Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025 Ran by jptay (administrator) on LAPTOP-9T21MAJ5 (HP HP Envy Laptop 17-da0xxx) (02-12-2025 00:02:45) Running from C:\Users\jptay\Downloads\FRST64.exe Loaded Profiles: jptay Platform: Microsoft Windows 11 Home Version 25H2 26200.7309 (X64) Language: English (United States) Default browser not detected! Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files\Fortect\MainService.exe ->) (Fortect LTD -> Fortect LTD) C:\Program Files\Fortect\MainProtection.exe (C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_3.2.12.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_3.2.12.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe (DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\BridgeCommunication.exe <2> (DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_helper.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_3.2.12.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP.SystemControl.Background) C:\Program Files\WindowsApps\AD2F1837.myHP_50.52547.11766.0_x64__v10z8vjag6ke6\win32\HP.SystemControl.Background.exe (ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (explorer.exe ->) (Microsoft Corporation -> MSPCManager) C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.18.11.0_x64__8wekyb3d8bbwe\PCManager\MSPCManager.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (Microsoft Corporation -> MSPCManagerCore) C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.18.11.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerCore.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Fortect\elam_ppl\AMSProtectedService.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe (services.exe ->) (Fortect LTD -> Fortect Ltd.) C:\Program Files\Fortect\bin\MainDaemon.exe (services.exe ->) (Fortect LTD -> Fortect LTD.) C:\Program Files\Fortect\MainNetShield.exe (services.exe ->) (Fortect LTD -> Fortect LTD.) C:\Program Files\Fortect\MainService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\SysInfoCap.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_65fc0c89346bb33d\ipfsvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_91b5ed43a9896c4a\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_58a0ea2de06916f7\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_b99e1bea22403d27\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\ishheci.inf_amd64_5ad11db0f614ef30\OffloadItemService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.206.1021.0003\FileSyncHelper.exe (services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.18.11.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a8f664dcf82344f8\RtkAudUService64.exe <3> (sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\appup.intelgraphicsexperience_1.100.5688.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpenhance_1.4.4.0_x64__v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.Launcher.exe (sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\CrossDeviceResume.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\appup.intelgraphicsexperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.206.1021.0003\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.11061.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.11061.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a8f664dcf82344f8\RtkAudUService64.exe [2996672 2025-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Fortect] => C:\Program Files\Fortect\bin\FortectTray.exe [3450936 2025-09-28] (Fortect LTD -> Fortect Ltd.) HKU\S-1-5-21-2571265167-332436018-2390457406-1001\...\Run: [HPSEU_Host_Launcher] => C:\Program Files\HP\HP System Event Utility\Host Launcher\HpseuHostLauncher.exe [545864 2025-11-09] (HP Inc. -> HP Inc.) HKU\S-1-5-21-2571265167-332436018-2390457406-1001\...\Run: [MicrosoftEdgeAutoLaunch_E3EC2922EE02157A7F703D4F8C455BD3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253736 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2571265167-332436018-2390457406-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41613784 2025-11-17] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2571265167-332436018-2390457406-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4736872 2025-11-22] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2571265167-332436018-2390457406-1001\...\Run: [GoogleUpdaterTaskUser143.0.7482.6] => C:\Users\jptay\AppData\Local\Google\GoogleUpdater\143.0.7482.6\updater.exe [6933656 2025-11-26] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> "C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe" --first-run ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {B6AE190A-551A-4CA2-97C5-7DD36FEB2610} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-25] (Adobe Inc. -> Adobe Inc.) Task: {FB3725A2-712D-4EA8-87F2-677E83D51A0D} - System32\Tasks\GoogleUser\GoogleUpdater\GoogleUpdaterTaskUser143.0.7482.6{1B6C2A62-E0BE-4962-B61B-18821FDF692E} => C:\Users\jptay\AppData\Local\Google\GoogleUpdater\143.0.7482.6\updater.exe [6933656 2025-11-26] (Google LLC -> Google LLC) Task: {3461308C-352D-4F3F-B578-291B3CFE65A0} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO Task: {826AEAB3-47BC-4B27-947E-0E9F9B9A6B6E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError Task: {E4ED07C6-1117-46B1-8DFA-F911B09617FA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest Task: {47325F3A-689E-4370-BED8-6871E5A51BA5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF Task: {9A78B8A8-8459-4B32-B61B-0FE378B25CF1} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1 Task: {78660091-0BC0-4F4C-80AB-60A7AD1A880C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2 Task: {ED5E8EE9-A06D-48D1-AC53-6056162C79C2} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI Task: {D9ED6360-B2B9-416E-B102-10E2DDC0C067} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags: Task: {2E99B2B3-21B1-4D77-9BBB-30910BD0C843} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError Task: {2F67A743-D152-48DB-A202-A2F39FEDFAB5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\WINDOWS\system32\cmd.exe [339968 2025-12-02] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckTest Task: {9EE3DA14-359D-4192-A814-873BF5FECAC0} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [253952 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest" Task: {E56C6691-494D-44F1-BF17-DA2E36B95A7E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-FastSystemTests => c:\Windows\System32\schtasks.exe [253952 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\FastSystemTests" Task: {F702FCFD-3700-42CD-B05B-C1AB34735A44} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-SmartCheckTest => c:\Windows\System32\schtasks.exe [253952 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\SmartCheckTest" Task: {750FF543-8EC3-414D-A3F0-B3E2C41915DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1004040 2025-10-21] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show Task: {68186B92-F12B-4BC3-9BAC-8633F96528CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [480264 2025-10-21] (HP Inc. -> HP Inc.) Task: {741BCDD0-2A62-4514-B197-72B18054BAC7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1176136 2025-10-21] (HP Inc. -> HP Inc.) Task: {373A8760-4375-4FD3-A197-6B678FDE5195} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1176136 2025-10-21] (HP Inc. -> HP Inc.) Task: {B52A9C3A-061C-4D8A-BC96-AB6AEA0B0963} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice Task: {0942D961-8C0B-4279-A561-B5D0E6BB5F3B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [91656 2025-11-24] (HP Inc. -> HP Inc.) Task: {4038CFAE-059C-4144-B37D-B32AC763351C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [91656 2025-11-24] (HP Inc. -> HP Inc.) Task: {B5BC2230-E564-478A-B655-D80BBDE98346} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16961360 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) Task: {CB7F0EFE-EF06-49A0-B974-9BAD2EB3D385} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29178296 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) Task: {7CF674D8-457C-49FB-931C-297B6EF4F052} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70488 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) Task: {4C14D700-6835-4092-BAE2-F07BDFB200E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29178296 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) Task: {2CA481BB-0AE5-4388-8B49-B1236C3214E8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [316696 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) Task: {514A1BC9-F8DD-4041-9A99-0645C8318B34} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [316696 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) Task: {794D8620-CDA8-44E2-A73A-B140D224E7C2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1365280 2025-11-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F492F4CC-96EE-4AD4-A0A3-6DBBA7B8327D} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File) Task: {DE5AFFFF-B74D-4504-B4DA-EC9E4ACC84D6} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200} Task: {EBC4263F-3662-44DE-8898-6787AB6CA4B4} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\WINDOWS\system32\oobe\PITRTask.dll [118784 2025-12-02] (Microsoft Windows -> Microsoft Corporation) Task: {87555B29-C0C2-44E3-87F3-A0BD06278F9E} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => %windir%\System32\UNP\UpdateNotificationMgr.exe (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {5B39F73A-BFA2-4326-AC67-5BB5C14479C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DC43F3C3-E770-41DF-BF3A-13F6A1792AB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4C9ED23F-6C8C-4E66-83FA-26634BEA2303} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C988ABA7-02C1-4EE6-9357-3457C60343F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EF9050C3-4901-45D0-902F-F13A721E073B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4395920 2025-11-22] (Microsoft Corporation -> Microsoft Corporation) Task: {7E7950B5-D234-447A-A60A-10FE4CF11839} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2571265167-332436018-2390457406-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4395920 2025-11-22] (Microsoft Corporation -> Microsoft Corporation) Task: {E9683C59-EC4E-443A-A3A0-028A7A7E749F} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2571265167-332436018-2390457406-1001 => C:\Program Files\Microsoft OneDrive\25.206.1021.0003\OneDriveLauncher.exe [727440 2025-11-22] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 Tcpip\..\Interfaces\{d43779bd-1ccd-4af7-b662-f5310a9c318a}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 Edge: ======= Edge Profile: C:\Users\jptay\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-02] Edge Extension: (Google Docs Offline) - C:\Users\jptay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-01] Edge Extension: (Edge relevant text changes) - C:\Users\jptay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-11-13] Edge HKU\S-1-5-21-2571265167-332436018-2390457406-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-11-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-11-17] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-11-13] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\jptay\AppData\Local\Google\Chrome\User Data\Default [2025-12-02] CHR HomePage: Default -> chrome://apps/ CHR StartupUrls: Default -> "chrome://newtab/","hxxps://search-thrill.com/?path=chrome/newtab&u=ebd1b957be6523c8&subid=11119&channel=default" CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\jptay\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-11-29] CHR Extension: (Google Docs Offline) - C:\Users\jptay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\jptay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-11-15] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-2571265167-332436018-2390457406-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-2571265167-332436018-2390457406-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-25] (Adobe Inc. -> Adobe Inc.) R2 AMSProtectedService; C:\Program Files\Fortect\elam_ppl\amsprotectedservice.exe [639304 2025-09-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13366624 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_65fc0c89346bb33d\ipfsvc.exe [572496 2025-09-08] (Intel Corporation -> Intel Corporation) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [498456 2025-02-21] (DTS, Inc. -> DTS Inc.) R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.206.1021.0003\FileSyncHelper.exe [3606376 2025-11-22] (Microsoft Corporation -> Microsoft Corporation) R2 FortectDaemon; C:\Program Files\Fortect\bin\MainDaemon.exe [5292088 2025-09-28] (Fortect LTD -> Fortect Ltd.) R2 FortectNetShield; C:\Program Files\Fortect\MainNetShield.exe [5289016 2025-09-28] (Fortect LTD -> Fortect LTD.) R2 FortectService; C:\Program Files\Fortect\MainService.exe [7256632 2025-09-28] (Fortect LTD -> Fortect LTD.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [473632 2023-05-17] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\AppHelperCap.exe [909496 2025-10-01] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\DiagsCap.exe [907960 2025-10-01] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\NetworkCap.exe [903856 2025-10-01] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2025-11-24] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_383a15da209a6794\x64\SysInfoCap.exe [909464 2025-10-01] (HP Inc. -> HP Inc.) S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_c25dbc60ad3b371a\lib\PlatformLicenseManagerService.exe [742904 2024-12-12] (Intel Corporation -> Intel(R) Corporation) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_b99e1bea22403d27\AS\IAS\IntelAudioService.exe [366544 2025-09-21] (Intel Corporation -> Intel) S2 IntelDisplayUMService; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4cbff1040d0407f2\IntelDisplayUMService.exe [390552 2025-02-11] (Intel Corporation -> Intel Corporation) R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_uf.exe [3115592 2025-09-18] (Intel Corporation -> Intel Corporation) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe [2026184 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) R3 OffloadItemService; C:\WINDOWS\System32\DriverStore\FileRepository\ishheci.inf_amd64_5ad11db0f614ef30\OffloadItemService.exe [183232 2025-03-31] (Intel Corporation -> Intel) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.206.1021.0003\OneDriveUpdaterService.exe [3890536 2025-11-22] (Microsoft Corporation -> Microsoft Corporation) R2 PCManager Service Store; C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.18.11.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe [159264 2025-12-01] (Microsoft Corporation -> MSPCManagerService) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe [4414480 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe [282440 2025-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2025-09-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2025-09-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2025-09-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2025-09-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 cbfilter24-0; C:\Program Files\Fortect\cbfilter24.sys [407224 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbprocess24-0; C:\Program Files\Fortect\cbprocess24.sys [91360 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbregistry24-0; C:\Program Files\Fortect\cbregistry24.sys [143560 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R3 csaudio; C:\WINDOWS\System32\DriverStore\FileRepository\csaudio.inf_amd64_1711aa9be1c7d802\csaudio.sys [404520 2024-06-20] (Cirrus Logic Inc -> Windows (R) Win 7 DDK provider) R3 fns; C:\WINDOWS\System32\drivers\fns.sys [110064 2025-07-22] (Fortect LTD -> Windows (R) Win 7 DDK provider) R0 fse; C:\WINDOWS\System32\drivers\fse.sys [226688 2025-12-02] (Microsoft Windows -> Microsoft Corporation) S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_b7ea2b267b9226f0\GSCAuxDriverx64.sys [109648 2024-07-16] (Intel Corporation -> Intel Corporation) S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_742574720f5690ea\TeeDriverGSCW8x64.sys [276384 2025-02-11] (Intel Corporation -> Intel Corporation) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [36424 2024-04-02] (HP Inc. -> HP Inc.) R2 HpReadHWData; C:\Windows\System32\drivers\HpReadHWData.sys [53368 2024-12-11] (HP Inc. -> Windows (R) Win 7 DDK provider) R3 HpSpsNotification; C:\WINDOWS\System32\DriverStore\FileRepository\hpspsnotification.inf_amd64_65c7857539ec43ec\HpSpsNotification.sys [44104 2024-06-17] (HP Inc. -> HP Development Company, L.P.) R3 iaLPSS2_GPIO2_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_mtl.inf_amd64_de92054d4f0ad831\iaLPSS2_GPIO2_MTL.sys [176616 2025-09-23] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_mtl.inf_amd64_ebe13cc3b9ecef7d\iaLPSS2_I2C_MTL.sys [212584 2024-04-10] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_I3C_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i3c_mtl.inf_amd64_f847b9aa58c6840b\iaLPSS2_I3C_MTL.sys [153088 2024-04-10] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_SPI_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_mtl.inf_amd64_5fac64810450e1b2\iaLPSS2_SPI_MTL.sys [163328 2024-04-10] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_UART2_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_mtl.inf_amd64_1f181d16220992b9\iaLPSS2_UART2_MTL.sys [319992 2024-04-10] (Intel Corporation -> Intel Corporation) R3 IntcBtLE; C:\WINDOWS\System32\DriverStore\FileRepository\intcbtle.inf_amd64_3abd5ef0e9cec85f\IntcBtLE.sys [156648 2024-08-06] (Intel Corporation -> Intel(R) Corporation) R0 IntcPMT; C:\WINDOWS\System32\DriverStore\FileRepository\intcpmt.inf_amd64_7a61591fddff4def\intcpmt.sys [66808 2024-05-28] (Intel Corporation -> Intel Corporation) S3 IntcSdwBus; C:\WINDOWS\System32\DriverStore\FileRepository\intcsdwbus.inf_amd64_7fdec6356483b8a4\IntcSdwBus.sys [648632 2025-09-21] (Intel Corporation -> Intel(R) Corporation) R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_47fce0e3f4b9ad1e\IntcUSB.sys [948152 2025-09-21] (Intel Corporation -> Intel(R) Corporation) R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90304 2024-04-30] (Intel Corporation -> Intel Corporation) R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_c6eee0207705bc06\ipf_acpi.sys [90184 2025-09-18] (Intel Corporation -> Intel Corporation) R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_cpu.sys [89672 2025-09-18] (Intel Corporation -> Intel Corporation) R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_lf.sys [504912 2025-09-18] (Intel Corporation -> Intel Corporation) R3 IshHeci; C:\WINDOWS\System32\DriverStore\FileRepository\ishheci.inf_amd64_5ad11db0f614ef30\IshHeci.sys [160184 2025-03-31] (Intel Corporation -> Intel) R3 IshHidBus; C:\WINDOWS\System32\DriverStore\FileRepository\ishhidbus.inf_amd64_896e3fba64435cd5\IshHidBus.sys [99248 2025-03-20] (Intel Corporation -> Intel) R3 IshHidMini; C:\WINDOWS\System32\DriverStore\FileRepository\ishhidmini.inf_amd64_67ca07e169f53364\IshHidMini.sys [38888 2024-06-18] (Intel Corporation -> Intel) R3 IshOed; C:\WINDOWS\System32\DriverStore\FileRepository\ishoed.inf_amd64_74752c7c2f396586\IshOed.sys [74224 2024-06-18] (Intel Corporation -> Intel) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-12-01] (Microsoft Windows -> Microsoft Corporation) S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144768 2025-12-02] (Microsoft Windows -> Microsoft Corporation) S3 LT6911Au; C:\WINDOWS\System32\DriverStore\FileRepository\lt6911au.inf_amd64_fd2ff699a5f1caaa\LT6911Au.sys [68600 2024-08-06] (Intel Corporation -> Intel(R) Corporation) S3 MYFAULT; C:\WINDOWS\system32\drivers\myfault.sys [21904 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals) R3 Netwaw18; C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_d488480304e1f365\Netwaw18.sys [5965216 2025-08-26] (Intel Corporation -> Intel Corporation) R3 npu; C:\WINDOWS\System32\DriverStore\FileRepository\npu.inf_amd64_3336c5ca41a6fcc0\npu_kmd.sys [580344 2024-06-07] (Intel Corporation -> Intel(R) Corporation) S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-11-13] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20904 2025-12-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [629168 2025-12-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-01] (Microsoft Windows -> Microsoft Corporation) U3 aspnet_state; no ImagePath S0 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three months (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2025-12-02 00:58 - 2025-12-02 00:58 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2025-12-02 00:02 - 2025-12-02 00:03 - 000034254 _____ C:\Users\jptay\Downloads\FRST.txt 2025-12-01 22:51 - 2025-12-01 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-12-01 22:49 - 2025-12-01 22:50 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT 2025-12-01 22:21 - 2025-12-01 22:21 - 000035602 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2025-12-01 22:21 - 2025-12-01 22:21 - 000035602 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2025-12-01 15:15 - 2025-12-01 15:15 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\HTML Help 2025-11-25 15:23 - 2025-11-25 15:23 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Bibliography 2025-11-25 15:19 - 2025-11-25 15:19 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\QuickStyles 2025-11-24 18:26 - 2025-12-02 00:03 - 000000000 ____D C:\FRST 2025-11-24 18:25 - 2025-11-24 18:25 - 002444288 _____ (Farbar) C:\Users\jptay\Downloads\FRST64.exe 2025-11-23 11:42 - 2025-11-23 11:42 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=backgroundTaskHost=_ApiClient=D3D12 2025-11-23 11:42 - 2025-11-23 11:42 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\c143d0f47948d56cbd8ae90e32d2caaa6225198ae74ff4ba9d14dd4ee5b4f5bc 2025-11-22 15:03 - 2025-11-24 14:37 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2025-11-22 15:03 - 2025-11-22 15:03 - 000000000 ____D C:\WINDOWS\system32\%userprofile% 2025-11-21 12:20 - 2025-11-22 15:04 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2025-11-21 12:20 - 2025-11-22 15:03 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-11-21 12:20 - 2025-11-22 15:03 - 000000000 ___RD C:\Users\Default\OneDrive 2025-11-18 10:27 - 2025-11-18 10:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2025-11-18 10:27 - 2024-11-26 01:37 - 000270888 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2025-11-18 10:27 - 2024-11-26 01:37 - 000245288 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2025-11-18 09:02 - 2025-11-18 09:02 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Hewlett-Packard 2025-11-18 02:42 - 2025-11-18 02:42 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2025-11-17 14:46 - 2025-09-14 06:30 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2025-11-17 14:46 - 2025-09-14 06:30 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2025-11-17 14:46 - 2025-09-14 06:30 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2025-11-17 12:05 - 2025-11-17 12:05 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=SystemSettings=_ApiClient=D3D12 2025-11-17 00:15 - 2025-11-17 00:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2025-11-16 23:59 - 2025-11-16 23:59 - 000013894 _____ C:\Users\jptay\AppData\LocalLow\aaa3e82b0d09c0740287e32be34d2356e94d8b90797e2a41adf3b3641962e527 2025-11-16 23:59 - 2025-11-16 23:59 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\e1660a2cf3e3a20abd42445e4c6fe70b6d0ff3224d473928564756c32faf0f5e 2025-11-16 21:46 - 2025-11-16 22:07 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\UProof 2025-11-16 21:46 - 2025-11-16 21:46 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Proof 2025-11-16 20:33 - 2025-11-16 20:33 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\56e78a4901acc22d6bf4cdb02fdabb82c2eebac1a0da04d81df4e94588f9f61b 2025-11-15 23:47 - 2025-11-15 23:47 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2025-11-15 13:38 - 2025-11-18 08:52 - 000002505 _____ C:\Users\jptay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-11-15 13:38 - 2025-11-18 08:52 - 000002474 _____ C:\Users\jptay\OneDrive\Desktop\Google Chrome.lnk 2025-11-15 13:37 - 2025-11-15 13:38 - 000000000 ____D C:\Users\jptay\AppData\Local\Google 2025-11-15 13:37 - 2025-11-15 13:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUser 2025-11-14 20:39 - 2025-12-01 19:22 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Excel 2025-11-14 20:38 - 2025-11-14 20:38 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\3f9013992c36a516b270e3ca1b1269017e2b02400cfd923da23820d181b83b46 2025-11-14 18:50 - 2025-11-15 13:16 - 000064640 _____ C:\Users\jptay\AppData\LocalLow\be8f7594235813e37c8052011adb581f9a71dfbe05010ec5d2cb7230b3d67de0 2025-11-14 18:50 - 2025-11-14 18:50 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\9d268c8b4b8825de9432107b863812a70b57c7afb7d2bf48cb7b38611d08234b 2025-11-14 18:39 - 2025-11-14 18:39 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=StartMenuExperienceHost=_ApiClient=D3D12 2025-11-14 08:57 - 2025-11-20 18:49 - 000226653 _____ C:\Users\jptay\AppData\LocalLow\604861de5493d7cd120e855a1a5c1350dc0045a938eef314538361ed85b2bc05 2025-11-14 08:57 - 2025-11-14 08:57 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\47c477fad8f83ce444ad35a730bdd38e4f86300079b95fb7117835759304fa2f 2025-11-13 22:28 - 2025-11-25 22:38 - 000168085 _____ C:\Users\jptay\AppData\LocalLow\9247946adebc388b331fefa88eb84cf7b67a930ec177b7296063ae88fa4862e7 2025-11-13 22:28 - 2025-11-13 22:28 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=msedgewebview2=M365Copilot.exe_ApiClient=D3D12 2025-11-13 22:28 - 2025-11-13 22:28 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\b2254bee14a4e83916dfceffc60c5e806be2048c82d62709bb4f3f49bb8590e5 2025-11-13 22:26 - 2025-11-13 22:26 - 000132565 _____ C:\Users\jptay\AppData\LocalLow\2a479e7e178511d04320202249fdd8371b4a1fde0c38e0a9a5ae6492ac3c7d4d 2025-11-13 22:26 - 2025-11-13 22:26 - 000037857 _____ C:\Users\jptay\AppData\LocalLow\d44517b4b766c0b8a8fd918b9927829a1a6b5cd2e2afef935feb7bb56126b0c4 2025-11-13 22:26 - 2025-11-13 22:26 - 000014851 _____ C:\Users\jptay\AppData\LocalLow\13257ddda5039573676179c1dfc14d00b0bc3f9306828c63b8139813edb2be7d 2025-11-13 22:26 - 2025-11-13 22:26 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\c14b239257bd9bdb71d66c8b840ad88178d5ebff2f24b53bba589e60a9e658be 2025-11-13 22:26 - 2025-11-13 22:26 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\7f22156fd2a7b994e14dccb577eca031d3bd76b5af8cf0f6de21e4012f009b40 2025-11-13 22:26 - 2025-11-13 22:26 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\3d5ead2d97a6dd2bbcabf2e09b018a56351355f2b555f9f8f84bfe592fa5decc 2025-11-13 22:24 - 2025-11-13 22:24 - 000000000 ____D C:\Users\jptay\AppData\Local\Backup 2025-11-13 21:55 - 2025-11-24 14:38 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2025-11-13 21:42 - 2025-11-25 09:29 - 000301014 _____ C:\Users\jptay\AppData\LocalLow\04640f3570bedd6ccc10b60c4bc849425f6177d5fba1a4a15a67d17a9a877d63 2025-11-13 21:42 - 2025-11-13 21:42 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\55545969b3cd8468d9ca4fd07c0e78d40828068a253cc0249d15cb1b3cd08e5c 2025-11-13 13:59 - 2025-12-02 00:00 - 000001752 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2025-11-13 13:56 - 2025-12-01 23:08 - 000816286 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-11-13 13:55 - 2025-12-01 22:48 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Perplexity 2025-11-13 13:55 - 2025-11-24 12:50 - 000152400 _____ C:\Users\jptay\AppData\LocalLow\f496291d4d488faef3bbca21455cb9444ae9589e44bdd9c0bea2e0494a42d123 2025-11-13 13:55 - 2025-11-13 13:55 - 000002320 _____ C:\Users\jptay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perplexity.lnk 2025-11-13 13:55 - 2025-11-13 13:55 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\71025dea2f298e738e39b1155c09372de72489d6777b2e59b5cd8baad5dfa448 2025-11-13 13:55 - 2025-11-13 13:55 - 000000000 ____D C:\Users\jptay\AppData\Local\perplexity-updater 2025-11-13 13:54 - 2025-12-01 22:20 - 000000000 ____D C:\Users\jptay\AppData\Local\CrashDumps 2025-11-13 13:53 - 2025-12-02 00:00 - 000000000 ____D C:\ProgramData\Fortect 2025-11-13 13:53 - 2025-12-01 23:59 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Fortect 2025-11-13 13:53 - 2025-11-17 14:46 - 000000000 ____D C:\Program Files\Fortect 2025-11-13 13:53 - 2025-11-13 13:53 - 000000000 SHDJL C:\Documents and Settings 2025-11-13 13:53 - 2025-11-13 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect 2025-11-13 13:53 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbregistryevtmsg.dll 2025-11-13 13:53 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbprocessevtmsg.dll 2025-11-13 13:53 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfilterevtmsg.dll 2025-11-13 13:52 - 2025-12-02 00:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-11-13 13:52 - 2025-11-29 03:00 - 000003610 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{B4DA8226-3BA2-4398-A84A-E92900CA2704} 2025-11-13 13:52 - 2025-11-29 03:00 - 000003484 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{9ECC1771-0E15-4969-894E-884316B555F9} 2025-11-13 13:52 - 2025-11-24 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2025-11-13 13:52 - 2025-11-13 13:52 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2025-11-13 13:52 - 2024-08-08 05:24 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1550768024-4122249052-3442395584-500 2025-11-13 13:52 - 2024-05-22 10:30 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-316919643-139532659-170233807-500 2025-11-13 13:50 - 2025-11-25 23:05 - 000000000 ____D C:\Users\jptay\OneDrive\Documents\Resume 2025-11-13 13:50 - 2025-11-24 14:15 - 000054495 _____ C:\Users\jptay\OneDrive\Desktop\Follow Up.xlsx 2025-11-13 13:50 - 2025-11-23 19:20 - 000000068 _____ C:\Users\jptay\OneDrive\Desktop\Notes.txt 2025-11-13 13:50 - 2025-11-13 13:55 - 000002318 _____ C:\Users\jptay\OneDrive\Desktop\Perplexity.lnk 2025-11-13 13:50 - 2025-11-13 13:50 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\7551748a6997afa3491ff585b27e3cc153437f6014a00d6013d8d574fd88972a 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ___HD C:\OneDriveTemp 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ____D C:\Users\jptay\OneDrive\Documents\Tax Forms 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ____D C:\Users\jptay\OneDrive\Documents\Reference Files 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ____D C:\Users\jptay\OneDrive\Documents\Journals 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ____D C:\Users\jptay\OneDrive\Documents\Custom Office Templates 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ____D C:\Users\jptay\OneDrive\Desktop\Theology 2025-11-13 13:50 - 2025-11-13 13:50 - 000000000 ____D C:\Users\jptay\OneDrive\Desktop\SPDriver 2025-11-13 13:50 - 2025-08-02 20:42 - 000000052 _____ C:\Users\jptay\OneDrive\Documents\Reset Notes.txt 2025-11-13 13:49 - 2025-12-02 00:01 - 000000000 ___RD C:\Users\jptay\OneDrive 2025-11-13 13:49 - 2025-11-22 15:03 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571265167-332436018-2390457406-1001 2025-11-13 13:49 - 2025-11-22 15:03 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2571265167-332436018-2390457406-1001 2025-11-13 13:49 - 2025-11-13 13:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2025-11-13 13:48 - 2025-12-02 00:00 - 000012288 ___SH C:\DumpStack.log.tmp 2025-11-13 13:48 - 2025-12-01 22:53 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2025-11-13 13:48 - 2025-12-01 22:52 - 000493840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2025-11-13 13:48 - 2025-12-01 21:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-11-13 13:48 - 2025-11-22 09:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-11-13 13:48 - 2025-11-18 10:20 - 000000000 ____D C:\ProgramData\HP 2025-11-13 13:48 - 2025-11-15 13:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH 2025-11-13 13:48 - 2025-11-13 13:48 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\cc0895f481d97550379a12a41d9bb1fb6515c28581bb1a2b6177094d7c679094 2025-11-13 13:48 - 2025-11-13 13:48 - 000000000 ____D C:\WINDOWS\system32\DTS 2025-11-13 13:48 - 2025-11-13 13:48 - 000000000 ____D C:\WINDOWS\system32\csaudio 2025-11-13 13:48 - 2025-11-13 13:48 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2025-11-13 13:48 - 2025-11-13 13:48 - 000000000 ____D C:\ProgramData\Intel 2025-11-13 13:37 - 2025-11-18 10:32 - 000000000 ____D C:\SWSetup 2025-11-13 13:36 - 2025-11-13 21:42 - 000000000 ____D C:\Program Files\HP 2025-11-13 13:36 - 2025-11-13 13:51 - 000000000 ___HD C:\system.sav 2025-11-13 13:34 - 2025-11-24 14:43 - 000000000 ____D C:\WINDOWS\Panther 2025-11-13 13:33 - 2025-12-01 22:50 - 000000000 ____D C:\WINDOWS\system32\ruxim 2025-11-13 13:33 - 2025-12-01 22:49 - 000000000 ____D C:\WINDOWS\InboxApps 2025-11-13 13:33 - 2025-11-13 13:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2025-11-13 13:33 - 2025-11-13 13:33 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets 2025-11-13 13:33 - 2025-11-13 13:33 - 000000000 ____D C:\inetpub 2025-11-13 13:31 - 2025-11-13 22:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2025-11-13 13:31 - 2025-11-13 13:31 - 000079894 _____ C:\WINDOWS\SysWOW64\ctac.json 2025-11-13 13:31 - 2025-11-13 13:31 - 000079894 _____ C:\WINDOWS\system32\ctac.json 2025-11-13 13:31 - 2025-11-13 13:31 - 000005264 _____ C:\WINDOWS\system32\ecoscore_config.json 2025-11-13 13:31 - 2025-11-13 13:31 - 000001681 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json 2025-11-13 13:31 - 2025-11-13 13:31 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2025-11-13 13:29 - 2025-11-13 13:29 - 000000000 ____D C:\WINDOWS\Firmware 2025-11-13 13:27 - 2025-11-13 13:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2025-11-13 13:24 - 2025-11-13 13:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-11-13 13:21 - 2025-11-13 13:21 - 000000000 ____D C:\Users\jptay\AppData\Local\Comms 2025-11-13 13:00 - 2025-11-13 13:00 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk 2025-11-13 13:00 - 2025-11-13 13:00 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2025-11-13 12:59 - 2025-12-01 22:15 - 000000000 ____D C:\ProgramData\Whesvc 2025-11-13 12:49 - 2025-11-13 12:49 - 000000000 ____D C:\Users\jptay\AppData\Roaming\com.adobe.dunamis 2025-11-13 12:49 - 2025-11-13 12:49 - 000000000 ____D C:\Users\jptay\AppData\LocalLow\Temp 2025-11-13 12:49 - 2025-11-13 12:49 - 000000000 ____D C:\Users\jptay\AppData\LocalLow\Adobe 2025-11-13 12:49 - 2025-11-13 12:49 - 000000000 ____D C:\Users\jptay\AppData\Local\SolidDocuments 2025-11-13 12:49 - 2025-11-13 12:49 - 000000000 ____D C:\Users\jptay\.ms-ad 2025-11-13 12:49 - 2025-11-13 12:49 - 000000000 ____D C:\ProgramData\Adobe 2025-11-13 12:48 - 2025-11-20 11:43 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2025-11-13 12:48 - 2025-11-13 12:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2025-11-13 12:48 - 2025-11-13 12:48 - 000006504 _____ C:\Users\jptay\AppData\LocalLow\7514d4fd888df94f85a79de9cd6ddf819d89c248e5097def6861fda17963208b 2025-11-13 12:48 - 2025-11-13 12:48 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\2f6d952854b4a75e06facf051096335e13291e3eeaea173779625226f21bfc02 2025-11-13 12:48 - 2025-11-13 12:48 - 000000000 ____D C:\Users\jptay\AppData\Local\Windows Master Store 2025-11-13 12:47 - 2025-11-13 12:47 - 000000000 ____D C:\Program Files\Adobe 2025-11-13 12:45 - 2025-11-13 12:47 - 000000000 ____D C:\Program Files\Common Files\Adobe 2025-11-13 12:45 - 2025-11-13 12:45 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=msedgewebview2=Widgets.exe_ApiClient=D3D12 2025-11-13 12:43 - 2025-12-01 22:24 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Word 2025-11-13 12:43 - 2025-11-20 18:01 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Office 2025-11-13 12:43 - 2025-11-13 12:43 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\f5801d68e401db9c1a7df96b952c344e17c0a16e8b700c422b45cb3f3103b3ad 2025-11-13 12:43 - 2025-11-13 12:43 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\AddIns 2025-11-13 12:43 - 2025-11-13 12:43 - 000000000 ____D C:\Users\jptay\AppData\Local\PC Manager Store 2025-11-13 12:43 - 2025-11-13 12:43 - 000000000 ____D C:\ProgramData\Windows Master Store 2025-11-13 12:42 - 2025-11-13 21:25 - 000000000 ____D C:\Users\jptay\AppData\Local\Adobe 2025-11-13 12:36 - 2025-11-13 12:36 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\377310f99f0a83b04e282705da71bd0db9fe3aee775bcac527867f277a2311a1 2025-11-13 12:35 - 2025-11-15 13:31 - 000000000 ____D C:\Program Files (x86)\Google 2025-11-13 12:35 - 2025-11-14 21:47 - 000068658 _____ C:\Users\jptay\AppData\LocalLow\e859fc5d1b0150e7697bba7807c4c5c5b2c1880e1cfb0b8168082934ee8c75fd 2025-11-13 12:35 - 2025-11-13 12:35 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\a1529fba3b24046c99336dea94a6f9d9aff7532d41d7b283c079caf621fc0565 2025-11-13 12:33 - 2025-11-13 12:33 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=msedgewebview2=olk.exe_ApiClient=D3D12 2025-11-13 12:32 - 2025-11-15 23:54 - 000000000 ____D C:\Users\jptay\AppData\Local\HP 2025-11-13 12:32 - 2025-11-13 12:32 - 000000000 ____D C:\Users\jptay\AppData\Local\ToastNotificationManagerCompat 2025-11-13 12:32 - 2025-11-13 12:32 - 000000000 ____D C:\Users\Default\AppData\Local\HP 2025-11-13 12:31 - 2025-11-13 12:31 - 000008825 _____ C:\Users\jptay\AppData\LocalLow\7fe9228e78075042500886bb0915686794010f74dbe9a5183168e57ac56aaea0 2025-11-13 12:31 - 2025-11-13 12:31 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\601d3627c353692c1d21b2a715c3ff7d5a427c3c7a1022f60eed2f2c5955df75 2025-11-13 12:30 - 2025-11-29 12:09 - 000834829 _____ C:\Users\jptay\AppData\LocalLow\63521d82a8d9a72320595284e98572660499692afed6cfad2a0e21fcd41e39c9 2025-11-13 12:30 - 2025-11-13 12:30 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\872c297a224cf176b0a709a23f5c38492d6089219dd78ae3832d09a03820fe31 2025-11-13 12:04 - 2025-11-14 16:20 - 000004502 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=RuntimeBroker=_ApiClient=D3D12 2025-11-13 12:04 - 2025-11-13 12:31 - 000000000 ____D C:\Users\jptay\AppData\Local\Publishers 2025-11-13 12:04 - 2025-11-13 12:04 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\9705cf996c48d1970a30c3cdc31d8a2272bbb73a49ff7bfe4d8e82fe285a226f 2025-11-13 12:03 - 2025-11-13 12:03 - 000000000 ____D C:\Users\jptay\AppData\Roaming\HP 2025-11-13 12:02 - 2025-12-01 23:59 - 000000000 ____D C:\Users\jptay\AppData\Local\D3DSCache 2025-11-13 12:02 - 2025-12-01 16:57 - 000000000 ____D C:\Users\jptay\AppData\Local\Packages 2025-11-13 12:02 - 2025-12-01 14:55 - 000000000 ____D C:\Users\jptay\AppData\Local\PlaceholderTileLogoFolder 2025-11-13 12:02 - 2025-11-14 22:00 - 000012139 _____ C:\Users\jptay\AppData\LocalLow\f510960994312a39c99b747e60615b10806877d4d4bef11b325f096420c03cfd 2025-11-13 12:02 - 2025-11-13 12:49 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Adobe 2025-11-13 12:02 - 2025-11-13 12:03 - 000163502 _____ C:\Users\jptay\AppData\LocalLow\882f488adfc1463db82fb2fb1ea44b7873895b89d97918a426bfca2d960545e1 2025-11-13 12:02 - 2025-11-13 12:02 - 000006505 _____ C:\Users\jptay\AppData\LocalLow\673a41ac63ab4a1472d4b377aa3c6dbd53f0d7ec350ea3bb6877bc04e17f0ffc 2025-11-13 12:02 - 2025-11-13 12:02 - 000006494 _____ C:\Users\jptay\AppData\LocalLow\297238f973ac739856849150fb144c8cdec7dbed044c5569d22ca5a3db1d8581 2025-11-13 12:02 - 2025-11-13 12:02 - 000002264 _____ C:\Users\jptay\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=OobeHostApp=_ApiClient=D3D12 2025-11-13 12:02 - 2025-11-13 12:02 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\f2cd79e3939ad905c196f8a79a058fdcacb29dfe47b67eb828d9aa773aafe05f 2025-11-13 12:02 - 2025-11-13 12:02 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\ed80b53c69685120580458416b8de39f857b6e18685d599796cc106e7bb45135 2025-11-13 12:02 - 2025-11-13 12:02 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\94a0a9fb9268af879b8eae39a329082029bea29dc36c5da805b29c201d2c7f9a 2025-11-13 12:02 - 2025-11-13 12:02 - 000000026 _____ C:\Users\jptay\AppData\LocalLow\6146a14a4add362c7011c48b26d1aab6f0983c9538904c86ef1d75db98eacffa 2025-11-13 12:02 - 2025-11-13 12:02 - 000000000 ___SD C:\Users\jptay\AppData\Roaming\Microsoft\Crypto 2025-11-13 12:02 - 2025-11-13 12:02 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Vault 2025-11-13 12:02 - 2025-11-13 12:02 - 000000000 ____D C:\Users\jptay\AppData\LocalLow\Intel 2025-11-13 12:02 - 2025-11-13 12:02 - 000000000 ____D C:\Users\jptay\AppData\Local\VirtualStore 2025-11-13 12:02 - 2025-11-13 12:02 - 000000000 ____D C:\Users\jptay\AppData\Local\ConnectedDevicesPlatform 2025-11-13 12:00 - 2025-11-14 22:35 - 000000000 ____D C:\Users\jptay 2025-11-13 12:00 - 2025-11-13 13:52 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Network 2025-11-13 12:00 - 2025-11-13 12:35 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Spelling 2025-11-13 12:00 - 2025-11-13 12:02 - 000000000 ____D C:\Users\jptay\AppData\Roaming\Microsoft\Windows 2025-11-13 12:00 - 2025-11-13 12:00 - 000000020 ___SH C:\Users\jptay\ntuser.ini 2025-11-13 12:00 - 2025-11-13 12:00 - 000000000 ___SD C:\Users\jptay\AppData\Roaming\Microsoft\SystemCertificates 2025-11-13 12:00 - 2025-11-13 12:00 - 000000000 ___SD C:\Users\jptay\AppData\Roaming\Microsoft\Protect 2025-11-13 12:00 - 2025-11-13 12:00 - 000000000 ___SD C:\Users\jptay\AppData\Roaming\Microsoft\Credentials 2025-11-13 11:04 - 2025-11-14 18:45 - 000000000 ___HD C:\$SysReset ==================== Three months (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2025-12-02 00:03 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-12-02 00:01 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-12-02 00:00 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\ServiceState 2025-12-02 00:00 - 2024-04-01 01:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-12-02 00:00 - 2024-04-01 01:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-12-01 23:57 - 2024-04-01 01:24 - 000000000 ____D C:\WINDOWS\INF 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\WUModels 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\UUS 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SystemResources 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\setup 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\DDFs 2025-12-01 22:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ___RD C:\Program Files\Windows Defender 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\Provisioning 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\DiagTrack 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-12-01 22:49 - 2024-04-01 01:26 - 000000000 ____D C:\Program Files\Common Files\System 2025-12-01 22:49 - 2024-04-01 01:21 - 000000000 ____D C:\WINDOWS\servicing 2025-12-01 22:20 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2025-12-01 17:10 - 2024-05-22 10:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-12-01 17:08 - 2024-04-01 01:26 - 000000000 ___HD C:\Program Files\WindowsApps 2025-12-01 15:24 - 2024-05-22 10:29 - 000000000 ____D C:\ProgramData\Packages 2025-11-21 12:19 - 2024-08-08 05:31 - 000000000 ____D C:\Program Files\Microsoft Office 2025-11-18 10:31 - 2024-08-08 05:30 - 000000000 ____D C:\Program Files\HPCommRecovery 2025-11-18 10:18 - 2024-12-11 10:06 - 000000000 ____D C:\WINDOWS\HP 2025-11-17 11:54 - 2024-10-25 00:25 - 000000000 ____D C:\hp 2025-11-16 20:56 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2025-11-13 22:04 - 2024-08-08 05:29 - 000000000 ____D C:\Program Files (x86)\HP 2025-11-13 13:53 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2025-11-13 13:52 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2025-11-13 13:51 - 2024-12-11 10:05 - 000000000 ___RD C:\Program Files\Online Services 2025-11-13 13:51 - 2024-12-11 10:05 - 000000000 ___RD C:\Program Files (x86)\Online Services 2025-11-13 13:51 - 2024-08-08 05:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2025-11-13 13:51 - 2024-08-08 05:31 - 000000000 ____D C:\Program Files\Microsoft Office 15 2025-11-13 13:51 - 2024-08-08 05:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2025-11-13 13:51 - 2024-04-01 02:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2025-11-13 13:51 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2025-11-13 13:50 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2025-11-13 13:50 - 2024-04-01 01:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2025-11-13 13:48 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2025-11-13 13:43 - 2024-12-11 10:07 - 000000000 ____D C:\Program Files\McAfee 2025-11-13 13:36 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2025-11-13 13:34 - 2024-04-01 01:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2025-11-13 13:33 - 2024-04-01 02:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2025-11-13 13:33 - 2024-04-01 02:09 - 000028898 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2025-11-13 13:33 - 2024-04-01 02:09 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2025-11-13 13:33 - 2024-04-01 02:09 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2025-11-13 13:33 - 2024-04-01 02:08 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2025-11-13 13:33 - 2024-04-01 01:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2025-11-13 13:33 - 2024-04-01 01:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\SystemApps 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\te-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\spool 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\or-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\km-KH 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\is-IS 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\id-ID 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\et-EE 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\es-MX 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Com 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\be-BY 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\as-IN 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\am-ET 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2025-11-13 13:33 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\IME 2025-11-13 13:31 - 2024-04-01 01:22 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtPL080.dll 2025-11-13 13:31 - 2024-04-01 01:22 - 000063064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcPseDMA.dll 2025-11-13 13:31 - 2024-04-01 01:22 - 000063064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcLpioDMA.dll 2025-11-13 13:23 - 2024-04-01 01:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2025-11-13 12:37 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc 2025-11-13 12:31 - 2024-04-01 01:26 - 000000000 ____D C:\WINDOWS\appcompat 2025-11-13 12:29 - 2024-04-01 01:26 - 000000000 ____D C:\ProgramData\USOPrivate 2025-11-13 12:03 - 2024-05-22 10:29 - 000000000 __RHD C:\Users\Public\AccountPictures ==================== SigCheckExt ========================= 2025-11-24 18:25 - 2025-11-24 18:25 - 002444288 _____ (Farbar) C:\Users\jptay\Downloads\FRST64.exe ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {fb28c589-b7de-11ef-9b12-a7655c56dd7b} {fb28c58a-b7de-11ef-9b12-a7655c56dd7b} timeout 0 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale en-US inherit {globalsettings} isolatedcontext Yes default {current} resumeobject {6ec47186-449e-11f0-8932-adac37353838} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {fb28c589-b7de-11ef-9b12-a7655c56dd7b} description EFI USB Device isolatedcontext Yes Firmware Application (101fffff) ------------------------------- identifier {fb28c58a-b7de-11ef-9b12-a7655c56dd7b} description Internal Hard Disk or Solid State Disk isolatedcontext Yes Windows Boot Loader ------------------- identifier {030847ac-b7df-11ef-8881-bb1dc738c3df} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6ec4717c-449e-11f0-8932-adac37353838} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery isolatedcontext Yes osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6ec4717c-449e-11f0-8932-adac37353838} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {6ec47180-449e-11f0-8932-adac37353838} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{6ec47181-449e-11f0-8932-adac37353838} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery isolatedcontext Yes osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{6ec47181-449e-11f0-8932-adac37353838} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale en-US inherit {bootloadersettings} recoverysequence {6ec47180-449e-11f0-8932-adac37353838} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {6ec47186-449e-11f0-8932-adac37353838} nx OptIn bootmenupolicy Standard hypervisorlaunchtype Auto Resume from Hibernate --------------------- identifier {6ec47186-449e-11f0-8932-adac37353838} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {6ec47180-449e-11f0-8932-adac37353838} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes isolatedcontext Yes EMS Settings ------------ identifier {emssettings} bootems No isolatedcontext Yes Debugger Settings ----------------- identifier {dbgsettings} debugtype Local isolatedcontext Yes RAM Defects ----------- identifier {badmemory} isolatedcontext Yes Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} isolatedcontext Yes Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} isolatedcontext Yes Hypervisor Settings ------------------- identifier {hypervisorsettings} isolatedcontext Yes hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} isolatedcontext Yes Device options -------------- identifier {6ec47181-449e-11f0-8932-adac37353838} description Windows Recovery isolatedcontext Yes ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== End of FRST.txt ========================