Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
63 views21 pages

Addition

The document is a scan result from the Farbar Recovery Scan Tool, detailing the system configuration and installed programs on a Windows 11 machine. It lists user accounts, security center status, and a comprehensive list of installed applications, including their versions. The scan was conducted by the user 'avila' on April 10, 2025.

Uploaded by

avilash1234
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
63 views21 pages

Addition

The document is a scan result from the Farbar Recovery Scan Tool, detailing the system configuration and installed programs on a Windows 11 machine. It lists user accounts, security center status, and a comprehensive list of installed applications, including their versions. The scan was conducted by the user 'avila' on April 10, 2025.

Uploaded by

avilash1234
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 21

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025

Ran by avila (10-04-2025 02:31:14)


Running from C:\Users\avila\OneDrive\Desktop
Microsoft Windows 11 Home Single Language Version 24H2 26100.3775 (X64) (2025-01-18
21:31:18)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-457190890-3676118213-528105039-500 - Administrator -


Disabled)
avila (S-1-5-21-457190890-3676118213-528105039-1001 - Administrator - Enabled) =>
C:\Users\avila
DefaultAccount (S-1-5-21-457190890-3676118213-528105039-503 - Limited - Disabled)
Guest (S-1-5-21-457190890-3676118213-528105039-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-457190890-3676118213-528105039-504 - Limited -
Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}


AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)

As Dusk Falls (HKLM-x32\...\As Dusk Falls_is1) (Version: - )


Audacity 3.6.4 (HKLM\...\Audacity_is1) (Version: 3.6.4 - Audacity Team)
balenaEtcher 1.18.11 (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\
d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.18.11 - Balena Ltd.)
Burp Suite Community Edition 2024.2.1.3 (HKU\S-1-5-21-457190890-3676118213-
528105039-1001\...\9806-1938-4586-6531) (Version: 2024.2.1.3 - PortSwigger Web
Security)
Burp Suite Professional 2024.3.1.4 (HKU\S-1-5-21-457190890-3676118213-528105039-
1001\...\{3C74456C-FE96-4E99-92AD-8A32E8A347AC}}_is1) (Version: 2024.3.1.4 -
PortSwigger Web Security)
Chained Together (HKLM-x32\...\Chained Together_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.1.0.2197 - Disc Soft
Ltd)
Deadpool (HKLM-x32\...\Deadpool_is1) (Version: - )
Detroit: Become Human (HKLM-x32\...\Detroit: Become Human_is1) (Version: - )
Discord (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\Discord) (Version:
1.0.9170 - Discord Inc.)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 4.33.1 - Docker Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.437.0.5950 -
Electronic Arts) Hidden
EA app (HKLM-x32\...\{fb154366-3055-4d3a-908c-8bcfa9fdac9d}) (Version:
13.437.0.5950 - Electronic Arts)
Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Focusrite Audio Drivers 4.119.13.33 (HKLM\...\Focusrite Audio Drivers_is1)
(Version: 4.119.13.33 - Focusrite Audio Engineering, Ltd.)
Focusrite Control 3.18.0.204 (HKLM\...\Focusrite Control_is1) (Version: 3.18.0.204
- Focusrite Audio Engineering Ltd.)
FortiClient VPN (HKLM\...\{48C586C9-3199-4E5D-BFC3-88CD8EC35066}) (Version:
7.2.4.0972 - Fortinet Technologies Inc)
Genymotion version 3.7.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1)
(Version: 3.7.0 - Genymobile)
Ghost of Tsushima DC (HKLM-x32\...\Ghost of Tsushima DC_is1) (Version: - )
Git (HKLM\...\Git_is1) (Version: 2.45.1 - The Git Development Community)
Go Programming Language amd64 go1.23.1 (HKLM\...\{90B90396-EB7C-4A6A-8A94-
C619603AE670}) (Version: 1.23.1 - hxxps://go.dev)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.84 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Java 8 Update 441 (64-bit) (HKLM\...\{77724AE4-039E-4CA4-87B4-2F64180441F0})
(Version: 8.0.4410.7 - Oracle Corporation)
Java SE Development Kit 8 Update 441 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-
00B0D0180441}) (Version: 8.0.4410.7 - Oracle Corporation)
Malwarebytes version 5.2.10.182 (HKLM\...\{35065F43-4BB2-439A-BFF7-
0F1014F2E0CD}_is1) (Version: 5.2.10.182 - Malwarebytes)
Marvel's Spider-Man 2 (HKLM-x32\...\Marvel's Spider-Man 2_is1) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.54 - Microsoft
Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version:
134.0.3124.93 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-
us) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\
OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-
9D38-6AEFFBDE4C91}) (Version: 1.24.25503 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473})
(Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft
Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\
{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft
Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\
{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft
Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\
{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft
Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-
BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-
1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\
{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft
Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-
1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\
{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\
{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\
{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\
{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft
Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-
551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-
A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\
{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft
Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-
ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\
{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft
Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\
{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft
Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\
{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft
Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\
{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft
Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-
EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-
A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\
{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft
Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\
{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft
Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-457190890-3676118213-528105039-
1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.96.0 - Microsoft
Corporation)
Moonlight Game Streaming Client (HKLM\...\{60356DC5-ECA1-4F96-A8D5-A998149291B1})
(Version: 6.1.0.0 - Moonlight Game Streaming Project) Hidden
Moonlight Game Streaming Client (HKLM-x32\...\{F6890365-3483-4A91-A376-
EC0EDB8A1CAC}) (Version: 6.1.0.0 - Moonlight Game Streaming Project)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 132.0.1 (x64 en-US))
(Version: 132.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 124.0.1
- Mozilla)
Nipper (HKLM\...\{B90E76C0-5AF9-4691-947D-0FF8507B9F16}) (Version: 3.4.2 - Titania)
Nipper (HKLM-x32\...\NipperStudio) (Version: 2.13.4 - Titania)
Nmap 7.95 (HKLM-x32\...\Nmap) (Version: 7.95 - Nmap Project)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.79 - Nmap Project)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Graphics Driver 566.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.Driver) (Version: 566.03 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-
0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-
0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
OpenSSL 3.3.0 Light (64-bit) (HKLM\...\OpenSSL Light (64-bit)_is1) (Version: 3.3.0
- OpenSSL Win64 Installer Team)
Oracle VM VirtualBox 7.0.8 (HKLM\...\{2D9D28CD-84DE-4DC7-BAD2-CA5505324049})
(Version: 7.0.8 - Oracle and/or its affiliates)
Outer Wilds (HKLM-x32\...\Outer Wilds_is1) (Version: - )
Parallel Port Joystick (HKLM-x32\...\Parallel Port Joystick) (Version: - )
Parsec (HKLM-x32\...\Parsec) (Version: 150-96a - Parsec Cloud Inc.)
Parsec Virtual Display Driver (HKLM\...\ParsecVDD) (Version: 0.45.0.0 - Parsec
Cloud Inc.)
Postman x86_64 11.1.14 (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\
Postman) (Version: 11.1.14 - Postman)
Python 3.12.3 (64-bit) (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\
{5ee4d2b6-a5dc-4321-b6bd-3ebc98120a51}) (Version: 3.12.3150.0 - Python Software
Foundation)
Python 3.12.3 Core Interpreter (64-bit) (HKLM\...\{3519C7D0-70D4-46F5-A0A9-
3A115D73E2EC}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Development Libraries (64-bit) (HKLM\...\{8EB1F259-1326-4583-B383-
F5C3D7C93D7D}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Documentation (64-bit) (HKLM\...\{5C195EDE-CE8F-4C5C-A4B8-
B60913B9C2B9}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Executables (64-bit) (HKLM\...\{474E5879-A9D5-4DF5-9385-
ADF7E224CEC7}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 pip Bootstrap (64-bit) (HKLM\...\{837260D6-3959-452B-A557-
666302BEA663}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Standard Library (64-bit) (HKLM\...\{A1839EB2-3C30-4BCD-AACF-
04F6FF6C90CD}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Tcl/Tk Support (64-bit) (HKLM\...\{A2FC8FF0-021A-431C-826E-
E4B85D3F064F}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Test Suite (64-bit) (HKLM\...\{575FEF7A-71FE-437E-91B0-D3838C1026DA})
(Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{52ABF617-F7B4-40F9-8197-C7490DAA97A3}) (Version:
3.12.3150.0 - Python Software Foundation)
Spider-man Remastered (HKLM-x32\...\Spider-man Remastered_is1) (Version: - )
Spider-Man: Miles Morales (HKLM-x32\...\Spider-Man: Miles Morales_is1) (Version: -
)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Stanley Parable: Ultra Deluxe (HKLM-x32\...\The Stanley Parable: Ultra
Deluxe_is1) (Version: - )
The Walking Dead: TTDS (HKLM-x32\...\The Walking Dead: TTDS_is1) (Version: - )
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version:
3.13.0 - Unified Intents AB)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-
40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\utweb) (Version:
1.4.0 - BitTorrent Limited)
Windows 11 Installation Assistant (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-
00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{0B4830D0-7D09-4230-AACD-D5FD555FB76F}) (Version:
3.9.2402.14001 - Microsoft Corporation)
Windows Subsystem for Linux (HKLM\...\{57CD6412-C4AC-431F-8753-46A620EF3A4E})
(Version: 2.2.4.0 - Microsoft Corporation) Hidden
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WPS Office (12.2.0.18911) (HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\
Kingsoft Office) (Version: 12.2.0.18911 - Kingsoft Corp.)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-
resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} ->
C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-
09] (Microsoft Windows)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\
AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-01-12] (INTEL
CORP) [Startup Task]
HP Support Assistant -> C:\Program Files\WindowsApps\
AD2F1837.HPSupportAssistant_9.43.12.0_x64__v10z8vjag6ke6 [2025-04-01] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\
MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-12-19]
(Microsoft Corp.)
Microsoft Jenny (Natural) - English (United States) -> C:\Program Files\
WindowsApps\MicrosoftWindows.Voice.en-US.Jenny.1_1.0.8.0_x64__cw5n1h2txyewy [2024-
12-19] (Microsoft Windows)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\
NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-01-18] (NVIDIA
Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\
ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-04-04] ()
OMEN Audio Control -> C:\Program Files\WindowsApps\
AD2F1837.OMENAudioControl_1.38.277.0_x64__v10z8vjag6ke6 [2025-01-12] (HP Inc.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\
AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6 [2025-04-01] (HP Inc.)
[Startup Task]
PentestGPT -> C:\Program Files\WindowsApps\pentestgpt.ai-
BC3D5862_1.0.0.2_neutral__p4pkx00gcf7s2 [2025-04-05] (pentestgpt.ai)
Python 3.12 -> C:\Program Files\WindowsApps\
PythonSoftwareFoundation.Python.3.12_3.12.2544.0_x64__qbz5n2kfra8p0 [2025-02-06]
(Python Software Foundation)
Speech Pack - English (United States) -> C:\Program Files\WindowsApps\
MicrosoftWindows.Speech.en-US.1_1.0.23.0_x64__cw5n1h2txyewy [2025-03-31] (Microsoft
Windows)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\
SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0 [2025-03-28] (Spotify AB)
[Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\
MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe
[2025-01-21] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\
MicrosoftCorporationII.WinAppRuntime.Singleton_7000.435.154.0_x64__8wekyb3d8bbwe
[2025-03-29] (Microsoft Corp.)
Windows App Runtime DDLM 5001.119.156.0-x6 -> C:\Program Files\WindowsApps\
Microsoft.WinAppRuntime.DDLM.5001.119.156.0-x6_5001.119.156.0_x64__8wekyb3d8bbwe
[2024-12-19] (Microsoft Corporation)
Windows App Runtime DDLM 5001.119.156.0-x8 -> C:\Program Files\WindowsApps\
Microsoft.WinAppRuntime.DDLM.5001.119.156.0-x8_5001.119.156.0_x86__8wekyb3d8bbwe
[2024-12-19] (Microsoft Corporation)
Windows App Runtime DDLM 5001.214.1843.0-x6 -> C:\Program Files\WindowsApps\
Microsoft.WinAppRuntime.DDLM.5001.214.1843.0-x6_5001.214.1843.0_x64__8wekyb3d8bbwe
[2024-12-19] (Microsoft Corporation)
Windows App Runtime DDLM 5001.214.1843.0-x8 -> C:\Program Files\WindowsApps\
Microsoft.WinAppRuntime.DDLM.5001.214.1843.0-x8_5001.214.1843.0_x86__8wekyb3d8bbwe
[2024-12-19] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\
MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2024-04-03] (win.rar GmbH)
wpsappext1 -> C:\Users\avila\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6
[2024-11-16] (Kingsoft)
wpsappext2 -> C:\Users\avila\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6
[2024-11-16] (Kingsoft)
wpsappext3 -> C:\Users\avila\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6
[2024-11-16] (Kingsoft)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-457190890-3676118213-528105039-1001_Classes\CLSID\
{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\avila\AppData\
Local\Kingsoft\WPS Office\12.2.0.18911\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-457190890-3676118213-528105039-1001_Classes\CLSID\
{7C360CF9-D475-44FC-8163-AD6C95CF5F5D}\InprocServer32 -> C:\Users\avila\AppData\
Local\Kingsoft\WPS Office\12.2.0.18911\office6\kmso2pdfplugins64.dll => No File
CustomCLSID: HKU\S-1-5-21-457190890-3676118213-528105039-1001_Classes\CLSID\
{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\avila\AppData\
Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation ->
Python Software Foundation)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-
1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-12] (AVB
Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-
12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-12] (AVB
Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\
Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-04-09] (Malwarebytes
Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-
BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\
nvhm.inf_amd64_5c197d2d97068bef\nvshext.dll [2024-12-12] (NVIDIA Corporation ->
NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\
Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-04-09] (Malwarebytes
Inc. -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-457190890-3676118213-528105039-1001:
[ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\
avila\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\kwpsmenushellext64.dll
-> No File
ContextMenuHandlers4_S-1-5-21-457190890-3676118213-528105039-1001:
[ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\
avila\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\kwpsmenushellext64.dll
-> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\avila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burp


Suite Professional.lnk -> C:\Users\avila\AppData\Local\Programs\Burp Suite
Professional\Run-Burp.bat ()
==================== Loaded Modules (Whitelisted) =============

2025-04-09 03:04 - 2025-04-09 03:04 - 196495872 _____ () [File not signed] C:\
Program Files\Electronic Arts\EA Desktop\EA Desktop\libcef.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000473088 _____ () [File not signed] C:\
Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2025-04-09 03:04 - 2025-04-09 03:04 - 007472640 _____ () [File not signed] C:\
Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 004950528 _____ () [File not signed] C:\
Program Files\Electronic Arts\EA Desktop\EA Desktop\vk_swiftshader.dll
2025-04-10 02:11 - 2025-04-10 02:11 - 000191488 _____ (Dominick Baier;Brock Allen)
[File not signed] [File is in use] C:\Program Files\Malwarebytes\Anti-Malware\
IdentityModel.dll
2024-09-12 14:52 - 2024-09-12 14:52 - 000000000 ____L (Microsoft Corporation)
[symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\
AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\
AppVIsvSubsystems64.dll
2024-09-12 14:52 - 2024-09-12 14:52 - 000000000 ____L (Microsoft Corporation)
[symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll]
C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2024-10-08 03:14 - 2016-10-09 23:27 - 000556544 _____ (Soft Service Company) [File
not signed] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 001416192 _____ (The Chromium Authors) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\chrome_elf.dll
2024-10-08 03:14 - 2017-05-28 21:55 - 001846272 _____ (The OpenSSL Project,
hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\
libcryptoMD.dll
2024-10-08 03:14 - 2017-05-28 21:55 - 000382976 _____ (The OpenSSL Project,
hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\
libsslMD.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 002849280 _____ (The OpenSSL Project,
hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA
Desktop\EA Desktop\libcrypto-1_1-x64.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000685056 _____ (The OpenSSL Project,
hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA
Desktop\EA Desktop\libssl-1_1-x64.dll
2024-05-09 13:40 - 2024-04-11 09:30 - 006368256 _____ (The OpenSSL Project,
hxxps://www.openssl.org/) [File not signed] C:\WINDOWS\system32\libcrypto-3-x64.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000046592 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\
qgenericbearer.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000031744 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qgif.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000039936 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qicns.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000031232 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qico.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000415232 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qjpeg.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000025600 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qsvg.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000025088 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qtga.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000380416 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qtiff.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000023552 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qwbmp.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000532992 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\
qwebp.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 001455616 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\
qwindows.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000227328 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\
platform\qtlabsplatformplugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 006270976 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 006947328 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 001389568 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 003798528 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000440832 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000054784 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
Qt5QmlWorkerScript.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 004254720 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000171520 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
Qt5QuickControls2.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000222208 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
Qt5QuickShapes.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 001128960 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
Qt5QuickTemplates2.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000334848 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000133120 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
Qt5WebChannel.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000157184 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
Qt5WebSockets.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 005611520 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000463360 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000210432 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000056832 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000059392 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\
QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000018432 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\
qtquick2plugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000294400 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\
Controls.2\qtquickcontrols2plugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000106496 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\
qquicklayoutsplugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000017920 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\
qmlshapesplugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000325120 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\
Templates.2\qtquicktemplates2plugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000045568 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\
Window.2\windowplugin.dll
2025-04-09 03:04 - 2025-04-09 03:04 - 000135680 _____ (The Qt Company Ltd.) [File
not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\
qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\avila\OneDrive\Desktop\
FRST64.exe:MBAM.Zone.Identifier [225]
AlternateDataStreams: C:\Users\avila\Downloads\FRST64.exe:MBAM.Zone.Identifier
[225]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The
"AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\


Program Files\Java\jre1.8.0_441\bin\ssv.dll [2024-12-04] (Oracle America, Inc. ->
Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\
Program Files\Java\jre1.8.0_441\bin\jp2ssv.dll [2024-12-04] (Oracle America, Inc. -
> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\
Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\
HPNetworkCheckPluginx64.dll [2025-03-20] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-
2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\
Microsoft Office\Office16\OCHelper.dll [2025-04-04] (Microsoft Corporation ->
Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\
Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\
HPNetworkCheckPlugin.dll [2025-03-20] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-04] (Microsoft Corporation
-> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\
Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\
MSOSB.DLL [2025-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\
Microsoft Office\root\Office16\MSOSB.DLL [2025-04-04] (Microsoft Corporation ->
Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
[2025-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-04] (Microsoft Corporation
-> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
[2025-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\
Microsoft Office\root\Office16\MSOSB.DLL [2025-04-04] (Microsoft Corporation ->
Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\
Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
[2025-04-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 14:44 - 2025-04-09 21:50 - 000001060 _____ C:\WINDOWS\system32\drivers\


etc\hosts
192.168.29.222 host.docker.internal
192.168.29.222 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal

2024-05-24 10:31 - 2024-10-26 04:51 - 000000435 _____ C:\WINDOWS\system32\drivers\


etc\hosts.ics
172.18.32.1 Avilash.mshome.net # 2029 10 3 24 23 21 26 298

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\


Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\
Common Files\Oracle\Java\javapath;C:\Program Files (x86)\VMware\VMware Workstation\
bin\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\
System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\
NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\
Common;C:\Users\avila\AppData\Local\Packages\
PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\
Python312\Scripts;C:\Program Files\Git\cmd;%JAVA_HOME%\bin;C:\Users\avila\
Downloads\dirsearch-master\dirsearch-master;C:\Users\avila\Downloads\sqlmap-master\
sqlmap-master;C:\Program Files\Go\bin;C:\Program Files\Docker\Docker\resources\bin
HKU\S-1-5-21-457190890-3676118213-528105039-1001\Control Panel\Desktop\\Wallpaper -
> C:\Users\avila\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\
LocalCache\Microsoft\IrisService\13331797427570940359\133886702941819055.jpg
DNS Servers: 192.168.29.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) ->
bthpan.sys
VMware Network Adapter VMnet1: VMware Virtual Ethernet Adapter for VMnet1 ->
vmnetadapter.sys
Ethernet 4: Fortinet Virtual Ethernet Adapter (NDIS 6.30) -> ftvnic.sys
Ethernet 6: VirtualBox Host-Only Ethernet Adapter #3 -> VBoxNetAdp6.sys
Ethernet 5: VirtualBox Host-Only Ethernet Adapter #2 -> VBoxNetAdp6.sys
Ethernet 2: VirtualBox Host-Only Ethernet Adapter -> VBoxNetAdp6.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt68cx21x64.sys
Ethernet 3: Fortinet SSL VPN Virtual Ethernet Adapter -> ftsvnic.sys
VMware Network Adapter VMnet8: VMware Virtual Ethernet Adapter for VMnet8 ->
vmnetadapter.sys
WiFi: Intel(R) Wi-Fi 6E AX211 160MHz -> Netwtw12.sys

nt_rtf64: Realtek LightWeight Filter (NDIS6.40)


vmware_bridge: VMware Bridge Protocol
vms_vsf: Hyper-V Virtual Switch Extension Filter
oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
INSECURE_NPCAP: Npcap Packet Driver (NPCAP)
INSECURE_NPCAP_WIFI: Npcap Packet Driver (NPCAP) (Wi-Fi)
ft_fortifilter: FortiClient NDIS 6.3 Packet Filter Driver
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"


HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\StartupFolder:
=> "Send to OneNote.lnk"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"MicrosoftEdgeAutoLaunch_ACA1EA67983F9A78C73C9F155F66CEA9"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"Steam"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"Discord"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"Docker Desktop"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"utweb"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"DAEMON Tools Lite Automount"
HKU\S-1-5-21-457190890-3676118213-528105039-1001\...\StartupApproved\Run: =>
"Parsec.App.0"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

FirewallRules: [{AF2834D7-7B5B-49A6-BA09-E581FC7CB932}] => (Allow) C:\Program


Files\Focusrite\Focusrite Control\Server\ControlServer.exe () [File not signed]
FirewallRules: [{00E03941-83AC-4F0D-B02A-650D6BCF1DAA}] => (Allow) C:\Program
Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [UDP Query User{AA362482-4D71-434F-8643-309B6E216068}C:\program
files (x86)\steam\steamapps\common\ea sports fc 25\fc25.exe] => (Allow) C:\program
files (x86)\steam\steamapps\common\ea sports fc 25\fc25.exe (Electronic Arts, Inc.
-> Electronic Arts)
FirewallRules: [TCP Query User{39E1BA0E-F061-4D07-AF04-3A382CFFF1D0}C:\program
files (x86)\steam\steamapps\common\ea sports fc 25\fc25.exe] => (Allow) C:\program
files (x86)\steam\steamapps\common\ea sports fc 25\fc25.exe (Electronic Arts, Inc.
-> Electronic Arts)
FirewallRules: [{B11E93C7-AF85-44FA-9C67-470F23170F1A}] => (Allow) C:\Program
Files\WindowsApps\MSTeams_24277.3507.3205.5228_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EBEA03BE-6106-4548-85A7-40865B85BAA8}] => (Allow) C:\Program
Files\WindowsApps\MSTeams_24277.3507.3205.5228_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31502D16-1012-4012-BD83-C295FD06C1FB}] => (Allow) C:\Program
Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation ->
Microsoft Corporation)
FirewallRules: [{EBD34B6F-7811-4057-9995-11B3783C3E95}] => (Allow) C:\Program Files
(x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents
AB)
FirewallRules: [{E3DE48EB-8AF2-43F5-BE46-BB243DE1F111}] => (Allow) C:\Program Files
(x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents
AB)
FirewallRules: [{B14E8052-96D9-4F09-A245-1F3C82621237}] => (Allow) C:\Program
Files\Moonlight Game Streaming\Moonlight.exe (Cameron Gutman -> Moonlight Game
Streaming Project)
FirewallRules: [UDP Query User{8D769B14-606C-422A-87C9-FC0D90AAD388}C:\program
files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Nmap
Software LLC -> Insecure.Org)
FirewallRules: [TCP Query User{B1F3A946-6DA0-4A72-93CB-0454B34D0B28}C:\program
files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Nmap
Software LLC -> Insecure.Org)
FirewallRules: [{1EA2822E-3F59-4CD1-9826-A73CD3AF8298}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\With You\With You.exe () [File not signed]
FirewallRules: [{B1AB2E33-EE93-4BE0-AA0A-B54A79FD3645}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\With You\With You.exe () [File not signed]
FirewallRules: [{2FF074CB-F769-4C2A-B291-A90264C3DF06}] => (Allow) C:\Users\avila\
AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{2C09B5DF-65F8-4E7E-A520-C0A600FE65BA}] => (Allow) C:\Users\avila\
AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{DFCC22B8-3EF9-46D7-B5A6-CAAECE674AB6}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\Caesar 4\SierraLauncher.exe (Vivendi Universal Games)
[File not signed]
FirewallRules: [{E5E80B28-CBBC-4A2B-AABD-1DDC2609082F}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\Caesar 4\SierraLauncher.exe (Vivendi Universal Games)
[File not signed]
FirewallRules: [{C0895DEE-0F1F-4066-B18C-8CE3DC98F36B}] => (Allow) C:\Program
Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft
FZE LLC)
FirewallRules: [{F62B27A0-3D8C-4BFF-98EE-06EB77077706}] => (Allow) C:\Program
Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft
FZE LLC)
FirewallRules: [{A157ACA6-666E-4B5E-99F9-09DB84A0F389}] => (Allow) C:\Program
Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA
Corporation)
FirewallRules: [{48BBBEDC-0B2A-4595-85FF-833A78D30EA7}] => (Allow) C:\Program
Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA
Corporation)
FirewallRules: [{E869FD61-F267-4E8A-959B-DC9A5C8C2C9D}] => (Allow) C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA
Corporation)
FirewallRules: [{0E4FD47F-0304-4623-9A8C-A798FE50A76F}] => (Allow) C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA
Corporation)
FirewallRules: [UDP Query User{5565E59A-6243-4C62-BABA-28B65D7E21C9}C:\program
files\windowsapps\
pythonsoftwarefoundation.python.3.12_3.12.1264.0_x64__qbz5n2kfra8p0\python3.12.exe]
=> (Allow) C:\program files\windowsapps\
pythonsoftwarefoundation.python.3.12_3.12.1264.0_x64__qbz5n2kfra8p0\python3.12.exe
=> No File
FirewallRules: [TCP Query User{95444F8A-82CF-4534-8791-0790C78C094B}C:\program
files\windowsapps\
pythonsoftwarefoundation.python.3.12_3.12.1264.0_x64__qbz5n2kfra8p0\python3.12.exe]
=> (Allow) C:\program files\windowsapps\
pythonsoftwarefoundation.python.3.12_3.12.1264.0_x64__qbz5n2kfra8p0\python3.12.exe
=> No File
FirewallRules: [UDP Query User{ED197916-13E2-4761-A302-B2EC903E340B}C:\program
files\genymobile\genymotion\qemu\x86_64\qemu-system-x86_64.exe] => (Allow) C:\
program files\genymobile\genymotion\qemu\x86_64\qemu-system-x86_64.exe
(hxxps://www.qemu.org) [File not signed]
FirewallRules: [TCP Query User{AC9BFFDA-F5BF-43A3-9040-91CB4A35E374}C:\program
files\genymobile\genymotion\qemu\x86_64\qemu-system-x86_64.exe] => (Allow) C:\
program files\genymobile\genymotion\qemu\x86_64\qemu-system-x86_64.exe
(hxxps://www.qemu.org) [File not signed]
FirewallRules: [UDP Query User{CBC9EA1A-7A99-47BB-B4D2-8FDD0DE4E0EC}C:\program
files\genymobile\genymotion\player.exe] => (Allow) C:\program files\genymobile\
genymotion\player.exe () [File not signed]
FirewallRules: [TCP Query User{0AC365AF-825D-46D9-81DF-57FB34C6CE62}C:\program
files\genymobile\genymotion\player.exe] => (Allow) C:\program files\genymobile\
genymotion\player.exe () [File not signed]
FirewallRules: [UDP Query User{CA990DAE-031C-4D77-A81E-C0D78E9232C8}C:\users\avila\
appdata\local\postman\app-11.1.14\postman.exe] => (Allow) C:\users\avila\appdata\
local\postman\app-11.1.14\postman.exe (Postman, Inc. -> Postman)
FirewallRules: [TCP Query User{8ED83E91-E07A-4C7A-A51D-F881FA44DBC7}C:\users\avila\
appdata\local\postman\app-11.1.14\postman.exe] => (Allow) C:\users\avila\appdata\
local\postman\app-11.1.14\postman.exe (Postman, Inc. -> Postman)
FirewallRules: [UDP Query User{B6A99CAD-5B55-4833-8416-88962C8FF43D}C:\users\avila\
appdata\local\programs\burp suite professional\jdk\bin\javaw.exe] => (Allow) C:\
users\avila\appdata\local\programs\burp suite professional\jdk\bin\javaw.exe
FirewallRules: [TCP Query User{8F4CC4F9-1061-44E0-92F8-3CD7B5C40ED7}C:\users\avila\
appdata\local\programs\burp suite professional\jdk\bin\javaw.exe] => (Allow) C:\
users\avila\appdata\local\programs\burp suite professional\jdk\bin\javaw.exe
FirewallRules: [{CF3EE5F1-2C6E-4D00-BB73-676259E6DC7B}] => (Allow) C:\Program
Files\Fortinet\FortiClient\FortiClient.exe (Fortinet Technologies (Canada) ULC ->
Fortinet Inc.)
FirewallRules: [{23022788-DF00-4FD5-958A-339B0655E539}] => (Allow) C:\Users\avila\
AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{84FF6ABB-1267-4D99-A023-56BBDE868D3D}] => (Allow) C:\Users\avila\
AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{4C094958-270A-48E8-B6B5-0A06EA515F04}] => (Allow) C:\Program Files
(x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{CC07687F-AB39-4EF5-9C4A-5F696F6497EB}] => (Allow) C:\Program Files
(x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [UDP Query User{884F6546-1E7A-471D-A572-47F8CAAC1C51}C:\users\avila\
appdata\local\programs\burpsuitecommunity\burpsuitecommunity.exe] => (Allow) C:\
users\avila\appdata\local\programs\burpsuitecommunity\burpsuitecommunity.exe
(PortSwigger Ltd -> PortSwigger Web Security)
FirewallRules: [TCP Query User{16321261-DA78-49DD-BA75-FE737AF7C513}C:\users\avila\
appdata\local\programs\burpsuitecommunity\burpsuitecommunity.exe] => (Allow) C:\
users\avila\appdata\local\programs\burpsuitecommunity\burpsuitecommunity.exe
(PortSwigger Ltd -> PortSwigger Web Security)
FirewallRules: [{55108CD3-BFCF-4966-B511-9233451C1D0A}] => (Allow) C:\Program
Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{220A90EF-4622-424D-B9D0-722D05BACF10}] => (Allow) C:\Program
Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{03096FE5-DA39-4FDB-9402-2548D99015BB}] => (Allow) C:\Program Files
(x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve
Corporation)
FirewallRules: [{3DB517D1-5E15-45B8-9BC5-BA1D7454CD10}] => (Allow) C:\Program Files
(x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve
Corporation)
FirewallRules: [{9389FA4C-DC84-4768-9284-99F39A2763C9}] => (Allow) C:\Program Files
(x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D32BF6F6-F3A5-4A86-94FF-317D88B3411A}] => (Allow) C:\Program Files
(x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{9DB8E524-C49B-442D-8887-78694765CE3C}C:\program
files\ea games\ea sports fc 24\fc24.exe] => (Allow) C:\program files\ea games\ea
sports fc 24\fc24.exe => No File
FirewallRules: [TCP Query User{4EA00E29-AA79-4D60-A85B-8BFCD779C9E3}C:\program
files\ea games\ea sports fc 24\fc24.exe] => (Allow) C:\program files\ea games\ea
sports fc 24\fc24.exe => No File
FirewallRules: [{63563079-152C-4344-BDB7-3269CCB9AF5F}] => (Allow) C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA
Corporation)
FirewallRules: [{BEF85814-4E8D-4AB6-B127-479981EA1C2F}] => (Allow) C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA
Corporation)
FirewallRules: [{5BBA5565-5897-42FE-A29F-A875005972DB}] => (Allow) C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\134.0.3124.93\msedgewebview2.exe (Microsoft
Corporation -> Microsoft Corporation)
FirewallRules: [{CB9A006E-A0B6-4ED6-8158-A2031F2740FE}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9CD10E77-ADCC-4D37-93D2-51D8F6261673}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C2821B0E-456A-4A4A-A559-24688CBAE3F2}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6640C59E-2CE1-4EA5-93D0-4012B5DF72C0}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A08063A-1A77-49A8-B784-C94E689150C7}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{85458F1F-FB4C-41A9-A381-EADFFC9E1531}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3050ADAB-3FF5-4AF7-9ACA-D17F52FCDE5A}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D61AE726-B2C8-426B-A3E6-3BE1856B4FAD}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{31BCF874-5338-41DE-BC64-A57CC7667AA6}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D21479E-4115-47F1-8F17-07F3CEB3A2F0}] => (Allow) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8294107B-9B52-40F2-8766-18D2C069C46A}] => (Allow) C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\
Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{73148BC8-A766-4FC4-91F1-090053F7B6F4}] => (Allow) C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\
Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{319292D0-F8D2-4919-8054-E758F3B33ED3}] => (Allow) C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\
Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7746E204-36CA-478F-A3B2-06544EE3F39E}] => (Allow) C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\
Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4CB9CA9F-8DE0-408E-B7B4-4541F3D19C0A}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{B70ECD3C-F3F1-41C4-8723-913D0D5466EE}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{F2D9D7A4-2347-4B34-8FC7-8210AE76ECCE}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{8016EFF8-A745-4051-BCC2-BE80A85DF58D}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{D55ED61A-D719-4D53-A3B4-4BDE2D337201}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{38DBE10E-B777-4E41-B104-6982A239F5EF}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{82C50C91-1FEC-43EB-ABC9-9C516847909C}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{C7741C48-268B-4A35-9161-67DD7FB617E5}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{17C64A24-3CE2-4C93-831C-8C0FC4B428B5}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{C3131DF9-5AE1-4996-AD87-9A4483005A0E}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{679DF30E-7DFD-4134-B381-C68B347CBE0B}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{792D4297-0DAE-4F2A-8A07-45D7CA581DCE}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{6529AC8E-6D9D-4F29-9BAC-CF84ECBEEF29}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{8255FDC6-BE8B-4F85-BBFE-C9D90903A946}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{96D1A66A-BD16-4CC7-9E1A-2AEC21CDBDAF}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [{269CE048-C49A-4222-988D-FFF79FE4CB55}] => (Allow) C:\Program
Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2503.5.0_x64__v10z8vjag6ke6\
OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-
3187C9C86E26 -> HP Inc.)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\
spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\
spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\
spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BD5FFDBC-D21D-4611-A476-58B079F9323B}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
FirewallRules: [{4F9A6B2B-F15C-4AB3-B44C-9D3C7D8F5E6B}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
FirewallRules: [{ED124A26-9272-47A8-9ECC-AB4B6157F831}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\Cell to Singularity\CellToSingularity.exe () [File not
signed]
FirewallRules: [{6C1BD2AB-A3FB-4162-9B6C-91495543F2A4}] => (Allow) C:\Program Files
(x86)\Steam\steamapps\common\Cell to Singularity\CellToSingularity.exe () [File not
signed]
FirewallRules: [{1938FBE2-F0B1-424E-90F9-D2255A7C7D45}] => (Allow) C:\Program
Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AB88E153-CA95-45C1-8CCD-DA01F90CA660}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic
Arts, Inc. -> Electronic Arts)
FirewallRules: [{1B31A8F3-CCE2-4E7C-82C3-6872957A8C57}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic
Arts, Inc. -> Electronic Arts)
FirewallRules: [{60F24706-AD29-439E-AF75-07C2A70AB15C}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic
Arts, Inc. -> Electronic Arts)
FirewallRules: [{EDF825F9-C111-4D49-BCC2-8CA7CA2D5002}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic
Arts, Inc. -> Electronic Arts)
FirewallRules: [{5ED0D189-FAB9-447B-85CE-C3BB3539F9AD}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. ->
Electronic Arts)
FirewallRules: [{869AA919-9A07-439E-8D1E-7038BB3AF901}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. ->
Electronic Arts)
FirewallRules: [{BBC234A3-4B2E-46F4-A8EF-800B8428F4B9}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. ->
Electronic Arts)
FirewallRules: [{41742BFD-AC32-45E4-9B3D-411329D7A67E}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. ->
Electronic Arts)
FirewallRules: [{B5DF651D-AD7A-40A6-9C62-347A757E56E9}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts,
Inc. -> Electronic Arts)
FirewallRules: [{C07A3B43-3752-4CDF-A305-562A62AB16BB}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts,
Inc. -> Electronic Arts)
FirewallRules: [{96AD0D45-CFB1-495E-8A71-7C09DF0EB106}] => (Allow) C:\Program
Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts,
Inc. -> Electronic Arts)

==================== Restore Points =========================

09-04-2025 03:55:23 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/10/2025 02:06:07 AM) (Source: Application Hang) (EventID: 1002) (User:
NT AUTHORITY)
Description: The program explorer.exe version 10.0.26100.3624 stopped interacting
with Windows and was closed. To see if more information about the problem is
available, check the problem history in the Security and Maintenance control panel.

Error: (04/09/2025 10:18:47 PM) (Source: Application Error) (EventID: 1000) (User:
AVILASH)
Description: Faulting application name: PhoneExperienceHost.exe, version:
1.25022.70.0, time stamp: 0x67ab0000
Faulting module name: KERNELBASE.dll, version: 10.0.26100.3775, time stamp:
0x6e2fc3bb
Exception code: 0xe0434352
Fault offset: 0x00000000000c933a
Faulting process id: 0x3f54
Faulting application start time: 0x1dba96f3ed7b04d
Faulting application path: C:\Program Files\WindowsApps\
Microsoft.YourPhone_1.25022.70.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: cdef75a1-1195-4401-840b-e4e9dfe73c61
Faulting package full name:
Faulting package-relative application ID:

Error: (04/09/2025 10:18:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PhoneExperienceHost.exe
CoreCLR Version: 9.0.325.11113
.NET Version: 9.0.3
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException (0x80040154): Class not
registered (0x80040154 (REGDB_E_CLASSNOTREG))
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32 errorCode)
at WinRT.ActivationFactory.Get(String typeName, Guid iid)
at
Microsoft.Windows.AppLifecycle.AppInstance.get__objRef_global__Microsoft_Windows_Ap
pLifecycle_IAppInstanceStatics()
at Microsoft.Windows.AppLifecycle.AppInstance.GetCurrent()
at YourPhone.Program.Main(String[] args)

Error: (04/09/2025 09:50:17 PM) (Source: CertEnroll) (EventID: 86) (User: NT


AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\AVILASH$ via
https://INTC-KeyId-
134d03d6581dabea3bf82eb2e34bf98192826962.microsoftaik.azure.net/templates/Aik/scep
failed:

GetCACaps

Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007
ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/09/2025 09:50:17 PM) (Source: CertEnroll) (EventID: 86) (User: NT


AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\AVILASH$ via
https://INTC-KeyId-
134d03d6581dabea3bf82eb2e34bf98192826962.microsoftaik.azure.net/templates/Aik/scep
failed:

GetCACaps

Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007
ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/09/2025 09:47:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT


AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\AVILASH$ via
https://INTC-KeyId-
134d03d6581dabea3bf82eb2e34bf98192826962.microsoftaik.azure.net/templates/Aik/scep
failed:

GetCACaps

Method: GET(0ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007
ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/09/2025 04:39:11 PM) (Source: Application Error) (EventID: 1000) (User:
AVILASH)
Description: Faulting application name: PhoneExperienceHost.exe, version:
1.25022.70.0, time stamp: 0x67ab0000
Faulting module name: KERNELBASE.dll, version: 10.0.26100.3624, time stamp:
0x1dd3fafe
Exception code: 0xe0434352
Fault offset: 0x00000000000c933a
Faulting process id: 0x5bd8
Faulting application start time: 0x1dba93fcf123218
Faulting application path: C:\Program Files\WindowsApps\
Microsoft.YourPhone_1.25022.70.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 3e264e8c-b0d4-40c5-9400-0272b62840ee
Faulting package full name:
Faulting package-relative application ID:

Error: (04/09/2025 04:39:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PhoneExperienceHost.exe
CoreCLR Version: 9.0.325.11113
.NET Version: 9.0.3
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException (0x80040154): Class not
registered (0x80040154 (REGDB_E_CLASSNOTREG))
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32 errorCode)
at WinRT.ActivationFactory.Get(String typeName, Guid iid)
at
Microsoft.Windows.AppLifecycle.AppInstance.get__objRef_global__Microsoft_Windows_Ap
pLifecycle_IAppInstanceStatics()
at Microsoft.Windows.AppLifecycle.AppInstance.GetCurrent()
at YourPhone.Program.Main(String[] args)

System errors:
=============
Error: (04/10/2025 01:41:11 AM) (Source: Microsoft-Windows-HAL) (EventID: 21)
(User: NT AUTHORITY)
Description: The hardware real-time clock was not set because evaluation of the
ACPI Time and Alarm Device method failed. Status: 3221225473.

Error: (04/10/2025 01:41:09 AM) (Source: Microsoft-Windows-HAL) (EventID: 21)


(User: NT AUTHORITY)
Description: The hardware real-time clock was not set because evaluation of the
ACPI Time and Alarm Device method failed. Status: 3221225473.

Error: (04/09/2025 11:53:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient)


(EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update
with error (0x80073d02 = The package could not be installed because resources it
modifies are currently in use.): 9MSSGKG348SP-
MicrosoftWindows.Client.WebExperience.

Error: (04/09/2025 10:18:58 PM) (Source: Service Control Manager) (EventID: 7031)
(User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 0
milliseconds: Restart the service.

Error: (04/09/2025 10:17:11 PM) (Source: Microsoft-Windows-


DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.

Error: (04/09/2025 10:17:11 PM) (Source: Microsoft-Windows-


DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.

Error: (04/09/2025 10:17:04 PM) (Source: Service Control Manager) (EventID: 7031)
(User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 0
milliseconds: Restart the service.

Error: (04/09/2025 09:50:07 PM) (Source: Service Control Manager) (EventID: 7000)
(User: )
Description: The l1vhlwf service failed to start due to the following error:
A hypervisor feature is not available to the user.

Windows Defender:
================
Date: 2025-04-09 19:14:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-08 18:14:35


Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-08 03:09:56


Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack!
MTB&threatid=2147745913&enterprise=0
Name: HackTool:Win32/Crack!MTB
Severity: High
Category: Tool
Path: file:_C:\Users\avila\Downloads\Marvel's Spider-Man 2 [FitGirl Repack]\
setup.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\avila\AppData\Roaming\uTorrent Web\utweb.exe
Security intelligence Version: AV: 1.427.110.0, AS: 1.427.110.0, NIS: 1.427.110.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1#

Date: 2025-04-07 19:14:48


Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-07 13:10:21


Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2025-04-10 02:17:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\
SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\
Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level
requirements.#

Date: 2025-04-10 02:13:31


Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\
Microsoft\Windows Defender\Platform\4.18.25020.1009-0\MpCmdRun.exe) attempted to
load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll
that did not meet the Microsoft signing level requirements.#

Date: 2025-04-09 22:17:37


Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\
Microsoft\Windows Defender\Platform\4.18.25020.1009-0\MsMpEng.exe) attempted to
load \Device\HarddiskVolume3\Windows\System32\ControlLib.dll that did not meet the
Custom 3 / Antimalware signing level requirements.#

==================== Memory info ===========================

BIOS: AMI F.20 08/12/2024


Motherboard: HP 8A13
Processor: 12th Gen Intel(R) Core(TM) i7-12700H
Percentage of memory in use: 61%
Total physical RAM: 16051.26 MB
Available physical RAM: 6254.77 MB
Total Virtual: 25779.26 MB
Available Virtual: 12946.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:776.15 GB) (Free:58.05 GB) (Model: MTFDKBA1T0TFH-


1BC1AABHA) (Protected) NTFS

\\?\Volume{86513bfd-a0d5-449d-8f26-05e43ba39e9e}\ () (Fixed) (Total:0.96 GB)


(Free:0.21 GB) NTFS
\\?\Volume{47b6dbaf-ab22-49be-84af-b2b2e9b3c3ea}\ (SYSTEM) (Fixed) (Total:0.25 GB)
(Free:0.15 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: A09C86C4)

Partition: GPT.

==================== End of Addition.txt =======================

You might also like