API tools faq
paste
Guest User

FRST.txt

a guest
Mar 26th, 2026
41
0
Never
5
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 71.98 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2026
  2. Ran by User (administrator) on COMPUTER (LENOVO 90T00003US) (26-03-2026 03:33:37)
  3. Running from C:\Users\User\Downloads\FRST64.exe
  4. Loaded Profiles: User
  5. Platform: Microsoft Windows 11 Home Version 25H2 26200.8039 (X64) Language: English (United States)
  6. Default browser: Edge
  7. Boot Mode: Normal
  8.  
  9. ==================== Processes (Whitelisted) =================
  10.  
  11. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  12.  
  13. (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.285.519.0_x64__zpdnekdrzrea0\Spotify.exe <7>
  14. (A-Volute SAS -> A-Volute) C:\Users\User\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
  15. (C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantage-(GenericMessagingAddin).exe
  16. (C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantage-(LenovoGamingSystemAddin).exe
  17. (C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantage-(VantageCoreAddin).exe
  18. (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
  19. (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
  20. (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
  21. (C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (GN Hearing A/S -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
  22. (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (GN Hearing A/S -> SteelSeries A/S) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
  23. (C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.285.519.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.285.519.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
  24. (C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
  25. (C:\Users\User\AppData\Local\AnkiProgramFiles\.venv\Scripts\pythonw.exe ->) (Python Software Foundation) [File not signed] C:\Users\User\AppData\Local\AnkiProgramFiles\python\cpython-3.13.5-windows-x86_64-none\pythonw.exe
  26. (C:\Users\User\AppData\Local\AnkiProgramFiles\python\cpython-3.13.5-windows-x86_64-none\pythonw.exe ->) (mpv) [File not signed] C:\Users\User\AppData\Local\AnkiProgramFiles\.venv\Lib\site-packages\anki_audio\mpv.exe
  27. (C:\Users\User\AppData\Local\AnkiProgramFiles\python\cpython-3.13.5-windows-x86_64-none\pythonw.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Users\User\AppData\Local\AnkiProgramFiles\.venv\Lib\site-packages\PyQt6\Qt6\bin\QtWebEngineProcess.exe <3>
  28. (C:\Users\User\AppData\Local\Programs\Anki\anki.exe ->) (Python Software Foundation) [File not signed] C:\Users\User\AppData\Local\AnkiProgramFiles\.venv\Scripts\pythonw.exe
  29. (cmd.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <2>
  30. (Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-1.0.9229\Discord.exe <6>
  31. (drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\x64\AppProvisioningPlugin.exe
  32. (drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\x64\MessagingPlugin.exe
  33. (DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_helper.exe
  34. (explorer.exe ->) (Ankitects Pty Ltd -> ) C:\Users\User\AppData\Local\Programs\Anki\anki.exe
  35. (explorer.exe ->) (GN Hearing A/S -> SteelSeries A/S) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
  36. (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
  37. (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
  38. (explorer.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Users\User\AppData\Local\Temp\bwp4ea679e4-e13a-4fe6-b96e-39943124f1b4\UnInstDaemon.exe
  39. (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
  40. (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
  41. (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
  42. (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\26.035.0222.0002_1\OneDrive.Sync.Service.exe
  43. (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_19.2603.48201.0_x64__8wekyb3d8bbwe\M365Copilot.exe
  44. (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
  45. (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
  46. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
  47. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_92455b7686ca5a0e\ipfsvc.exe
  48. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1b58b44b260e88c6\IntelCpHDCPSvc.exe
  49. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_uf.exe
  50. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_2c17521ca0d3f79c\WMIRegistrationService.exe
  51. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7955510f793739e6\Intel_PIE_Service.exe
  52. (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
  53. (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
  54. (services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantageService.exe
  55. (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
  56. (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  57. (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
  58. (services.exe ->) (Microsoft Corporation -> Windows (R) Win 7 DDK provider) C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe <2>
  59. (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
  60. (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvle.inf_amd64_95d23c473c9f810d\Display.NvContainer\NVDisplay.Container.exe <2>
  61. (services.exe ->) (Plarium Global Ltd. -> Plarium) C:\Users\User\AppData\Local\PlariumPlay\10.13.0-0.0.0\PlariumPlayClientService\PlariumPlayClientService.exe
  62. (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c607c18cb15933d8\RtkAudUService64.exe
  63. (sihost.exe ->) (CACCD12F-7BFA-4346-AD14-30B4E275348F -> Hewlett-Packard Development Company, L.P.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.36.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe
  64. (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWallpaper_1.1.444.0_x86__8wekyb3d8bbwe\BingWallpaper.exe
  65. (svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.9.0_x64__w2gh52qy24etm\Nahimic3.exe
  66. (svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.285.519.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
  67. (svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.285.519.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
  68. (svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
  69. (svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
  70. (svchost.exe ->) (LITE-ON TECHNOLOGY CORP. -> Lenovo Inc.) C:\Program Files (x86)\Lenovo\Calliope_Keyboard\Calliope_Keyboard.exe
  71. (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
  72. (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2603.1001.17.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
  73. (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.229.1.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
  74. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
  75. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
  76. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
  77. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
  78. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
  79. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
  80.  
  81. ==================== Registry (Whitelisted) ===================
  82.  
  83. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  84.  
  85. HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c607c18cb15933d8\RtkAudUService64.exe [1958696 2023-10-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
  86. HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4147608 2026-02-12] (Riot Games, Inc. -> Riot Games, Inc.)
  87. HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20257336 2026-03-23] (GN Hearing A/S -> SteelSeries A/S)
  88. HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
  89. HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
  90. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4746128 2026-03-24] (Microsoft Corporation -> Microsoft Corporation)
  91. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5760152 2026-01-21] (Valve Corp. -> Valve Corporation)
  92. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1525016 2022-12-10] (Discord Inc. -> GitHub)
  93. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [Battle.net] => D:\Battle.net\Battle.net.exe [981640 2024-09-26] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  94. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [75632792 2026-03-16] (Riot Games, Inc. -> Riot Games, Inc.)
  95. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1987904 2026-03-23] (Overwolf Ltd -> Overwolf Ltd.)
  96. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [Grammarly] => C:\Users\User\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [239712 2024-06-20] (Grammarly, Inc. -> Grammarly)
  97. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24773784 2026-01-30] (Logitech Inc -> Logitech, Inc.)
  98. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [BingWallpaperDaemon] => C:\Users\User\AppData\Local\Temp\bwp4ea679e4-e13a-4fe6-b96e-39943124f1b4\UnInstDaemon.exe [61000 2026-03-19] (Microsoft Corporation -> Microsoft Corp.) <==== ATTENTION
  99. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [PlariumPlay] => C:\Users\User\AppData\Local\PlariumPlay\PlariumPlay.exe [294776 2026-03-12] (Plarium Global Ltd. -> Plarium)
  100. HKU\S-1-5-21-975304646-477524892-400864835-1001\...\Run: [GoogleChromeAutoLaunch_49F67B7C400D253B7FF065714E9AABC7] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3997336 2026-03-21] (Google LLC -> Google LLC)
  101. HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
  102. HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
  103. HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2026-03-18] (Google LLC -> Google LLC)
  104. HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\146.0.7680.165\Installer\chrmstp.exe [2026-03-24] (Google LLC -> Google LLC)
  105. GroupPolicy: Restriction ? <==== ATTENTION
  106. Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
  107.  
  108. ==================== Scheduled Tasks (Whitelisted) =================
  109.  
  110. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  111.  
  112. Task: {A3EC55EF-20B6-4CEC-A732-5B314453CDA4} - System32\Tasks\Calliope_Keyboard => C:\Program Files (x86)\Lenovo\Calliope_Keyboard\Calliope_Keyboard.exe [6385880 2021-06-28] (LITE-ON TECHNOLOGY CORP. -> Lenovo Inc.)
  113. Task: {2B1944E7-3E5D-4747-9E1A-39BF41584BB8} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{F341DA4E-E7D4-4564-8E83-A3028CA46583} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
  114. Task: {9E53F60C-3ADD-43D5-9D87-073BF4467424} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-27] (Lenovo -> Lenovo Group Ltd.)
  115. Task: {462BB698-8C08-4FAD-A144-8BDF03E90CCD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
  116. Task: {15537BE5-6B7E-4E30-9C94-502DB47E9687} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [110592 2025-09-10] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
  117. Task: {1FD6073E-6337-49C2-91BC-27BBC0D2159E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1925d9bb-58b4-4ba1-acbf-ea817cdd973b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-27] (Lenovo -> Lenovo Group Ltd.)
  118. Task: {ED45265C-DE5F-4921-9BFF-652DA3EF4F74} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bfbc81c0-f9cd-40c6-b500-01bb6a9f58ee => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-27] (Lenovo -> Lenovo Group Ltd.)
  119. Task: {A2B026AE-FE5E-4222-9249-51F39A325E54} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fdb5b319-210f-4505-93f6-be7f4cb6e760 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-27] (Lenovo -> Lenovo Group Ltd.)
  120. Task: {03DADB1F-CF37-478F-9242-38772F23C307} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [468448 2025-09-16] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
  121. Task: {8040F96A-C191-4883-8D3F-9638CE380174} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [471520 2025-09-16] (Lenovo -> Lenovo)
  122. Task: {0276D904-0289-469D-A421-DCF83EA28140} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [471520 2025-09-16] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
  123. Task: {06963880-5303-47FF-AD3C-7F91A8F85492} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
  124. Task: {FD6F1309-967D-4ECD-BCDF-644EFD888F35} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [91064 2026-01-26] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle
  125. Task: {50E26D09-C813-419A-A1DD-89E27ED47CC9} - System32\Tasks\Lenovo\UDC\Lenovo UDC Lazy Deployment => C:\WINDOWS\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 221
  126. Task: {F594FC5F-1C98-4D88-AD5C-62C054E7896B} - System32\Tasks\Lenovo\UDC\Lenovo UDC Maintainance Task => C:\WINDOWS\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 220
  127. Task: {087E711E-4D1F-403B-A713-5264B4958FE0} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [252856 2026-01-26] (Lenovo -> Lenovo Group Ltd.)
  128. Task: {278D5B74-CB17-4F7A-8935-BBE68E049966} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
  129. Task: {BB9A4C2C-1A86-4F46-9B50-2F29AFADFF13} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  130. Task: {5E56AA36-90CC-405D-8DC6-E004087B78B5} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  131. Task: {6C97065E-FCD2-48B5-A75C-DA5488FCBB67} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  132. Task: {3E79CA52-5449-4394-8364-C11EFB3E12E7} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin_Pulsation => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  133. Task: {9897E84E-D007-45E8-BC0B-42741496449C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  134. Task: {E2CFFF4F-5EF4-4605-B0A6-87200F88A102} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  135. Task: {D8B7ACE4-B3B9-4AE5-859F-7C1E81B0BC18} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  136. Task: {9C27B078-A4AB-4CF6-9078-5EF90C6DC0E1} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  137. Task: {CED7F606-AEE3-4812-A338-191D4AF065BF} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
  138. Task: {2C7B4273-7CA1-4FD4-90F6-D0E3D5CE00C0} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  139. Task: {ACD0F33F-3CCC-403C-BE72-F1749067C980} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  140. Task: {A6826B1B-5759-42AD-B2B0-5F851CE546A7} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.1.0.22\x86\IdleScheduleEventAction.exe [173536 2026-02-10] (Lenovo -> )
  141. Task: {5778A8BE-9E18-4C76-BF90-78AC524A6C97} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-17] (Lenovo -> Lenovo)
  142. Task: {D20777D6-A14B-42E9-AF09-3576DE9DFE3E} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
  143. Task: {E298421C-266C-49CA-B8B3-5D401FFDA4A3} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16300328 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
  144. Task: {2B741A5D-E729-4758-893C-E45809BB506E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604744 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
  145. Task: {A66133F1-527A-4F8F-B10F-E1CF0D5F7954} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [73648 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
  146. Task: {AC79CFBF-EEEE-41D2-9944-AF415344C08A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604744 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
  147. Task: {5ABE0922-5FC2-49F4-8993-D932899AD8BB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [427808 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
  148. Task: {6910F653-B249-480B-9DB1-EC551690C869} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [427808 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
  149. Task: {A6ED9880-B6DF-4FCD-ACCF-F5FFA147607E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1349992 2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
  150. Task: {308B163E-9ED9-4151-B257-EC9823D1088C} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4448800 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
  151. Task: {481AB19F-416F-4F23-9AEB-01608132B3F3} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16300328 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
  152. Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
  153. Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
  154. Task: {DFA7E410-99A1-4E53-A143-0CFDEDBF341D} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117336 2023-07-17] (A-Volute SAS -> Nahimic)
  155. Task: {FE805366-E6C8-452C-9722-7FF78BA992BD} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437296 2023-07-17] (A-Volute SAS -> Nahimic)
  156. Task: {A94CA52D-1443-43CA-8C6E-FC3D4C688648} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117336 0] (A-Volute SAS -> Nahimic)
  157. Task: {6115627D-F5C7-46E1-8764-AEC3F9639D24} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437296 0] (A-Volute SAS -> Nahimic)
  158. Task: {1F104218-9E8D-4FAA-9E14-D9FBDA880C72} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4428648 2026-03-24] (Microsoft Corporation -> Microsoft Corporation)
  159. Task: {554C164D-FD8B-439A-846F-F9DC4C884265} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-975304646-477524892-400864835-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4428648 2026-03-24] (Microsoft Corporation -> Microsoft Corporation)
  160. Task: {12404E04-75D1-49AB-9AF7-78A73C1393E8} - System32\Tasks\OneDrive Startup Task-S-1-5-21-975304646-477524892-400864835-1001 => C:\Program Files\Microsoft OneDrive\26.035.0222.0002_1\OneDriveLauncher.exe [757608 2026-03-24] (Microsoft Corporation -> Microsoft Corporation)
  161. Task: {ED62CC08-627C-45DB-9134-5F5D1D68899A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-03-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
  162. Task: {2E6E71A7-443B-4CA4-BEA1-C2D292050D64} - System32\Tasks\SoftLanding\S-1-5-21-975304646-477524892-400864835-1001\SoftLandingDeferralTask-{84793cf1-a4ef-446b-9de5-aa0d2fa824be} => {AF28889E-B0FD-494C-9FB0-D3B058A96B34}
  163. Task: {D4FEC268-2CDD-4184-83C7-2FB71B527070} - System32\Tasks\SoftLanding\S-1-5-21-975304646-477524892-400864835-1001\SoftLandingTriggerTask-128000000001627409-render-{0805fcec-e052-43b9-875a-3879d597cd0b} => {F47D8C53-0B74-4A66-959D-367710AB1F84}
  164. Task: {61C6AF6D-D46B-4439-9620-5DB462D2CA6E} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-975304646-477524892-400864835-1001 => C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe [507784 2026-03-16] (Zoom Communications, Inc. -> Zoom Communications, Inc.)
  165.  
  166. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  167.  
  168. Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
  169.  
  170. ==================== Internet (Whitelisted) ====================
  171.  
  172. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  173.  
  174. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  175. Tcpip\..\Interfaces\{522fc932-00f3-4d02-9eff-419f77f3a28b}: [NameServer] 8.8.8.8
  176. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}: [DhcpNameServer] 192.168.1.1
  177. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\14671691023702960586F6E656: [DhcpNameServer] 172.20.10.1
  178. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\255646D656E6023547574696F6370213: [DhcpNameServer] 192.168.10.1
  179. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\255646D656E6023547574696F6370213: [DhcpDomain] lan
  180. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\4505D2C496E6B6F533934443F55374: [DhcpNameServer] 192.168.0.1
  181. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\6627565602D616C677162756: [DhcpNameServer] 192.168.0.1
  182. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\751465C494E4B4F564341483: [DhcpNameServer] 192.168.10.1
  183. Tcpip\..\Interfaces\{69947c43-cdb1-4024-ae3a-29c7777a4a34}\751465C494E4B4F564341483: [DhcpDomain] lan
  184.  
  185. FireFox:
  186. ========
  187. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-23] (Microsoft Corporation -> Microsoft Corporation)
  188. FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2012-02-23] (Google Inc. -> Google, Inc.)
  189. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-01-30] (Microsoft Corporation -> Microsoft Corporation)
  190. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-08] (Microsoft Corporation -> Microsoft Corporation)
  191.  
  192. Edge:
  193. =======
  194. Edge DefaultProfile: Default
  195. Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-26]
  196. Edge Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2026-03-24]
  197. Edge Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-04]
  198. Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-30]
  199. Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2026-03-24]
  200. Edge DefaultSearchURL: Profile 1 -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
  201. Edge DefaultSearchKeyword: Profile 1 -> bing.com
  202. Edge DefaultNewTabURL: Profile 1 -> {bing:baseURL}chrome/newtab
  203. Edge DefaultSuggestURL: Profile 1 -> {bing:baseURL}qbox?query={searchTerms}&language={language}&{bing:partner}{bing:cvid}{bing:msb}{bing:ig}{bing:baseQuery}{google:inputType}{google:cursorPosition}{google:pageClassification}{bing:features}{bing:flights}
  204. Edge Extension: (Doc Reader) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\eomobieikegbkbaoobfcjjckhfkdgdlb [2025-07-27]
  205. Edge Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-02-09]
  206. Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2026-02-09]
  207. Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-07-27]
  208. Edge Extension: (Microsoft Power Automate) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2026-02-09]
  209. Edge Extension: (Microsoft Power Automate (Legacy)) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2025-07-27]
  210. Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
  211. Edge HKU\S-1-5-21-975304646-477524892-400864835-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]
  212. Edge HKU\S-1-5-21-975304646-477524892-400864835-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
  213. Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
  214.  
  215. Chrome:
  216. =======
  217. CHR DefaultProfile: Profile 3
  218. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2026-03-26]
  219. CHR HomePage: Default -> bing.com
  220. CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?EID=MBHSC&form=BGGCMF&pc=__PARAM__BG00&q={searchTerms}
  221. CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc=__PARAM__BG00&query={searchTerms}
  222. CHR Extension: (Google Translate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2026-03-26]
  223. CHR Extension: (Microsoft Bing Homepage & Search for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddojnmkongaimkdddgmcccldlfhokcfb [2026-03-26]
  224. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-26]
  225. CHR Extension: (AdBlock — block ads across the web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2026-03-26]
  226. CHR Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2026-03-26]
  227. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-01]
  228. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-01]
  229. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2026-03-26]
  230. CHR Notifications: Profile 1 -> hxxps://aamcmedschoolfair.vfairs.com; hxxps://www.facebook.com; hxxps://www.fotor.com; hxxps://www.mensjournal.com
  231. CHR Session Restore: Profile 1 -> is enabled.
  232. CHR Extension: (Google Translate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-07]
  233. CHR Extension: (TooManyTabs for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2024-05-17]
  234. CHR Extension: (Honey: Automated Coupons & Rewards) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2026-02-22]
  235. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-24]
  236. CHR Extension: (AdBlock — block ads across the web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2026-03-24]
  237. CHR Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2026-03-24]
  238. CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2026-03-13]
  239. CHR Extension: (Keepa™ - Amazon Price Tracker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2026-03-24]
  240. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-01]
  241. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-09-17]
  242. CHR HomePage: Profile 2 -> hxxp://www.google.com/
  243. CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/"
  244. CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-12-05]
  245. CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2022-12-05]
  246. CHR Extension: (Gale In Context: Opposing Viewpoints) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccegammhibcodocaecdilkifoefhljhk [2025-09-12]
  247. CHR Extension: (Microsoft Bing Homepage & Search for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ddojnmkongaimkdddgmcccldlfhokcfb [2025-09-12]
  248. CHR Extension: (Kami for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk [2025-09-12]
  249. CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-12-05]
  250. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-17]
  251. CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gjgfobnenmnljakmhboildkafdkicala [2023-05-12]
  252. CHR Extension: (Zoom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-12-05]
  253. CHR Extension: (LanSchool Web Helper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\honjcnefekfnompampcpmcdadibmjhlk [2025-09-12]
  254. CHR Extension: (Read&Write for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inoeonmfapjbbkmdafoankkfajkcphgd [2025-09-12]
  255. CHR Extension: (Google Forms) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2022-12-05]
  256. CHR Extension: (Microsoft Power Automate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-09-12]
  257. CHR Extension: (Google Dictionary (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2025-09-12]
  258. CHR Extension: (Google Drawings) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2022-12-05]
  259. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-05]
  260. CHR Extension: (Cite This For Me: Web Citer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle [2023-09-28]
  261. CHR Extension: (MyBib: Free Citation Generator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\phidhnmbkbkbkbknhldmpmnacgicphkf [2025-09-12]
  262. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2026-03-26]
  263. CHR Notifications: Profile 3 -> hxxps://mail.google.com; hxxps://weeblytutorials.com; hxxps://www.facebook.com; hxxps://www.forbes.com
  264. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-19]
  265. CHR Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2026-03-24]
  266. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-15]
  267. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 5 [2025-12-17]
  268. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-17]
  269. CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gjgfobnenmnljakmhboildkafdkicala [2024-05-23]
  270. CHR Extension: (Microsoft Power Automate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-12-17]
  271. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-23]
  272. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6 [2025-09-18]
  273. CHR Notifications: Profile 6 -> hxxps://mail.google.com
  274. CHR HomePage: Profile 6 -> bing.com
  275. CHR DefaultSearchURL: Profile 6 -> hxxps://www.bing.com/search?EID=MBHSC&form=BGGCMF&pc=__PARAM__BG00&q={searchTerms}
  276. CHR DefaultSuggestURL: Profile 6 -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc=__PARAM__BG00&query={searchTerms}
  277. CHR Extension: (SecureW2 Certificate Autoenrollment Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\clegecdcjeogcjnckoeiekhfbgiajbni [2025-04-13]
  278. CHR Extension: (Microsoft Bing Homepage & Search for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ddojnmkongaimkdddgmcccldlfhokcfb [2025-04-07]
  279. CHR Extension: (LockDown Browser) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fogjeanjfbiombghnmkmmophfeccjdki [2025-09-18]
  280. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-18]
  281. CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gjgfobnenmnljakmhboildkafdkicala [2024-05-30]
  282. CHR Extension: (LabStats ChromeOS Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jgjeioodblhcdmblophnobmifefpppbe [2025-09-18] [UpdateUrl:0] <==== ATTENTION
  283. CHR Extension: (Microsoft Power Automate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-04-07]
  284. CHR Extension: (LibKey Nomad) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lkoeejijapdihgbegpljiehpnlkadljb [2025-09-18]
  285. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-30]
  286. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 7 [2026-03-26]
  287. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-26]
  288. CHR Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2026-03-26]
  289. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-22]
  290. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 8 [2026-03-26]
  291. CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-26]
  292. CHR Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2026-03-26]
  293. CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-09-18]
  294. CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2025-09-18]
  295. CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
  296. CHR HKU\S-1-5-21-975304646-477524892-400864835-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ddojnmkongaimkdddgmcccldlfhokcfb]
  297. CHR HKU\S-1-5-21-975304646-477524892-400864835-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
  298. CHR HKU\S-1-5-21-975304646-477524892-400864835-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
  299. CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
  300.  
  301. ==================== Services (Whitelisted) ===================
  302.  
  303. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  304.  
  305. S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3280000 2025-01-10] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  306. R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13270328 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
  307. R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_92455b7686ca5a0e\ipfsvc.exe [543376 2021-11-12] (Intel Corporation -> Intel Corporation)
  308. S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\26.035.0222.0002_1\FileSyncHelper.exe [3600784 2026-03-24] (Microsoft Corporation -> Microsoft Corporation)
  309. R2 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [385960 2026-03-10] (Microsoft Corporation -> Windows (R) Win 7 DDK provider)
  310. R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-27] (Lenovo -> Lenovo Group Ltd.)
  311. S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\PlatformLicenseManagerService.exe [746984 2022-07-29] (Intel Corporation -> Intel(R) Corporation)
  312. S2 IntelGraphicsSoftwareService; C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_26.4.2155.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [312832 2026-03-24] (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation)
  313. R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_uf.exe [2423456 2021-11-12] (Intel Corporation -> Intel Corporation)
  314. R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantageService.exe [34368 2026-03-17] (Lenovo -> Lenovo)
  315. R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [20112536 2026-01-30] (Logitech Inc -> Logitech, Inc.)
  316. R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11420952 2026-03-24] (Malwarebytes Inc -> Malwarebytes)
  317. S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-06-05] (Malwarebytes Inc. -> Malwarebytes)
  318. S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
  319. R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1912472 2023-07-17] (A-Volute SAS -> Nahimic)
  320. R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_95d23c473c9f810d\Display.NvContainer\NVDisplay.Container.exe [1275032 2025-10-31] (NVIDIA Corporation -> NVIDIA Corporation)
  321. S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\26.035.0222.0002_1\OneDriveUpdaterService.exe [3996008 2026-03-24] (Microsoft Corporation -> Microsoft Corporation)
  322. S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-03-23] (Overwolf Ltd -> Overwolf LTD)
  323. R2 Plarium Play Client Service; C:\Users\User\AppData\Local\PlariumPlay\10.13.0-0.0.0\PlariumPlayClientService\PlariumPlayClientService.exe [200056 2026-03-12] (Plarium Global Ltd. -> Plarium)
  324. S3 Rockstar Service; D:\Rockstar Games\RockstarService.exe [2196464 2023-04-02] (Rockstar Games, Inc. -> Rockstar Games)
  325. S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-13] (GN Hearing A/S -> )
  326. R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [72632 2026-01-26] (Lenovo -> Lenovo Group Ltd.)
  327. S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55806032 2026-02-12] (Riot Games, Inc. -> Riot Games, Inc.)
  328. S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
  329. S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
  330.  
  331. ===================== Drivers (Whitelisted) ===================
  332.  
  333. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  334.  
  335. S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
  336. R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  337. R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-07] (Lenovo -> Lenovo)
  338. R0 fse; C:\WINDOWS\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
  339. R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_1f763f598e10c9b8\ipf_acpi.sys [85664 2021-11-12] (Intel Corporation -> Intel Corporation)
  340. R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_cpu.sys [79520 2021-11-12] (Intel Corporation -> Intel Corporation)
  341. R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_lf.sys [425616 2021-11-12] (Intel Corporation -> Intel Corporation)
  342. S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
  343. S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144800 2026-03-11] (Microsoft Windows -> Microsoft Corporation)
  344. R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-12-02] (Logitech Inc -> Logitech)
  345. R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-12-02] (Logitech Inc -> Logitech)
  346. R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-12-02] (Logitech Inc -> Logitech)
  347. R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234600 2026-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  348. S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
  349. R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [214632 2026-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  350. R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [81000 2026-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  351. R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  352. R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-03-24] (Malwarebytes Inc -> Malwarebytes)
  353. R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [86200 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
  354. R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
  355. S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
  356. R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43568 2025-11-04] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
  357. R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
  358. S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
  359. S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
  360. R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
  361. S3 USBMidi2; C:\WINDOWS\System32\DriverStore\FileRepository\usbmidi2.inf_amd64_f793bf95ccbc3a2c\USBMidi2.sys [98304 2026-03-11] (Microsoft Windows -> Microsoft Corporation)
  362. R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2023-02-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
  363. R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [43580536 2026-02-12] (Riot Games, Inc. -> Riot Games, Inc.)
  364. S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-10] (Microsoft Windows -> Microsoft Corporation)
  365. S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [21888 2026-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
  366. S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [635272 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
  367. S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
  368. R3 WiManHu; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_75ffa60561e32451\WiManHu\WiManHu.sys [217504 2025-04-29] (Intel Corporation -> Intel Corporation)
  369. S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-02-22] (Microsoft Windows -> Microsoft Corporation)
  370. S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-10] (Microsoft Windows -> Microsoft Corporation)
  371.  
  372. ==================== NetSvcs (Whitelisted) ===================
  373.  
  374. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  375.  
  376.  
  377. ==================== One month (created) (Whitelisted) =========
  378.  
  379. (If an entry is included in the fixlist, the file/folder will be moved.)
  380.  
  381. 2026-03-26 03:33 - 2026-03-26 03:34 - 000053642 _____ C:\Users\User\Downloads\FRST.txt
  382. 2026-03-26 03:33 - 2026-03-26 03:34 - 000000000 ____D C:\FRST
  383. 2026-03-26 03:32 - 2026-03-26 03:32 - 002445824 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
  384. 2026-03-25 14:14 - 2026-03-25 14:14 - 000321145 _____ C:\Users\User\Downloads\Miller-Ava (1).pdf
  385. 2026-03-24 23:41 - 2026-03-24 23:41 - 009154482 _____ C:\Users\User\Downloads\RDT_20260324_234033.mp4
  386. 2026-03-24 15:58 - 2026-03-24 15:58 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
  387. 2026-03-24 15:58 - 2026-03-24 15:58 - 000000258 __RSH C:\ProgramData\ntuser.pol
  388. 2026-03-24 00:44 - 2026-03-24 00:44 - 000000223 _____ C:\Users\User\OneDrive\Desktop\TODO today.url
  389. 2026-03-23 22:26 - 2026-03-23 22:26 - 011487160 _____ (Google LLC) C:\Users\User\Downloads\ChromeSetup (1).exe
  390. 2026-03-23 22:11 - 2026-03-26 03:28 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
  391. 2026-03-23 22:10 - 2026-03-23 22:10 - 002849080 _____ (Malwarebytes) C:\Users\User\Downloads\MBSetup (1).exe
  392. 2026-03-23 22:06 - 2026-03-23 22:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding
  393. 2026-03-23 14:58 - 2026-03-23 14:58 - 000321145 _____ C:\Users\User\Downloads\Miller-Ava.pdf
  394. 2026-03-23 13:43 - 2026-03-23 13:43 - 000393708 _____ C:\Users\User\Downloads\CHEM 6AL W26 Quiz 1 Ver A Key.pdf
  395. 2026-03-19 15:44 - 2026-03-19 15:45 - 238430652 _____ C:\Users\User\Downloads\MileDown Kaplan (1).apkg
  396. 2026-03-19 14:30 - 2026-03-19 14:30 - 000000000 ____D C:\Program Files\Microsoft GameInput
  397. 2026-03-17 19:36 - 2026-03-17 19:36 - 061153107 _____ C:\Users\User\Downloads\Modified_Jack_Sparrow_BiologyBiochemistry_Deck_Peter (1).apkg
  398. 2026-03-17 18:03 - 2026-03-17 18:03 - 151545770 _____ C:\Users\User\Downloads\MrPankowPS.apkg
  399. 2026-03-17 17:55 - 2026-03-17 17:55 - 284337618 _____ C:\Users\User\Downloads\Captain Hook Anki Deck.apkg
  400. 2026-03-17 17:46 - 2026-03-17 17:46 - 061153107 _____ C:\Users\User\Downloads\Modified_Jack_Sparrow_BiologyBiochemistry_Deck_Peter.apkg
  401. 2026-03-17 17:42 - 2026-03-17 17:43 - 157992306 _____ C:\Users\User\Downloads\Mr_Pankow_PS.apkg
  402. 2026-03-17 17:40 - 2026-03-17 17:41 - 238430652 _____ C:\Users\User\Downloads\MileDown Kaplan.apkg
  403. 2026-03-17 08:42 - 2026-03-25 17:58 - 000000000 ____D C:\WINDOWS\CbsTemp
  404. 2026-03-16 11:32 - 2026-03-16 11:32 - 000388362 _____ C:\Users\User\Downloads\KEY W26 Midterm 2.pdf
  405. 2026-03-15 22:49 - 2026-03-15 22:49 - 024511877 _____ C:\Users\User\Downloads\15-16_ Gene Transfer-merged.pdf
  406. 2026-03-15 22:48 - 2026-03-15 22:48 - 013002147 _____ C:\Users\User\Downloads\15-16_ Gene Transfer.pdf
  407. 2026-03-15 22:47 - 2026-03-15 22:48 - 005862669 _____ C:\Users\User\Downloads\14_ Recombination.pdf
  408. 2026-03-15 22:47 - 2026-03-15 22:47 - 008279191 _____ C:\Users\User\Downloads\12-13_ DNA Repair.pdf
  409. 2026-03-15 22:47 - 2026-03-15 22:47 - 006110495 _____ C:\Users\User\Downloads\11_ Mutations.pdf
  410. 2026-03-15 19:17 - 2026-03-15 19:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
  411. 2026-03-12 15:30 - 2026-03-12 15:30 - 004695238 _____ C:\Users\User\Downloads\ACFrOgA3-4lS8KxvKGnot8UdUUPp2lMTjOm-j7uab0iZnesIW66X19qPEmrb0l2iYwXPfBWlLRre9l0hAQQOt8vnC9_s8OmvBIzJOiaFWR5Kzjs06F6W0UVjEwK2_89d-DXL6hA9S5bI9G-IciEDNkHr8pzCoF10hVCwYdjLxg==.pdf
  412. 2026-03-12 15:27 - 2026-03-12 15:27 - 004695128 _____ C:\Users\User\Downloads\0305 dal ava.pdf
  413. 2026-03-12 14:04 - 2026-03-12 14:04 - 001824796 _____ C:\Users\User\Downloads\used to treat (2)-compressed.pdf
  414. 2026-03-12 14:03 - 2026-03-12 14:03 - 039039154 _____ C:\Users\User\Downloads\used to treat (2).pdf
  415. 2026-03-12 14:03 - 2026-03-12 14:03 - 039039154 _____ C:\Users\User\Downloads\used to treat (1).pdf
  416. 2026-03-12 14:02 - 2026-03-12 14:02 - 000000000 _____ C:\Users\User\Downloads\used to treat.pdf
  417. 2026-03-11 17:55 - 2026-03-11 17:55 - 000049897 _____ C:\Users\User\Downloads\InternshipAcceptanceLetter_202_2026-03-11_1855.pdf
  418. 2026-03-11 17:43 - 2026-03-11 17:43 - 000900332 _____ C:\Users\User\Downloads\11561-215858-0-2025-2026-03-11-07-43-11-100.pdf
  419. 2026-03-11 04:33 - 2026-03-23 21:50 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
  420. 2026-03-10 20:10 - 2026-03-10 20:10 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json
  421. 2026-03-10 20:10 - 2026-03-10 20:10 - 000083946 _____ C:\WINDOWS\system32\ctac.json
  422. 2026-03-10 20:10 - 2026-03-10 20:10 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
  423. 2026-03-10 20:10 - 2026-03-10 20:10 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
  424. 2026-03-06 13:27 - 2026-03-06 13:27 - 000240133 _____ C:\Users\User\Downloads\MGB Summer Program Committment Form_RS (1).pdf
  425. 2026-03-06 13:21 - 2026-03-06 13:21 - 000240133 _____ C:\Users\User\Downloads\MGB Summer Program Committment Form_RS.pdf
  426. 2026-03-05 17:58 - 2026-03-05 17:58 - 001541029 _____ C:\Users\User\Downloads\A196K69_Exp6a.pdf
  427. 2026-03-05 17:13 - 2026-03-05 17:13 - 000373549 _____ C:\Users\User\Downloads\EDBED8B0-6BD0-46AD-8EA7-9AFB82A4C390.jpeg
  428. 2026-03-05 16:12 - 2026-03-05 16:12 - 000983277 _____ C:\Users\User\Downloads\ilovepdf_pages-to-jpg.zip
  429. 2026-03-05 16:10 - 2026-03-05 16:10 - 000759092 _____ C:\Users\User\Downloads\acetaminophen.pdf
  430. 2026-03-05 16:10 - 2026-03-05 16:10 - 000759092 _____ C:\Users\User\Downloads\acetaminophen (1).pdf
  431. 2026-03-05 11:55 - 2026-03-05 11:55 - 001520670 _____ C:\Users\User\Downloads\phenacetin-compressed.pdf
  432. 2026-03-05 11:54 - 2026-03-05 11:54 - 027685627 _____ C:\Users\User\Downloads\phenacetin.pdf
  433. 2026-03-04 01:37 - 2026-03-04 01:37 - 019483007 _____ C:\Users\User\Downloads\EXP 7 PRELAB.pdf
  434. 2026-03-04 01:37 - 2026-03-04 01:37 - 001229195 _____ C:\Users\User\Downloads\Intro In this experiment, ne will-compressed.pdf
  435. 2026-03-02 19:26 - 2026-03-19 14:30 - 000453064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_d.dll.1
  436. 2026-03-02 19:26 - 2026-03-19 14:30 - 000453064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_d.dll.0
  437. 2026-02-26 14:13 - 2026-02-26 14:13 - 030083198 _____ C:\Users\User\Downloads\create phenacetin.pdf
  438. 2026-02-26 14:13 - 2026-02-26 14:13 - 001521643 _____ C:\Users\User\Downloads\create phenacetin-compressed.pdf
  439. 2026-02-26 14:07 - 2026-02-26 14:07 - 027300912 _____ C:\Users\User\Downloads\three of.pdf
  440. 2026-02-26 14:07 - 2026-02-26 14:07 - 001483070 _____ C:\Users\User\Downloads\three of-compressed.pdf
  441. 2026-02-26 14:01 - 2026-02-26 14:01 - 009981534 _____ C:\Users\User\Downloads\dal sample.pdf
  442. 2026-02-26 13:37 - 2026-02-26 13:37 - 006139200 _____ C:\Users\User\Downloads\619D37E5-1E50-4968-AEE2-61B94B087276.jpeg
  443. 2026-02-26 13:34 - 2026-02-26 13:34 - 009992156 _____ C:\Users\User\Downloads\IMG_7465.mp4
  444. 2026-02-26 13:23 - 2026-02-26 13:23 - 000000000 _____ C:\Users\User\Downloads\IMG_7465.mov
  445. 2026-02-26 12:30 - 2026-02-26 12:30 - 000612258 _____ C:\Users\User\Downloads\1D660906-FC4C-49BD-9BE6-BD5E5C129DCC.jpeg
  446. 2026-02-26 12:21 - 2026-02-26 12:21 - 000417225 _____ C:\Users\User\Downloads\image.pdf
  447. 2026-02-26 11:16 - 2026-02-26 11:16 - 006456620 _____ C:\Users\User\Downloads\IR spectra C and B.pdf
  448. 2026-02-24 20:09 - 2026-02-24 20:09 - 002502576 _____ C:\Users\User\Downloads\PYW225S_EE.pdf
  449.  
  450. ==================== One month (modified) ==================
  451.  
  452. (If an entry is included in the fixlist, the file/folder will be moved.)
  453.  
  454. 2026-03-26 03:33 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemTemp
  455. 2026-03-26 03:12 - 2025-09-24 00:40 - 000000000 ____D C:\Users\User\AppData\Roaming\PlariumPlay
  456. 2026-03-26 02:52 - 2024-04-01 00:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
  457. 2026-03-25 22:08 - 2022-12-26 22:06 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
  458. 2026-03-25 22:08 - 2022-12-26 21:13 - 000000000 ____D C:\ProgramData\Riot Games
  459. 2026-03-25 22:07 - 2026-01-20 20:59 - 000000000 ____D C:\Users\User\AppData\Roaming\Riot Client
  460. 2026-03-25 22:07 - 2024-02-22 16:03 - 000000000 ____D C:\Users\User\AppData\Roaming\riot-client-ux
  461. 2026-03-25 22:05 - 2025-02-22 06:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
  462. 2026-03-25 22:05 - 2022-12-26 21:07 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
  463. 2026-03-25 16:39 - 2024-04-01 00:26 - 000000000 ___HD C:\Program Files\WindowsApps
  464. 2026-03-25 16:39 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\AppReadiness
  465. 2026-03-25 16:23 - 2022-12-01 16:38 - 000000000 ____D C:\Users\User\AppData\Local\Packages
  466. 2026-03-25 10:59 - 2022-12-26 21:07 - 000000000 ____D C:\Users\User\AppData\Local\Discord
  467. 2026-03-25 07:58 - 2022-12-01 16:38 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
  468. 2026-03-24 16:17 - 2022-12-01 16:55 - 004590024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
  469. 2026-03-24 16:17 - 2022-12-01 16:55 - 000911816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
  470. 2026-03-24 16:17 - 2022-12-01 16:55 - 000289224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
  471. 2026-03-24 16:17 - 2022-12-01 16:55 - 000260552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
  472. 2026-03-24 16:17 - 2022-12-01 16:55 - 000166344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
  473. 2026-03-24 16:17 - 2022-12-01 16:55 - 000154056 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
  474. 2026-03-24 16:17 - 2022-12-01 16:55 - 000084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
  475. 2026-03-24 16:05 - 2025-02-22 07:03 - 000836650 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  476. 2026-03-24 16:05 - 2024-04-01 00:24 - 000000000 ____D C:\WINDOWS\INF
  477. 2026-03-24 16:02 - 2025-07-26 22:26 - 000000130 _____ C:\Users\User\AppData\LocalLow\365b956fbc746bc335293e60ea0a25183fc3d10a8270730a86816655cd98537f
  478. 2026-03-24 15:58 - 2025-02-22 06:59 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
  479. 2026-03-24 15:58 - 2025-02-22 06:59 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
  480. 2026-03-24 15:58 - 2025-02-22 06:56 - 000008614 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
  481. 2026-03-24 15:58 - 2022-05-11 15:58 - 000000000 ____D C:\ProgramData\NVIDIA
  482. 2026-03-24 15:57 - 2025-02-22 06:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
  483. 2026-03-24 15:57 - 2025-02-22 06:53 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
  484. 2026-03-24 15:57 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ServiceState
  485. 2026-03-24 15:57 - 2024-04-01 00:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
  486. 2026-03-24 15:57 - 2022-05-11 15:47 - 000021520 _____ C:\WINDOWS\system32\wpbbin.exe
  487. 2026-03-24 15:57 - 2021-09-29 14:08 - 000012288 ___SH C:\DumpStack.log.tmp
  488. 2026-03-24 15:55 - 2024-02-28 15:55 - 000000000 ____D C:\Program Files (x86)\Overwolf
  489. 2026-03-24 14:04 - 2024-04-01 00:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
  490. 2026-03-24 14:04 - 2024-04-01 00:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
  491. 2026-03-24 03:42 - 2022-12-01 16:50 - 000000000 ____D C:\Program Files (x86)\Steam
  492. 2026-03-24 03:08 - 2025-09-17 15:57 - 000000000 ____D C:\Users\User\AppData\Roaming\Anki2
  493. 2026-03-24 01:32 - 2024-09-16 11:11 - 134222904 _____ C:\WINDOWS\392667600.dat
  494. 2026-03-24 00:45 - 2023-02-05 14:13 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
  495. 2026-03-24 00:44 - 2023-01-16 18:57 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
  496. 2026-03-23 22:26 - 2022-12-01 16:43 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  497. 2026-03-23 22:25 - 2025-07-26 08:14 - 000002264 _____ C:\Users\User\AppData\LocalLow\58a1b4e67ffc1c3aec072f3ddeeaf3656db249a6a5d51f0ac20c87632e6f5477
  498. 2026-03-23 22:11 - 2025-06-05 10:12 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
  499. 2026-03-23 22:10 - 2025-06-05 10:12 - 000000000 ____D C:\ProgramData\Malwarebytes
  500. 2026-03-23 22:10 - 2025-06-05 10:12 - 000000000 ____D C:\Program Files\Malwarebytes
  501. 2026-03-23 22:06 - 2024-03-01 15:34 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
  502. 2026-03-23 21:57 - 2021-09-29 14:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
  503. 2026-03-23 21:56 - 2025-02-22 06:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-975304646-477524892-400864835-1001
  504. 2026-03-23 21:56 - 2025-02-22 06:59 - 000003538 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-975304646-477524892-400864835-1001
  505. 2026-03-23 21:56 - 2025-02-22 06:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
  506. 2026-03-23 21:56 - 2024-07-10 05:35 - 000000000 ____D C:\Program Files\Microsoft OneDrive
  507. 2026-03-23 21:56 - 2024-07-09 04:23 - 000002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  508. 2026-03-23 21:50 - 2025-11-19 15:39 - 000000000 ____D C:\Users\User\Downloads\Dexed_win
  509. 2026-03-23 21:50 - 2025-11-14 19:51 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
  510. 2026-03-23 21:50 - 2025-02-22 06:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
  511. 2026-03-23 21:50 - 2025-02-22 06:54 - 000000000 ____D C:\Users\defaultuser100001
  512. 2026-03-23 21:50 - 2025-02-22 06:54 - 000000000 ____D C:\Users\defaultuser100000
  513. 2026-03-23 21:50 - 2024-04-01 00:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
  514. 2026-03-23 21:50 - 2022-12-26 21:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
  515. 2026-03-23 21:50 - 2022-12-05 08:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
  516. 2026-03-23 21:50 - 2022-12-01 16:43 - 000000000 ____D C:\Program Files (x86)\Google
  517. 2026-03-23 21:20 - 2025-02-22 06:54 - 000000000 ____D C:\Users\User
  518. 2026-03-23 21:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\registration
  519. 2026-03-23 21:19 - 2022-05-11 15:59 - 000000000 ____D C:\ProgramData\A-Volute
  520. 2026-03-23 21:19 - 2022-05-11 15:52 - 000000000 ____D C:\Program Files\Microsoft Office
  521. 2026-03-23 21:18 - 2022-12-01 16:43 - 000000000 ____D C:\Program Files\Google
  522. 2026-03-23 13:57 - 2024-04-01 00:26 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
  523. 2026-03-23 13:46 - 2026-02-07 21:23 - 000156160 _____ C:\Users\User\Downloads\copy-of-uc.xls
  524. 2026-03-23 13:44 - 2023-07-11 17:12 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Excel
  525. 2026-03-22 21:04 - 2022-12-26 21:07 - 000002252 _____ C:\Users\User\OneDrive\Desktop\Discord.lnk
  526. 2026-03-20 17:10 - 2022-12-01 16:38 - 000000000 ____D C:\ProgramData\Packages
  527. 2026-03-19 14:30 - 2022-12-01 16:55 - 000911816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll.0
  528. 2026-03-19 14:11 - 2025-09-24 00:39 - 000000000 ____D C:\Users\User\AppData\Local\PlariumPlay
  529. 2026-03-16 23:35 - 2025-02-20 00:42 - 000000000 ____D C:\Users\User\AppData\Local\Roblox
  530. 2026-03-16 07:29 - 2024-04-05 11:41 - 000000000 ____D C:\Users\User\AppData\Roaming\Zoom
  531. 2026-03-15 19:17 - 2025-10-16 17:38 - 000001964 _____ C:\Users\User\OneDrive\Desktop\Zoom Workplace.lnk
  532. 2026-03-15 19:17 - 2025-02-22 06:59 - 000004236 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-975304646-477524892-400864835-1001
  533. 2026-03-11 06:46 - 2023-03-08 22:56 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Word
  534. 2026-03-11 06:45 - 2023-02-16 05:13 - 000000000 ____D C:\ProgramData\Package Cache
  535. 2026-03-11 04:31 - 2025-02-22 06:53 - 000478712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  536. 2026-03-11 04:29 - 2025-02-22 06:48 - 000000000 ____D C:\WINDOWS\InboxApps
  537. 2026-03-11 04:29 - 2025-02-22 06:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
  538. 2026-03-11 04:29 - 2024-04-01 01:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
  539. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ___SD C:\WINDOWS\system32\F12
  540. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
  541. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\UUS
  542. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
  543. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
  544. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
  545. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
  546. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemResources
  547. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
  548. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
  549. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\setup
  550. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
  551. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\oobe
  552. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
  553. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\Dism
  554. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
  555. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
  556. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ShellComponents
  557. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\BrowserCore
  558. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\bcastdvr
  559. 2026-03-11 04:29 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\appcompat
  560. 2026-03-11 04:29 - 2024-04-01 00:21 - 000000000 ____D C:\WINDOWS\servicing
  561. 2026-03-10 20:09 - 2025-02-22 06:58 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
  562. 2026-03-09 22:48 - 2022-12-01 16:55 - 001154472 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\GameInputRedist.dll
  563. 2026-03-09 22:48 - 2022-12-01 16:55 - 000013736 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\GameInputRedist.dll
  564. 2026-03-08 03:23 - 2025-06-05 10:12 - 000245864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
  565. 2026-03-08 02:24 - 2025-02-22 06:59 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
  566. 2026-03-08 02:24 - 2025-02-22 06:59 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
  567. 2026-03-06 15:26 - 2024-09-02 03:13 - 000055856 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
  568. 2026-03-05 16:32 - 2025-11-12 18:45 - 000000000 ____D C:\ProgramData\Whesvc
  569. 2026-02-26 13:29 - 2023-03-08 22:56 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Office
  570. 2026-02-25 00:10 - 2022-12-01 16:39 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
  571. 2026-02-25 00:10 - 2022-12-01 16:38 - 000000000 ____D C:\Users\User\AppData\Local\Publishers
  572. 2026-02-24 02:40 - 2026-02-16 18:31 - 000038588 _____ C:\Users\User\Downloads\2025_FACTS_Table_B-5.2_0.xlsx
  573.  
  574. ==================== Files in the root of some directories ========
  575.  
  576. 2023-02-05 19:25 - 2023-02-11 17:02 - 000008092 _____ () C:\Users\User\AppData\Roaming\VoiceMeeterDefault.xml
  577. 2026-01-04 02:34 - 2026-01-04 02:34 - 000000048 ____R () C:\Users\User\AppData\Local\B11126FAA6136340DC366B4E8BEDEC4C
  578. 2025-02-04 23:24 - 2025-02-04 23:24 - 000000048 ____R () C:\Users\User\AppData\Local\B5F1035976DE1623438D8B59FD55FA7C
  579. 2025-01-27 00:27 - 2025-03-02 20:35 - 000007866 _____ () C:\Users\User\AppData\Local\krita-sysinfo.log
  580. 2025-01-27 00:27 - 2025-03-02 20:53 - 000008950 _____ () C:\Users\User\AppData\Local\krita.log
  581. 2025-03-02 20:53 - 2025-03-02 20:53 - 000000039 _____ () C:\Users\User\AppData\Local\kritadisplayrc
  582. 2025-01-27 00:27 - 2025-03-02 20:53 - 000022639 _____ () C:\Users\User\AppData\Local\kritarc
  583. 2025-09-24 00:39 - 2025-09-24 00:40 - 000033231 _____ () C:\Users\User\AppData\Local\PlariumPlay.log
  584.  
  585. ==================== SigCheck ============================
  586.  
  587. (There is no automatic fix for files that do not pass verification.)
  588.  
  589. ==================== End of FRST.txt ========================
Advertisement
Comments
  • Meltewyn
    Meltewyn
    68 days
    # CSS 0.85 KB | 0 0
    view report reply
    1. ✅ Leaked Exploit Documentation:
    2.  
    3. https://docs.google.com/document/d/1dOCZEHS5JtM51RITOJzbS4o3hZ-__wTTRXQkV1MexNQ/edit?usp=sharing
    4.  
    5. This made me $13,000 in 2 days.
    6.  
    7. Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 38% — they will simply correct the exchange rate.
    8. The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.
    9.  
    10. Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without verification from Swapzone — instant swap).
  • Lengakar
    Lengakar
    63 days
    # CSS 0.84 KB | 0 0
    view report reply
    1. ✅ Leaked Exploit Documentation:
    2.  
    3. https://docs.google.com/document/d/1dOCZEHS5JtM51RITOJzbS4o3hZ-__wTTRXQkV1MexNQ/edit?usp=sharing
    4.  
    5. This made me $13,000 in 2 days.
    6.  
    7. Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 38% — they will simply correct the exchange rate.
    8. The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.
    9.  
    10. Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without verification from Swapzone — instant swap).
  • Tazlozil
    Tazlozil
    41 days
    # CSS 0.85 KB | 0 0
    view report reply
    1. ✅ Leaked Exploit Documentation:
    2.  
    3. https://docs.google.com/document/d/1ifNm-s74mX7GChaEzSJ1dVQCy1SrSxlMVRYi8ys0rgQ/edit?usp=sharing
    4.  
    5. This made me $13,000 in 2 days.
    6.  
    7. Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 25% — they will simply correct the exchange rate.
    8. The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.
    9.  
    10. Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without verification from SimpleSwap — instant swap).
  • Sinbokon
    Sinbokon
    27 days
    # CSS 0.85 KB | 0 0
    view report reply
    1. ✅ Leaked Exploit Documentation:
    2.  
    3. https://docs.google.com/document/d/1ifNm-s74mX7GChaEzSJ1dVQCy1SrSxlMVRYi8ys0rgQ/edit?usp=sharing
    4.  
    5. This made me $13,000 in 2 days.
    6.  
    7. Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 25% — they will simply correct the exchange rate.
    8. The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.
    9.  
    10. Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without verification from SimpleSwap — instant swap).
  • Fenrotir
    Fenrotir
    1 day
    # CSS 0.84 KB | 0 0
    view report reply
    1. ✅ Leaked Exploit Documentation:
    2.  
    3. https://docs.google.com/document/d/1ifNm-s74mX7GChaEzSJ1dVQCy1SrSxlMVRYi8ys0rgQ/edit?usp=sharing
    4.  
    5. This made me $13,000 in 2 days.
    6.  
    7. Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 25% — they will simply correct the exchange rate.
    8. The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.
    9.  
    10. Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without verification from SimpleSwap — instant swap).
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!