Prosim o kontrolu logu

Zpráva

DavidP · #1 Příspěvek od **DavidP** » dnes, 07:47

Dobry den, mohl bych vas poprosit o kontrolu logu? Ntb se posledni dobou zasekava, uplne zmrzne a nektera okna v prihlizeni se hroutu (napr kratkoformatova videa na fcb). Prikladam log z FRST. Predem mnohokrat dekuji!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2026
Ran by prikr (administrator) on NIDAIME (HP Victus by HP Gaming Laptop 15-fa0xxx) (15-05-2026 02:41:41)
Running from C:\Users\prikr\Desktop\FRST64.exe
Loaded Profiles: prikr
Platform: Microsoft Windows 11 Home Version 25H2 26200.8457 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

========================================================

"C:\FRST\re" => removed successfully
"C:\FRST\reb" => removed successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_26.8.2209.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel(R) Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_26.8.2209.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\PresentMonService.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\BridgeCommunication.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_5fe37e024ff302b0\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_5fe37e024ff302b0\ipf_helper.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2512.29.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_26.8.2209.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_ef460d1f2a35fc16\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_5fe37e024ff302b0\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MidiSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_93bfe0f55fd40b5c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c5e940d4ffae802\RtkAudUService64.exe <2>
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c5e940d4ffae802\RtkAudUService64.exe [2165080 2024-08-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [1061544 2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2024-09-29] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [384872 2025-08-01] (Expressco Services LLC -> ExpressVPN)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\125.0.0.0\GoogleDriveFS.exe [75838616 2026-05-13] (Google LLC -> Google LLC.)
HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\125.0.0.0\GoogleDriveFS.exe [75838616 2026-05-13] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe (No File)
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\125.0.0.0\GoogleDriveFS.exe [75838616 2026-05-13] (Google LLC -> Google LLC.)
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Run: [Discord] => C:\Users\prikr\AppData\Local\Discord\Update.exe [1516408 2025-01-21] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42087896 2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\125.0.0.0\GoogleDriveFS.exe [75838616 2026-05-13] (Google LLC -> Google LLC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [203936 2026-02-17] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PDF Suite 2021 Monitor: C:\windows\system32\spool\DRIVERS\x64\suite_pdfpmon_v.4.12.26.3.dll [932984 2022-12-28] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3971224 2026-04-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\148.0.7778.168\Installer\chrmstp.exe [7605912 2026-05-15] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C8FA1888-8AB5-4617-BE2A-8353D8F760B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {D85AA0CF-E8A6-48EE-818A-658A7979A477} - System32\Tasks\Avast Secure Browser VPS Differential Update S-1-5-18 => C:\Program Files\AVAST Software\Browser\Application\vps_helper.exe --vps-update (No File)
Task: {4231B245-107F-4A8C-8BFC-02E79C5F6E68} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [9607904 2026-04-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4A02B5C6-79D7-443B-8D15-CB811AA576F4} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5783720 2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {A77C5BE5-889F-4D63-A94A-5E5BB501A267} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2977504 2025-10-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {94A1B222-7F41-4242-9795-AD0C06E0AEC5} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem149.0.7814.0{1F0FD4AA-1B1B-46EA-817F-E920560C0030} => C:\Program Files (x86)\Google\GoogleUpdater\149.0.7814.0\updater.exe [8770200 2026-04-28] (Google LLC -> Google LLC)
Task: {D7750CB4-E267-476D-85CC-C1FBBAC5A7C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-08-25] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {9B66197E-9569-4F58-AEAE-6E6CE2261B74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-06-30] (HP Inc. -> HP Inc.)
Task: {DED64769-DDE7-4C54-AA5E-85CA7B704427} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.)
Task: {0B981454-427F-4524-99EA-550F6332C0FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.)
Task: {D042B293-DDAA-46CA-9D49-EE4FFFA0A32E} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {D602AFA7-7F2F-4D7F-9157-2B50C72FED60} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [95240 2026-04-12] (HP Inc. -> HP Inc.)
Task: {B2687CF3-E968-49F1-8F6E-344BE0B8BEA9} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [95240 2026-04-12] (HP Inc. -> HP Inc.)
Task: {578E2CA7-4B9B-4293-B2B8-2F263277C87C} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16954704 2025-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A45DEC5A-8D97-4CC9-9AA5-E644EE454CA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29038464 2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93826B43-84FF-41EB-A5C2-B86D94EBA00F} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [70496 2025-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCB5D5BB-34AD-4E86-B8F1-844CE75FFBE8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29038464 2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E7D1065-AC98-4832-87B8-986CC50FBE80} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [318752 2025-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B79D4BAD-F449-4C16-86EC-A810C80D3208} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [318752 2025-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {749C994B-04E5-41FF-B2C8-110D157D1A3C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1365304 2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDDE96C1-A4C9-4E3F-BF14-2FDFF9B58F90} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-110046478-510051192-1964495333-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {A5A9AEC2-A488-4590-AE2C-45DADC037CC9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CFF5C666-9E08-4CB9-9244-7C108A95D59F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation)
Task: {054CE3A1-6410-4A84-BDC0-3A1422C167E5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {EEFB1EF5-44BD-4ECD-95F7-69EE0C66C33D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1E394057-EE7D-437F-85CB-A37819E0E690} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation)
Task: {48ABC763-CAAA-4F21-B499-5EEC61A24A85} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation)
Task: {865482CE-3401-446C-8293-2B88A780707A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ED585860-27EF-4B46-A942-324627846986} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (No File)
Task: {E1D6D582-BC14-4BA2-976B-D4E3A5C90C1C} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (No File)
Task: {D1116F75-8653-4F0C-8D7D-81D1F63C090F} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {3EFC0B22-8B1E-44B8-85B5-3426A7A71600} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {828B1127-6088-4EAF-B237-16D1FAB36960} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-110046478-510051192-1964495333-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [5598328 2026-04-27] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C1511D4A-9686-42ED-A274-8E905E62F6F0} - System32\Tasks\Piriform\CCleaner 7 - Scheduled Cleaning - default - S-1-5-21-110046478-510051192-1964495333-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [5598328 2026-04-27] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {985356EA-BF3E-42AA-A3A0-2A669847A6C4} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6635128 2026-04-27] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {A5A28270-F8C8-44AF-8B8D-2A7D663322A7} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9274080 2026-01-19] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {BE775AD5-D823-45B2-B05E-DAFF28BF0EF1} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-110046478-510051192-1964495333-1001 => C:\Users\prikr\AppData\Roaming\Zoom\bin\Zoom.exe [507784 2026-03-16] (Zoom Communications, Inc. -> Zoom Communications, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\255646D696: [DhcpNameServer] 10.245.106.228
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\54D6F627977457563747: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\54D6F627977457563747: [DhcpDomain] wireless.emory.net
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\64F6275637470284F6573756: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\64F6275637470284F6573756: [DhcpDomain] attlocal.net
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\B4164716279696E616027457563747: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\B616479656167702779666960253: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0618cf18-e2b1-429b-84a9-bd2480b0f7ee}\B616479656167702779666960253: [DhcpDomain] hsd1.ga.comcast.net

FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: 9xxtklgj.default-release -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\prikr\AppData\Roaming\Mozilla\Firefox\Profiles\p817cpuu.default [2024-02-28]
FF ProfilePath: C:\Users\prikr\AppData\Roaming\Mozilla\Firefox\Profiles\9xxtklgj.default-release [2026-05-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-09-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-09-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\prikr\AppData\Local\Microsoft\Edge\User Data\Default [2026-05-15]
Edge Extension: (Google Docs Offline) - C:\Users\prikr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-05-15]
Edge Extension: (Edge relevant text changes) - C:\Users\prikr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Default [2026-02-12]
CHR Extension: (Google Docs Offline) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-27]
CHR Profile: C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-10-13]
CHR Profile: C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1 [2026-05-15]
CHR DownloadDir: C:\Users\prikr\OneDrive\Desktop
CHR Notifications: Profile 1 -> hxxps://www.instagram.com
CHR HomePage: Profile 1 -> hxxp://google.com/iq
CHR StartupUrls: Profile 1 -> ""
CHR DefaultSearchKeyword: Profile 1 -> google.cz__
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Lucidchart Diagrams) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apboafhkiegglekeafbckfjldecefkhn [2022-12-27]
CHR Extension: (Timer) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edebbhkhcaafmolanelponjjanocpacd [2022-12-27]
CHR Extension: (Google Docs Offline) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-16]
CHR Extension: (AdBlock — block ads across the web) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2026-05-13]
CHR Extension: (Grammarly: AI Writing Assistant and Grammar Checker App) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2026-05-14]
CHR Extension: (Unit Convertor) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2022-12-27]
CHR Extension: (Grass) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2022-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-27]
CHR Extension: (Psykopaint) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2022-12-27]
CHR Extension: (Connected Mind) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2022-12-27]
CHR Profile: C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-10-13]
CHR DefaultSearchKeyword: Profile 2 -> google.cz__
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-05-06]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-05-06]
CHR Extension: (Google Docs Offline) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-05-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\prikr\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-05-06]
CHR Profile: C:\Users\prikr\AppData\Local\Google\Chrome\User Data\System Profile [2025-10-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-110046478-510051192-1964495333-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-110046478-510051192-1964495333-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7984296 2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1038504 2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2736296 2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1091752 2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2025-03-20] (Avast Software s.r.o. -> AVAST Software)
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [30293112 2026-04-27] (Gen Digital Inc. -> Gen Digital Inc.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13343584 2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
S4 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [440680 2025-08-01] (Expressco Services LLC -> ExpressVPN)
S4 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [440680 2025-08-01] (Expressco Services LLC -> ExpressVPN)
S4 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [440680 2025-08-01] (Expressco Services LLC -> ExpressVPN)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\AppHelperCap.exe [911560 2026-03-16] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\DiagsCap.exe [909512 2026-03-16] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\NetworkCap.exe [905920 2026-03-16] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe [755248 2024-10-25] (HP Inc. -> HP Inc.)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2026-04-12] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_db0ee1e66e6d408e\x64\SysInfoCap.exe [911048 2026-03-16] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_ef460d1f2a35fc16\x64\TouchpointAnalyticsClientService.exe [639784 2025-10-02] (HP Inc. -> HP Inc.)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_a952167d9e98b004\AS\IAS\IntelAudioService.exe [532960 2025-12-31] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_26.8.2209.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [312832 2026-04-22] (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_5fe37e024ff302b0\ipf_uf.exe [3357664 2026-02-10] (Intel Corporation -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-05-15] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MTKBTSVC; C:\WINDOWS\System32\mtkbtsvc.exe [536512 2025-12-25] (MEDIATEK INC. -> MediaTek Inc.)
S3 MuseHub Updater Service; C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.Updater.exe [7815248 2025-02-02] (Musecy SM Ltd. -> Muse.Updater)
S4 NativePushService; C:\Users\prikr\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [564104 2024-12-19] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S4 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll [1092304 2022-08-05] (Nvidia Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log [17262 0] () [File not signed] [File is in use] <==== ATTENTION
S3 PDF Suite 2021; C:\Program Files\PDF Suite 2021\ws.exe [2008576 2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
S3 PDF Suite 2021 Creator; C:\Program Files\PDF Suite 2021\creator\common\creator-ws.exe [570368 2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
S2 PDF Suite 2021 Update Service; C:\Program Files\PDF Suite 2021\updater-ws.exe [1652224 2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
S2 SECOMNService; C:\WINDOWS\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe [1087496 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (No File)
S4 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" (No File) <==== ATTENTION

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [21088 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [259168 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [451168 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [315488 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [87136 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [32864 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [289376 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [633440 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [96864 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71776 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [911456 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1292896 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [250464 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [466016 2026-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 expressvpn-ovpn-dco; C:\WINDOWS\System32\drivers\expressvpn-ovpn-dco.sys [107088 2025-08-01] (Expressco Services LLC -> OpenVPN, Inc)
R1 expressvpn-pkf; C:\WINDOWS\system32\DRIVERS\expressvpn-pkf.sys [67152 2025-08-01] (Expressco Services LLC -> ExpressVPN)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2025-08-01] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [46896 2021-10-08] (Express VPN International Ltd. -> ExpressVPN)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [226768 2026-05-13] (Microsoft Windows -> Microsoft Corporation)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_e6d306df02347bd3\GSCAuxDriverx64.sys [94736 2022-07-07] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_f262f39474370927\TeeDriverGSCW8x64.sys [266224 2022-07-07] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_7a1ef17ecb1f36ce\x64\hpomencustomcapdriver.sys [24968 2024-07-12] (HP Inc. -> HP Inc.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_c804e238af0965e6\iaLPSS2_GPIO2_ADL.sys [142800 2025-11-10] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_bf2893ea319d70a7\iaLPSS2_I2C_ADL.sys [212944 2025-11-10] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_cffe3669158cf91b\iaLPSS2_SPI_ADL.sys [160920 2021-12-24] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_a12d81aa08d530a8\iaLPSS2_UART2_ADL.sys [318616 2021-12-24] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_e736ed4bed7f97b4\gna.sys [100736 2025-10-07] (Intel Corporation -> Intel Corporation)
S3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_709dd98a4001e271\ipf_acpi.sys [86720 2021-12-20] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_5fe37e024ff302b0\ipf_cpu.sys [552928 2026-02-10] (Intel Corporation -> Intel Corporation)
S3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_lf.sys [504912 2025-06-30] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144856 2026-05-13] (Microsoft Windows -> Microsoft Corporation)
R3 MTKBTFilterx64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_adc4559c85d4878d\mtkbtfilterx.sys [598456 2025-12-25] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_d6abf66763e37d73\mtkwl6ex.sys [1751512 2025-09-05] (MEDIATEK INC. -> MediaTek Inc.)
R2 NDivert; C:\Program Files\NordVPN\7.32.5.0\Drivers\NDivert.sys [131472 2024-10-31] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [302840 2025-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [92664 2024-06-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_25769e03e756857c\rt68cx21x64.sys [905216 2025-07-21] (Realtek Semiconductor Corp. -> Realtek)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2022-07-29] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2021-10-08] (ExprsVPN LLC -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [647560 2026-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-13] (Microsoft Windows -> Microsoft Corporation)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-05-15 02:41 - 2026-05-15 02:42 - 000040908 _____ C:\Users\prikr\Desktop\FRST.txt
2026-05-15 02:38 - 2026-05-15 02:40 - 000000000 ____D C:\AdwCleaner
2026-05-15 02:36 - 2026-05-15 02:36 - 009566696 _____ (Malwarebytes) C:\Users\prikr\Desktop\AdwCleaner.exe
2026-05-15 02:36 - 2026-05-15 02:36 - 002448384 _____ (Farbar) C:\Users\prikr\Desktop\FRST64.exe
2026-05-15 02:28 - 2026-05-15 02:28 - 000053309 _____ C:\Users\prikr\AppData\Local\recently-used.xbel
2026-05-14 07:09 - 2026-05-14 07:09 - 000000000 ____D C:\WINDOWS\LastGood
2026-05-14 06:51 - 2026-05-14 06:51 - 000714094 _____ C:\WINDOWS\system32\perfh005.dat
2026-05-14 06:51 - 2026-05-14 06:51 - 000163310 _____ C:\WINDOWS\system32\perfc005.dat
2026-05-14 06:02 - 2026-05-14 06:02 - 000000000 ____D C:\WINDOWS\SecureBoot
2026-05-14 05:38 - 2026-05-14 05:38 - 002455170 _____ C:\Users\prikr\Desktop\mBio.00204-19-sf003.tif
2026-05-14 04:29 - 2026-05-14 22:24 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-05-13 03:32 - 2026-05-13 03:32 - 000085913 _____ C:\WINDOWS\SysWOW64\ctac.json
2026-05-13 03:32 - 2026-05-13 03:32 - 000085913 _____ C:\WINDOWS\system32\ctac.json
2026-05-13 03:32 - 2026-05-13 03:32 - 000003872 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2026-05-10 21:46 - 2026-05-10 21:46 - 000324264 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2026-05-10 21:45 - 2026-05-14 07:13 - 000000000 ____D C:\WINDOWS\Minidump
2026-05-09 11:30 - 2026-05-09 11:30 - 000820486 _____ C:\Users\prikr\Desktop\Divadelni cancy pro Prazdnou Sklenku.pdf
2026-05-09 11:30 - 2026-05-09 11:30 - 000820486 _____ C:\Users\prikr\Desktop\Divadelni cancy pro Paju Kasparovou.pdf
2026-05-09 11:29 - 2026-05-09 11:29 - 000820083 _____ C:\Users\prikr\Desktop\Divadelni cancy pro Janu Camprovou Turjanicovou.pdf
2026-05-07 09:17 - 2026-05-10 22:46 - 000000000 ____D C:\Users\prikr\Desktop\LVD talk
2026-05-01 00:31 - 2026-05-01 00:31 - 000002264 _____ C:\Users\prikr\AppData\LocalLow\b90beb2fef5e251cf0f626483468937fe84d5cf5d29fd832935c12e7a3ab6051
2026-04-22 23:29 - 2026-04-22 23:29 - 000002150 _____ C:\Users\Public\Desktop\RODE Central.lnk
2026-04-22 23:29 - 2026-04-22 23:29 - 000001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RODE Central.lnk
2026-04-22 23:29 - 2026-04-22 23:29 - 000000000 ____D C:\Users\prikr\Documents\Recordings
2026-04-22 23:29 - 2026-04-22 23:29 - 000000000 ____D C:\Users\prikr\AppData\Roaming\com.rode
2026-04-22 23:29 - 2026-04-22 23:29 - 000000000 ____D C:\Program Files\RØDE Microphones
2026-04-22 23:28 - 2026-04-22 23:28 - 038760162 _____ C:\Users\prikr\Desktop\RODE_Central_WIN.zip
2026-04-22 23:28 - 2026-04-22 23:28 - 000000000 ____D C:\Users\prikr\Desktop\RODE_Central_WIN
2026-04-20 06:00 - 2026-04-20 06:00 - 000292228 _____ C:\Users\prikr\Desktop\Kniha.pdf
2026-04-20 06:00 - 2026-04-20 06:00 - 000097195 _____ C:\Users\prikr\Desktop\Drama o dámě.pdf
2026-04-18 07:59 - 2026-04-18 07:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding
2026-04-15 23:39 - 2026-04-15 23:39 - 000000000 ____D C:\Users\prikr\AppData\Roaming\xpdf
2026-04-15 23:38 - 2026-04-15 23:38 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-04-15 23:38 - 2026-04-15 23:38 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-04-15 23:38 - 2026-04-15 23:38 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-04-15 23:38 - 2026-04-15 23:38 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-04-15 23:37 - 2026-04-15 23:37 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-15 23:37 - 2026-04-15 23:37 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-05-15 02:41 - 2025-06-05 12:09 - 000000000 ____D C:\FRST
2026-05-15 02:41 - 2022-11-22 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2026-05-15 02:41 - 2022-08-13 07:07 - 000000000 ____D C:\ProgramData\HP
2026-05-15 02:40 - 2022-11-22 19:29 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2026-05-15 02:40 - 2022-08-12 23:40 - 000000000 ___HD C:\hp
2026-05-15 02:29 - 2025-02-02 06:34 - 000000000 ____D C:\Users\prikr\AppData\Roaming\audacity
2026-05-15 02:11 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-05-15 02:11 - 2024-04-01 03:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-05-15 01:37 - 2025-10-19 13:29 - 000000130 _____ C:\Users\prikr\AppData\LocalLow\d57d90d212f40299da11b10243fbea61a170dab4bc3334860a8090f1b4867b76
2026-05-15 01:37 - 2025-06-05 19:32 - 000000000 ____D C:\Users\prikr\.dbus-keyrings
2026-05-15 01:26 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-05-15 01:25 - 2022-12-27 10:24 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-05-14 22:14 - 2025-04-17 14:28 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2026-05-14 22:14 - 2025-04-17 14:28 - 000003462 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-05-14 22:14 - 2025-04-17 14:28 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 22:14 - 2025-04-17 14:28 - 000003354 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitorCustomEvent
2026-05-14 22:14 - 2025-04-17 14:28 - 000003294 _____ C:\WINDOWS\system32\Tasks\OmenOverlayCustomEvent
2026-05-14 22:14 - 2025-04-17 14:28 - 000003236 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-05-14 22:14 - 2025-04-17 14:28 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-110046478-510051192-1964495333-1001
2026-05-14 22:14 - 2025-04-17 14:28 - 000002914 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor
2026-05-14 22:14 - 2025-04-17 14:28 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 22:14 - 2025-04-17 14:28 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-110046478-510051192-1964495333-1001
2026-05-14 22:14 - 2025-04-17 14:28 - 000002854 _____ C:\WINDOWS\system32\Tasks\OmenOverlay
2026-05-14 22:14 - 2025-04-17 14:28 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-110046478-510051192-1964495333-500
2026-05-14 22:14 - 2025-04-17 14:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2026-05-14 22:04 - 2022-12-27 12:58 - 000000000 ____D C:\Users\prikr\AppData\Local\CrashDumps
2026-05-14 22:01 - 2024-02-28 05:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-05-14 21:59 - 2022-12-27 10:14 - 000000000 ____D C:\Users\prikr\AppData\Local\Packages
2026-05-14 07:13 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2026-05-14 07:12 - 2025-04-17 14:28 - 000003416 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-110046478-510051192-1964495333-1001
2026-05-14 07:12 - 2025-04-17 14:28 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 07:12 - 2025-04-17 14:28 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 07:12 - 2025-04-17 14:28 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 07:12 - 2025-04-17 14:28 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 07:12 - 2025-04-17 14:28 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-05-14 07:09 - 2024-04-01 03:24 - 000000000 ____D C:\WINDOWS\INF
2026-05-14 06:51 - 2025-04-18 01:14 - 001707676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-05-14 06:46 - 2022-12-27 10:20 - 000000000 ____D C:\Users\prikr\AppData\Local\D3DSCache
2026-05-14 06:28 - 2026-02-21 21:11 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2026-05-14 06:28 - 2023-01-05 09:57 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-05-14 06:10 - 2025-06-05 19:17 - 000012118 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-05-14 06:10 - 2025-04-17 14:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-05-14 06:10 - 2025-03-20 07:56 - 000000000 ____D C:\ProgramData\Avast Software
2026-05-14 06:10 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-05-14 06:10 - 2024-04-01 03:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2026-05-14 06:10 - 2022-06-30 21:01 - 000012288 ___SH C:\DumpStack.log.tmp
2026-05-14 06:06 - 2025-04-17 14:25 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-05-14 06:04 - 2025-04-17 14:25 - 000493520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-05-14 06:04 - 2024-04-01 03:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-05-14 06:03 - 2022-12-28 01:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-05-14 06:02 - 2025-07-09 12:02 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-05-14 06:02 - 2025-04-16 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2026-05-14 06:02 - 2025-04-16 08:33 - 000000000 ____D C:\WINDOWS\system32\cs
2026-05-14 06:02 - 2024-04-01 04:09 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2026-05-14 06:02 - 2024-04-01 04:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\UUS
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SystemApps
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-05-14 06:02 - 2024-04-01 03:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-05-14 06:02 - 2024-04-01 03:21 - 000000000 ____D C:\WINDOWS\servicing
2026-05-14 05:04 - 2025-04-17 14:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-05-14 04:55 - 2022-12-28 01:34 - 220340424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-05-14 04:53 - 2025-03-20 07:57 - 000000000 ____D C:\Users\prikr\AppData\Local\AVAST Software
2026-05-13 15:15 - 2025-04-16 08:59 - 000000000 ____D C:\Users\defaultuser100000
2026-05-13 15:15 - 2022-12-27 13:17 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2026-05-13 03:31 - 2025-04-17 14:29 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-05-12 08:37 - 2025-04-17 14:28 - 000003144 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-110046478-510051192-1964495333-1001
2026-05-11 19:15 - 2022-12-27 10:22 - 000002386 _____ C:\Users\prikr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-05-11 19:10 - 2024-04-01 03:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-05-11 00:18 - 2025-04-16 08:59 - 000000000 ____D C:\Users\prikr
2026-05-10 21:47 - 2025-03-20 07:56 - 001292896 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2026-05-10 21:46 - 2025-10-19 12:26 - 000007952 _____ C:\WINDOWS\system32\Drivers\mtkRunTimeDataWdi.bin
2026-05-10 21:46 - 2025-03-20 07:56 - 000911456 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000633440 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000466016 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000451168 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000315488 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000289376 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000259168 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000096864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000087136 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000071776 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000032864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2026-05-10 21:46 - 2025-03-20 07:56 - 000021088 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2026-05-09 20:52 - 2025-10-25 10:44 - 000000130 _____ C:\Users\prikr\AppData\LocalLow\cc4bf64982c1fd07e06b53b69b8bd6056a016cb358a4c0907257e366697872da
2026-05-09 10:35 - 2022-06-30 21:01 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-05-07 09:47 - 2022-06-30 21:02 - 000000000 ____D C:\ProgramData\Packages
2026-05-07 07:52 - 2025-03-17 17:59 - 000000000 ____D C:\Users\prikr\Documents\pod
2026-04-22 07:03 - 2025-11-23 10:24 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-19 16:15 - 2025-02-24 07:24 - 000000000 ____D C:\Users\prikr\Documents\lab
2026-04-17 02:58 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-04-17 02:58 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-04-17 02:58 - 2024-04-01 03:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-04-17 02:30 - 2024-04-01 03:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-04-17 02:30 - 2024-04-01 03:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-04-16 08:42 - 2026-04-14 15:13 - 000000000 ____D C:\Users\prikr\Desktop\mic test

==================== Files in the root of some directories ========

2026-05-15 02:28 - 2026-05-15 02:28 - 000053309 _____ () C:\Users\prikr\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2026
Ran by prikr (15-05-2026 02:42:42)
Running from C:\Users\prikr\Desktop
Microsoft Windows 11 Home Version 25H2 26200.8457 (X64) (2025-04-18 05:08:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-110046478-510051192-1964495333-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-110046478-510051192-1964495333-503 - Limited - Disabled)
Guest (S-1-5-21-110046478-510051192-1964495333-501 - Limited - Disabled)
prikr (S-1-5-21-110046478-510051192-1964495333-1001 - Administrators - Enabled) => C:\Users\prikr
WDAGUtilityAccount (S-1-5-21-110046478-510051192-1964495333-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 26.001.21529 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 3.7.5 (HKLM\...\Audacity_is1) (Version: 3.7.5 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 26.4.10932.3593 - Gen Digital Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1993.6 - AVAST Software) Hidden
BIG-IP Edge Client Components (All Users) (HKLM-x32\...\F5 Networks Client Components) (Version: 72.2023.1006.0843 - F5 Networks, Inc.)
Blackmagic RAW Common Components (HKLM\...\{37B60D98-FA52-4325-9A27-376FD782C334}) (Version: 5.0 - Blackmagic Design)
CapCut (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\CapCut) (Version: 8.2.0.3462 - Bytedance Pte. Ltd.)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.7.1313.1667 - Piriform)
Chromas version 2.6.6 (HKLM\...\{B6EF9938-F178-44C7-8B7A-AD29D4AAFF1F}_is1) (Version: 2.6.6 - Technelysium Pty Ltd)
Discord (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Discord) (Version: 1.0.9179 - Discord Inc.)
ExpressVPN (HKLM-x32\...\{4524edb4-42af-4443-b1e1-5b609b5803e0}) (Version: 12.104.0.128 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B89C4D78B1}) (Version: 12.104.0.128 - ExpressVPN) Hidden
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
FlowJo VX (HKLM\...\FlowJo VX) (Version: 10.0.7.2 - )
GIMP 3.0.6-1 (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\GIMP-3_is1) (Version: 3.0.6.1 - The GIMP Team)
Google Chrome (HKLM\...\{D8756D27-79B8-30DE-9331-8EB0A19B2607}) (Version: 148.0.7778.168 - Google LLC) <==== ATTENTION
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 125.0.0.0 - Google LLC)
GraphPad Prism 8.0.1.244 (HKLM\...\{1D0625E1-610F-499E-BA99-CAF230096AE1}) (Version: 8.1.244 - GraphPad Software Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Imspector 16.3.13030-w2049-win64-BASE (HKLM-x32\...\Imspector 16.3.13030-w2049-win64-BASE) (Version: 16.3.13030-w2049-win64-BASE - Abberior Instruments GmbH)
Imspector 16.3.13030-w2049-win64-Lightbox (HKLM-x32\...\Imspector 16.3.13030-w2049-win64-Lightbox) (Version: 16.3.13030-w2049-win64-Lightbox - Abberior Instruments GmbH)
Imspector 16.3.16118-w2224-win64-Lightbox (HKLM-x32\...\Imspector 16.3.16118-w2224-win64-Lightbox) (Version: 16.3.16118-w2224-win64-Lightbox - Abberior Instruments GmbH)
Microsoft .NET Host - 6.0.5 (x64) (HKLM\...\{F3B3A61B-DC16-429A-A260-DBAFE66741A9}) (Version: 48.23.40665 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.21 (x64) (HKLM\...\{72357746-B194-485C-A161-FB80F419DC20}) (Version: 64.84.40925 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.5 (x64) (HKLM\...\{3E6CCD41-6B96-47BD-8E1E-D7B593CEE976}) (Version: 48.23.40665 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.21 (x64) (HKLM\...\{B382D796-20D3-45DA-AB94-E98D99668B10}) (Version: 64.84.40925 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.5 (x64) (HKLM\...\{089A177D-98AE-4195-A115-D3C45613B875}) (Version: 48.23.40665 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.21 (x64) (HKLM\...\{EEFB29A5-3E62-4DCE-8527-0DF45D780126}) (Version: 64.84.40925 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.19231.20194 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 148.0.3967.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 148.0.3967.54 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\OneDriveSetup.exe) (Version: 26.070.0414.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.19231.20194 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.5 (x64) (HKLM\...\{DE578B32-084A-49E7-8E55-6F58A37578C0}) (Version: 48.23.40699 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.5 (x64) (HKLM-x32\...\{0f711ee3-eb88-456d-acb4-c2ee31add211}) (Version: 6.0.5.31215 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.21 (x64) (HKLM\...\{A32777AD-F93A-4F26-BEE6-9C5961EA71D6}) (Version: 64.84.40919 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.21 (x64) (HKLM-x32\...\{69a28bd2-b8bd-491a-a39d-5bcb13678463}) (Version: 8.0.21.35325 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 144.0 (x64 en-US)) (Version: 144.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 144.0 - Mozilla)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.6.971 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.32.5.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 581.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 581.83 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
PDF Suite 2021 (HKLM\...\{0CDDD683-C9C0-40F4-9BD3-AE29E581F9EF}) (Version: 19.0.31.5156 - Interactive Brands Malta Limited) Hidden
PDF Suite 2021 (HKLM-x32\...\PDF Suite 2021) (Version: 19.0.31.1888 - Avanquest Software (7270356 Canada Inc))
PDF Suite 2021 OCR TESS Module (HKLM\...\{95C5CA1D-DA10-468E-B814-AEC7D0008C28}) (Version: 19.0.31.5156 - Interactive Brands Malta Limited) Hidden
PyMOL 3.1.4.1 (Python 3.10.16 64-bit) (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\PyMOL 3.1.4.1 (Python 3.10.16 64-bit)) (Version: 3.1.4.1 - Schrodinger, Inc.)
RODE Central (HKLM\...\{AF99FFE4-778E-4509-A96A-94549D6F809F}) (Version: 2.0.111 - RØDE Microphones)
SnapGene Viewer (HKLM-x32\...\SnapGene Viewer) (Version: 7.1.1 - GSL Biotech LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Vacation Adventures: Park Ranger 11 Collector's Edition (HKLM-x32\...\WTA-c6a5fe5a-e6a4-4df3-8ad7-5df4616a1f69) (Version: 7.0.0.650 - WildTangent) Hidden
Vector NTI Suite 7.0.0.3 (HKLM-x32\...\{AC0D7292-6F88-4F44-B2E6-076A3FC4352F}) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1120 - McAfee, LLC)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora 14(Build 14.5.20.12999) (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Wondershare Filmora 14_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.1.0.0) (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Zoom Workplace (HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\ZoomUMX) (Version: 6.7.8 (32670) - Zoom Communications, Inc.)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-19] ()
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2026-05-14] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
B＆O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.47.308.0_x64__v10z8vjag6ke6 [2024-01-09] (HP Inc.)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.37.0_x64__xbfy0k16fey96 [2026-05-01] (Dropbox Inc.)
HP -> C:\Program Files\WindowsApps\AD2F1837.myHP_55.52615.4833.0_x64__v10z8vjag6ke6 [2026-05-09] (HP Inc.) [Startup Task]
HP Inc. Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_2.0.11.0_x64__v10z8vjag6ke6 [2026-01-22] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_3.1.0.0_x64__v10z8vjag6ke6 [2026-04-04] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.5.21.0_x64__v10z8vjag6ke6 [2026-05-14] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-12-28] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_164.1.1128.0_x64__v10z8vjag6ke6 [2026-04-12] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.51.14.0_x64__v10z8vjag6ke6 [2026-02-12] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.2.24.0_x64__v10z8vjag6ke6 [2026-05-05] (HP Inc.)
Intel® Graphics Software -> C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_26.8.2209.0_x64__8j3eq9eme6ctt [2026-04-22] (INTEL CORP)
Local Artificial Intelligence Manager -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-10-19] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2602.23002.0_x64__8wekyb3d8bbwe [2026-04-03] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_56.20201.588.0_x64__8wekyb3d8bbwe [2026-03-03] (Microsoft Corporation)
Microsoft.AIFabric.CBS.1.6 -> C:\WINDOWS\SystemApps\Microsoft.AIFabric.CBS.1.6_8wekyb3d8bbwe [2026-05-14] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-10-19] ()
Movie Maker: Video Editor -> C:\Program Files\WindowsApps\IOForth.FilmForth_2.3.22.0_x64__pxs7cjhtcq1xt [2026-04-11] (IOForth)
MuseHub -> C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6 [2025-02-14] (Muse) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-10-19] ()
Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.140.0_x64__kx24dqmazqk8j [2025-07-29] (Random Salad Games LLC)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8002.0.1.0_x64__8wekyb3d8bbwe [2026-05-14] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1049.117.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1049.117.0-x6_4000.1049.117.0_x64__8wekyb3d8bbwe [2025-08-14] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-12-27] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\prikr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{29125EC0-5EDB-4BA4-9C2B-D60C5A168D17}\localserver32 -> c:\users\prikr\appdata\local\capcut\apps\7.1.0.2881\capcut.exe (Bytedance Pte. Ltd. -> ByteDance)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{92DD893E-2217-4B60-947E-3FF2CCEE7467}\localserver32 -> c:\users\prikr\appdata\local\capcut\apps\7.5.0.3053\capcut.exe (Bytedance Pte. Ltd. -> ByteDance)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{A98B3FCA-8A91-48DB-9722-870F3FCB4648}\localserver32 -> c:\users\prikr\appdata\local\capcut\apps\6.8.1.2758\capcut.exe (Bytedance Pte. Ltd. -> ByteDance)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{CB84D045-27F5-429D-A1A3-4F11DDEC57E5}\localserver32 -> c:\users\prikr\appdata\local\capcut\apps\6.9.0.2786\capcut.exe (Bytedance Pte. Ltd. -> ByteDance)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-110046478-510051192-1964495333-1001_Classes\CLSID\{eae5d8cf-53f4-11e7-6878-e6e9de9c9328}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ContextMenuHandlerFilmora] -> {5F542218-AF8A-4CF8-8ACA-DF63B73C528D} => C:\WINDOWS\system32\FilmoraContextMenu.dll [2025-02-08] () [File not signed]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [PDFSuite2021_ManagerExt] -> {D62D69E8-B2F4-4014-AACE-F8BB8974FFAB} => C:\Program Files\PDF Suite 2021\context-menu.dll [2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\125.0.0.0\drivefsext.dll [2026-05-13] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_93bfe0f55fd40b5c\nvshext.dll [2026-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-05-11] (Gen Digital Inc. -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\prikr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PyMOL2\PyMOL2 Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\prikr\AppData\Local\Schrodinger\PyMOL2\Scripts\activate.bat C:\Users\prikr\AppData\Local\Schrodinger\PyMOL2
ShortcutWithArgument: C:\Users\prikr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/ ... taskbar-hp

==================== Loaded Modules (Whitelisted) =============

2026-05-14 04:53 - 2026-05-14 04:53 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\4b5aff625d620b44bee9ec1ba203f61c\Newtonsoft.Json.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: PDF Suite 2021 Helper -> {F0D4411A-8E0B-4254-99DF-7FC49E60F385} -> C:\Program Files\PDF Suite 2021\creator\plugins\IEAddin\creator-ie-helper.dll [2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: PDF Suite 2021 Helper -> {F0D4411A-8E0B-4254-99DF-7FC49E60F385} -> C:\Program Files (x86)\PDF Suite 2021\creator\plugins\IEAddin\creator-ie-helper.dll [2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - PDF Suite 2021 Toolbar - {49B5689B-741D-46B7-8B3A-1F46EBA34C98} - C:\Program Files\PDF Suite 2021\creator\plugins\IEAddin\creator-ie-plugin.dll [2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Suite 2021 Toolbar - {49B5689B-741D-46B7-8B3A-1F46EBA34C98} - C:\Program Files (x86)\PDF Suite 2021\creator\plugins\IEAddin\creator-ie-plugin.dll [2022-10-20] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
DPF: HKLM-x32 {2c8ffa64-e3f7-49ae-87c2-49018fde3aea} C:\Users\prikr\AppData\Local\Temp\F5_TMP_611472816518110119485\OesisInspector.cab
DPF: HKLM-x32 {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\prikr\AppData\Local\Temp\7zS0636FCFF\InstallerControl.cab#-1,-1,-1,-1
DPF: HKLM-x32 {57C76689-F052-487B-A19F-855AFDDF28EE} C:\Users\prikr\AppData\Local\Temp\7zS0636FCFF\f5InspectionHost.cab#-1,-1,-1,-1
DPF: HKLM-x32 {A83FB16F-F96A-4724-A5B1-AC999860A218} C:\Users\prikr\AppData\Local\Temp\F5_TMP_611472816518110119485\OesisInspector.cab
DPF: HKLM-x32 {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} C:\Users\prikr\AppData\Local\Temp\F5_TMP_2101111742432298318721\f5syschk.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\emory.edu -> hxxps://vpn.emory.edu

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 01:24 - 2022-05-07 01:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 75.75.75.75 - 75.75.76.76
Windows Firewall is enabled.

Network Binding:
=============
OpenVPN Data Channel Offload for NordVPN: OpenVPN Data Channel Offload -> ovpn-dco.sys
Local Area Connection 3: OpenVPN Data Channel Offload for ExpressVPN -> expressvpn-ovpn-dco.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt68cx21x64.sys
Local Area Connection 2: TAP-NordVPN Windows Adapter V9 -> tapnordvpn.sys
Ethernet 2: ExpressVPN TAP Adapter -> tapexpressvpn.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Local Area Connection: ExpressVPN TUN Driver -> expressvpn-tun.sys
Wi-Fi: MediaTek MT7921 Wi-Fi 6 802.11ax PCIe Adapter -> mtkwl6ex.sys

nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
vms_vsf: Hyper-V Virtual Switch Extension Filter
expressvpn-pkf: ExpressVPN Packet Filter
NordLwf: NordVPN LightWeight Firewall
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-110046478-510051192-1964495333-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\prikr\Pictures\IMG-20251119-WA0004.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3CC6B75C2ABAD424063CA71318A3CAD7"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_2FC8F1F10796C730EFEB8EB59D1AB059"
HKU\S-1-5-21-110046478-510051192-1964495333-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{968A512F-75DD-45B6-8D20-109E6B112383}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{3E1052C9-0551-4C57-B89B-D9613C553932}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{9DEAC30E-29BC-4667-A33E-8BADF9EE64BC}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe (Musecy SM Ltd. -> Muse)
FirewallRules: [{1A8DBC2A-EED7-4BED-81D7-040AB6454DB4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D8C08618-B8F6-4B9D-A08E-1EE73333336C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9D4DCEB0-7F71-471E-A8EC-FEB111509C15}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{210BB58D-DD37-4993-8B30-E9C4AB008AC4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{39E57966-503D-4F80-A8A7-C397E2BA865F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5943827F-95EB-443D-AFBB-80B6721FDDB8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDA2D2D9-49C7-40CB-AC5A-3030C734D2CB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1103.3051.6995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C49C9DBF-CB5E-4307-A864-44AC5AB59877}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1103.3051.6995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{EBE540A8-0EE3-4431-8FC8-30EDB44B5768}C:\imspector\versions\16.3.13030-w2049-win64-base\bin\win64\imspector.exe] => (Block) C:\imspector\versions\16.3.13030-w2049-win64-base\bin\win64\imspector.exe (Abberior Instruments GmbH) [File not signed]
FirewallRules: [TCP Query User{9664A502-ECDE-4765-ADDC-574EE65B65AE}C:\imspector\versions\16.3.13030-w2049-win64-base\bin\win64\imspector.exe] => (Block) C:\imspector\versions\16.3.13030-w2049-win64-base\bin\win64\imspector.exe (Abberior Instruments GmbH) [File not signed]
FirewallRules: [UDP Query User{BC54BE97-C7C8-4653-A562-32929CEFCC42}C:\program files (x86)\vector nti suite 7\vector nti 7.exe] => (Allow) C:\program files (x86)\vector nti suite 7\vector nti 7.exe (InforMax, Inc.) [File not signed]
FirewallRules: [TCP Query User{394AF6D7-5205-46C9-9696-DA227D8D469D}C:\program files (x86)\vector nti suite 7\vector nti 7.exe] => (Allow) C:\program files (x86)\vector nti suite 7\vector nti 7.exe (InforMax, Inc.) [File not signed]
FirewallRules: [{57E90808-5B88-4271-96CB-65024D364B95}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{49B00461-AD83-4ECD-85BB-B3FD634D1E96}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A8810CF1-5970-4D37-81A2-46D5A518E999}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{A9984ACC-C728-4098-9433-0B331BAA62B2}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{BB8516A2-4C3A-4FCE-828A-6D6551FD7A5F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{239E77A4-0C7F-4072-894E-ED95DAA4AEF9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{7E38E83D-DDD6-4E89-9FCF-673F7A38BB56}] => (Allow) C:\Users\prikr\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1AADE07F-E774-4F2A-8711-E2B8106620DD}] => (Allow) C:\Users\prikr\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D49E90E3-8483-4A90-8210-96EBFB667F65}] => (Allow) C:\Users\prikr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{F82E915D-82CD-48D7-8B5D-5868844A4307}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A3EBD381-DB04-4D55-BB27-289782FF8E54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F57C6E62-C731-45A9-97C2-9C59F4F320E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FB649448-9D5D-40B9-B8A5-9B53A456C5C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4FA937A3-01A1-48F1-8AB6-93CE20117DF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6F493BE8-B008-45C5-B174-6444B2EC9AEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B0F53A60-3515-4D62-AEE8-FAC932D67ED0}] => (Allow) C:\Users\prikr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{DBFB766F-4A70-490B-AA1E-B0C21C436F29}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{523BDDC5-FC7E-4524-B1E7-99C52DB03A27}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{06CCC8E0-73AA-4782-866A-CC30EE7A3E48}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{14A45B3B-D0C3-4C87-AB50-00C89875DAAA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{E1CF2729-5148-475A-9672-C8F85C542C82}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{149E7F96-0FB1-4EA6-B25D-9F998A31F852}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{9A97EEA3-038D-4725-8E8C-1CAB64F47CB9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{6F6D982E-2CA8-4DE4-B4B0-361EB622621F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{32F1D447-CB34-4A3F-AF4E-67C5AED9436C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DDD5C599-A2E9-4C4E-B855-E33C965DDEC7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{3585159D-CF58-4901-8EEC-D9416F1677AF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{48F51571-4E93-4AA1-9549-CDCCFAE87291}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{EBE34B94-B5F7-449B-A348-D89B5A1D4F2C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DF8036B3-0B68-4C09-B81D-55F7DB64C595}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B854BC49-6038-4720-B768-6F3C9FE22CDB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{334AF0A6-588C-4507-8775-EFC3EFA8A01C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D0F22339-3D93-4EFC-BB6B-5E037F373616}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{904B7328-2305-4488-BB36-3C8B74D439A7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1BA43702-1159-43A9-9360-5294BCB178AC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{390A411B-F158-4665-B188-8BFD83CE66C3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D3256B0C-B565-4A07-94E2-CD67C68C1922}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{4C20908D-FC7D-44BC-98EF-B5261C5E5A6B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{4199D60E-29D7-4809-B907-BD9964996E4C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D0F41490-B33A-42E8-A449-1981B8439265}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2509.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{70C8A0C6-9862-41B3-85B9-8105078D1794}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [EdgeWebView2-MDNS-In-UDP] => (Allow) C:\WINDOWS\system32\Microsoft-Edge-WebView\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BD42E263-04C4-448C-955F-C2FCED2D5A11}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

13-05-2026 15:02:27 Windows Modules Installer
13-05-2026 15:04:18 Windows Modules Installer
14-05-2026 06:45:54 Piriform Driver Updater Restore Point
15-05-2026 02:40:16 AdwCleaner_BeforeCleaning_15/05/2026_02:38:51

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2026 02:40:11 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer COM+ REGDB Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (05/15/2026 02:40:11 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer Registry Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (05/15/2026 02:40:11 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer WMI Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (05/15/2026 02:40:11 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer Shadow Copy Optimization Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (05/15/2026 02:40:11 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer MSSearch Service Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (05/15/2026 02:40:11 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer System Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (05/14/2026 10:04:24 PM) (Source: Application Error) (EventID: 1000) (User: NIDAIME)
Description: Faulting application name: chrome.exe, version: 148.0.7778.97, time stamp: 0x69f121aa
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007fff73747175
Faulting process id: 0x169c
Faulting application start time: 0x1dce40f20fb9718
Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe
Faulting module path: unknown
Report Id: 13ec8f28-ce1b-4eac-9f88-68efe4d1ad8a
Faulting package full name:
Faulting package-relative application ID:

Error: (05/14/2026 09:56:49 PM) (Source: Application Error) (EventID: 1000) (User: NIDAIME)
Description: Faulting application name: chrome.exe, version: 148.0.7778.97, time stamp: 0x69f121aa
Faulting module name: chrome.dll, version: 148.0.7778.97, time stamp: 0x69f121aa
Exception code: 0xc0000409
Fault offset: 0x00000000050e2785
Faulting process id: 0x2e3c
Faulting application start time: 0x1dce40dfd146972
Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe
Faulting module path: C:\Program Files\Google\Chrome\Application\148.0.7778.97\chrome.dll
Report Id: 256acbcc-490e-4ac2-8a10-70af3b5da0ae
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (05/15/2026 02:40:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee WebAdvisor service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1 milliseconds: Restart the service.

Error: (05/15/2026 02:40:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (05/15/2026 02:40:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP System Info HSA Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (05/15/2026 02:40:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Insights Analytics service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/15/2026 02:40:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Suite 2021 Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/15/2026 02:40:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (05/15/2026 02:40:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Sonitude SECOMN Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/15/2026 02:40:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management Engine WMI Provider Registration service terminated unexpectedly. It has done this 1 time(s).

Windows Defender:
================
Date: 2026-05-15 02:11:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown

Date: 2026-05-13 15:02:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown

Date: 2026-05-07 19:28:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown

Date: 2026-05-07 19:22:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown

Date: 2026-05-07 11:49:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown
Event[0]

Date: 2026-05-03 21:04:28
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Unexpected Crash
Exception code: 0xefffffff
Resource: KERNELBASE.dll
Engine Code: 817626

Date: 2026-05-03 21:03:05
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Hang
Exception code:
Resource: boot://\\.\C:\
Engine Code: 16422

Date: 2026-05-03 19:44:28
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Unexpected Crash
Exception code: 0xefffffff
Resource: KERNELBASE.dll
Engine Code: 817626

Date: 2026-05-03 19:42:57
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Hang
Exception code:
Resource: boot://\\.\C:\
Engine Code: 16422

Date: 2026-05-03 14:32:09
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Unexpected Crash
Exception code: 0xefffffff
Resource: KERNELBASE.dll
Engine Code: 817626

CodeIntegrity:
===============
Date: 2026-05-14 06:04:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2026-05-03 21:03:26
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: AMI F.28 08/19/2024
Motherboard: HP 8A4F
Processor: 12th Gen Intel(R) Core(TM) i7-12650H
Percentage of memory in use: 39%
Total physical RAM: 16051.99 MB
Available physical RAM: 9770.8 MB
Total Virtual: 31411.99 MB
Available Virtual: 23828.27 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:475.72 GB) (Free:24.88 GB) (Model: SAMSUNG MZVL2512HCJQ-00BH1) (Protected) NTFS

\\?\Volume{eca37c92-2873-4ca8-a69c-cad81b590629}\ () (Fixed) (Total:0.94 GB) (Free:0.1 GB) NTFS
\\?\Volume{108cf7af-84c9-4b74-a8a8-f809ec9f85e3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 9F5405F4)

Partition: GPT.

==================== End of Addition.txt =======================