Im gonna be totally honest I lost my patience yesterday and ran KRVT and MBAM im unsure if I made any system changes but because I was on the PC I would not like to risk it as I know that I sometimes do random stuff like updating stuff and running random scanners. Update on the paranoia: Its improved and its a lot more manageable now however I get the urge to change account passwords every few hours to calm down. I apologise for doing this but I have been resisting as much as I can and then I caved in so heres the updated FRST logs. Thanks axe0 also the results of the scans were clean nothing to note there.
I severely apologise but because I do not want to make the process take any longer then it has I want you to be updated on everything I have done and the original BIOS time has stayed at the moment it is 15.6s this could be for a variety of reasons but I have not seen it in my 3 years of owning this be that high the average time with Avast one on startup is 13.8s. I hope you can understand it was pretty hard for me to stay patient as I was getting hit with anxiety and stuff and I truly tried my best. Thanks Axe0 once again I appreciate you being patient with me.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.06.2024
Ran by imran (administrator) on FZ (Acer Predator PO3-630) (03-06-2024 21:48:19)
Running from C:\FIX\FRSTEnglish.exe
Loaded Profiles: imran
Platform: Microsoft Windows 11 Home Version 23H2 22631.3672 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\FIX\FRSTEnglish.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2402.22.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (GOTrustID Inc.) [File not signed] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f69bde81e5bc91ec\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaeig.inf_amd64_524d95de59c6c6b5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1b5d53254a23bb6b\RtkAudUService64.exe <2>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1b5d53254a23bb6b\RtkAudUService64.exe [1672488 2023-06-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [423832 2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (No File)
HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\Run: [MicrosoftEdgeAutoLaunch_3F183E72354DCCFFDFE02DDF662F9E76] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\Run: [Lunar Client] => C:\Users\imran\AppData\Local\Programs\launcher\Lunar Client.exe [176849464 2024-05-04] (Moonsworth, LLC -> Moonsworth LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.114\Installer\chrmstp.exe [2024-06-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {AAA80E31-06F0-47F1-8758-044EEE9A17DD} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4979096 2024-05-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {AF68B177-1CBE-4B1B-871C-956792C345D2} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {7C185E37-5118-4306-8078-5A882EE3D796} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4979096 2024-05-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {D0421C93-B249-462F-B863-79A6E9C9E58E} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {6009BE7A-131E-48AB-9342-32561FB1CD6D} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5079448 2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {DFC0A780-7873-4733-896A-A9F5B0C66D15} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5015960 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {9FA6AC6F-DC04-4279-9496-8E7B8570D4FD} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1438616 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {A2101147-E5B7-4624-82F4-1C05D9742479} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7498648 2024-04-26] (Avast Software s.r.o. -> Avast Software)
Task: {6DF02848-8D76-4ACB-B3F0-FFADD3F8771B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2348952 2024-05-10] (Avast Software s.r.o. -> Avast Software)
Task: {13E3823B-6BDF-46EC-8A83-0BF01E255B86} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6441.0{0EA2D067-1F01-4441-89CE-12F68178C90D} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
Task: {0358DBD9-6BEA-4060-8251-9F9895178E54} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [68192 2020-09-08] (GoTrustID Inc -> )
Task: {4957C8D8-CE59-4093-BB47-1176C9EFE2ED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A00292F-50A6-4599-ADAE-A88AD7272399} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA955B4D-3A80-4433-91D3-F8F0BCACB667} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56DEBEA-564F-42D8-97BB-7840A282A877} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7D1075C-FFCA-4A67-9470-B1641A4E7654} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168928 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F201C2D5-E2A9-4E90-A0C6-857B7097E669} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-19] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {655FD00C-A1E3-4E96-A177-F71C0DEF76EA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Users\imran\Downloads\MSERT.exe [162829920 2024-05-06] (Microsoft Corporation -> Microsoft Corporation) -> C:\Users\imran\Downloads\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D31574DE-D01B-4371-87D8-79BDFFF367F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BF68E1E-0C3D-4749-A9C2-761A62D821B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {391CB7BF-0510-49A1-967F-B9625213B5ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C6947D18-E143-4AEE-BB0D-FCC2E9E842EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Update => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FEEA3E3A-151C-4402-BC37-29EAD5BC85EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABB23B96-DDA2-4596-8785-8BE3EA7357F8} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3867176 2024-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D2F6E9A-9B37-4A65-8E6D-DB4D4A707BA9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E72A8A9-A721-49BD-A0EE-CF50115CC679} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC150798-9514-4E26-9362-993982643671} - System32\Tasks\Remove AdwCleaner Application => C:\Windows\system32\cmd.exe [323584 2024-05-30] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\imran\Downloads\adwcleaner.exe"
Task: {6B582F69-72CD-478B-9E0F-B36A766815BF} - System32\Tasks\Software Update Application => "C:\ProgramData\OEM\UpgradeTool\ListCheck.exe" (No File)
Task: {F59205E5-45D0-4426-9F56-CE30751E9975} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\imran\Downloads\adwcleaner.exe [8790880 2024-05-25] (Malwarebytes Inc. -> Malwarebytes)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{6e560896-db51-49d3-854b-23eddbb48ad9}: [DhcpNameServer] 192.0.2.3
Tcpip\..\Interfaces\{cb0084fe-1b29-41fb-a316-46def39eda97}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Edge:
=======
Edge Profile: C:\Users\imran\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-25]
Edge Extension: (Google Docs Offline) - C:\Users\imran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-18]
Edge Extension: (Edge relevant text changes) - C:\Users\imran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-18]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-21] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\imran\AppData\Local\Google\Chrome\User Data\Default [2024-06-03]
CHR Extension: (uBlock Origin) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-25]
CHR Extension: (Google Docs Offline) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-18]
CHR Profile: C:\Users\imran\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-05-25]
CHR Extension: (uBlock Origin) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-04-21]
CHR Extension: (Google Docs Offline) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-18]
CHR Extension: (Guardio Protection for Chrome) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjfpmkejnolcfklaaddjnckanhhgegla [2024-04-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\imran\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-18]
CHR Profile: C:\Users\imran\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-03]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9026968 2024-05-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [761752 2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2272152 2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1198488 2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-05-10] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15747368 2024-04-19] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18727320 2024-05-10] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248120 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [16925592 2024-05-10] (Avast Software s.r.o. -> AVAST Software)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [219992 2021-09-15] (DTS, Inc. -> DTS Inc.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2024-05-10] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S2 GoogleUpdaterInternalService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [File not signed]
S4 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [82080 2020-11-03] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1783992 2020-11-03] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2671800 2020-11-03] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [82088 2020-11-03] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-18] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaeig.inf_amd64_524d95de59c6c6b5\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-05-14] (NVIDIA Corporation -> NVIDIA Corporation)
S4 QuantumService; C:\Program Files\JBL\QuantumENGINE\QuantumService.exe [3877824 2023-12-15] (Harman International Industries, Incorporated -> JBL)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12354968 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9649288 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [82096 2020-11-03] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [82096 2020-11-03] (Rivet Networks LLC -> Rivet Networks, LLC.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229832 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [380360 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292808 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269768 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548808 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69168 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [939976 2024-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [698424 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306744 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [78632 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [174480 2024-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R3 e2k68cx21x64; C:\WINDOWS\System32\DriverStore\FileRepository\e2k68cx21x64.inf_amd64_5966b201aaa328ab\e2k68cx21x64.sys [717208 2023-07-14] (Realtek Semiconductor Corp. -> Realtek)
R3 HarmanAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\quantumusbaudio.inf_amd64_852f2a346c05a7cd\HarmanFilter.sys [50688 2023-12-04] (Harman International Industries, Inc -> Harman International)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [201096 2020-11-03] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223184 2024-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe)
S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [39888 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43456 2023-12-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [44456 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21935504 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-02 12:48 - 2024-06-02 12:48 - 112277360 _____ (AO Kaspersky Lab) C:\Users\imran\Downloads\kvrt (1).exe
2024-05-30 13:22 - 2024-05-30 13:22 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-30 13:20 - 2024-05-30 13:20 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-29 17:25 - 2024-05-29 17:25 - 000315288 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-05-25 19:41 - 2024-06-02 14:03 - 000003070 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-25 19:41 - 2024-05-25 19:41 - 139540152 _____ (NVIDIA Corporation) C:\Users\imran\Downloads\NVIDIA_app_beta_v10.0.0.535.exe
2024-05-25 19:41 - 2024-05-25 19:41 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-05-25 19:41 - 2024-05-25 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-05-25 19:41 - 2024-03-19 12:30 - 003132456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-05-25 19:41 - 2024-03-19 12:30 - 002418216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-05-25 19:41 - 2024-03-19 12:09 - 000171032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-05-25 19:41 - 2024-03-19 12:09 - 000150032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-05-25 14:43 - 2024-05-25 14:46 - 000024702 _____ C:\Users\imran\Documents\Secure System.txt
2024-05-25 14:30 - 2024-05-25 14:30 - 002300892 _____ C:\Users\imran\Documents\info.nfo
2024-05-25 14:02 - 2024-05-26 21:05 - 000000000 ____D C:\AdwCleaner
2024-05-25 14:02 - 2024-05-25 14:02 - 008790880 _____ (Malwarebytes) C:\Users\imran\Downloads\adwcleaner.exe
2024-05-25 14:01 - 2024-05-25 14:01 - 000003304 _____ C:\WINDOWS\system32\Tasks\Remove AdwCleaner Application
2024-05-25 14:01 - 2024-05-25 14:01 - 000003286 _____ C:\WINDOWS\system32\Tasks\Uninstall AdwCleaner Application
2024-05-25 12:38 - 2024-05-25 12:39 - 320346504 _____ C:\Users\imran\Downloads\jbnigjkq.exe
2024-05-25 11:53 - 2024-05-25 11:56 - 000001414 _____ C:\Users\imran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-05-25 11:50 - 2024-05-25 11:50 - 000000210 _____ C:\WINDOWS\system32\.crusader
2024-05-25 10:24 - 2024-05-25 10:24 - 131658568 _____ (NVIDIA Corporation) C:\Users\imran\Downloads\GeForce_Experience_v3.28.0.412 (1).exe
2024-05-25 10:19 - 2024-05-25 10:19 - 000000018 _____ C:\Users\imran\Documents\case#240525-000028.txt
2024-05-25 10:02 - 2024-05-25 10:02 - 000956928 _____ (Farbar) C:\Users\imran\Downloads\MiniToolBox.exe
2024-05-25 00:15 - 2024-05-25 00:15 - 112250736 _____ (AO Kaspersky Lab) C:\Users\imran\Downloads\kvrt.exe
2024-05-25 00:11 - 2024-05-14 03:22 - 000121872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-05-25 00:10 - 2024-05-14 15:20 - 002031472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-05-25 00:10 - 2024-05-14 15:20 - 002031472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-05-25 00:10 - 2024-05-14 15:20 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-05-25 00:10 - 2024-05-14 15:20 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-05-25 00:10 - 2024-05-14 15:20 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-05-25 00:10 - 2024-05-14 15:20 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-05-25 00:10 - 2024-05-14 15:20 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-05-25 00:10 - 2024-05-14 15:20 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-05-25 00:10 - 2024-05-14 15:19 - 000477816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-05-25 00:10 - 2024-05-14 15:19 - 000374920 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-05-25 00:10 - 2024-05-14 15:17 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-05-25 00:10 - 2024-05-14 15:17 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 002178680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 001630344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 001547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 001203312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 001068552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 001033352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-05-25 00:10 - 2024-05-14 15:16 - 000848520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-05-25 00:10 - 2024-05-14 15:16 - 000796296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 016117792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 013007392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 006914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 005867552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 003788832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-05-25 00:10 - 2024-05-14 15:15 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-05-25 00:10 - 2024-05-14 15:14 - 007057800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-05-25 00:10 - 2024-05-14 15:14 - 006136008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-05-25 00:10 - 2024-05-14 15:14 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-05-25 00:10 - 2024-05-14 03:22 - 000123909 _____ C:\WINDOWS\system32\nvinfo.pb
2024-05-25 00:09 - 2024-05-25 00:09 - 000000841 _____ C:\Users\Public\Desktop\Speccy.lnk
2024-05-25 00:09 - 2024-05-25 00:09 - 000000000 ____D C:\Program Files\Speccy
2024-05-25 00:08 - 2024-05-25 00:10 - 659245848 _____ (NVIDIA Corporation) C:\Users\imran\Downloads\555.85-desktop-win10-win11-64bit-international-dch-whql.exe
2024-05-25 00:08 - 2024-05-25 00:08 - 008995336 _____ (Piriform Software Ltd) C:\Users\imran\Downloads\spsetup132.exe
2024-05-24 19:59 - 2024-05-25 10:45 - 000012882 _____ C:\Users\imran\Downloads\MTB.txt
2024-05-24 18:30 - 2024-05-25 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2024-05-22 11:45 - 2024-05-22 11:45 - 013033968 _____ (Sophos Limited) C:\Users\imran\Downloads\SophosScanAndClean_x64.exe
2024-05-22 11:45 - 2024-05-22 11:45 - 000000000 ____D C:\ProgramData\Sophos
2024-05-21 18:23 - 2024-05-21 18:23 - 000000000 ___HD C:\$Windows.~WS
2024-05-21 18:23 - 2024-05-21 18:23 - 000000000 ____D C:\$WINDOWS.~BT
2024-05-21 18:19 - 2024-05-21 18:19 - 000000825 _____ C:\Users\imran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prefetch.lnk
2024-05-21 18:10 - 2024-05-21 18:10 - 078858285 _____ C:\Users\imran\Downloads\Acer Care Center_Acer_4.00.3042_W11x64_A.zip
2024-05-21 18:08 - 2024-05-21 18:08 - 000096096 _____ C:\Users\imran\Downloads\SerialNumberDetectionTool.exe
2024-05-19 11:35 - 2024-05-19 11:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-05-19 11:33 - 2024-05-19 11:33 - 000000020 ___SH C:\Users\imran\ntuser.ini
2024-05-19 11:28 - 2024-06-03 21:35 - 000850308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-19 11:28 - 2024-06-03 21:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-19 11:28 - 2024-06-03 21:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-05-19 11:28 - 2024-05-29 17:33 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-19 11:28 - 2024-05-29 17:33 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-19 11:28 - 2024-05-25 20:36 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2024-05-19 11:28 - 2024-05-25 10:28 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-19 11:28 - 2024-05-25 10:28 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-19 11:28 - 2024-05-24 23:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-05-19 11:28 - 2024-05-19 11:28 - 000002468 _____ C:\WINDOWS\system32\Tasks\GoTrust ID Driver
2024-05-19 11:28 - 2024-05-19 11:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-05-19 11:27 - 2024-05-19 11:28 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2024-05-19 11:27 - 2024-05-19 11:28 - 000017148 _____ C:\WINDOWS\diagerr.xml
2024-05-19 11:26 - 2024-05-19 11:26 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-05-19 11:26 - 2024-05-19 11:26 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Network
2024-05-19 11:25 - 2024-05-19 11:25 - 000000000 ____D C:\Intel
2024-05-19 11:24 - 2024-06-03 21:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-19 11:24 - 2024-05-30 21:29 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-05-19 11:24 - 2024-05-30 13:29 - 000295328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-19 11:17 - 2024-05-19 11:24 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2024-05-19 11:17 - 2024-05-19 11:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2024-05-19 11:16 - 2024-05-19 11:24 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\Crypto
2024-05-19 11:16 - 2024-05-19 11:16 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\SystemCertificates
2024-05-19 11:16 - 2024-05-19 11:16 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\Network
2024-05-19 11:12 - 2024-05-19 11:24 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-05-19 11:10 - 2024-05-25 15:10 - 000000000 ____D C:\Users\imran
2024-05-19 11:10 - 2024-05-25 00:02 - 000000000 ____D C:\Users\Administrator
2024-05-19 11:10 - 2024-05-24 23:55 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2024-05-19 11:10 - 2024-05-20 18:50 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\Windows
2024-05-19 11:10 - 2024-05-19 11:24 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\Spelling
2024-05-19 11:10 - 2024-05-19 11:24 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Spelling
2024-05-19 11:10 - 2024-05-19 11:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-05-19 11:10 - 2024-05-19 11:10 - 000000000 ____D C:\WINDOWS\system32\DTS
2024-05-19 11:10 - 2024-05-19 11:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2024-05-19 11:10 - 2024-05-19 11:10 - 000000000 ____D C:\WINDOWS\Firmware
2024-05-19 11:09 - 2024-05-19 11:12 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-05-19 11:07 - 2024-05-25 00:00 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-05-19 10:52 - 2024-05-24 23:59 - 000000000 ____D C:\WINDOWS\addins
2024-05-19 10:52 - 2024-05-19 11:28 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-05-19 10:52 - 2024-05-19 10:52 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2024-05-19 10:51 - 2024-05-19 10:51 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-05-19 10:51 - 2024-05-19 10:51 - 000000000 ____D C:\Program Files\MSBuild
2024-05-19 10:51 - 2024-05-19 10:51 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-05-19 10:51 - 2024-05-19 10:51 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-05-19 10:40 - 2024-05-19 10:40 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-05-19 10:24 - 2024-05-21 18:23 - 000000000 ___DC C:\WINDOWS\Panther
2024-05-17 18:52 - 2024-06-02 18:30 - 000000000 ____D C:\EEK
2024-05-17 18:52 - 2024-05-24 23:54 - 000000000 ____D C:\ProgramData\Emsisoft
2024-05-17 18:51 - 2024-05-17 18:51 - 377205592 _____ C:\Users\imran\Downloads\EmsisoftEmergencyKit.exe
2024-05-17 10:00 - 2024-05-17 10:00 - 000030930 _____ C:\Users\imran\Downloads\Addition (1).txt
2024-05-15 20:33 - 2024-05-15 20:33 - 000144108 _____ C:\ProgramData\agent.1715801596.bdinstall.v2.bin
2024-05-14 19:03 - 2024-05-14 19:03 - 000000307 _____ C:\Users\imran\Documents\Advancedsetup.txt
2024-05-14 18:52 - 2024-05-22 12:00 - 000000000 ____D C:\WINDOWS\pss
2024-05-14 17:38 - 2024-05-22 11:59 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-05-14 17:38 - 2024-05-15 16:48 - 002726022 _____ C:\WINDOWS\ntbtlog.txt
2024-05-13 21:09 - 2024-05-13 21:09 - 000000262 _____ C:\Users\imran\Documents\esetscan.txt
2024-05-13 20:18 - 2024-05-15 17:40 - 000000000 ____D C:\Users\imran\AppData\Local\ESET
2024-05-10 22:59 - 2024-03-26 18:21 - 000060240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-05-10 22:34 - 2024-05-24 23:54 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2024-05-10 21:59 - 2024-05-25 20:55 - 000002070 _____ C:\Users\Public\Desktop\Avast One.lnk
2024-05-10 21:59 - 2024-05-25 00:03 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2024-05-10 21:59 - 2024-05-10 21:59 - 000000000 ____D C:\Users\imran\AppData\Roaming\Avast Software
2024-05-10 21:59 - 2024-05-10 21:59 - 000000000 ____D C:\Users\imran\AppData\Local\Avast Software
2024-05-10 21:58 - 2024-05-29 17:25 - 000940088 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys.171744666535901
2024-05-10 21:58 - 2024-05-24 22:35 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-05-10 21:58 - 2024-05-10 21:58 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2024-05-10 21:57 - 2024-05-24 22:35 - 000000000 ____D C:\Program Files\Avast Software
2024-05-10 20:36 - 2024-06-03 21:32 - 000000000 ____D C:\FIX
2024-05-10 20:22 - 2024-05-08 18:37 - 000000000 ____D C:\Users\imran\Documents\Scanned Documents
2024-05-10 20:22 - 2024-05-08 18:37 - 000000000 ____D C:\Users\imran\Documents\Medal
2024-05-10 20:22 - 2024-04-18 17:20 - 000000000 ____D C:\Users\imran\Documents\Visual Studio 2022
2024-05-10 20:22 - 2024-04-18 17:20 - 000000000 ____D C:\Users\imran\Documents\FeedbackHub
2024-05-10 20:22 - 2024-04-18 17:20 - 000000000 ____D C:\Users\imran\Documents\Fax
2024-05-10 20:22 - 2024-04-18 17:20 - 000000000 ____D C:\Users\imran\Documents\CyberLink
2024-05-10 20:22 - 2024-04-18 17:20 - 000000000 ____D C:\Users\imran\Documents\AutomaticSolution Software
2024-05-10 07:39 - 2024-05-18 14:03 - 000002650 _____ C:\Users\imran\Downloads\FSS.txt
2024-05-10 07:35 - 2024-05-10 07:35 - 000573823 _____ C:\Users\imran\Documents\FZ.zip
2024-05-10 07:33 - 2024-05-10 07:33 - 007464644 _____ C:\Users\imran\Documents\FZ.arn
2024-05-10 07:28 - 2024-05-24 23:54 - 000000000 ____D C:\Users\imran\Downloads\Autoruns
2024-05-10 07:28 - 2024-05-10 07:28 - 002932380 _____ C:\Users\imran\Downloads\Autoruns.zip
2024-05-09 21:36 - 2024-05-09 21:36 - 000000112 ___SH C:\bootTel.dat
2024-05-09 21:34 - 2024-05-09 21:34 - 000068733 _____ C:\Users\imran\Downloads\InstalledSoftwareFullList.txt
2024-05-09 21:25 - 2024-05-09 21:36 - 000202958 _____ C:\Users\imran\Downloads\Fixlog.txt
2024-05-09 20:42 - 2024-05-10 07:33 - 000028236 _____ C:\Users\imran\Downloads\Addition.txt
2024-05-09 20:39 - 2024-05-10 07:33 - 000064262 _____ C:\Users\imran\Downloads\FRST.txt
2024-05-09 20:37 - 2024-05-09 20:37 - 000001221 _____ C:\Users\imran\Documents\Malwarebytes Scan Report 2024-05-09 185655.txt
2024-05-08 16:51 - 2024-05-08 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2024-05-08 16:30 - 2024-05-08 16:31 - 131658568 _____ (NVIDIA Corporation) C:\Users\imran\Downloads\GeForce_Experience_v3.28.0.412.exe
2024-05-07 18:56 - 2024-05-07 18:56 - 000959488 _____ (Farbar) C:\Users\imran\Downloads\FSS.exe
2024-05-07 17:35 - 2024-05-07 17:35 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-05-06 21:11 - 2024-05-24 23:54 - 000000000 ____D C:\Users\imran\Downloads\RAMMap
2024-05-06 21:11 - 2024-05-06 21:11 - 000687327 _____ C:\Users\imran\Downloads\RAMMap.zip
2024-05-06 16:45 - 2024-05-06 15:18 - 001624325 _____ C:\Users\imran\Documents\report.txt
2024-05-04 18:57 - 2024-05-24 23:55 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-03 21:48 - 2024-05-02 18:35 - 000000000 ____D C:\FRST
2024-06-03 21:39 - 2024-04-18 19:54 - 000000000 ____D C:\Users\imran\AppData\Local\Malwarebytes
2024-06-03 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-03 21:35 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-03 21:32 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-03 21:31 - 2024-04-19 17:14 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-06-03 21:29 - 2024-04-18 16:18 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-03 21:29 - 2024-04-18 16:18 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-03 21:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-03 21:29 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-02 18:32 - 2024-04-21 16:28 - 000000000 ____D C:\ProgramData\Avast Software
2024-06-02 18:31 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-06-02 14:15 - 2024-04-18 17:18 - 000000000 ____D C:\Users\imran\AppData\Local\D3DSCache
2024-06-02 13:09 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-02 12:58 - 2024-04-20 22:59 - 000000000 ____D C:\Users\imran\AppData\Local\ElevatedDiagnostics
2024-06-02 12:55 - 2024-04-18 16:18 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-02 12:48 - 2024-05-03 15:33 - 000000000 ____D C:\KVRT2020_Data
2024-06-02 12:47 - 2024-04-18 18:48 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-30 21:41 - 2024-04-18 21:31 - 000000000 ____D C:\Users\imran\AppData\Local\CrashDumps
2024-05-30 15:27 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-30 13:45 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-30 13:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-30 13:27 - 2023-12-04 07:28 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-30 13:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-30 13:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-30 13:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-30 13:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-30 13:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-30 13:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-30 13:27 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-30 13:25 - 2022-05-07 11:18 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-05-30 13:25 - 2022-05-07 11:18 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-05-29 17:25 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-05-26 21:13 - 2024-04-18 17:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-26 21:05 - 2021-05-11 16:19 - 000000000 ____D C:\ProgramData\Acer
2024-05-26 21:04 - 2024-04-18 17:18 - 000000000 ____D C:\Users\imran\AppData\Local\Packages
2024-05-26 21:04 - 2021-05-11 16:19 - 000000000 ____D C:\ProgramData\OEM
2024-05-26 21:04 - 2021-05-11 16:19 - 000000000 ____D C:\Program Files (x86)\Acer
2024-05-25 19:42 - 2024-04-24 23:20 - 000000000 ____D C:\NVIDIA
2024-05-25 19:42 - 2024-04-18 17:18 - 000000000 ____D C:\Users\imran\AppData\Local\NVIDIA Corporation
2024-05-25 19:42 - 2024-04-18 16:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-05-25 19:41 - 2021-05-11 15:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-05-25 19:41 - 2021-05-11 15:53 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-05-25 19:40 - 2024-04-18 19:47 - 000000000 ____D C:\Users\imran\AppData\Local\NVIDIA
2024-05-25 12:58 - 2024-04-24 23:30 - 000000000 ____D C:\Users\imran\Doctor Web
2024-05-25 12:41 - 2024-04-18 17:12 - 000000000 ___HD C:\OEM
2024-05-25 00:14 - 2024-04-18 17:35 - 002729464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-05-25 00:14 - 2024-04-18 17:35 - 000722424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-05-25 00:14 - 2024-04-18 17:35 - 000267768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-05-25 00:14 - 2024-04-18 17:35 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-05-25 00:14 - 2024-04-18 17:35 - 000206328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-05-25 00:14 - 2024-04-18 17:35 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-05-25 00:14 - 2024-04-18 17:35 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-05-25 00:14 - 2024-04-18 17:35 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-05-25 00:14 - 2024-04-18 16:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-05-25 00:08 - 2024-04-18 18:48 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-25 00:00 - 2023-12-04 07:28 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-25 00:00 - 2022-05-07 11:17 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-05-25 00:00 - 2022-05-07 11:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2024-05-25 00:00 - 2022-05-07 11:10 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2024-05-25 00:00 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Drivers\en-GB
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\Nui
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ras
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\icsxml
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ias
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-05-25 00:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Media
2024-05-24 23:59 - 2022-05-07 11:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-05-24 23:59 - 2022-05-07 11:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-05-24 23:59 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2024-05-24 23:59 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\en-GB
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\downlevel
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Com
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\L2Schemas
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IdentityCRL
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Cursors
2024-05-24 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-24 23:55 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-05-24 23:55 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-05-24 23:55 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-05-24 23:55 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-05-24 23:55 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-05-24 23:55 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-05-24 23:55 - 2022-05-07 06:25 - 000000000 ____D C:\WINDOWS\system32\Pbr
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2024-05-24 23:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-05-24 23:55 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2024-05-24 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-05-24 23:54 - 2024-04-21 12:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-24 23:54 - 2024-04-19 15:25 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-05-24 23:54 - 2024-04-19 15:25 - 000000000 ____D C:\Users\imran\AppData\Local\Roblox
2024-05-24 23:54 - 2024-04-19 15:23 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-05-24 23:54 - 2024-04-19 15:22 - 000000000 ____D C:\Users\imran\AppData\Roaming\riot-client-ux
2024-05-24 23:54 - 2024-04-19 15:22 - 000000000 ____D C:\Users\imran\AppData\Roaming\OP Auto Clicker
2024-05-24 23:54 - 2024-04-19 15:22 - 000000000 ____D C:\Users\imran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OP Auto Clicker
2024-05-24 23:54 - 2024-04-19 15:21 - 000000000 ____D C:\ProgramData\Riot Games
2024-05-24 23:54 - 2024-04-19 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-05-24 23:54 - 2024-04-18 21:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorious Model D Software
2024-05-24 23:54 - 2024-04-18 21:57 - 000000000 ____D C:\Program Files (x86)\Glorious Model D Software
2024-05-24 23:54 - 2024-04-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-05-24 23:54 - 2024-04-18 20:28 - 000000000 ____D C:\Program Files (x86)\Steam
2024-05-24 23:54 - 2024-04-18 20:24 - 000000000 ____D C:\Users\imran\AppData\Roaming\.minecraft
2024-05-24 23:54 - 2024-04-18 20:14 - 000000000 ____D C:\Users\imran\AppData\Roaming\launcher
2024-05-24 23:54 - 2024-04-18 20:12 - 000000000 ____D C:\Users\imran\AppData\Roaming\discord
2024-05-24 23:54 - 2024-04-18 17:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-05-24 23:54 - 2024-04-18 17:18 - 000000000 ____D C:\Users\imran\AppData\Local\ConnectedDevicesPlatform
2024-05-24 23:54 - 2024-04-18 17:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2024-05-24 23:54 - 2021-05-11 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2024-05-24 23:54 - 2021-05-11 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-05-24 23:54 - 2021-05-11 16:20 - 000000000 ____D C:\Program Files\GoTrust ID Plugin
2024-05-24 23:54 - 2021-05-11 16:09 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2024-05-24 23:54 - 2021-05-11 15:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-05-24 22:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\registration
2024-05-21 16:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-05-21 16:27 - 2024-04-18 16:28 - 000000000 ____D C:\ProgramData\Packages
2024-05-19 18:17 - 2024-04-18 20:12 - 000000000 ____D C:\Users\imran\AppData\Local\SquirrelTemp
2024-05-19 17:02 - 2024-04-18 20:12 - 000000000 ____D C:\ProgramData\imran
2024-05-19 11:28 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-19 11:24 - 2024-04-18 22:00 - 000000000 ____D C:\WINDOWS\system32\JBLQuantumENGINE
2024-05-19 11:24 - 2024-04-18 17:12 - 000000000 ____D C:\Program Files\JBL
2024-05-19 11:24 - 2024-04-18 17:08 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-05-19 11:24 - 2024-04-18 16:28 - 000000000 ____D C:\WINDOWS\oem
2024-05-19 11:24 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-19 11:24 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-05-19 11:24 - 2021-05-11 15:51 - 000000000 ____D C:\Program Files\Intel
2024-05-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2024-05-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2024-05-19 11:22 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2024-05-19 11:11 - 2024-04-18 17:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-05-19 11:11 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-05-19 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-19 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2024-05-19 10:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2024-05-19 10:49 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-05-19 10:49 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-05-19 10:49 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-05-19 10:23 - 2024-04-18 18:20 - 000000000 ____D C:\ESD
2024-05-19 10:02 - 2024-04-18 16:48 - 000000000 ____D C:\Users\imran\AppData\Local\PlaceholderTileLogoFolder
2024-05-17 15:01 - 2024-04-19 15:28 - 000001395 _____ C:\Users\imran\Desktop\Roblox Player.lnk
2024-05-17 10:03 - 2021-05-11 15:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-15 17:36 - 2024-04-18 19:54 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-05-15 16:23 - 2024-05-02 20:11 - 000223184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2024-05-15 15:46 - 2024-04-18 17:34 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-10 23:44 - 2024-04-19 17:52 - 000000000 ____D C:\Users\imran\AppData\Roaming\EasyAntiCheat
2024-05-10 22:57 - 2024-04-18 20:22 - 000000000 ____D C:\Users\imran\AppData\Roaming\Badlion Client
2024-05-10 22:42 - 2024-04-19 18:27 - 000000000 ___SH C:\Users\Public\Shared Files
2024-05-10 22:08 - 2021-05-11 16:19 - 000000000 ____D C:\Program Files\Acer
2024-05-10 21:57 - 2024-04-18 19:53 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-05-10 21:10 - 2021-05-11 16:23 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-10 21:09 - 2021-05-11 15:51 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-09 21:34 - 2024-04-21 12:56 - 000024576 _____ C:\exportBCDfile
2024-05-09 20:55 - 2024-04-25 20:31 - 000000000 ____D C:\Users\imran\AppData\Local\Apps\2.0
2024-05-09 17:35 - 2024-04-18 22:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-05-09 17:35 - 2021-05-11 16:23 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-05-08 18:36 - 2024-04-18 17:13 - 000000000 ___HD C:\OneDriveTemp
2024-05-06 22:42 - 2024-04-18 20:28 - 000000000 ____D C:\Users\imran\AppData\Local\Steam
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.06.2024
Ran by imran (03-06-2024 21:49:44)
Running from C:\FIX
Microsoft Windows 11 Home Version 23H2 22631.3672 (X64) (2024-05-19 10:28:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2734548225-3573194235-768146965-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2734548225-3573194235-768146965-503 - Limited - Disabled)
Guest (S-1-5-21-2734548225-3573194235-768146965-501 - Limited - Disabled)
imran (S-1-5-21-2734548225-3573194235-768146965-1005 - Administrator - Enabled) => C:\Users\imran
WDAGUtilityAccount (S-1-5-21-2734548225-3573194235-768146965-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast One (HKLM\...\Avast Antivirus) (Version: 24.5.6116 - Avast Software)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 4.2.0 - Badlion)
Badlion Client (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 4.0.1 - Badlion)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Glorious Model D Software (HKLM-x32\...\{4D18F84D-F67A-47B8-B7BB-C2832B1D6C92}_is1) (Version: 1.0.3 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.114 - Google LLC)
GoTrust ID Plugin 2.0.12.36 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.12.36 - GoTrust ID Inc.)
Intel® Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel® Corporation)
Intel® LMS (HKLM\...\{A0983640-26D2-4CD8-A512-747BF3CF3F82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation)
JBL QuantumENGINE (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\{8f22435f-c709-4450-868a-b9dcca95cd8f}) (Version: 1.18.0.1985 - JBL)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17531.20140 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
NVIDIA app 10.0.0.535 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 10.0.0.535 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.4.9615.33661400 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.9615.33661400 - NVIDIA Corporation)
NVIDIA Graphics Driver 555.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 555.85 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20140 - Microsoft Corporation) Hidden
OP Auto Clicker (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\OP Auto Clicker_is1) (Version: V4.0 - OP Auto Clicker)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Riot Client (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for imran (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\roblox-player) (Version: - Roblox Corporation)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uninstall Lunar Client (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 3.2.6 - Moonsworth LLC)
VALORANT (HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Xbox Game Pass for PC Promotion (HKLM-x32\...\{939C01D4-797C-476E-82E6-B360B16E1409}) (Version: 1.0.20158.40 - Acer)
Packages:
=========
Microsoft Jenny (Natural) - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Voice.en-US.Jenny.1_1.0.8.0_x64__cw5n1h2txyewy [2024-05-24] (Microsoft Windows)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-30] (Microsoft Windows) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-05-25] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2404.251.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) [Startup Task]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.627.451.0_x64__55nm5eh3cm0pr [2024-06-02] (Roblox Corporation)
Speech Pack - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-US.1_1.0.16.0_x64__cw5n1h2txyewy [2024-05-24] (Microsoft Windows)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.18.194.0_x64__43tkc6nmykmb6 [2024-05-24] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0 [2024-05-25] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2421.7.0_x64__cv1g1gvanyjgm [2024-06-02] (WhatsApp Inc.) [Startup Task]
Windows CoPilot MSIX Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.CoPilot_724.1301.930.5_x64__cw5n1h2txyewy [2024-05-24] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-30] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_fac18e2da6ec7b25\OptaneShellExt.dll [2020-12-16] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-18] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_fac18e2da6ec7b25\OptaneShellExt.dll [2020-12-16] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaeig.inf_amd64_524d95de59c6c6b5\nvshext.dll [2024-05-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-18] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\imran\Desktop\Person 1 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Loaded Modules (Whitelisted) =============
2024-05-25 19:41 - 2024-05-25 19:41 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-05-25 19:41 - 2024-05-25 19:41 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2024-05-26 21:05 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2734548225-3573194235-768146965-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\imran\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\mountains-1412683_1920.png
HKU\S-1-5-21-2734548225-3573194235-768146965-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AcerPredatorGamingMouseConfigurator"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3F183E72354DCCFFDFE02DDF662F9E76"
HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2734548225-3573194235-768146965-1005\...\StartupApproved\Run: => "Lunar Client"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{88541CD3-0E0C-49C5-9A0C-41C16BE9D876}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{09DCEFB0-EEDE-4B36-A7C5-8BB246C638CA}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{4659697F-E5AD-403C-A732-F5968261CD88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A73B7CA6-2EA8-4555-A963-7D88C9BDCF06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1C9BFB21-C4E7-4B58-9BBB-F434C94F98EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F25DE9EB-7184-4B2A-81B1-EE363CD488B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F6A75B78-0B0B-4951-BBB3-E8BD33838706}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC76F022-9D1C-4512-AA3F-58547853BB44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{301C2BB2-9F1D-4FA9-B647-5E78164B3CD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6725B4B-EF5D-4F67-A2CE-90B9144B3BF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C3A7D750-4CD1-49C6-90FB-052ED5E17004}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76D0A562-8F09-40BC-9FB6-159D07ADBCDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{51CDC1D9-AD3F-448F-B59C-C3015BF3930B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BAA25EF5-64E6-4B30-A352-3EB13D8E816F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{180D7656-B370-43AA-8953-BA1E0DEEFD47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA0FC03F-AF3D-462C-A586-C29E99F5E8AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{473B841C-A845-4B9B-BC27-670505B94F8F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{083272C0-602B-4F7B-AC09-239950A821FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
02-06-2024 13:08:25 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/02/2024 02:03:55 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, PID: 6768, ProfSvc PID: 2436.
Error: (05/30/2024 09:41:01 PM) (Source: Application Error) (EventID: 1000) (User: FZ)
Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.625.0.24589, time stamp: 0xac9786b1
Faulting module name: RobloxPlayerBeta.exe, version: 0.625.0.24589, time stamp: 0xac9786b1
Exception code: 0xc0000409
Fault offset: 0x00000000034f08d1
Faulting process ID: 0x0x167c
Faulting application start time: 0x0x1dab2d1ab20e3bb
Faulting application path: C:\Users\imran\AppData\Local\Roblox\Versions\version-d8aa63d3654646d0\RobloxPlayerBeta.exe
Faulting module path: C:\Users\imran\AppData\Local\Roblox\Versions\version-d8aa63d3654646d0\RobloxPlayerBeta.exe
Report ID: 6cc4e2fe-8354-4073-b0ed-eed888d7185d
Faulting package full name:
Faulting package-relative application ID:
Error: (05/30/2024 09:41:01 PM) (Source: Application Error) (EventID: 1000) (User: FZ)
Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.625.0.24589, time stamp: 0xac9786b1
Faulting module name: RobloxPlayerBeta.exe, version: 0.625.0.24589, time stamp: 0xac9786b1
Exception code: 0xc0000409
Fault offset: 0x00000000034f08d1
Faulting process ID: 0x0x3c04
Faulting application start time: 0x0x1dab2d1ab652032
Faulting application path: C:\Users\imran\AppData\Local\Roblox\Versions\version-d8aa63d3654646d0\RobloxPlayerBeta.exe
Faulting module path: C:\Users\imran\AppData\Local\Roblox\Versions\version-d8aa63d3654646d0\RobloxPlayerBeta.exe
Report ID: d4abed6a-7d67-4428-9aeb-7b0e16734b69
Faulting package full name:
Faulting package-relative application ID:
Error: (05/29/2024 06:17:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (05/29/2024 05:54:42 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program explorer.exe version 10.0.22621.3527 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (05/29/2024 05:39:05 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program explorer.exe version 10.0.22621.3527 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (05/28/2024 04:40:35 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: KillerAnalyticsService.exe, version: 2.3.3314.0, time stamp: 0x5f58f394
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000022c917a1340
Faulting process ID: 0x0x157c
Faulting application start time: 0x0x1dab11560728801
Faulting application path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
Faulting module path: unknown
Report ID: 2cbcc5ad-010c-4a9f-99d0-3224f2ea27d7
Faulting package full name:
Faulting package-relative application ID:
Error: (05/27/2024 09:59:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
System errors:
=============
Error: (06/03/2024 09:29:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:32:27 on 02/06/2024 was unexpected.
Error: (06/02/2024 06:33:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.
Error: (06/02/2024 06:33:32 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.
Error: (06/02/2024 06:33:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.
Error: (06/02/2024 06:33:10 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.
Error: (05/30/2024 09:41:48 PM) (Source: DCOM) (EventID: 10010) (User: FZ)
Description: The server {2DE3095A-B49E-418F-B5C1-69D2CCF62A8F} did not register with DCOM within the required timeout.
Error: (05/30/2024 09:41:48 PM) (Source: DCOM) (EventID: 10010) (User: FZ)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (05/30/2024 02:21:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.
Windows Defender:
================
Date: 2024-05-30 13:25:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-29 18:17:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-26 21:12:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2024-05-25 14:11:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-25 13:56:26
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-05-29 17:25:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.411.378.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24040.1
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2024-05-29 17:25:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.411.378.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24040.1
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2024-05-25 00:02:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0
Date: 2024-05-24 08:23:53
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0
Date: 2024-05-22 11:58:17
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===============
Date: 2024-06-03 21:40:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-06-03 21:39:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. R01-A4 01/20/2022
Motherboard: Acer Predator PO3-630
Processor: 11th Gen Intel® Core i7-11700F @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 16237.19 MB
Available physical RAM: 9308.63 MB
Total Virtual: 25453.19 MB
Available Virtual: 17419 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:230.32 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1114) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:910.78 GB) (Model: WDC WD10EZEX-21WN4A0) NTFS
\\?\Volume{776771a8-846a-432a-a1ef-560fa41088b5}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.21 GB) NTFS
\\?\Volume{f6e836d2-4127-4a3b-8d66-c78cad3b788b}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BBF8D540)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: BBF8D566)
Partition: GPT.
==================== End of Addition.txt =======================
Edited by Orangecat129, Yesterday, 03:51 PM.
