26720DA8A}] => (Allow) LPort=33683
FirewallRules: [{79986695-591C-4BAC-8A95-3AC564F6A46E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A41B164E-1E93-4617-A6AF-51153256CBB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{73C84E53-E39F-45D2-B136-CC137266B154}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D092203-8A61-41A8-8BC8-A8BA8FF9F165}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3AAA883A-069B-4ACE-8F6E-7DB60800F446}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2814AC2B-F71A-482C-AF5D-3E000E7ED09F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9E3DD152-901B-455F-91E5-2E0F24CA903D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D178B1F-1B62-4021-9ABB-901C7A44216B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FD8DB732-225D-4E23-A893-E9293828FE34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA118D3C-CA52-450B-A878-3CF97378F308}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C0EF71E3-84D9-4CDF-BD5E-70575CF5C2B5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3494F7DC-3720-4D0C-9BF1-C31494539FD8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{446BAA26-12BF-4CC2-AC3A-14FBDDAFD0FA}] => (Allow) LPort=26822

==================== Restore Points =========================

14-06-2025 12:50:30 Windows Modules Installer
14-06-2025 13:05:46 IIF_MSI
14-06-2025 13:09:19 Installed Asmedia USB Host Controller Driver.
14-06-2025 13:11:26 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2025 12:27:36 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x32fc
Faulting application start time: 0x1dbdcd814d5d1e7
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: e98ce225-ba40-46aa-a6e5-709e36706b21
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/14/2025 11:54:42 AM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x2fe0
Faulting application start time: 0x1dbdcd37c8983bd
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 93c370b6-b69e-4eb7-9d93-b1c6070100a8
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/14/2025 11:54:38 AM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x21d8
Faulting application start time: 0x1dbdcd379664bfd
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 95b6f5d8-7913-4d97-b805-e2d5222f3445
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/14/2025 12:37:32 AM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x25b4
Faulting application start time: 0x1dbdc74e31f7fdb
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 29b866c8-f834-4a8f-8810-be59eb3347e9
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/14/2025 12:37:28 AM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x32b8
Faulting application start time: 0x1dbdc74e0171684
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: e491add7-c818-46b8-913b-5b85fd2ff594
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/13/2025 11:30:32 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x3164
Faulting application start time: 0x1dbdc6b868cdc32
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 47ed19f9-c84a-492c-af44-9d2d7faea77c
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/13/2025 11:30:27 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0xf54
Faulting application start time: 0x1dbdc6b8389c727
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 9ff72a82-035e-4e02-adc8-ad47d097cc16
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/13/2025 10:08:05 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.22342, time stamp: 0x67ec3dc4
Faulting module name: hxcomm.dll, version: 16.0.14326.22342, time stamp: 0x67ec3d2c
Exception code: 0x0109f190
Fault offset: 0x00000000001e7dec
Faulting process id: 0x3984
Faulting application start time: 0x1dbdc6001f945e9
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 2fb52912-7616-42cb-873b-0468f70b5218
Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (06/14/2025 01:21:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (06/14/2025 01:21:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.

Error: (06/14/2025 01:14:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error (0x80070306 = One or more errors occurred while processing the request.): 2025-06 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5063060).

Error: (06/14/2025 01:06:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Browser service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (06/14/2025 01:06:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.

Error: (06/14/2025 01:03:55 PM) (Source: DCOM) (EventID: 10005) (User: MSI)
Description: DCOM got error "1053" attempting to start the service GoogleUpdaterService138.0.7194.0 with arguments "--com-service" in order to run the server:
{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}

Error: (06/14/2025 01:03:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Updater Service (GoogleUpdaterService138.0.7194.0) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (06/14/2025 01:03:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Updater Service (GoogleUpdaterService138.0.7194.0) service to connect.


Windows Defender:
================
Date: 2025-06-13 15:19:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-06-12 14:47:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-06-11 14:50:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-06-09 15:10:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-06-08 14:49:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Event[0]

Date: 2025-06-01 13:58:00
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2025-06-01 12:13:56
Description:
Microsoft Defender Antivirus service seemed to be hung during shutdown.
Timout (seconds): 0
Component: CleanupCompleted
Self-terminated: 0

Date: 2025-06-01 12:13:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.429.283.0;1.429.283.0
Engine Version: 1.1.25040.1

Date: 2025-06-01 12:08:04
Description:
Microsoft Defender Antivirus service seemed to be hung during shutdown.
Timout (seconds): 0
Component: UninitializeServiceWppTracing
Self-terminated: 0

Date: 2025-05-31 17:27:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.429.283.0;1.429.283.0
Engine Version: 1.1.25040.1

CodeIntegrity:
===============
Date: 2025-06-01 14:22:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-06-01 14:22:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-06-01 14:21:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-06-01 14:21:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. E1785IMS.311 02/12/2018
Motherboard: Micro-Star International Co., Ltd. MS-1785
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 57%
Total physical RAM: 16337.75 MB
Available physical RAM: 6926.62 MB
Total Virtual: 18641.75 MB
Available Virtual: 7633.05 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.18 GB) (Free:54.79 GB) (Model: KINGSTON RBU-SNS8152S3256GG5) NTFS
Drive d: (Data) (Fixed) (Total:914.07 GB) (Free:785.86 GB) (Model: HGST HTS721010A9E630) NTFS

\\?\Volume{336e1347-29af-4019-8692-419c81cb81d3}\ () (Fixed) (Total:0.88 GB) (Free:0.24 GB) NTFS
\\?\Volume{34c6b7a6-bfe6-4fb7-8a1c-5588aa504bd0}\ (BIOS_RVY) (Fixed) (Total:17.45 GB) (Free:0.69 GB) NTFS
\\?\Volume{ce179de3-139a-467e-836d-020965e6529a}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.23 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: AE3FDFDE)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: AE3FDFBF)

Partition: GPT.

==================== End of Addition.txt =======================

 

[SyCoREAPER]

I'll just stop you right there after the first line.
Windows 24H2. You're screwed. That update has broken so much it will be impossible to tell if Windows is bonked or something else.

Reinstall Windows, Block 24H2.

 

[Cilantro7536]

I have been having some issues with windows 11 freezing and a lot of issues

If you had asked this question on BleepingComputer, which has a malware removal forum where FRST's outputs are commonly posted, I would have guessed that they would:

1. Get you to fully uninstall all traces of antivirus software that you don't use (since they can impact performance), including Avast, MalwareBytes, and Norton.
2. Clean up a bunch of "No File", "[X]" and "AlternateDataStreams" entries
3. Run sfc and DISM to ensure that your system isn't corrupted.
4. Optionally run chkdsk to check that your file systems aren't corrupted.
5. Possibly address HxTsr.exe, which is apparently a part of Outlook, because it seems to be faulting a lot.

Good luck!

 

[Ralston18]

Update your post to include full system hardware specs and OS information.

Include PSU: make, model, wattage, age, condition (original to build, new, refurbished, used)?

Disk drive(s): make, model, capacity, how full?

List of all connected peripherals.

= = = =

Not really sure (full disclosure) about what all FRST is doing and/or may be saying. Some of the results appear to have been drawn from Reliability History/Monitor and Event Viewer.

However, noted that Registry editing seems to be part of it all.

Overall though, the root may be in your initial post: "I will add, yes this system is not Windows 11 compatible but it was working fine until recently ."

Problems do not need to immediately appear..... The system simply got by until something changed and all went astray. And that change may not have been related to anything that you did or did not do.

Is all important data backed up to at least two locations away from from the host computer in question? And verified to be recoverable and readable?

You may need to do a clean Windows 11 reinstall to get it all working again. However, if the system is not Windows 11 compatible to begin with then the problems will likely just reoccur.

Why is the system being deemed incompatible?