Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Passwords being stolen?


  • Please log in to reply

#1
isolationary

isolationary

    Member

  • Member
  • PipPip
  • 65 posts

Hello,

 

I think some malicious software has been installed on my computer and is either keylogging or sending my passwords out to someone. In the past week my facebook, instagram, gmail and other accounts have been logged into. I change the passwords on my phone and things are good for a few days but the moment I log into them on the home PC they're all compromised again. Gmail suggested the windows device has also been compromised. I ran a malware bytes but it didn't find anything, the pc seems to be running fine with no popups or anything but I keep getting compromised. Help!

 

Thanks a million.

 

________________

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2022 01
Ran by GERTY (administrator) on DESKTOP-33JOO9N (Gigabyte Technology Co., Ltd. Default string) (24-06-2022 07:33:34)
Running from C:\Users\GERTY\OneDrive\Desktop
Loaded Profiles: GERTY
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Elite Gamer\Elite Gamer.exe ->) (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Elite Gamer\CefSharp.BrowserSubprocess.exe <4>
(C:\Program Files (x86)\Elite Gamer\Elite Gamer.exe ->) (WTFast -> ) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe
(C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe ->) (NETGEAR TAIWAN CO., LTD -> NETGEAR) C:\Program Files (x86)\NETGEAR\A7000\A7000.EXE
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Users\GERTY\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe ->) (Skype Software Sarl -> ) C:\Users\GERTY\AppData\Local\Temp\is-1J8B8.tmp\Skype-Setup.tmp
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(Discord Inc. -> Discord Inc.) C:\Users\GERTY\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (WTFast -> ) C:\Program Files (x86)\Elite Gamer\Elite Gamer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel® Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(services.exe ->) (NETGEAR -> Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(services.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (ZeroTier, Inc. -> ) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Users\GERTY\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\GERTY\AppData\Local\Microsoft\OneDrive\22.111.0522.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe <2>
(svchost.exe ->) (Ring.com) C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\Ring.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2010-09-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [21430992 2018-03-27] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186440 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2022-05-09] (Intel Corporation -> Intel)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [EADM] => E:\Origin\Origin.exe [3137816 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [EpicGamesLauncher] => E:\Ghost Recon Breakpoint\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32648144 2022-06-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Discord] => C:\Users\GERTY\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [GogGalaxy] => E:\GOG Galaxy\GalaxyClient.exe [13926752 2021-10-05] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Megatron] => C:\Program Files (x86)\Elite Gamer\Elite Gamer.exe [1428176 2021-08-24] (WTFast -> )
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX410 series XPS: C:\Windows\system32\CNMXLMAL.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.53\Installer\chrmstp.exe [2022-06-22] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A7000 Genie.lnk [2019-05-03]
ShortcutTarget: NETGEAR A7000 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe (NETGEAR -> Realtek Semiconductor Corp.)
Startup: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-09-03]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-04]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-12-09]
ShortcutTarget: Twitch.lnk -> C:\Users\GERTY\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02EA87DB-AB26-4E99-B8CF-7572AA32265A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {123E7A0D-0C7B-426B-BFD1-2FE6488A02A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {250063C0-7A5F-40B9-8FD7-9183E2C7AEE6} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {3863F8D8-0909-4666-8FCA-ABEA619ED687} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {38D43559-1D2B-4570-853C-61895D80E151} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {3A9F3FAB-55DA-4C45-9B3D-F3AD847C4C04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CD6DACD-2D3B-4DBE-A91A-505CD3B4F908} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {445DA7CA-E069-47D4-9E5D-36520F2E66C6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {491B5635-7A77-42E3-BDF3-7E66D3FB78A4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CD02494-B4DD-4913-BEBB-28DA6198BA6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5DD528ED-4A61-4F55-8F45-268A82ECA4E0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5FFBCEA0-FDA7-401C-8B81-AFC589C0DEEB} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {77995065-714C-4E38-A878-E676AAD59DC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-19] (Google Inc -> Google Inc.)
Task: {79747058-377F-4DFF-95C4-B0E3C1FC3C4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8101E796-2AA7-4C53-900A-BC19AD6AC633} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {899DA326-1307-4F08-9B8B-575181DB4F96} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8DB97AA2-D0FC-4184-A500-BD7396D22F2E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {903651D4-D6F0-45C0-8F03-3CA5D878CB39} - System32\Tasks\{C9C2676D-349D-4FD5-87EE-E1F74959C239} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {914907A2-2F1B-4540-8A62-C276EF969953} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {99EFFE0E-252D-44AC-8135-F86506220840} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {A3E8DFD6-7A7A-43CA-87DA-A88123F597FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {A6E241A7-199C-4246-BEF3-90A46BD03B54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD451E11-32A2-4F75-A7CA-1030A9E5FB95} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD84D997-9098-4C4E-8F5E-D4350BE06795} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AE9D3A2B-58C7-4D1A-B961-0EEDA72C74E9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B1EB247A-832E-48DC-A8AA-57FC8A727BD8} - System32\Tasks\{831B2018-0F28-4055-982D-4F026E5C38FF} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {B2063C23-7176-4805-A334-B179FF74419E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF8772F8-642F-4C5C-9D12-61F104CF5530} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CE3FCD76-1E52-4C9F-B2BB-9A07CA2B6C17} - System32\Tasks\{217A3AE5-AF5C-41FD-8C3F-DBF7E16FDBC5} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {DF15D288-973B-438C-927F-BE5B1002AF96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-19] (Google Inc -> Google Inc.)
Task: {E6920B5E-D23E-4107-85E9-7438DBB98DC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E7D5E6B7-2D89-4917-A642-AFB03D9A7715} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {EE6A2547-08E9-4B03-8E98-23252482D7EE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F48F0EB8-0966-4F09-B9C3-18D1ED07E0D9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{0ab1f5be-ef7a-44aa-a7c2-4b486ed98046}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{4e999797-9664-4c73-a597-a4d40ad98a93}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{55d1c91e-8a6c-4169-94e5-6b23f5c4ae58}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{72f42264-1a93-420f-931c-dbbeaaac671b}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{b10c1023-c31c-4566-9ee5-24cda4bfadf1}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\GERTY\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-24]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\GERTY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-12]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: spvnkvcx.default-1528494074254
FF ProfilePath: C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254 [2022-06-24]
FF Notifications: Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254 -> hxxps://www.rabb.it; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.pcgamer.com; hxxps://www.gamesradar.com; hxxps://www.fashionnova.com
FF Extension: (Honey) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\[email protected] [2021-06-23]
FF Extension: (To Google Translate) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\[email protected] [2022-03-01]
FF Extension: (RetailMeNot Deal Finder™️) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\[email protected] [2022-06-17]
FF Extension: (FxIF) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{6e0746af-fa34-4e33-a478-0a0a8785b8a1}.xpi [2021-01-22]
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-05-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-06-07]
FF Extension: (Safe Search powered by Yahoo) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{fd299ce1-1602-4490-b659-f45504f9324c}.xpi [2021-08-06] [UpdateUrl:hxxps://addons.safetybrowsing.com/gyff/updates.json]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default [2022-06-21]
CHR Notifications: Default -> hxxps://ww5.0123movie.net; hxxps://www.reddit.com
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-06-07]
CHR Extension: (Google Docs Offline) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-14]
CHR Extension: (Skype) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Profile: C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-30]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0315601655649074mcinstcleanup; C:\ProgramData\McInstTemp0315601655649074\McInst.exe [939432 2018-12-16] (McAfee, Inc. -> McAfee, Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-09-03] (Adobe Systems) [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46872 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2022-05-09] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [184248 2022-05-09] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-04-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-04-30] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; E:\GOG Galaxy\GalaxyClientService.exe [1990496 2021-10-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-15] (GOG Sp. z o.o. -> GOG.com)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
R2 NetgearA7000; C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe [45784 2013-07-03] (NETGEAR -> Realtek Semiconductor Corp.)
S3 NGS; C:\WINDOWS\NGService.exe [2994248 2018-10-10] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2020-10-14] (Even Balance, Inc. -> )
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2584528 2022-04-14] (Rockstar Games, Inc. -> Rockstar Games)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2020-06-02] (Realtek Semiconductor Corp -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH -> TeamViewer GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [331648 2020-12-10] (Twitch Interactive, Inc. -> )
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1788400 2019-09-04] (ZeroTier, Inc. -> )
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 A7000; C:\WINDOWS\system32\DRIVERS\A7000.sys [7957576 2019-05-03] (NETGEAR TAIWAN CO., LTD -> Realtek Semiconductor Corporation)
S3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudioamd64.sys [95184 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 gdrv; C:\Windows\gdrv.sys [26192 2016-05-09] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
S4 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-10-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\system32\DRIVERS\wireguard.sys [165384 2021-10-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R2 WtfEngineDrv; C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys [41704 2021-08-24] (Initeks, OOO -> AAA Internet Publishing, Inc.)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2016-06-15] (Splitmedialabs Limited -> SplitmediaLabs Limited)
S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 07:19 - 2022-06-24 07:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-06-22 04:14 - 2022-06-22 04:14 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-06-22 04:14 - 2022-06-22 04:14 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-06-22 04:14 - 2022-06-22 04:14 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-06-22 04:14 - 2022-06-22 04:14 - 000046872 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-06-19 07:34 - 2022-06-19 07:34 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-06-19 07:34 - 2022-06-19 07:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-06-19 07:31 - 2022-06-19 07:31 - 000000000 ____D C:\ProgramData\McInstTemp0315601655649074
2022-06-18 17:07 - 2022-06-18 17:07 - 000000000 _____ C:\ProgramData\R3X8UXYKO0WH0IB1E3EE.exe
2022-06-16 09:36 - 2022-06-16 09:36 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000051-000000.txt
2022-06-16 08:19 - 2022-06-16 08:19 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-16 08:11 - 2022-06-16 08:11 - 000000000 ___HD C:\$WinREAgent
2022-06-14 08:29 - 2022-06-14 08:29 - 000001379 _____ C:\Users\Public\Desktop\Skype.lnk
2022-06-14 08:29 - 2022-06-14 08:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-06-12 14:07 - 2022-06-12 14:07 - 000001427 _____ C:\WINDOWS\system32\default_error_stack-000050-000000.txt
2022-06-11 17:08 - 2022-06-12 14:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-05-25 08:19 - 2022-05-25 08:19 - 000001427 _____ C:\WINDOWS\system32\default_error_stack-000049-000000.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 07:34 - 2017-12-13 17:04 - 000000000 ____D C:\FRST
2022-06-24 07:33 - 2016-05-13 15:21 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-24 07:31 - 2020-10-16 13:45 - 000000000 ____D C:\Users\GERTY\AppData\Roaming\discord
2022-06-24 07:28 - 2022-02-08 11:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-24 07:27 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-24 07:27 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-24 07:27 - 2016-11-21 10:54 - 000000000 ___DC C:\Users\GERTY\AppData\LocalLow\Mozilla
2022-06-24 07:26 - 2020-06-25 13:47 - 000000000 ____D C:\ProgramData\Rosetta Stone
2022-06-24 07:20 - 2022-03-02 16:07 - 000000000 ____D C:\Users\GERTY\AppData\Roaming\DropboxElectron
2022-06-24 07:20 - 2022-01-04 10:03 - 000000000 ____D C:\Users\GERTY\AppData\Local\Dropbox
2022-06-24 07:20 - 2021-03-18 19:20 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{778C475F-F1FB-425D-9A2E-CDC0EBAC6A8C}
2022-06-24 07:19 - 2022-01-04 10:03 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-06-24 07:19 - 2017-05-02 15:24 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-24 07:19 - 2017-01-19 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-24 07:17 - 2021-12-21 16:49 - 000000000 ___RD C:\Users\GERTY\iCloudDrive
2022-06-24 07:17 - 2021-12-21 15:22 - 000000000 ___RD C:\Users\GERTY\iCloudPhotos
2022-06-24 07:17 - 2021-03-04 11:35 - 000000000 ____D C:\Users\GERTY\AppData\Local\Discord
2022-06-24 07:17 - 2016-05-13 15:02 - 000000000 ___RD C:\Users\GERTY\OneDrive
2022-06-23 12:15 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-23 10:36 - 2021-03-18 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-23 10:16 - 2018-02-23 20:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-22 14:46 - 2017-01-19 17:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-20 11:37 - 2016-05-13 15:06 - 000000000 ___DC C:\Users\GERTY\AppData\Local\CrashDumps
2022-06-19 07:34 - 2021-10-12 18:17 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-19 07:34 - 2021-10-12 18:17 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-19 07:34 - 2019-12-04 20:14 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-19 07:34 - 2019-12-04 20:14 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-06-19 07:34 - 2019-12-04 20:14 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-19 07:34 - 2016-10-17 18:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-19 07:31 - 2021-10-14 13:36 - 000000000 ____D C:\Users\GERTY\AppData\Roaming\Proton Technologies AG
2022-06-19 07:31 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-19 07:31 - 2017-12-07 13:20 - 000000000 ___DC C:\Users\GERTY\AppData\Local\Packages
2022-06-19 07:31 - 2017-05-18 21:38 - 000000000 ____D C:\ProgramData\McAfee
2022-06-17 15:23 - 2016-03-03 12:51 - 000000000 ____D C:\Program Files\Microsoft Office
2022-06-17 15:20 - 2020-06-16 12:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-17 15:20 - 2020-06-16 12:22 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-16 15:05 - 2021-03-18 19:18 - 001454788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-16 15:05 - 2021-03-18 14:11 - 000487952 _____ C:\WINDOWS\system32\perfh011.dat
2022-06-16 15:05 - 2021-03-18 14:11 - 000133178 _____ C:\WINDOWS\system32\perfc011.dat
2022-06-16 15:01 - 2021-03-18 19:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-16 15:01 - 2021-03-18 19:11 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-16 15:01 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-16 09:38 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-06-16 09:37 - 2021-03-18 19:11 - 000541552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-16 09:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-16 08:20 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-16 08:18 - 2021-03-18 19:12 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 08:10 - 2016-05-14 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 08:07 - 2020-10-07 13:15 - 000000000 ____D C:\Program Files\dotnet
2022-06-16 08:07 - 2016-05-14 14:30 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 08:07 - 2016-03-03 12:49 - 000000000 ____D C:\ProgramData\Package Cache
2022-06-16 08:05 - 2021-04-27 18:03 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71c66220d4fc2
2022-06-16 08:05 - 2021-03-18 19:20 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-14 08:28 - 2017-03-22 13:22 - 000000000 ___RD C:\Program Files (x86)\Skype
2022-06-14 08:28 - 2016-05-13 15:15 - 000000000 ____D C:\ProgramData\Skype
2022-06-13 16:54 - 2021-12-11 09:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1050297925-20334412-4027152003-1003
2022-06-13 16:54 - 2021-03-18 19:20 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1050297925-20334412-4027152003-1003
2022-06-13 16:54 - 2021-03-18 14:35 - 000002379 ____C C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-13 13:50 - 2018-06-15 17:29 - 000000000 ___DC C:\Users\GERTY\AppData\Local\D3DSCache
2022-06-12 14:08 - 2016-05-13 15:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-12 10:29 - 2021-09-10 12:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-12 10:29 - 2016-05-13 15:13 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-07 10:16 - 2018-07-10 11:35 - 000000000 ____D C:\ProgramData\Packages
2022-05-25 16:19 - 2021-03-18 14:35 - 000000000 ____D C:\Users\GERTY
2022-05-25 08:24 - 2022-05-24 12:14 - 000000000 ___RD C:\Users\GERTY\OneDrive\Documents\Scanned Documents

==================== Files in the root of some directories ========

2022-06-18 17:07 - 2022-06-18 17:07 - 000000000 _____ () C:\ProgramData\R3X8UXYKO0WH0IB1E3EE.exe
2018-08-13 20:26 - 2019-04-14 18:36 - 000000191 _____ () C:\Program Files (x86)\Please READ.txt
2021-02-23 12:33 - 2021-02-23 12:33 - 000007605 _____ () C:\Users\GERTY\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2022 01
Ran by GERTY (24-06-2022 07:35:18)
Running from C:\Users\GERTY\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2021-03-19 02:20:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1050297925-20334412-4027152003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1050297925-20334412-4027152003-503 - Limited - Disabled)
GERTY (S-1-5-21-1050297925-20334412-4027152003-1003 - Administrator - Enabled) => C:\Users\GERTY
Guest (S-1-5-21-1050297925-20334412-4027152003-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1050297925-20334412-4027152003-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-1033-0000-0000-000000000001}) (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (HKLM-x32\...\{8EDBA74D-0686-4C99-BFDD-F894678E5B39}) (Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Help Center 1.0 (HKLM-x32\...\{E9787678-1033-0000-8E67-000000000001}) (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos 1.0 (HKLM-x32\...\{786C5747-1033-0000-B58E-000000000001}) (Version: 001.000.000 - Adobe Systems) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.6 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.43.4 - Bethesda Softworks)
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version:  - Blizzard Entertainment)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CM Storm Mizar Gaming Mouse (HKLM-x32\...\{9E070A33-9857-4A95-9F10-0C5EA92D6D9F}_is1) (Version: 1.0.8 - Cooler Master)
Corsair Utility Engine (HKLM-x32\...\{BB25387A-061E-42E9-AB2F-64073B3E3180}) (Version: 2.24.50 - Corsair)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Discord) (Version: 0.0.309 - Discord Inc.)
Documentation Manager (HKLM\...\{D1259A1F-3E93-452F-8F61-9F63F41C91D8}) (Version: 22.130.0.5 - Intel Corporation) Hidden
Drawpile 2.1.17 (HKLM\...\{DC47B534-E365-4054-85F0-2E7C6CCB76CC}_is1) (Version: 2.1.17 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 151.4.4304 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Elite Gamer 5.3.6 (HKLM-x32\...\{548D713D-EA8D-4117-A74A-93E9592C1480}_is1) (Version: 5.3.6.0 - Cox Communications)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 76 (HKLM-x32\...\Fallout 76) (Version:  - Bethesda Softworks)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.53 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version:  - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
iCloud Outlook (HKLM\...\{F054257C-600A-4918-B730-F6829E491781}) (Version: 13.0.0.201 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{19B7322D-268B-4D88-AA3E-938F36F9DCE9}) (Version: 22.3.20.6 - Intel) Hidden
Intel® Chipset Device Software (HKLM\...\{C965318A-AA36-4F94-9ED5-AE5391F452B2}) (Version: 10.1.2.9 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5fa248d9-79b2-48fb-9add-72660adaed4e}) (Version: 10.1.2.9 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{60DC6F22-D268-44F0-8720-200033508384}) (Version: 11.0.0.1158 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{DF17C0DB-76D8-4A45-B26E-674F8455B803}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Network Connections 20.2.3001.0 (HKLM\...\{638A518B-0D2E-4143-ACF8-F3D83D822E85}) (Version: 20.2.3001.0 - Intel) Hidden
Intel® Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{9503AD68-6198-4081-9F57-1F346D7B58D4}) (Version: 14.8.16.1063 - Intel Corporation) Hidden
Intel® SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000130-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.130.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0f33739d-b6ed-44b0-9a0d-6b87544be7c0}) (Version: 22.3.20.6 - Intel)
Intel® Software Installer (HKLM-x32\...\{85cb0eee-e264-4335-ac48-f589f2d69657}) (Version: 22.130.0.5 - Intel Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft .NET Core Host - 3.1.26 (x64) (HKLM\...\{8CD96F46-64AC-41C6-89B7-550211EF09BC}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.26 (x64) (HKLM\...\{719B5BF9-FD92-4C36-A33E-E4F4C7171979}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.26 (x64) (HKLM\...\{DCDE73DC-A733-4712-8A04-4343372D21E8}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 102.0.1245.44 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\OneDriveSetup.exe) (Version: 22.111.0522.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.26 (x64) (HKLM\...\{22CD266C-7B5C-4399-8020-8F6CB12AAB9D}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.26 (x64) (HKLM-x32\...\{24e939f4-9eb3-4ccf-9175-d491a44a9d78}) (Version: 3.1.26.31323 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 101.0.1 (x64 en-US)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 101.0.1.8194 - Mozilla)
MSVCRT Redists (HKLM\...\{52116C70-79F9-11E6-9541-BB95F5A309BD}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NETGEAR A7000 Genie (HKLM-x32\...\{E34F424D-99BB-4176-8BCB-F0A749D744B4}) (Version: 1.0.0.15 - NETGEAR) Hidden
NETGEAR A7000 Genie (HKLM-x32\...\InstallShield_{E34F424D-99BB-4176-8BCB-F0A749D744B4}) (Version: 1.0.0.15 - NETGEAR)
Neverwinter Nights Diamond Edition (HKLM-x32\...\1207658890_is1) (Version: 2.1.0.21 - GOG.com)
Neverwinter Nights Diamond Edition (HKLM-x32\...\GOGPACKNWNDIAMOND_is1) (Version: 2.0.0.15 - GOG.com)
NJStar Japanese WP6 (HKLM-x32\...\NJStar Japanese WP6) (Version: 6.20 - NJStar Software Corp.)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0018 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.57.785 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.2 - Rockstar Games)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
TP-Link Archer T2U Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.0.0 - TP-Link)
Twitch (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Twitch Studio (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.00 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.1 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
ZeroTier One (HKLM-x32\...\{80CEE5C9-4DF0-43F5-B232-484D6455978E}) (Version: 1.4.6 - ZeroTier, Inc.) Hidden
ZeroTier One (HKLM-x32\...\ZeroTier One 1.4.6) (Version: 1.4.6 - ZeroTier, Inc.)
ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) Hidden
Zoom (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\ZoomUMX) (Version: 5.9.6 (3799) - Zoom Video Communications, Inc.)

Packages:
=========
Any DVD -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.2.6.0_x64__y5c4dfz5b21fm [2021-11-29] (Any DVD &amp; Office App)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-15] (Autodesk Inc.)
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2022-02-03] (Duolingo Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-29] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa [2021-12-21] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-07] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-18] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-01-02] (Adobe Systems Incorporated)
Ring - Always Home -> C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm [2021-10-08] (Ring.com)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.111.459.2_x64__8wekyb3d8bbwe [2022-06-24] (ms-resource:PublisherDisplayName)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-10] (Twitter Inc.)
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{30282DFC-EFD6-4D64-9A72-6C7E79B92FB5} -> [iCloud Drive] => C:\Users\GERTY\iCloudDrive [2021-12-21 16:49]
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{D53F2B23-E37B-460D-82C7-5CDAA0A3BD66} -> [iCloud Photos] => C:\Users\GERTY\iCloudPhotos\Photos [2021-12-21 16:49]
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\GERTY\Dropbox [2022-01-04 10:07]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-10-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-10-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-10-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-10-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2021-03-11 18:54 - 2020-10-25 03:07 - 000961536 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Elite Gamer\CefSharp.BrowserSubprocess.Core.dll
2021-03-11 18:54 - 2020-10-25 03:07 - 001441792 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Elite Gamer\CefSharp.Core.dll
2018-03-27 19:42 - 2018-03-27 19:42 - 000151040 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-10-02 08:54 - 2017-10-02 08:54 - 000013312 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-10-02 08:54 - 2017-10-02 08:54 - 001950720 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
2018-03-27 19:11 - 2018-03-27 19:11 - 000044544 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2018-03-27 19:18 - 2018-03-27 19:18 - 000197120 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2018-03-27 19:11 - 2018-03-27 19:11 - 000097280 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2021-03-11 18:55 - 2020-10-23 21:14 - 112890368 _____ () [File not signed] C:\Program Files (x86)\Elite Gamer\libcef.dll
2021-03-11 18:55 - 2020-10-23 19:41 - 000317440 _____ () [File not signed] C:\Program Files (x86)\Elite Gamer\libegl.dll
2021-03-11 18:55 - 2020-10-23 19:41 - 006949888 _____ () [File not signed] C:\Program Files (x86)\Elite Gamer\libglesv2.dll
2022-05-02 08:22 - 2022-05-02 08:22 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2014-04-17 09:54 - 2014-04-17 09:54 - 000126976 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A7000\EnumDevLib.dll
2018-08-28 18:28 - 2022-03-03 19:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-08-28 18:28 - 2021-11-17 04:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-08-28 18:28 - 2021-11-17 04:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000540160 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\bctoolbox.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 003492352 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\bellesip.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000231936 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\belr.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000074240 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\bzrtp.dll
2019-12-07 02:53 - 2019-12-07 02:53 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\e_sqlite3.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 001842688 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\linphone.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000729088 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\mediastreamer.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000129536 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\ortp.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000133632 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\speex.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000102912 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\speexdsp.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000625152 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\sqlite3.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000068608 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\srtp2.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000861184 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\xml2.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 000077312 _____ () [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\zlib.dll
2021-10-08 13:35 - 2021-10-08 13:35 - 025764864 _____ (Bot Home Automation, Inc) [File not signed] C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm\Ring.dll
2017-08-07 17:35 - 2010-09-09 14:36 - 000319488 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2017-02-10 13:40 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-02-13 20:01 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMXLMAL.DLL
2020-04-09 17:39 - 2020-04-09 17:39 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-09 17:39 - 2020-04-09 17:39 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-05-05 17:44 - 2022-05-05 17:44 - 001582592 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2022-05-05 17:44 - 2022-05-05 17:44 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2017-02-11 17:28 - 2015-09-28 11:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2021-03-11 18:54 - 2020-10-23 19:40 - 000824320 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Elite Gamer\chrome_elf.dll
2018-08-28 18:28 - 2022-03-03 19:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2014-04-17 09:54 - 2014-04-17 09:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR\A7000\LIBEAY32.dll
2017-10-02 09:06 - 2017-10-02 09:06 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qgif.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qicns.dll
2017-10-02 09:05 - 2017-10-02 09:05 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qico.dll
2017-10-02 09:06 - 2017-10-02 09:06 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qjpeg.dll
2017-10-02 11:11 - 2017-10-02 11:11 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qsvg.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qtga.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000271872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qtiff.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qwbmp.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000401408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qwebp.dll
2017-10-02 09:07 - 2017-10-02 09:07 - 001094656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\platforms\qwindows.dll
2018-03-27 19:42 - 2018-03-27 19:42 - 004770816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Core.dll
2017-10-02 08:59 - 2017-10-02 08:59 - 004963840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Gui.dll
2017-10-02 12:14 - 2017-10-02 12:14 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Multimedia.dll
2017-10-02 08:59 - 2017-10-02 08:59 - 000952832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Network.dll
2017-10-02 11:28 - 2017-10-02 11:28 - 002629632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Qml.dll
2017-10-02 11:33 - 2017-10-02 11:33 - 002846720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Quick.dll
2017-10-02 11:11 - 2017-10-02 11:11 - 000265728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Svg.dll
2017-10-02 09:04 - 2017-10-02 09:04 - 004456448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Widgets.dll
2017-10-02 12:38 - 2017-10-02 12:38 - 000234496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5WinExtras.dll
2017-10-02 08:55 - 2017-10-02 08:55 - 000150528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Xml.dll
2017-10-02 12:12 - 2017-10-02 12:12 - 000041472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2017-10-02 12:12 - 2017-10-02 12:12 - 000015872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2017-10-02 11:36 - 2017-10-02 11:36 - 000015872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick.2\qtquick2plugin.dll
2017-10-02 12:34 - 2017-10-02 12:34 - 000257536 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-10-02 11:37 - 2017-10-02 11:37 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-10-02 11:37 - 2017-10-02 11:37 - 000015872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick\Window.2\windowplugin.dll
2014-04-17 09:54 - 2014-04-17 09:54 - 000143360 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\NETGEAR\A7000\IpLib.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\Users\GERTY\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5632]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 00:24 - 2022-06-16 15:01 - 000003384 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

2021-10-22 14:06 - 2022-04-27 12:30 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1050297925-20334412-4027152003-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "GogGalaxy"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A9B503D4-7538-4650-BCC2-765E32679DD8}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{CB8DB01F-9EC9-400E-968D-7C923062C997}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{0EC04212-358F-4C8A-8BFB-73B29EF1998F}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [TCP Query User{AB2F2343-CF3E-47BD-B331-E37591469E06}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [UDP Query User{87BB3D65-5672-41AD-8C1A-A38A861CD00C}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{CDAE0B56-0E7E-4C5E-B5C0-C8BF7A3C5B86}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{A9EF383D-170E-498C-AB51-25144C1BD38F}] => (Allow) any => No File
FirewallRules: [{DF0197D0-77D3-44AF-9728-DC5123F86BE0}] => (Allow) any => No File
FirewallRules: [{BC487E40-AC15-4EA1-969D-D13EFC902593}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [UDP Query User{DC5F0DA4-6BA5-4BE8-912B-DBC80338CFD3}C:\program files\drawpile\drawpile.exe] => (Allow) C:\program files\drawpile\drawpile.exe () [File not signed]
FirewallRules: [TCP Query User{01B98EDE-E678-4D18-B9C4-A73DFFDF7CCE}C:\program files\drawpile\drawpile.exe] => (Allow) C:\program files\drawpile\drawpile.exe () [File not signed]
FirewallRules: [{EA06B3EE-206B-414C-AD5D-5A9DBA4C8C5A}] => (Allow) E:\Steam Games\steamapps\common\Our Life Beginnings And Always\OurLife.exe () [File not signed]
FirewallRules: [{9CED3F84-CBB5-4D68-87E6-EC5E0C7EA104}] => (Allow) E:\Steam Games\steamapps\common\Our Life Beginnings And Always\OurLife.exe () [File not signed]
FirewallRules: [UDP Query User{6C608232-17CC-432C-9EC8-1056DE8EB710}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{709D3CA6-FF8C-4396-B45D-57FDDE559ADE}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{FFC8653F-8A60-4B7C-AC52-BC0744EC7765}C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe (Twitch Interactive, Inc. -> )
FirewallRules: [TCP Query User{302D36C5-F795-43E4-A0A8-FBD93FE2F4F7}C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe (Twitch Interactive, Inc. -> )
FirewallRules: [{CD4F97C1-C990-4021-AF68-5AD1BF38C3BA}] => (Allow) E:\Steam Games\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{25585AC5-C60E-4BF4-97D2-6BC2EAF6620E}] => (Allow) E:\Steam Games\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6D405D97-7691-4FCE-AA2B-85C4896E5A17}] => (Allow) E:\Steam Games\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{DD728E4F-054D-4FC8-84DB-896F3D10EDFB}] => (Allow) E:\Steam Games\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{3DC3F819-C6D6-4634-9680-04D693695E53}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9C5676CA-9C96-4FE6-974B-E839012EA4C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{70C91BF1-D9F3-416C-AA2F-0840DA1D64A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{85C13FB4-5210-4B5D-92AC-DF9BCC9EE5F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E04897E8-AE83-41D8-AC45-59B07F216BF6}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3MP.exe () [File not signed]
FirewallRules: [{30DD9A03-BAB9-4A92-B008-60D72F33C0F4}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3MP.exe () [File not signed]
FirewallRules: [{619CA6F0-B2AD-4DB1-BE6A-2BFB9120B17D}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{B0D6E657-7D83-48A7-8A05-6BA3FC8FA07B}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [UDP Query User{CCFAA39A-648B-4B8D-A5EE-701131093D5F}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{10E70563-06FC-44EC-A7B9-FF91CD05A523}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{D92596CF-44BA-4DB4-B8E6-622034A295EE}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{34398E84-F034-475E-8203-B7820C8EA2DF}] => (Allow) LPort=9993
FirewallRules: [{70CE0CB9-A03B-4208-982B-C5B260D496E4}] => (Allow) LPort=9993
FirewallRules: [{46F207C4-BC5F-48F9-A319-5420FB4DA158}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{D5BA39EF-E6BC-444E-91A8-406DF3DF0AA8}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{F64EEA6C-05F0-45C7-921E-9F3553592EBA}] => (Allow) E:\Steam Games\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [File not signed]
FirewallRules: [{09F1EA84-D914-47EF-84DD-FD186BD116AC}] => (Allow) E:\Steam Games\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [File not signed]
FirewallRules: [UDP Query User{45765127-BC93-496B-86F5-FA2505E282C2}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{562C2E7F-0E29-47B0-9375-45D97C4A44C9}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7CC0C86E-003F-49C4-9B48-1296C7FD9FB2}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [TCP Query User{00C2B617-9E11-493B-AF50-87DDAF72C7A1}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [UDP Query User{BF25D04B-3C68-4A9B-9968-17AE1535ABB8}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{AFFB4DF3-0C7D-418D-A66E-EFDCD99C6C9A}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C5EE8CD6-ADBA-434E-998D-2E8148018748}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{D0614AAB-ED60-4969-8DE9-5AE2B683681A}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{3DB847DF-6A33-4930-AF1D-BAD1ED596C5C}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{CD3D541D-CBBE-4591-B825-E4F9E12BB4C9}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{4DE8E973-DA2E-4F98-B320-CE83FEFD0158}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{0431C31E-319F-4FC7-8458-2B5B4536C49A}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FD26703F-2C9D-42AA-BD31-8C6D5B08D98D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{CC5830BE-7D33-44A5-B3F6-F7075B940940}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{8D6EF81F-2808-4260-97F2-93E4A6248758}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FA82C2E6-C48D-4370-B4BF-767B6CF5CD54}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F8565B69-7979-457B-A325-E026D57A24BE}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{C0DAE235-4624-4AD2-ACC8-8766EDD7E2C6}] => (Allow) LPort=53
FirewallRules: [{A65C35E5-8223-4384-9977-03140C806616}] => (Allow) LPort=1542
FirewallRules: [{D76A4A15-9384-4BFD-A91D-F43A5403FB9A}] => (Allow) LPort=1542
FirewallRules: [{A99C2346-D66D-417E-8A20-FE7997A361EC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{DD4DFBC9-B891-4A21-9E3B-3ED9E3BF367F}] => (Allow) LPort=53
FirewallRules: [{4795DAE0-1C7E-4C4A-BD16-8475BBC5D204}] => (Allow) LPort=53
FirewallRules: [UDP Query User{FD9A5B44-8656-4EE8-8078-7DB9D1DE934C}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe => No File
FirewallRules: [TCP Query User{5E2DD937-3EEB-4394-9EDC-76A73E40BC9F}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe => No File
FirewallRules: [{3CDA542A-9E6A-4EA9-9432-D7325EF2F11E}] => (Allow) E:\Ghost Recon Breakpoint\Epic Games\BreakpointDemo\GRB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{11C9AAE7-22E2-481A-9A0C-3C4BC702E77E}] => (Allow) E:\Ghost Recon Breakpoint\Epic Games\BreakpointDemo\GRB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{1367E74A-A420-46F9-AFC1-CBBC44E3CFBE}] => (Allow) C:\Users\GERTY\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7D33F73-0E10-41DD-89FE-29E12F73F757}] => (Allow) C:\Users\GERTY\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{31456AE8-48AB-456F-9BBB-686DB6878F39}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{AF50636A-121D-4D52-84DA-0EA87C237629}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{1810BCFF-DA29-41F7-AF91-93B655C714BD}E:\overwatch\overwatch test\_ptr_\overwatch.exe] => (Allow) E:\overwatch\overwatch test\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{8121CE03-D4AE-4B28-A8F4-E5107E46140B}E:\overwatch\overwatch test\_ptr_\overwatch.exe] => (Allow) E:\overwatch\overwatch test\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{33E26C7C-1AF8-4668-99FC-4FB0B75D170F}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{87745352-45D5-45A9-8E80-51FC6360F735}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{22BFA261-A11B-4F35-8F5A-7E124E39DD2E}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{46BFBA74-C0E1-4F1E-B1DF-08D740379035}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{96143B86-B94D-48B2-9D70-83CF42BC2DB2}] => (Allow) E:\Steam Games\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
FirewallRules: [{7C587257-D034-4204-9806-13F8631DC8EB}] => (Allow) E:\Steam Games\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
FirewallRules: [{D9007579-FB3C-4C19-A7DA-CDB2A2EDE2C0}] => (Allow) E:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{338100E5-C1D1-48A2-AEBE-67D86F4306B6}] => (Allow) E:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{20C6E52F-D026-4C23-B100-B2A927F60653}E:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) E:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{CB6B5500-36E3-4BBE-BD81-80C3E86B0849}E:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) E:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{006EDB72-4643-4D3B-BE51-F20E9E992224}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3DF99DB6-016E-49F2-94C9-3B6481821B67}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{791AFFED-CD23-431B-8687-0BA50E186CCE}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{D61A5871-7DFB-4EB4-80A1-3AFB2C7C5300}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4330C004-6AB7-408A-9F32-8A135D1EA0BE}E:\fallout76.exe] => (Allow) E:\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{0B13AE7A-09CA-408C-B8FB-1914272262B4}E:\fallout76.exe] => (Allow) E:\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{78769D88-600D-4673-B31E-577038C4272C}E:\fallout 76\fallout76.exe] => (Allow) E:\fallout 76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{BC89A233-9424-4360-8A38-B47029B52182}E:\fallout 76\fallout76.exe] => (Allow) E:\fallout 76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{673D3F3F-CC58-4ADC-89B7-618871FEAA33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7DFFDD0-DA99-47F7-AFBF-CE40616CE33B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{2DCF31CA-E675-4B4F-8BBA-B8A11AFAEE62}E:\overwatch\call of duty black ops 4\blackops4.exe] => (Allow) E:\overwatch\call of duty black ops 4\blackops4.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [TCP Query User{80F544F5-50E1-4F78-BB94-96F0C015CF5F}E:\overwatch\call of duty black ops 4\blackops4.exe] => (Allow) E:\overwatch\call of duty black ops 4\blackops4.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{1E662723-C01D-4461-895B-170886C9520A}E:\steam games\steam cmd\steamcmd.exe] => (Allow) E:\steam games\steam cmd\steamcmd.exe => No File
FirewallRules: [TCP Query User{6CD252C5-DC8B-4DB6-A8E6-8EE30103773D}E:\steam games\steam cmd\steamcmd.exe] => (Allow) E:\steam games\steam cmd\steamcmd.exe => No File
FirewallRules: [{B9F4BF9E-33B6-4A22-AA26-46CAB7B42759}] => (Allow) E:\Steam Games\steamapps\common\Life is Feudal Your Own Dedicated Server\ddctd_cm_yo_server.exe (Bitbox Ltd.) [File not signed]
FirewallRules: [{17480B78-0502-4F29-A1AC-86820DE728BF}] => (Allow) E:\Steam Games\steamapps\common\Life is Feudal Your Own Dedicated Server\ddctd_cm_yo_server.exe (Bitbox Ltd.) [File not signed]
FirewallRules: [UDP Query User{A052084F-EB4F-435A-892F-ACAC0CEE3944}E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe => No File
FirewallRules: [TCP Query User{460159AD-16CB-44FC-AF90-BD19E6BBDCF9}E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe => No File
FirewallRules: [{E8659CAC-17DD-4219-8E52-BE29A2498E27}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{14825586-4E25-4A6D-9DE5-CA563F22520A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{88A3AE44-AC63-4EBD-B12A-C241CFB8CB34}] => (Allow) E:\Steam Games\steamapps\common\Monster Prom\MonsterProm.exe () [File not signed]
FirewallRules: [{C56CBAD6-C5B0-49F0-B854-CC75DB1C37EA}] => (Allow) E:\Steam Games\steamapps\common\Monster Prom\MonsterProm.exe () [File not signed]
FirewallRules: [UDP Query User{122F5D86-76E1-415C-8026-8604F16C4B96}E:\overwatch\overwatch test\overwatch.exe] => (Allow) E:\overwatch\overwatch test\overwatch.exe => No File
FirewallRules: [TCP Query User{6B9B9BA2-5EF8-4E18-B11F-68592B23C657}E:\overwatch\overwatch test\overwatch.exe] => (Allow) E:\overwatch\overwatch test\overwatch.exe => No File
FirewallRules: [UDP Query User{B841B5D7-BEAD-4040-A7C9-11547FA09C9D}E:\overwatch\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{BCD049EC-92A7-4CF2-9AE2-C017325CD551}E:\overwatch\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch\overwatch.exe => No File
FirewallRules: [{014CB464-5EB1-4737-B6BB-4F4D9C42FCA1}] => (Allow) E:\Steam Games\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{7CD9F055-514D-45AB-A457-52BC1D434109}] => (Allow) E:\Steam Games\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [UDP Query User{77715599-4F1C-4044-A9DF-4A708F902F45}C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{459C16E4-14A2-4C1C-A660-04D4E23D18ED}C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{B39B154C-FC97-435F-821A-A37780A72BCF}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{FA76D0CF-075A-4363-9514-F963CC95BFA2}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{18EB99B6-5F2A-463F-8E67-3CC45BB23357}] => (Allow) E:\Steam Games\steamapps\common\Arcanum\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{8E8368D8-D6DE-4573-9B09-48C27E5340B4}] => (Allow) E:\Steam Games\steamapps\common\Arcanum\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [UDP Query User{B4DEFC11-07FF-4286-BBBC-6DF3B51453D0}C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{550D2328-1087-4E3C-8ADF-3353BDA95A85}C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{3054267E-1868-4A8E-AFFA-CCF59B3AA887}E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe => No File
FirewallRules: [TCP Query User{E4138FCC-D26F-419F-805C-F95FDF44D4D3}E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe => No File
FirewallRules: [UDP Query User{FD575C1E-A517-497C-B1C5-C44093DB2D0D}E:\steam games\gta5.exe] => (Allow) E:\steam games\gta5.exe => No File
FirewallRules: [TCP Query User{E2CAF1C6-E563-4CA4-9FDF-57405C63A274}E:\steam games\gta5.exe] => (Allow) E:\steam games\gta5.exe => No File
FirewallRules: [UDP Query User{AD5C3D7B-4399-4BE4-9B00-BB52EC420DA2}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe => No File
FirewallRules: [TCP Query User{3BF0FC19-DA0A-422A-ABFA-DB544511BA85}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe => No File
FirewallRules: [UDP Query User{FF972BC0-481B-482C-B1CB-50DE1FDE35B4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6640E70A-CC8D-41A8-847D-DA2A75047227}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{60505648-B81D-405B-9E47-7E6BC6300075}C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DE994DA7-B12D-476A-BEB8-316A639DA32D}C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe => No File
FirewallRules: [{334E2213-3979-41BE-90E6-8CB75DE19761}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F78EA14F-D057-4384-8558-9F3CA4864AD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AB206EE5-8119-4FF9-AF2A-01F4EA6B100A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{ECBF4CA8-C696-4E90-8377-CEC2FB6058AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{7255ACEF-C51F-4586-85A0-66D036251B33}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{982DB5B5-FD21-47D9-A725-4C5CAA062637}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe => No File
FirewallRules: [{315938F6-3811-4AB2-9DA6-15B9B9785D33}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{445FA8A9-914B-4311-AFDB-6B76D1770019}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{5EDEE191-FA0F-43F9-B621-887D925B847F}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{915700E6-1931-4A0F-84B3-C08D86C83746}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [UDP Query User{2578CF56-C835-421A-880B-EB5F3C1168B3}C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{86F5727C-AD3D-4A85-87EB-D38462137689}C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe => No File
FirewallRules: [{12ACC185-64A2-4EE4-A14D-72EC713F42AF}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [{277D23B9-C3FA-4CF8-8CB1-690F3F665DA6}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [{37963AA7-D45E-4B6F-A098-9C0EAFACC6E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [{FCB05930-01A7-4EF2-AE30-BBDD9068B53A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [UDP Query User{327E06AB-31F0-4CB2-95B9-BE38E414CEFD}C:\program files (x86)\drawpile\drawpile.exe] => (Allow) C:\program files (x86)\drawpile\drawpile.exe => No File
FirewallRules: [TCP Query User{957AC16B-FD18-454D-9D1B-CEA463C0C964}C:\program files (x86)\drawpile\drawpile.exe] => (Allow) C:\program files (x86)\drawpile\drawpile.exe => No File
FirewallRules: [{A4B731D6-388C-4C5F-8E9A-1208ED77010B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{6598CC64-256B-4FD0-9F78-AD8BEBEE115A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{82E42F33-01C6-4099-952B-2E8C6629CD5C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{7AB98F54-E5B9-4EB2-999F-705C8C8BE053}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{B040755A-3A9C-400B-A204-EBBFCFF1E8AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0F649131-63CC-407E-B86D-E3C04EDCA14E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4409DEC7-E938-473E-A0DE-1C0D1D880745}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File
FirewallRules: [{0AB91D02-E2BA-4E32-A524-AFB1FFBF197B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B7883E63-6731-4016-9154-241074DF0CF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0BA5B24-5D4E-4580-80C5-276E74CD29A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7EC202C2-63B5-4D6D-82BB-0572B1CD8E92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{58051E84-A0E4-4301-A073-D2E455CE18C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{FF603290-AC74-4CFA-B93F-C50F50A9BD40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{DFA28548-8687-4C51-B757-A407D4A20A59}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{161B836B-730F-44D1-8938-161EAF33437C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{AC7EC16F-A817-44EC-8250-FFA99564A74B}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [UDP Query User{93DC9C59-AF3D-440C-AB41-BFC45C0AF1EE}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [TCP Query User{01483AE3-21B7-432D-B3FA-44E1619CA6BE}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{13FD088B-436E-4F68-84A4-AB71CA72F90C}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [{7A934D11-4827-4ABF-8B58-077A414DD632}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{36AF852C-65C6-4A10-8CBE-8B8A50922448}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{22DA7D49-A1AD-48C4-98CB-56345CC51023}] => (Allow) E:\Steam Games\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe () [File not signed]
FirewallRules: [{84F29C88-8C3F-483D-814F-2F4685E0F813}] => (Allow) E:\Steam Games\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{1E8B3A34-2038-4734-AA19-99D258D7DD2D}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{888D4C07-7376-4173-8903-06FEFF6DCA93}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [{01619E90-5328-4F85-ACFA-1D451D43F5EF}] => (Allow) C:\Users\GERTY\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{00A96CAA-BA31-4FC3-B5B8-0782AF2B8454}] => (Allow) C:\Users\GERTY\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{C92F4746-0469-4C4B-B847-62C77A57A00B}] => (Allow) C:\Users\GERTY\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{FB415F8F-C06B-43DB-98E3-98FB76C04E03}] => (Allow) C:\Users\GERTY\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [{4B1E5A1F-7553-4BC1-B299-8B54BE97D5E7}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{E9DB65C9-70E6-4120-84AC-2BDFCB5418F3}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{F0BC452D-1525-4D45-A2EE-8408B5ABB6FA}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{1F07D3EF-E3F4-44EF-B068-76A2AC0CD836}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{A8E96C6C-AB6C-40BD-8437-343B84D73ACD}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{0D889D9A-959C-4EF3-A692-15132AD935FA}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{4D7C8B3E-41ED-4B88-A69C-444C50CFF4A6}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{52D763FF-633A-4550-A4FA-A1B7205155FF}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{B517C879-ED21-4AE9-A767-21C6F2D0DEF5}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{7DF99736-53E5-4495-B805-9D31A3E0B2C9}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{598A3709-CADE-4476-B178-8DC724FE71A5}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{6C0240C3-899B-45A2-8644-1983E6158ACB}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{2776A20C-35E5-44CD-A600-BCC4980926B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E8916EB5-D53C-4BA2-A84E-3380E095D3FA}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{9268A5BE-5B71-47E2-A2E2-9C1CAA0E5FFF}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{21089A85-483A-42AC-B42E-76B14E56A0FB}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{796838C5-6ED1-42FC-ADEA-3D4238F6D684}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{80E5D400-E556-43AA-A626-9E63744EB57A}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{FFA552A4-269D-477C-8F80-696DE6E2EF47}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DE668766-11AA-4A8A-8C37-09B56F380723}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{97AF1194-E1E9-44A1-AFD3-2CCA4CA539C1}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{A59DAA1A-CABE-48CF-A644-AA156E353D19}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{B275ED5F-1344-48FE-959A-51F3C375E8BA}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{1D1647D0-BB74-48AA-94E4-B481B43F0C08}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{C3FE855A-E167-463F-9509-AA935118A5C9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [{542FB86D-9F85-46A3-8D6F-0F76FF3FC225}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{C0716729-0B3F-42C0-998C-09E00EC57906}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{3AB0B598-1D27-4FBB-9639-3BE4B4998D8F}] => (Allow) E:\Steam Games\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{5E60BB65-26E0-4DE5-BF61-F4B15FDF61FA}] => (Allow) E:\Steam Games\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{6C8365D6-AA1D-4491-9697-A476DE781535}] => (Allow) E:\Steam Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CFEA03D2-8363-4761-B407-256688CD4987}] => (Allow) E:\Steam Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{724E222B-0C6F-4E68-83AC-31B3E2EDD0F9}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{43FCBC2E-5AE3-4760-9BA7-17A2C067B84F}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{18E64B47-FAD7-41C5-89CB-FD7A3997D1B2}] => (Allow) E:\Steam Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0C248347-6D07-4F55-853B-42F1A0965091}] => (Allow) E:\Steam Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{90FC8DA4-168C-4EB0-B98A-2995EAEB940E}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6DD34024-F22F-40D9-818F-FBE2E5E6D578}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F34AB431-8490-4EEA-BCF3-BF0F84E73542}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe => No File
FirewallRules: [{1FABDBFE-8F15-46D7-85EA-12B75A0F867E}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe => No File
FirewallRules: [{81749E8E-15FC-47FB-BB6D-1BF82535BBA8}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe => No File
FirewallRules: [{D87A5FFE-96F7-4B21-9C6F-76D7366C0194}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe => No File
FirewallRules: [{575D285E-9F6C-49BE-A3DE-4B00A40A5E39}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe => No File
FirewallRules: [{B9848DA7-5D87-4D12-892D-7D211CE5FB4C}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe => No File
FirewallRules: [TCP Query User{B1F84444-DE3B-4041-A7F0-CAE1D0CC3CEC}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Allow) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe => No File
FirewallRules: [UDP Query User{176C111B-2D9F-49F5-87FD-9D949A16478C}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Allow) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe => No File
FirewallRules: [{1A38D33B-4D48-410C-9235-A7760D1E8F9A}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [{CB488928-0186-4E63-9630-224B97D8F5CC}] => (Allow) any => No File
FirewallRules: [{2CA328CB-63C8-4659-97E5-EB3D6BC2CC0B}] => (Allow) any => No File
FirewallRules: [{578F5F65-F8E6-415B-B169-430BF5EDFECB}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{7DE8DDD9-3042-41F3-B066-AFBDECDE72EF}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{15FA4A31-5C54-4006-BD7F-E8A38A044FC7}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [{C7A01E2F-CA09-45F9-B128-6D1ECB29C15E}] => (Allow) any => No File
FirewallRules: [{95FBF99A-8CB9-4076-98BB-6AF1BD6BE981}] => (Allow) any => No File
FirewallRules: [{F1D3B6A2-D38D-4DCA-94B3-65DB24FD39BA}] => (Allow) E:\Steam Games\steamapps\common\Dread Hunger\DreadHunger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{DD9B0D95-4FB8-442A-83EC-AF106900B031}] => (Allow) E:\Steam Games\steamapps\common\Dread Hunger\DreadHunger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B3A1F8EC-6857-47C3-8965-EA04B2273AC8}E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{423A8134-0CB4-4BCB-8543-DC30AC7E7E48}E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F760AE82-6DFC-4CFA-969C-014E945885FB}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{4992FE45-C3C1-4026-AA5B-6DFAA25D7212}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E1F7FF75-5848-4078-8658-15870E2A1CEB}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [{DF84EA72-4987-4833-B9A3-1198D5A8E1F3}] => (Allow) any => No File
FirewallRules: [{3D36005E-007A-41D5-9F57-26182B630DAF}] => (Allow) any => No File
FirewallRules: [TCP Query User{A9BD9260-B401-4697-9188-B60274861F2B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{5892A19E-F038-4CDD-89F5-858289096129}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{8C48FC6A-5A7B-43EE-97EF-40F810BB900C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{5FFF1D67-4A3B-44D4-B9CC-1779B7785B9A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{EF07D4A0-D786-442B-9512-87FDF03716F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0DFB4079-CE15-4649-8BD0-9BA986C05BA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5FB98D2A-B1E4-470D-BD32-94E3899EB2E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{58AF0B54-5A2E-474D-847B-D1CA8692B42F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C059A945-0D28-4A29-BD2D-5A736E308DA5}] => (Allow) E:\Steam Games\steamapps\common\We Were Here\We Were Here.exe () [File not signed]
FirewallRules: [{07349C46-51BA-4EF0-BBD0-23E74B94C9C4}] => (Allow) E:\Steam Games\steamapps\common\We Were Here\We Were Here.exe () [File not signed]
FirewallRules: [{DB6E41D4-A92E-4BA2-8BC8-FB87A6D184F2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{908DBF6F-E660-48BE-A6AC-2DDD6C5B30B4}] => (Allow) E:\Steam Games\steamapps\common\We Were Here Too\We Were Here Too.exe () [File not signed]
FirewallRules: [{ECCDB083-0D81-4DCB-AA7C-91B7230C94DB}] => (Allow) E:\Steam Games\steamapps\common\We Were Here Too\We Were Here Too.exe () [File not signed]
FirewallRules: [TCP Query User{D0DAA01C-D783-476F-9D94-504A421B6C60}E:\steam games\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steam games\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [UDP Query User{A32B0271-310F-4587-95EB-6E0A90A040A9}E:\steam games\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steam games\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [{31CAE619-C16E-46B4-97F8-7116797A64B9}] => (Allow) E:\Steam Games\steamapps\common\Bloodhunt\Tiger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{26431DB3-C022-4A76-815F-CB189CFEEDF7}] => (Allow) E:\Steam Games\steamapps\common\Bloodhunt\Tiger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{4009A9A8-D579-4D29-B271-217A1A27B1D9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{935186F5-A780-4AE6-A8E1-9957A7CE6E71}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F619E9C5-F3DE-4A91-83C8-EE12BB5C6944}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C8506215-C06B-4D94-A6CE-0ACD26660AC0}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{33D05257-4093-45A0-ADC3-5BF4DD314544}] => (Allow) E:\Steam Games\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{0225413F-9C1B-4802-B0F8-D62EC176FD38}] => (Allow) E:\Steam Games\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{5BC39FD5-CAC9-4D46-B2ED-DB10386653C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE0E10DD-C92A-4D9D-A763-BDF933122694}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{483E2845-D326-4D6D-8E4B-1746778ED78D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00FA83FD-26F9-49CD-98CB-EC0D170D97CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FA66EF3C-3309-4AB5-8E4D-29F696A5AF29}E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{529A6750-5330-4432-83D2-0951854F7AE6}E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{02EA2BC3-6E2A-4355-A3E6-BE9AB052BCE6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{567DF426-0932-4BE0-B77D-756C7D64F7AB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59B739FD-EBAC-4B1E-B35C-87FB11D27D97}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{F0FB0894-64C1-48B6-B20A-0CAB1E3F7EE5}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{E81CC313-8413-4201-8FB9-3E271582C66D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\102.0.1245.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B551164-7133-4F6D-8982-24BDFBCD5AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0B6A4F19-2527-4146-A988-D4C48010F6E7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

07-06-2022 18:22:46 Scheduled Checkpoint
16-06-2022 08:10:23 Windows Modules Installer
23-06-2022 10:26:37 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Intel® Wireless Bluetooth®
Description: Intel® Wireless Bluetooth®
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (06/24/2022 07:27:31 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {00020400-0000-0000-C000-000000000046} requested by the client, with handler CLSID {00000000-0000-0000-0000-000000000000}. The error code was 0x80010114.

Error: (06/24/2022 07:27:31 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {00020400-0000-0000-C000-000000000046} requested by the client, with handler CLSID {00EB5084-0A00-7639-0000-000000000000}. The error code was 0x80010114.

Error: (06/24/2022 07:27:31 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {00020400-0000-0000-C000-000000000046} requested by the client, with handler CLSID {00EB5084-0A00-7639-0000-000000000000}. The error code was 0x80010114.

Error: (06/24/2022 07:19:49 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (06/24/2022 07:19:49 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (06/24/2022 07:18:47 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (06/24/2022 07:18:47 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (06/22/2022 12:25:42 PM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {00020400-0000-0000-C000-000000000046} requested by the client, with handler CLSID {00000000-0000-0000-0000-000000000000}. The error code was 0x800401fd.


System errors:
=============
Error: (06/23/2022 12:15:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/22/2022 03:29:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service queencreek service terminated unexpectedly.  It has done this 5 time(s).

Error: (06/22/2022 03:27:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/22/2022 03:27:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/21/2022 09:56:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (06/21/2022 09:56:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/20/2022 08:02:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/20/2022 06:30:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service queencreek service terminated unexpectedly.  It has done this 4 time(s).


Windows Defender:
================
Date: 2022-06-24 07:33:12
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\GERTY\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.369.180.0, AS: 1.369.180.0, NIS: 1.369.180.0
Engine Version: AM: 1.1.19300.2, NIS: 1.1.19300.2

Date: 2022-06-24 07:32:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\GERTY\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.369.180.0, AS: 1.369.180.0, NIS: 1.369.180.0
Engine Version: AM: 1.1.19300.2, NIS: 1.1.19300.2

Date: 2022-06-24 07:32:36
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\GERTY\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.369.180.0, AS: 1.369.180.0, NIS: 1.369.180.0
Engine Version: AM: 1.1.19300.2, NIS: 1.1.19300.2

Date: 2022-06-24 07:32:16
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\GERTY\Downloads\FRST(1).exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.369.180.0, AS: 1.369.180.0, NIS: 1.369.180.0
Engine Version: AM: 1.1.19300.2, NIS: 1.1.19300.2

Date: 2022-06-24 07:31:49
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\GERTY\Downloads\FRST(1).exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.369.180.0, AS: 1.369.180.0, NIS: 1.369.180.0
Engine Version: AM: 1.1.19300.2, NIS: 1.1.19300.2

CodeIntegrity:
===============
Date: 2022-06-23 10:28:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-17 15:29:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. ALASKA - 1072009 04/28/2016
Motherboard: Gigabyte Technology Co., Ltd. X99-SLI-CF
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 32093.97 MB
Available physical RAM: 21170.64 MB
Total Virtual: 36957.97 MB
Available Virtual: 23277.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.42 GB) (Free:117.85 GB) (Model: SanDisk SD8SBAT256G1122) NTFS
Drive e: (New Volume) (Fixed) (Total:1862.89 GB) (Free:311.32 GB) (Model: TOSHIBA DT01ACA200) NTFS

\\?\Volume{d94dcd1d-5f2a-43c4-a696-dab205e169f2}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{bcdb8272-b10f-4936-b778-5ddf3be95478}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{32b00b45-9836-4c18-b209-d77d3c916b40}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Let's run Rogue Killer
 
Click on Other Downloads
Click on Portable (64 bits) 
 
Download and Save.  (You may want to pause your Anti-Virus while downloading and Running)
 
(Show in Folder)
 
Right click on the downloaded file (RogueKiller_portable64.exe)  and Run As admin
 
Scan
Start (Under Full Scan)
 
Will take about 20 minutes to complete.
 
Open Report
Export TXT (save it to your desktop as rk) Save
 
Do not let Rogue Killer remove anything until you hear from me.  Leave Rogue Killer up (but minimized) so you won't have to rescan.
 
Open rk.txt and copy and paste it to your next Reply. 

  • 0

#3
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Thanks for your response. here is the rk.txt file!:

 

===================================

 

Program            : RogueKiller Anti-Malware
Version            : 15.5.3.0
x64                : Yes
Program Date       : Jun 13 2022
Location           : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/d...ad/roguekiller/
Operating System   : Windows 10 (10.0.19044) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : GERTY
User is Admin      : Yes
Date               : 2022/06/26 23:48:49
Type               : Scan
Aborted            : No
Scan Mode          : Standard
Duration           : 1020
Found items        : 6
Total scanned      : 194308
Signatures Version : 20220620_090830
Truesight Driver   : Yes
Updates Count      : 5
Arguments          : -minimize

************************* Warnings *************************

************************* Updates *************************
WinRAR 6.00 beta 1 (64-bit) (64-bit), version 6.00.1
  [+] Available Version        : 6.11
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\WinRAR\

LibreOffice 6.0.5.2 (64-bit), version 6.0.5.2
  [+] Available Version        : 7.3.4
  [+] Size                     : 583 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\LibreOffice\

Revo Uninstaller 2.1.1 (64-bit), version 2.1.1
  [+] Available Version        : 2.3.9
  [+] Size                     : 21.5 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\VS Revo Group\Revo Uninstaller\

TeamViewer 12 (32-bit), version 12.0.78313
  [+] Available Version        : 15.30.3
  [+] Size                     : 86.5 MB
  [+] Wow6432                  : Yes
  [+] Portable                 : No
  [+] update_location          : C:\Program Files (x86)\TeamViewer

Adobe Acrobat Reader DC (32-bit), version 22.001.20117
  [+] Available Version        : 22.001.20142
  [+] Size                     : 642 MB
  [+] Wow6432                  : Yes
  [+] Portable                 : No
  [+] update_location          : C:\Program Files (x86)\Adobe\Acrobat Reader DC\


************************* Processes *************************

************************* Modules *************************

************************* Services *************************
[Suspicious.Path (Potentially Malicious)] 0315601655649074mcinstcleanup (0) -- C:\ProgramData\McInstTemp0315601655649074\McInst.exe -cleanup -nolog -> Found

************************* Scheduled Tasks *************************

************************* Registry *************************
>>>>>> XX - Software
├── [PUP.WinZipDiskTools (Potentially Malicious)] (X64) HKEY_USERS\.DEFAULT\Software\Nico Mak Computing -- N/A -> Found
├── [PUP.WinZipDiskTools (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1050297925-20334412-4027152003-1003\Software\Nico Mak Computing -- N/A -> Found
└── [PUP.WinZipDiskTools (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-18\Software\Nico Mak Computing -- N/A -> Found
>>>>>> O23 - Services
└── [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0315601655649074mcinstcleanup --  (missing) -> Found

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************

************************* Web Browsers *************************
>>>>>> Firefox Addon
└── [PUP.Gen2 (Potentially Malicious)] Honey (C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\extensions\jid1-93CWPmRbVPjRQA@jetpack) -- jid1-93CWPmRbVPjRQA@jetpack -> Found

************************* Antirootkit *************************

 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I don't see anything that would steal passwords.

 

The Honey extension is questionable.  Some people claim its adware and others that's it's benign.

 

The free versions of Winzip and WinRar often come with adware.  I prefer the free 7-zip.

 

You can let Rogue Killer remove what it found or keep it.  

 

Let's see if there is a rootkit Roguekiller can't see,  

 

https://www.malwareb...com/antirootkit

 

Click on Download and Save the file then go to the download folder and right click on the file and Run As Administrator.  Follow the instructions.  


  • 0

#5
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

It says it's all clear. I'm starting to feel a bit safer. I did a manual clean up of one or two things before I posted. Maybe I got it. It's always nice having y'all take a look.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Let's check that your system files have not been tampered with.

Usually takes about 25 minutes:

 

 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   414bytes   120 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 

  • 0

#7
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hello again!

 

Here is the two txt. files you requested. Thanks  again.

 

=================================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2022 01
Ran by GERTY (administrator) on DESKTOP-33JOO9N (Gigabyte Technology Co., Ltd. Default string) (27-06-2022 11:35:50)
Running from C:\Users\GERTY\OneDrive\Desktop
Loaded Profiles: GERTY
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe ->) (NETGEAR TAIWAN CO., LTD -> NETGEAR) C:\Program Files (x86)\NETGEAR\A7000\A7000.EXE
(C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Users\GERTY\AppData\Local\Discord\app-1.0.9005\Discord.exe ->) (Discord Inc. -> Discord Inc.) C:\Users\GERTY\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(C:\Windows\runSW.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel® Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(services.exe ->) (NETGEAR -> Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(services.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Intel® Intel Network Drivers -> Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2010-09-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [21430992 2018-03-27] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186440 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2022-05-09] (Intel Corporation -> Intel)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [EADM] => E:\Origin\Origin.exe [3137816 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [EpicGamesLauncher] => E:\Ghost Recon Breakpoint\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32648144 2022-06-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Discord] => C:\Users\GERTY\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [GogGalaxy] => E:\GOG Galaxy\GalaxyClient.exe [13926752 2021-10-05] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Megatron] => C:\Program Files (x86)\Elite Gamer\Elite Gamer.exe [1428176 2021-08-24] (WTFast -> )
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [121608072 2022-06-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX410 series XPS: C:\Windows\system32\CNMXLMAL.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.53\Installer\chrmstp.exe [2022-06-22] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A7000 Genie.lnk [2019-05-03]
ShortcutTarget: NETGEAR A7000 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe (NETGEAR -> Realtek Semiconductor Corp.)
Startup: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-09-03]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-04]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-12-09]
ShortcutTarget: Twitch.lnk -> C:\Users\GERTY\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02EA87DB-AB26-4E99-B8CF-7572AA32265A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {123E7A0D-0C7B-426B-BFD1-2FE6488A02A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {250063C0-7A5F-40B9-8FD7-9183E2C7AEE6} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {3863F8D8-0909-4666-8FCA-ABEA619ED687} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {38D43559-1D2B-4570-853C-61895D80E151} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {3A9F3FAB-55DA-4C45-9B3D-F3AD847C4C04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CD6DACD-2D3B-4DBE-A91A-505CD3B4F908} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {445DA7CA-E069-47D4-9E5D-36520F2E66C6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {491B5635-7A77-42E3-BDF3-7E66D3FB78A4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CD02494-B4DD-4913-BEBB-28DA6198BA6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5DD528ED-4A61-4F55-8F45-268A82ECA4E0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5FFBCEA0-FDA7-401C-8B81-AFC589C0DEEB} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {77995065-714C-4E38-A878-E676AAD59DC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-19] (Google Inc -> Google Inc.)
Task: {79747058-377F-4DFF-95C4-B0E3C1FC3C4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8101E796-2AA7-4C53-900A-BC19AD6AC633} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {899DA326-1307-4F08-9B8B-575181DB4F96} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8DB97AA2-D0FC-4184-A500-BD7396D22F2E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {903651D4-D6F0-45C0-8F03-3CA5D878CB39} - System32\Tasks\{C9C2676D-349D-4FD5-87EE-E1F74959C239} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {914907A2-2F1B-4540-8A62-C276EF969953} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {99EFFE0E-252D-44AC-8135-F86506220840} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {A3E8DFD6-7A7A-43CA-87DA-A88123F597FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {A6E241A7-199C-4246-BEF3-90A46BD03B54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD451E11-32A2-4F75-A7CA-1030A9E5FB95} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD84D997-9098-4C4E-8F5E-D4350BE06795} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AE9D3A2B-58C7-4D1A-B961-0EEDA72C74E9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B1EB247A-832E-48DC-A8AA-57FC8A727BD8} - System32\Tasks\{831B2018-0F28-4055-982D-4F026E5C38FF} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {B2063C23-7176-4805-A334-B179FF74419E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF8772F8-642F-4C5C-9D12-61F104CF5530} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CE3FCD76-1E52-4C9F-B2BB-9A07CA2B6C17} - System32\Tasks\{217A3AE5-AF5C-41FD-8C3F-DBF7E16FDBC5} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002
Task: {DF15D288-973B-438C-927F-BE5B1002AF96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-19] (Google Inc -> Google Inc.)
Task: {E6920B5E-D23E-4107-85E9-7438DBB98DC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E7D5E6B7-2D89-4917-A642-AFB03D9A7715} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {EE6A2547-08E9-4B03-8E98-23252482D7EE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F48F0EB8-0966-4F09-B9C3-18D1ED07E0D9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{0ab1f5be-ef7a-44aa-a7c2-4b486ed98046}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{4e999797-9664-4c73-a597-a4d40ad98a93}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{55d1c91e-8a6c-4169-94e5-6b23f5c4ae58}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{72f42264-1a93-420f-931c-dbbeaaac671b}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{b10c1023-c31c-4566-9ee5-24cda4bfadf1}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\GERTY\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-24]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\GERTY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-12]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: spvnkvcx.default-1528494074254
FF ProfilePath: C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254 [2022-06-27]
FF Notifications: Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254 -> hxxps://www.rabb.it; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.pcgamer.com; hxxps://www.gamesradar.com; hxxps://www.fashionnova.com
FF Extension: (Honey) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\[email protected] [2021-06-23]
FF Extension: (To Google Translate) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\[email protected] [2022-03-01]
FF Extension: (RetailMeNot Deal Finder™️) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\[email protected] [2022-06-17]
FF Extension: (FxIF) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{6e0746af-fa34-4e33-a478-0a0a8785b8a1}.xpi [2021-01-22]
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-05-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-06-07]
FF Extension: (Safe Search powered by Yahoo) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{fd299ce1-1602-4490-b659-f45504f9324c}.xpi [2021-08-06] [UpdateUrl:hxxps://addons.safetybrowsing.com/gyff/updates.json]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default [2022-06-21]
CHR Notifications: Default -> hxxps://ww5.0123movie.net; hxxps://www.reddit.com
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-06-07]
CHR Extension: (Google Docs Offline) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-14]
CHR Extension: (Skype) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Profile: C:\Users\GERTY\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-30]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"NAL" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\NAL => C:\WINDOWS\system32\Drivers\iqvw64e.sys [37832 2015-05-07] (Intel® Intel Network Drivers -> Intel Corporation) <==== ATTENTION (Rootkit!/Locked Service)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-09-03] (Adobe Systems) [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46872 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2022-05-09] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [184248 2022-05-09] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-04-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-04-30] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; E:\GOG Galaxy\GalaxyClientService.exe [1990496 2021-10-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-15] (GOG Sp. z o.o. -> GOG.com)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
R2 NetgearA7000; C:\Program Files (x86)\NETGEAR\A7000\RtlService.exe [45784 2013-07-03] (NETGEAR -> Realtek Semiconductor Corp.)
S3 NGS; C:\WINDOWS\NGService.exe [2994248 2018-10-10] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2020-10-14] (Even Balance, Inc. -> )
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14592472 2022-06-13] (ADLICE -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2584528 2022-04-14] (Rockstar Games, Inc. -> Rockstar Games)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2020-06-02] (Realtek Semiconductor Corp -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH -> TeamViewer GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [331648 2020-12-10] (Twitch Interactive, Inc. -> )
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 A7000; C:\WINDOWS\system32\DRIVERS\A7000.sys [7957576 2019-05-03] (NETGEAR TAIWAN CO., LTD -> Realtek Semiconductor Corporation)
S3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudioamd64.sys [95184 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 gdrv; C:\Windows\gdrv.sys [26192 2016-05-09] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [41920 2022-06-27] (ADLICE (Julien ASCOET) -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\system32\DRIVERS\wireguard.sys [165384 2021-10-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R2 WtfEngineDrv; C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys [41704 2021-08-24] (Initeks, OOO -> AAA Internet Publishing, Inc.)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2016-06-15] (Splitmedialabs Limited -> SplitmediaLabs Limited)
S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-27 11:28 - 2022-06-27 11:28 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-06-27 11:18 - 2022-06-27 11:18 - 000000414 _____ C:\Users\GERTY\Downloads\fixlist.txt
2022-06-27 11:18 - 2022-06-27 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-06-27 11:18 - 2022-06-27 11:18 - 000000000 ____D C:\Program Files\7-Zip
2022-06-26 20:29 - 2022-06-26 20:29 - 001569243 _____ (Igor Pavlov) C:\Users\GERTY\Downloads\7z2200-x64.exe
2022-06-26 20:24 - 2022-06-26 20:24 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1451E53E.sys
2022-06-26 20:23 - 2022-06-26 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2022-06-26 20:23 - 2022-06-26 20:23 - 014178840 _____ (Malwarebytes Corp.) C:\Users\GERTY\Downloads\mbar-1.10.3.1001.exe
2022-06-26 16:29 - 2022-06-27 11:33 - 000000000 ____D C:\ProgramData\RogueKiller
2022-06-26 16:29 - 2022-06-27 11:28 - 000041920 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2022-06-26 16:29 - 2022-06-26 16:29 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2022-06-26 16:29 - 2022-06-26 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2022-06-26 16:29 - 2022-06-26 16:29 - 000000000 ____D C:\Program Files\RogueKiller
2022-06-26 16:28 - 2022-06-26 16:29 - 043599792 _____ (Adlice Software ) C:\Users\GERTY\Downloads\RogueKiller_setup.exe
2022-06-24 14:15 - 2022-06-24 14:15 - 000000000 ____D C:\Users\GERTY\OneDrive\Documents\Heroes of the Storm
2022-06-24 14:05 - 2022-06-24 14:05 - 002549096 _____ (Malwarebytes) C:\Users\GERTY\Downloads\MBSetup-17877.exe
2022-06-24 14:03 - 2022-06-24 14:03 - 002549096 _____ (Malwarebytes) C:\Users\GERTY\Downloads\MBSetup.exe
2022-06-24 07:19 - 2022-06-24 07:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-06-22 04:14 - 2022-06-22 04:14 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-06-22 04:14 - 2022-06-22 04:14 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-06-22 04:14 - 2022-06-22 04:14 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-06-22 04:14 - 2022-06-22 04:14 - 000046872 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-06-19 07:34 - 2022-06-19 07:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-06-16 09:36 - 2022-06-16 09:36 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000051-000000.txt
2022-06-16 08:19 - 2022-06-16 08:19 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-16 08:18 - 2022-06-16 08:18 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-16 08:11 - 2022-06-16 08:11 - 000000000 ___HD C:\$WinREAgent
2022-06-14 08:29 - 2022-06-24 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-06-14 08:29 - 2022-06-14 08:29 - 000001379 _____ C:\Users\Public\Desktop\Skype.lnk
2022-06-12 14:07 - 2022-06-12 14:07 - 000001427 _____ C:\WINDOWS\system32\default_error_stack-000050-000000.txt
2022-06-11 17:08 - 2022-06-12 14:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-27 11:36 - 2017-12-13 17:04 - 000000000 ____D C:\FRST
2022-06-27 11:34 - 2020-10-16 13:45 - 000000000 ____D C:\Users\GERTY\AppData\Roaming\discord
2022-06-27 11:33 - 2022-03-02 16:07 - 000000000 ____D C:\Users\GERTY\AppData\Roaming\DropboxElectron
2022-06-27 11:33 - 2022-02-08 11:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-27 11:33 - 2022-01-04 10:03 - 000000000 ____D C:\Users\GERTY\AppData\Local\Dropbox
2022-06-27 11:33 - 2021-03-18 19:18 - 001454788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-27 11:33 - 2021-03-18 14:11 - 000487952 _____ C:\WINDOWS\system32\perfh011.dat
2022-06-27 11:33 - 2021-03-18 14:11 - 000133178 _____ C:\WINDOWS\system32\perfc011.dat
2022-06-27 11:33 - 2021-03-04 11:35 - 000000000 ____D C:\Users\GERTY\AppData\Local\Discord
2022-06-27 11:33 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-27 11:33 - 2016-05-13 15:21 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-27 11:32 - 2021-12-21 16:49 - 000000000 ___RD C:\Users\GERTY\iCloudDrive
2022-06-27 11:32 - 2021-12-21 15:22 - 000000000 ___RD C:\Users\GERTY\iCloudPhotos
2022-06-27 11:32 - 2017-05-02 15:24 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-27 11:32 - 2017-01-19 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-27 11:32 - 2016-11-21 10:54 - 000000000 ___DC C:\Users\GERTY\AppData\LocalLow\Mozilla
2022-06-27 11:32 - 2016-05-13 15:02 - 000000000 ___RD C:\Users\GERTY\OneDrive
2022-06-27 11:30 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-27 11:28 - 2021-03-18 19:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-27 11:28 - 2021-03-18 19:11 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-27 11:28 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-27 11:28 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-06-27 11:28 - 2017-05-18 21:47 - 000000000 ____D C:\Program Files\Common Files\McAfee
2022-06-27 11:22 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-27 11:16 - 2021-03-18 19:20 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{778C475F-F1FB-425D-9A2E-CDC0EBAC6A8C}
2022-06-27 11:14 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-27 11:14 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-26 20:24 - 2016-10-17 18:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-26 20:22 - 2021-03-18 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-26 16:32 - 2016-05-09 09:08 - 000000000 ____D C:\Program Files\Intel
2022-06-26 16:32 - 2016-03-03 12:49 - 000000000 ____D C:\ProgramData\Package Cache
2022-06-26 16:31 - 2016-05-13 15:17 - 000000000 ____D C:\ProgramData\Unchecky
2022-06-26 16:31 - 2016-05-09 09:08 - 000000000 ____D C:\Program Files (x86)\Intel
2022-06-24 17:19 - 2020-06-16 12:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-24 17:19 - 2020-06-16 12:22 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-24 17:19 - 2018-07-10 11:35 - 000000000 ____D C:\ProgramData\Packages
2022-06-24 14:06 - 2021-10-12 18:17 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-24 14:06 - 2019-12-04 20:14 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-06-24 14:05 - 2019-12-04 20:14 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-24 07:26 - 2020-06-25 13:47 - 000000000 ____D C:\ProgramData\Rosetta Stone
2022-06-24 07:19 - 2022-01-04 10:03 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-06-23 10:16 - 2018-02-23 20:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-22 14:46 - 2017-01-19 17:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-20 11:37 - 2016-05-13 15:06 - 000000000 ___DC C:\Users\GERTY\AppData\Local\CrashDumps
2022-06-19 07:34 - 2021-10-12 18:17 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-19 07:34 - 2019-12-04 20:14 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-19 07:31 - 2021-10-14 13:36 - 000000000 ____D C:\Users\GERTY\AppData\Roaming\Proton Technologies AG
2022-06-19 07:31 - 2017-12-07 13:20 - 000000000 ___DC C:\Users\GERTY\AppData\Local\Packages
2022-06-19 07:31 - 2017-05-18 21:38 - 000000000 ____D C:\ProgramData\McAfee
2022-06-17 15:23 - 2016-03-03 12:51 - 000000000 ____D C:\Program Files\Microsoft Office
2022-06-16 09:37 - 2021-03-18 19:11 - 000541552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 09:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-16 09:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-16 08:18 - 2021-03-18 19:12 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 08:10 - 2016-05-14 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 08:07 - 2020-10-07 13:15 - 000000000 ____D C:\Program Files\dotnet
2022-06-16 08:07 - 2016-05-14 14:30 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 08:05 - 2021-04-27 18:03 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71c66220d4fc2
2022-06-16 08:05 - 2021-03-18 19:20 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-14 08:28 - 2017-03-22 13:22 - 000000000 ___RD C:\Program Files (x86)\Skype
2022-06-14 08:28 - 2016-05-13 15:15 - 000000000 ____D C:\ProgramData\Skype
2022-06-13 16:54 - 2021-12-11 09:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1050297925-20334412-4027152003-1003
2022-06-13 16:54 - 2021-03-18 19:20 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1050297925-20334412-4027152003-1003
2022-06-13 16:54 - 2021-03-18 14:35 - 000002379 ____C C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-13 13:50 - 2018-06-15 17:29 - 000000000 ___DC C:\Users\GERTY\AppData\Local\D3DSCache
2022-06-12 14:08 - 2016-05-13 15:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-12 10:29 - 2021-09-10 12:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-12 10:29 - 2016-05-13 15:13 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2018-08-13 20:26 - 2019-04-14 18:36 - 000000191 _____ () C:\Program Files (x86)\Please READ.txt
2021-02-23 12:33 - 2021-02-23 12:33 - 000007605 _____ () C:\Users\GERTY\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-06-2022 01
Ran by GERTY (27-06-2022 11:18:41) Run:1
Running from C:\Users\GERTY\OneDrive\Desktop
Loaded Profiles: GERTY
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19044.1766


[==                         3.8%                           ]

[==                         4.2%                           ]

[==                         4.8%                           ]

[===                        5.4%                           ]

[===                        6.1%                           ]

[===                        6.8%                           ]

[====                       7.8%                           ]

[====                       8.6%                           ]

[=====                      9.6%                           ]

[=====                      10.3%                          ]

[======                     11.2%                          ]

[=======                    12.2%                          ]

[=======                    12.8%                          ]

[========                   13.8%                          ]

[========                   14.8%                          ]

[=========                  15.8%                          ]

[=========                  16.8%                          ]

[==========                 17.7%                          ]

[==========                 18.7%                          ]

[===========                19.7%                          ]

[===========                20.5%                          ]

[============               20.9%                          ]

[============               21.1%                          ]

[============               21.6%                          ]

[============               22.1%                          ]

[============               22.2%                          ]

[============               22.3%                          ]

[=============              23.2%                          ]

[==============             24.2%                          ]

[==============             25.2%                          ]

[===============            26.2%                          ]

[===============            27.1%                          ]

[================           28.1%                          ]

[================           29.1%                          ]

[=================          30.0%                          ]

[=================          31.0%                          ]

[==================         31.9%                          ]

[==================         32.3%                          ]

[===================        33.3%                          ]

[===================        33.7%                          ]

[===================        34.0%                          ]

[===================        34.2%                          ]

[===================        34.3%                          ]

[====================       34.6%                          ]

[====================       34.8%                          ]

[====================       34.8%                          ]

[====================       35.0%                          ]

[====================       35.3%                          ]

[====================       35.4%                          ]

[====================       35.5%                          ]

[====================       35.8%                          ]

[====================       36.1%                          ]

[=====================      36.4%                          ]

[=====================      37.1%                          ]

[=====================      37.4%                          ]

[=====================      37.7%                          ]

[======================     38.1%                          ]

[======================     38.1%                          ]

[======================     38.6%                          ]

[======================     39.1%                          ]

[======================     39.6%                          ]

[=======================    40.2%                          ]

[=======================    40.6%                          ]

[=======================    41.1%                          ]

[========================   42.0%                          ]

[========================   42.2%                          ]

[=========================  43.2%                          ]

[=========================  44.2%                          ]

[========================== 45.1%                          ]

[========================== 45.7%                          ]

[===========================46.7%                          ]

[===========================47.7%                          ]

[===========================48.7%                          ]

[===========================49.7%                          ]

[===========================50.6%                          ]

[===========================51.6%                          ]

[===========================51.9%                          ]

[===========================52.0%                          ]

[===========================52.1%                          ]

[===========================52.1%                          ]

[===========================52.2%                          ]

[===========================52.4%                          ]

[===========================52.4%                          ]

[===========================52.5%                          ]

[===========================52.5%                          ]

[===========================52.5%                          ]

[===========================52.5%                          ]

[===========================52.6%                          ]

[===========================52.7%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.9%                          ]

[===========================52.9%                          ]

[===========================53.0%                          ]

[===========================53.0%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.2%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.5%                          ]

[===========================53.5%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.8%                          ]

[===========================53.8%                          ]

[===========================53.9%                          ]

[===========================53.9%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.1%                          ]

[===========================54.2%                          ]

[===========================54.2%                          ]

[===========================54.3%                          ]

[===========================54.5%                          ]

[===========================54.6%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================55.0%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.6%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================57.2%=                         ]

[===========================58.2%=                         ]

[===========================59.2%==                        ]

[===========================60.2%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


========= SFC /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.


========= End of CMD: =========


========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========

2022-06-22 09:04:22, Info                  CSI    00000006 [SR] Verifying 1 components
2022-06-22 09:04:22, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2022-06-22 09:04:22, Info                  CSI    00000008 [SR] Verify complete
2022-06-22 09:04:22, Info                  CSI    00000009 [SR] Verifying 1 components
2022-06-22 09:04:22, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2022-06-22 09:04:22, Info                  CSI    0000000b [SR] Verify complete
2022-06-22 09:04:22, Info                  CSI    0000000c [SR] Verifying 1 components
2022-06-22 09:04:22, Info                  CSI    0000000d [SR] Beginning Verify and Repair transaction
2022-06-22 09:04:22, Info                  CSI    0000000e [SR] Verify complete
2022-06-22 09:04:22, Info                  CSI    0000000f [SR] Verifying 1 components
2022-06-22 09:04:22, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2022-06-22 09:04:22, Info                  CSI    00000011 [SR] Verify complete
2022-06-27 11:22:15, Info                  CSI    00000011 [SR] Verifying 100 components
2022-06-27 11:22:15, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:15, Info                  CSI    00000013 [SR] Verify complete
2022-06-27 11:22:15, Info                  CSI    00000014 [SR] Verifying 100 components
2022-06-27 11:22:15, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:15, Info                  CSI    00000016 [SR] Verify complete
2022-06-27 11:22:16, Info                  CSI    00000017 [SR] Verifying 100 components
2022-06-27 11:22:16, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:16, Info                  CSI    00000019 [SR] Verify complete
2022-06-27 11:22:16, Info                  CSI    0000001a [SR] Verifying 100 components
2022-06-27 11:22:16, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:16, Info                  CSI    0000001c [SR] Verify complete
2022-06-27 11:22:16, Info                  CSI    0000001d [SR] Verifying 100 components
2022-06-27 11:22:16, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:17, Info                  CSI    0000001f [SR] Verify complete
2022-06-27 11:22:17, Info                  CSI    00000020 [SR] Verifying 100 components
2022-06-27 11:22:17, Info                  CSI    00000021 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:17, Info                  CSI    00000022 [SR] Verify complete
2022-06-27 11:22:17, Info                  CSI    00000023 [SR] Verifying 100 components
2022-06-27 11:22:17, Info                  CSI    00000024 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:18, Info                  CSI    00000025 [SR] Verify complete
2022-06-27 11:22:18, Info                  CSI    00000026 [SR] Verifying 100 components
2022-06-27 11:22:18, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:19, Info                  CSI    00000028 [SR] Verify complete
2022-06-27 11:22:19, Info                  CSI    00000029 [SR] Verifying 100 components
2022-06-27 11:22:19, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:19, Info                  CSI    0000002b [SR] Verify complete
2022-06-27 11:22:19, Info                  CSI    0000002c [SR] Verifying 100 components
2022-06-27 11:22:19, Info                  CSI    0000002d [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:21, Info                  CSI    0000002e [SR] Verify complete
2022-06-27 11:22:21, Info                  CSI    0000002f [SR] Verifying 100 components
2022-06-27 11:22:21, Info                  CSI    00000030 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:23, Info                  CSI    00000031 [SR] Verify complete
2022-06-27 11:22:23, Info                  CSI    00000032 [SR] Verifying 100 components
2022-06-27 11:22:23, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:29, Info                  CSI    00000034 [SR] Verify complete
2022-06-27 11:22:29, Info                  CSI    00000035 [SR] Verifying 100 components
2022-06-27 11:22:29, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:30, Info                  CSI    00000037 [SR] Verify complete
2022-06-27 11:22:30, Info                  CSI    00000038 [SR] Verifying 100 components
2022-06-27 11:22:30, Info                  CSI    00000039 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:30, Info                  CSI    0000003a [SR] Verify complete
2022-06-27 11:22:30, Info                  CSI    0000003b [SR] Verifying 100 components
2022-06-27 11:22:30, Info                  CSI    0000003c [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:31, Info                  CSI    0000003d [SR] Verify complete
2022-06-27 11:22:31, Info                  CSI    0000003e [SR] Verifying 100 components
2022-06-27 11:22:31, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:31, Info                  CSI    00000040 [SR] Verify complete
2022-06-27 11:22:31, Info                  CSI    00000041 [SR] Verifying 100 components
2022-06-27 11:22:31, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:33, Info                  CSI    00000044 [SR] Verify complete
2022-06-27 11:22:33, Info                  CSI    00000045 [SR] Verifying 100 components
2022-06-27 11:22:33, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:33, Info                  CSI    00000047 [SR] Verify complete
2022-06-27 11:22:33, Info                  CSI    00000048 [SR] Verifying 100 components
2022-06-27 11:22:33, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:34, Info                  CSI    0000004a [SR] Verify complete
2022-06-27 11:22:34, Info                  CSI    0000004b [SR] Verifying 100 components
2022-06-27 11:22:34, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:35, Info                  CSI    0000004d [SR] Verify complete
2022-06-27 11:22:35, Info                  CSI    0000004e [SR] Verifying 100 components
2022-06-27 11:22:35, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:35, Info                  CSI    00000050 [SR] Verify complete
2022-06-27 11:22:35, Info                  CSI    00000051 [SR] Verifying 100 components
2022-06-27 11:22:35, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:37, Info                  CSI    00000054 [SR] Verify complete
2022-06-27 11:22:37, Info                  CSI    00000055 [SR] Verifying 100 components
2022-06-27 11:22:37, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:38, Info                  CSI    00000057 [SR] Verify complete
2022-06-27 11:22:38, Info                  CSI    00000058 [SR] Verifying 100 components
2022-06-27 11:22:38, Info                  CSI    00000059 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:38, Info                  CSI    0000005a [SR] Verify complete
2022-06-27 11:22:38, Info                  CSI    0000005b [SR] Verifying 100 components
2022-06-27 11:22:38, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:39, Info                  CSI    0000005d [SR] Verify complete
2022-06-27 11:22:39, Info                  CSI    0000005e [SR] Verifying 100 components
2022-06-27 11:22:39, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:40, Info                  CSI    00000060 [SR] Verify complete
2022-06-27 11:22:40, Info                  CSI    00000061 [SR] Verifying 100 components
2022-06-27 11:22:40, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:41, Info                  CSI    00000063 [SR] Verify complete
2022-06-27 11:22:41, Info                  CSI    00000064 [SR] Verifying 100 components
2022-06-27 11:22:41, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:42, Info                  CSI    00000067 [SR] Verify complete
2022-06-27 11:22:42, Info                  CSI    00000068 [SR] Verifying 100 components
2022-06-27 11:22:42, Info                  CSI    00000069 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:42, Info                  CSI    0000006a [SR] Verify complete
2022-06-27 11:22:42, Info                  CSI    0000006b [SR] Verifying 100 components
2022-06-27 11:22:42, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:43, Info                  CSI    0000006d [SR] Verify complete
2022-06-27 11:22:43, Info                  CSI    0000006e [SR] Verifying 100 components
2022-06-27 11:22:43, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:44, Info                  CSI    00000070 [SR] Verify complete
2022-06-27 11:22:44, Info                  CSI    00000071 [SR] Verifying 100 components
2022-06-27 11:22:44, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:44, Info                  CSI    00000073 [SR] Verify complete
2022-06-27 11:22:45, Info                  CSI    00000074 [SR] Verifying 100 components
2022-06-27 11:22:45, Info                  CSI    00000075 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:46, Info                  CSI    00000078 [SR] Verify complete
2022-06-27 11:22:46, Info                  CSI    00000079 [SR] Verifying 100 components
2022-06-27 11:22:46, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:47, Info                  CSI    0000007b [SR] Verify complete
2022-06-27 11:22:47, Info                  CSI    0000007c [SR] Verifying 100 components
2022-06-27 11:22:47, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:47, Info                  CSI    0000007e [SR] Verify complete
2022-06-27 11:22:47, Info                  CSI    0000007f [SR] Verifying 100 components
2022-06-27 11:22:47, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:48, Info                  CSI    00000081 [SR] Verify complete
2022-06-27 11:22:48, Info                  CSI    00000082 [SR] Verifying 100 components
2022-06-27 11:22:48, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:48, Info                  CSI    00000084 [SR] Verify complete
2022-06-27 11:22:48, Info                  CSI    00000085 [SR] Verifying 100 components
2022-06-27 11:22:48, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:49, Info                  CSI    00000087 [SR] Verify complete
2022-06-27 11:22:49, Info                  CSI    00000088 [SR] Verifying 100 components
2022-06-27 11:22:49, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:50, Info                  CSI    0000008a [SR] Verify complete
2022-06-27 11:22:50, Info                  CSI    0000008b [SR] Verifying 100 components
2022-06-27 11:22:50, Info                  CSI    0000008c [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:51, Info                  CSI    0000008d [SR] Verify complete
2022-06-27 11:22:51, Info                  CSI    0000008e [SR] Verifying 100 components
2022-06-27 11:22:51, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:51, Info                  CSI    00000090 [SR] Verify complete
2022-06-27 11:22:52, Info                  CSI    00000091 [SR] Verifying 100 components
2022-06-27 11:22:52, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:53, Info                  CSI    00000093 [SR] Verify complete
2022-06-27 11:22:53, Info                  CSI    00000094 [SR] Verifying 100 components
2022-06-27 11:22:53, Info                  CSI    00000095 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:54, Info                  CSI    00000097 [SR] Verify complete
2022-06-27 11:22:54, Info                  CSI    00000098 [SR] Verifying 100 components
2022-06-27 11:22:54, Info                  CSI    00000099 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:55, Info                  CSI    0000009a [SR] Verify complete
2022-06-27 11:22:55, Info                  CSI    0000009b [SR] Verifying 100 components
2022-06-27 11:22:55, Info                  CSI    0000009c [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:56, Info                  CSI    000000a1 [SR] Verify complete
2022-06-27 11:22:56, Info                  CSI    000000a2 [SR] Verifying 100 components
2022-06-27 11:22:56, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2022-06-27 11:22:59, Info                  CSI    000000a6 [SR] Verify complete
2022-06-27 11:22:59, Info                  CSI    000000a7 [SR] Verifying 100 components
2022-06-27 11:22:59, Info                  CSI    000000a8 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:00, Info                  CSI    000000a9 [SR] Verify complete
2022-06-27 11:23:00, Info                  CSI    000000aa [SR] Verifying 100 components
2022-06-27 11:23:00, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:03, Info                  CSI    000000af [SR] Verify complete
2022-06-27 11:23:03, Info                  CSI    000000b0 [SR] Verifying 100 components
2022-06-27 11:23:03, Info                  CSI    000000b1 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:04, Info                  CSI    000000b2 [SR] Verify complete
2022-06-27 11:23:04, Info                  CSI    000000b3 [SR] Verifying 100 components
2022-06-27 11:23:04, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:05, Info                  CSI    000000b7 [SR] Verify complete
2022-06-27 11:23:05, Info                  CSI    000000b8 [SR] Verifying 100 components
2022-06-27 11:23:05, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:06, Info                  CSI    000000ba [SR] Verify complete
2022-06-27 11:23:06, Info                  CSI    000000bb [SR] Verifying 100 components
2022-06-27 11:23:06, Info                  CSI    000000bc [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:06, Info                  CSI    000000bd [SR] Verify complete
2022-06-27 11:23:06, Info                  CSI    000000be [SR] Verifying 100 components
2022-06-27 11:23:06, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:07, Info                  CSI    000000c0 [SR] Verify complete
2022-06-27 11:23:07, Info                  CSI    000000c1 [SR] Verifying 100 components
2022-06-27 11:23:07, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:08, Info                  CSI    000000c3 [SR] Verify complete
2022-06-27 11:23:08, Info                  CSI    000000c4 [SR] Verifying 100 components
2022-06-27 11:23:08, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:09, Info                  CSI    000000c7 [SR] Verify complete
2022-06-27 11:23:09, Info                  CSI    000000c8 [SR] Verifying 100 components
2022-06-27 11:23:09, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:10, Info                  CSI    000000cc [SR] Verify complete
2022-06-27 11:23:10, Info                  CSI    000000cd [SR] Verifying 100 components
2022-06-27 11:23:10, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:11, Info                  CSI    000000cf [SR] Verify complete
2022-06-27 11:23:11, Info                  CSI    000000d0 [SR] Verifying 100 components
2022-06-27 11:23:11, Info                  CSI    000000d1 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:12, Info                  CSI    000000d2 [SR] Verify complete
2022-06-27 11:23:12, Info                  CSI    000000d3 [SR] Verifying 100 components
2022-06-27 11:23:12, Info                  CSI    000000d4 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:13, Info                  CSI    000000d5 [SR] Verify complete
2022-06-27 11:23:13, Info                  CSI    000000d6 [SR] Verifying 100 components
2022-06-27 11:23:13, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:13, Info                  CSI    000000d8 [SR] Verify complete
2022-06-27 11:23:13, Info                  CSI    000000d9 [SR] Verifying 100 components
2022-06-27 11:23:13, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:14, Info                  CSI    000000db [SR] Verify complete
2022-06-27 11:23:14, Info                  CSI    000000dc [SR] Verifying 100 components
2022-06-27 11:23:14, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:15, Info                  CSI    000000df [SR] Verify complete
2022-06-27 11:23:15, Info                  CSI    000000e0 [SR] Verifying 100 components
2022-06-27 11:23:15, Info                  CSI    000000e1 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:16, Info                  CSI    000000e3 [SR] Verify complete
2022-06-27 11:23:16, Info                  CSI    000000e4 [SR] Verifying 100 components
2022-06-27 11:23:16, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:17, Info                  CSI    000000e8 [SR] Verify complete
2022-06-27 11:23:17, Info                  CSI    000000e9 [SR] Verifying 100 components
2022-06-27 11:23:17, Info                  CSI    000000ea [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:18, Info                  CSI    000000eb [SR] Verify complete
2022-06-27 11:23:18, Info                  CSI    000000ec [SR] Verifying 100 components
2022-06-27 11:23:18, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:19, Info                  CSI    000000ee [SR] Verify complete
2022-06-27 11:23:19, Info                  CSI    000000ef [SR] Verifying 100 components
2022-06-27 11:23:19, Info                  CSI    000000f0 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:20, Info                  CSI    000000f1 [SR] Verify complete
2022-06-27 11:23:20, Info                  CSI    000000f2 [SR] Verifying 100 components
2022-06-27 11:23:20, Info                  CSI    000000f3 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:20, Info                  CSI    000000f4 [SR] Verify complete
2022-06-27 11:23:20, Info                  CSI    000000f5 [SR] Verifying 100 components
2022-06-27 11:23:20, Info                  CSI    000000f6 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:21, Info                  CSI    000000f7 [SR] Verify complete
2022-06-27 11:23:21, Info                  CSI    000000f8 [SR] Verifying 100 components
2022-06-27 11:23:21, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:22, Info                  CSI    000000fa [SR] Verify complete
2022-06-27 11:23:22, Info                  CSI    000000fb [SR] Verifying 100 components
2022-06-27 11:23:22, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:23, Info                  CSI    000000fd [SR] Verify complete
2022-06-27 11:23:23, Info                  CSI    000000fe [SR] Verifying 100 components
2022-06-27 11:23:23, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:24, Info                  CSI    00000100 [SR] Verify complete
2022-06-27 11:23:24, Info                  CSI    00000101 [SR] Verifying 100 components
2022-06-27 11:23:24, Info                  CSI    00000102 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:25, Info                  CSI    00000103 [SR] Verify complete
2022-06-27 11:23:25, Info                  CSI    00000104 [SR] Verifying 100 components
2022-06-27 11:23:25, Info                  CSI    00000105 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:25, Info                  CSI    00000106 [SR] Verify complete
2022-06-27 11:23:25, Info                  CSI    00000107 [SR] Verifying 100 components
2022-06-27 11:23:25, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:26, Info                  CSI    00000109 [SR] Verify complete
2022-06-27 11:23:26, Info                  CSI    0000010a [SR] Verifying 100 components
2022-06-27 11:23:26, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:27, Info                  CSI    0000010c [SR] Verify complete
2022-06-27 11:23:27, Info                  CSI    0000010d [SR] Verifying 100 components
2022-06-27 11:23:27, Info                  CSI    0000010e [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:27, Info                  CSI    0000010f [SR] Verify complete
2022-06-27 11:23:28, Info                  CSI    00000110 [SR] Verifying 100 components
2022-06-27 11:23:28, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:28, Info                  CSI    00000112 [SR] Verify complete
2022-06-27 11:23:28, Info                  CSI    00000113 [SR] Verifying 100 components
2022-06-27 11:23:28, Info                  CSI    00000114 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:28, Info                  CSI    00000115 [SR] Verify complete
2022-06-27 11:23:29, Info                  CSI    00000116 [SR] Verifying 100 components
2022-06-27 11:23:29, Info                  CSI    00000117 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:29, Info                  CSI    00000118 [SR] Verify complete
2022-06-27 11:23:29, Info                  CSI    00000119 [SR] Verifying 100 components
2022-06-27 11:23:29, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:30, Info                  CSI    0000011b [SR] Verify complete
2022-06-27 11:23:30, Info                  CSI    0000011c [SR] Verifying 100 components
2022-06-27 11:23:30, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:30, Info                  CSI    0000011e [SR] Verify complete
2022-06-27 11:23:30, Info                  CSI    0000011f [SR] Verifying 100 components
2022-06-27 11:23:30, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:31, Info                  CSI    00000121 [SR] Verify complete
2022-06-27 11:23:31, Info                  CSI    00000122 [SR] Verifying 100 components
2022-06-27 11:23:31, Info                  CSI    00000123 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:31, Info                  CSI    00000124 [SR] Verify complete
2022-06-27 11:23:32, Info                  CSI    00000125 [SR] Verifying 100 components
2022-06-27 11:23:32, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:32, Info                  CSI    00000127 [SR] Verify complete
2022-06-27 11:23:32, Info                  CSI    00000128 [SR] Verifying 100 components
2022-06-27 11:23:32, Info                  CSI    00000129 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:33, Info                  CSI    0000012a [SR] Verify complete
2022-06-27 11:23:33, Info                  CSI    0000012b [SR] Verifying 100 components
2022-06-27 11:23:33, Info                  CSI    0000012c [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:34, Info                  CSI    0000012d [SR] Verify complete
2022-06-27 11:23:34, Info                  CSI    0000012e [SR] Verifying 100 components
2022-06-27 11:23:34, Info                  CSI    0000012f [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:35, Info                  CSI    00000130 [SR] Verify complete
2022-06-27 11:23:35, Info                  CSI    00000131 [SR] Verifying 100 components
2022-06-27 11:23:35, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:36, Info                  CSI    00000134 [SR] Verify complete
2022-06-27 11:23:36, Info                  CSI    00000135 [SR] Verifying 100 components
2022-06-27 11:23:36, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:37, Info                  CSI    00000137 [SR] Verify complete
2022-06-27 11:23:37, Info                  CSI    00000138 [SR] Verifying 100 components
2022-06-27 11:23:37, Info                  CSI    00000139 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:39, Info                  CSI    0000013f [SR] Verify complete
2022-06-27 11:23:39, Info                  CSI    00000140 [SR] Verifying 100 components
2022-06-27 11:23:39, Info                  CSI    00000141 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:40, Info                  CSI    00000142 [SR] Verify complete
2022-06-27 11:23:40, Info                  CSI    00000143 [SR] Verifying 100 components
2022-06-27 11:23:40, Info                  CSI    00000144 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:42, Info                  CSI    00000147 [SR] Verify complete
2022-06-27 11:23:42, Info                  CSI    00000148 [SR] Verifying 100 components
2022-06-27 11:23:42, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:43, Info                  CSI    0000014a [SR] Verify complete
2022-06-27 11:23:43, Info                  CSI    0000014b [SR] Verifying 100 components
2022-06-27 11:23:43, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:44, Info                  CSI    0000014e [SR] Verify complete
2022-06-27 11:23:44, Info                  CSI    0000014f [SR] Verifying 100 components
2022-06-27 11:23:44, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:46, Info                  CSI    00000153 [SR] Verify complete
2022-06-27 11:23:46, Info                  CSI    00000154 [SR] Verifying 100 components
2022-06-27 11:23:46, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:47, Info                  CSI    00000156 [SR] Verify complete
2022-06-27 11:23:47, Info                  CSI    00000157 [SR] Verifying 100 components
2022-06-27 11:23:47, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:48, Info                  CSI    0000015a [SR] Verify complete
2022-06-27 11:23:48, Info                  CSI    0000015b [SR] Verifying 100 components
2022-06-27 11:23:48, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:49, Info                  CSI    0000015d [SR] Verify complete
2022-06-27 11:23:49, Info                  CSI    0000015e [SR] Verifying 100 components
2022-06-27 11:23:49, Info                  CSI    0000015f [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:50, Info                  CSI    00000160 [SR] Verify complete
2022-06-27 11:23:50, Info                  CSI    00000161 [SR] Verifying 100 components
2022-06-27 11:23:50, Info                  CSI    00000162 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:51, Info                  CSI    00000164 [SR] Verify complete
2022-06-27 11:23:51, Info                  CSI    00000165 [SR] Verifying 100 components
2022-06-27 11:23:51, Info                  CSI    00000166 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:52, Info                  CSI    00000167 [SR] Verify complete
2022-06-27 11:23:52, Info                  CSI    00000168 [SR] Verifying 100 components
2022-06-27 11:23:52, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:52, Info                  CSI    0000016a [SR] Verify complete
2022-06-27 11:23:52, Info                  CSI    0000016b [SR] Verifying 100 components
2022-06-27 11:23:52, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:53, Info                  CSI    0000016d [SR] Verify complete
2022-06-27 11:23:53, Info                  CSI    0000016e [SR] Verifying 100 components
2022-06-27 11:23:53, Info                  CSI    0000016f [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:54, Info                  CSI    00000170 [SR] Verify complete
2022-06-27 11:23:54, Info                  CSI    00000171 [SR] Verifying 100 components
2022-06-27 11:23:54, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:55, Info                  CSI    00000174 [SR] Verify complete
2022-06-27 11:23:55, Info                  CSI    00000175 [SR] Verifying 100 components
2022-06-27 11:23:55, Info                  CSI    00000176 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:55, Info                  CSI    00000177 [SR] Verify complete
2022-06-27 11:23:55, Info                  CSI    00000178 [SR] Verifying 100 components
2022-06-27 11:23:55, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:56, Info                  CSI    0000017a [SR] Verify complete
2022-06-27 11:23:56, Info                  CSI    0000017b [SR] Verifying 100 components
2022-06-27 11:23:56, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:57, Info                  CSI    0000017d [SR] Verify complete
2022-06-27 11:23:57, Info                  CSI    0000017e [SR] Verifying 100 components
2022-06-27 11:23:57, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:58, Info                  CSI    00000180 [SR] Verify complete
2022-06-27 11:23:58, Info                  CSI    00000181 [SR] Verifying 100 components
2022-06-27 11:23:58, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:59, Info                  CSI    00000183 [SR] Verify complete
2022-06-27 11:23:59, Info                  CSI    00000184 [SR] Verifying 100 components
2022-06-27 11:23:59, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2022-06-27 11:23:59, Info                  CSI    00000186 [SR] Verify complete
2022-06-27 11:23:59, Info                  CSI    00000187 [SR] Verifying 100 components
2022-06-27 11:23:59, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:00, Info                  CSI    00000189 [SR] Verify complete
2022-06-27 11:24:00, Info                  CSI    0000018a [SR] Verifying 100 components
2022-06-27 11:24:00, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:01, Info                  CSI    0000018c [SR] Verify complete
2022-06-27 11:24:01, Info                  CSI    0000018d [SR] Verifying 100 components
2022-06-27 11:24:01, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:01, Info                  CSI    0000018f [SR] Verify complete
2022-06-27 11:24:01, Info                  CSI    00000190 [SR] Verifying 100 components
2022-06-27 11:24:01, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:02, Info                  CSI    00000192 [SR] Verify complete
2022-06-27 11:24:02, Info                  CSI    00000193 [SR] Verifying 100 components
2022-06-27 11:24:02, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:03, Info                  CSI    00000195 [SR] Verify complete
2022-06-27 11:24:03, Info                  CSI    00000196 [SR] Verifying 100 components
2022-06-27 11:24:03, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:03, Info                  CSI    00000198 [SR] Verify complete
2022-06-27 11:24:03, Info                  CSI    00000199 [SR] Verifying 100 components
2022-06-27 11:24:03, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:04, Info                  CSI    0000019c [SR] Verify complete
2022-06-27 11:24:04, Info                  CSI    0000019d [SR] Verifying 100 components
2022-06-27 11:24:04, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:05, Info                  CSI    0000019f [SR] Verify complete
2022-06-27 11:24:05, Info                  CSI    000001a0 [SR] Verifying 100 components
2022-06-27 11:24:05, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:06, Info                  CSI    000001a2 [SR] Verify complete
2022-06-27 11:24:06, Info                  CSI    000001a3 [SR] Verifying 100 components
2022-06-27 11:24:06, Info                  CSI    000001a4 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:06, Info                  CSI    000001a5 [SR] Verify complete
2022-06-27 11:24:06, Info                  CSI    000001a6 [SR] Verifying 100 components
2022-06-27 11:24:06, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:07, Info                  CSI    000001a8 [SR] Verify complete
2022-06-27 11:24:07, Info                  CSI    000001a9 [SR] Verifying 100 components
2022-06-27 11:24:07, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:07, Info                  CSI    000001ab [SR] Verify complete
2022-06-27 11:24:07, Info                  CSI    000001ac [SR] Verifying 100 components
2022-06-27 11:24:07, Info                  CSI    000001ad [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:08, Info                  CSI    000001ae [SR] Verify complete
2022-06-27 11:24:08, Info                  CSI    000001af [SR] Verifying 100 components
2022-06-27 11:24:08, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:08, Info                  CSI    000001b1 [SR] Verify complete
2022-06-27 11:24:08, Info                  CSI    000001b2 [SR] Verifying 100 components
2022-06-27 11:24:08, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:09, Info                  CSI    000001b4 [SR] Verify complete
2022-06-27 11:24:09, Info                  CSI    000001b5 [SR] Verifying 100 components
2022-06-27 11:24:09, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:10, Info                  CSI    000001b7 [SR] Verify complete
2022-06-27 11:24:10, Info                  CSI    000001b8 [SR] Verifying 100 components
2022-06-27 11:24:10, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:10, Info                  CSI    000001ba [SR] Verify complete
2022-06-27 11:24:10, Info                  CSI    000001bb [SR] Verifying 100 components
2022-06-27 11:24:10, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:11, Info                  CSI    000001bd [SR] Verify complete
2022-06-27 11:24:11, Info                  CSI    000001be [SR] Verifying 100 components
2022-06-27 11:24:11, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:11, Info                  CSI    000001c0 [SR] Verify complete
2022-06-27 11:24:11, Info                  CSI    000001c1 [SR] Verifying 100 components
2022-06-27 11:24:11, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:12, Info                  CSI    000001c3 [SR] Verify complete
2022-06-27 11:24:12, Info                  CSI    000001c4 [SR] Verifying 100 components
2022-06-27 11:24:12, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:13, Info                  CSI    000001c6 [SR] Verify complete
2022-06-27 11:24:13, Info                  CSI    000001c7 [SR] Verifying 100 components
2022-06-27 11:24:13, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:13, Info                  CSI    000001c9 [SR] Verify complete
2022-06-27 11:24:13, Info                  CSI    000001ca [SR] Verifying 100 components
2022-06-27 11:24:13, Info                  CSI    000001cb [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:13, Info                  CSI    000001cc [SR] Verify complete
2022-06-27 11:24:13, Info                  CSI    000001cd [SR] Verifying 100 components
2022-06-27 11:24:13, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:14, Info                  CSI    000001cf [SR] Verify complete
2022-06-27 11:24:14, Info                  CSI    000001d0 [SR] Verifying 100 components
2022-06-27 11:24:14, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:14, Info                  CSI    000001d2 [SR] Verify complete
2022-06-27 11:24:14, Info                  CSI    000001d3 [SR] Verifying 100 components
2022-06-27 11:24:14, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:15, Info                  CSI    000001d5 [SR] Verify complete
2022-06-27 11:24:15, Info                  CSI    000001d6 [SR] Verifying 100 components
2022-06-27 11:24:15, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:15, Info                  CSI    000001d8 [SR] Verify complete
2022-06-27 11:24:15, Info                  CSI    000001d9 [SR] Verifying 100 components
2022-06-27 11:24:15, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:16, Info                  CSI    000001db [SR] Verify complete
2022-06-27 11:24:16, Info                  CSI    000001dc [SR] Verifying 100 components
2022-06-27 11:24:16, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:17, Info                  CSI    000001de [SR] Verify complete
2022-06-27 11:24:17, Info                  CSI    000001df [SR] Verifying 100 components
2022-06-27 11:24:17, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:17, Info                  CSI    000001e1 [SR] Verify complete
2022-06-27 11:24:17, Info                  CSI    000001e2 [SR] Verifying 100 components
2022-06-27 11:24:17, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:18, Info                  CSI    000001e4 [SR] Verify complete
2022-06-27 11:24:18, Info                  CSI    000001e5 [SR] Verifying 100 components
2022-06-27 11:24:18, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:18, Info                  CSI    000001e7 [SR] Verify complete
2022-06-27 11:24:19, Info                  CSI    000001e8 [SR] Verifying 100 components
2022-06-27 11:24:19, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:19, Info                  CSI    000001ea [SR] Verify complete
2022-06-27 11:24:19, Info                  CSI    000001eb [SR] Verifying 100 components
2022-06-27 11:24:19, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:20, Info                  CSI    000001ed [SR] Verify complete
2022-06-27 11:24:20, Info                  CSI    000001ee [SR] Verifying 100 components
2022-06-27 11:24:20, Info                  CSI    000001ef [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:21, Info                  CSI    000001f0 [SR] Verify complete
2022-06-27 11:24:21, Info                  CSI    000001f1 [SR] Verifying 100 components
2022-06-27 11:24:21, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:21, Info                  CSI    000001f6 [SR] Verify complete
2022-06-27 11:24:21, Info                  CSI    000001f7 [SR] Verifying 100 components
2022-06-27 11:24:21, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:22, Info                  CSI    000001f9 [SR] Verify complete
2022-06-27 11:24:22, Info                  CSI    000001fa [SR] Verifying 100 components
2022-06-27 11:24:22, Info                  CSI    000001fb [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:22, Info                  CSI    000001fc [SR] Verify complete
2022-06-27 11:24:22, Info                  CSI    000001fd [SR] Verifying 100 components
2022-06-27 11:24:22, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:22, Info                  CSI    000001ff [SR] Verify complete
2022-06-27 11:24:23, Info                  CSI    00000200 [SR] Verifying 100 components
2022-06-27 11:24:23, Info                  CSI    00000201 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:23, Info                  CSI    00000202 [SR] Verify complete
2022-06-27 11:24:23, Info                  CSI    00000203 [SR] Verifying 100 components
2022-06-27 11:24:23, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:24, Info                  CSI    00000206 [SR] Verify complete
2022-06-27 11:24:24, Info                  CSI    00000207 [SR] Verifying 100 components
2022-06-27 11:24:24, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:25, Info                  CSI    00000209 [SR] Verify complete
2022-06-27 11:24:25, Info                  CSI    0000020a [SR] Verifying 100 components
2022-06-27 11:24:25, Info                  CSI    0000020b [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:25, Info                  CSI    0000020c [SR] Verify complete
2022-06-27 11:24:25, Info                  CSI    0000020d [SR] Verifying 100 components
2022-06-27 11:24:25, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:26, Info                  CSI    0000020f [SR] Verify complete
2022-06-27 11:24:26, Info                  CSI    00000210 [SR] Verifying 100 components
2022-06-27 11:24:26, Info                  CSI    00000211 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:27, Info                  CSI    00000212 [SR] Verify complete
2022-06-27 11:24:27, Info                  CSI    00000213 [SR] Verifying 100 components
2022-06-27 11:24:27, Info                  CSI    00000214 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:27, Info                  CSI    00000215 [SR] Verify complete
2022-06-27 11:24:28, Info                  CSI    00000216 [SR] Verifying 100 components
2022-06-27 11:24:28, Info                  CSI    00000217 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:28, Info                  CSI    00000218 [SR] Verify complete
2022-06-27 11:24:28, Info                  CSI    00000219 [SR] Verifying 100 components
2022-06-27 11:24:28, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:29, Info                  CSI    0000021c [SR] Verify complete
2022-06-27 11:24:29, Info                  CSI    0000021d [SR] Verifying 100 components
2022-06-27 11:24:29, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:30, Info                  CSI    0000021f [SR] Verify complete
2022-06-27 11:24:30, Info                  CSI    00000220 [SR] Verifying 100 components
2022-06-27 11:24:30, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:30, Info                  CSI    00000222 [SR] Verify complete
2022-06-27 11:24:30, Info                  CSI    00000223 [SR] Verifying 100 components
2022-06-27 11:24:30, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:31, Info                  CSI    00000225 [SR] Verify complete
2022-06-27 11:24:31, Info                  CSI    00000226 [SR] Verifying 100 components
2022-06-27 11:24:31, Info                  CSI    00000227 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:31, Info                  CSI    00000228 [SR] Verify complete
2022-06-27 11:24:31, Info                  CSI    00000229 [SR] Verifying 100 components
2022-06-27 11:24:31, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:32, Info                  CSI    0000022b [SR] Verify complete
2022-06-27 11:24:32, Info                  CSI    0000022c [SR] Verifying 100 components
2022-06-27 11:24:32, Info                  CSI    0000022d [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:33, Info                  CSI    00000232 [SR] Verify complete
2022-06-27 11:24:33, Info                  CSI    00000233 [SR] Verifying 100 components
2022-06-27 11:24:33, Info                  CSI    00000234 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:34, Info                  CSI    00000235 [SR] Verify complete
2022-06-27 11:24:34, Info                  CSI    00000236 [SR] Verifying 100 components
2022-06-27 11:24:34, Info                  CSI    00000237 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:34, Info                  CSI    00000238 [SR] Verify complete
2022-06-27 11:24:34, Info                  CSI    00000239 [SR] Verifying 100 components
2022-06-27 11:24:34, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:35, Info                  CSI    0000023b [SR] Verify complete
2022-06-27 11:24:35, Info                  CSI    0000023c [SR] Verifying 100 components
2022-06-27 11:24:35, Info                  CSI    0000023d [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:36, Info                  CSI    0000023e [SR] Verify complete
2022-06-27 11:24:36, Info                  CSI    0000023f [SR] Verifying 100 components
2022-06-27 11:24:36, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:36, Info                  CSI    00000241 [SR] Verify complete
2022-06-27 11:24:37, Info                  CSI    00000242 [SR] Verifying 100 components
2022-06-27 11:24:37, Info                  CSI    00000243 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:37, Info                  CSI    00000245 [SR] Verify complete
2022-06-27 11:24:37, Info                  CSI    00000246 [SR] Verifying 100 components
2022-06-27 11:24:37, Info                  CSI    00000247 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:38, Info                  CSI    00000248 [SR] Verify complete
2022-06-27 11:24:38, Info                  CSI    00000249 [SR] Verifying 100 components
2022-06-27 11:24:38, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:39, Info                  CSI    0000024b [SR] Verify complete
2022-06-27 11:24:39, Info                  CSI    0000024c [SR] Verifying 100 components
2022-06-27 11:24:39, Info                  CSI    0000024d [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:40, Info                  CSI    0000024e [SR] Verify complete
2022-06-27 11:24:40, Info                  CSI    0000024f [SR] Verifying 100 components
2022-06-27 11:24:40, Info                  CSI    00000250 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:41, Info                  CSI    00000251 [SR] Verify complete
2022-06-27 11:24:41, Info                  CSI    00000252 [SR] Verifying 100 components
2022-06-27 11:24:41, Info                  CSI    00000253 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:41, Info                  CSI    00000254 [SR] Verify complete
2022-06-27 11:24:41, Info                  CSI    00000255 [SR] Verifying 100 components
2022-06-27 11:24:41, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:42, Info                  CSI    00000257 [SR] Verify complete
2022-06-27 11:24:42, Info                  CSI    00000258 [SR] Verifying 100 components
2022-06-27 11:24:42, Info                  CSI    00000259 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:42, Info                  CSI    0000025a [SR] Verify complete
2022-06-27 11:24:42, Info                  CSI    0000025b [SR] Verifying 100 components
2022-06-27 11:24:42, Info                  CSI    0000025c [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:43, Info                  CSI    0000025d [SR] Verify complete
2022-06-27 11:24:43, Info                  CSI    0000025e [SR] Verifying 100 components
2022-06-27 11:24:43, Info                  CSI    0000025f [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:44, Info                  CSI    00000260 [SR] Verify complete
2022-06-27 11:24:44, Info                  CSI    00000261 [SR] Verifying 100 components
2022-06-27 11:24:44, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:44, Info                  CSI    00000263 [SR] Verify complete
2022-06-27 11:24:44, Info                  CSI    00000264 [SR] Verifying 100 components
2022-06-27 11:24:44, Info                  CSI    00000265 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:44, Info                  CSI    00000267 [SR] Repairing file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2022-06-27 11:24:45, Info                  CSI    00000268 [SR] Verify complete
2022-06-27 11:24:45, Info                  CSI    00000269 [SR] Verifying 100 components
2022-06-27 11:24:45, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:45, Info                  CSI    0000026b [SR] Verify complete
2022-06-27 11:24:45, Info                  CSI    0000026c [SR] Verifying 100 components
2022-06-27 11:24:45, Info                  CSI    0000026d [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:46, Info                  CSI    0000026e [SR] Verify complete
2022-06-27 11:24:46, Info                  CSI    0000026f [SR] Verifying 100 components
2022-06-27 11:24:46, Info                  CSI    00000270 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:46, Info                  CSI    00000272 [SR] Verify complete
2022-06-27 11:24:47, Info                  CSI    00000273 [SR] Verifying 100 components
2022-06-27 11:24:47, Info                  CSI    00000274 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:47, Info                  CSI    00000275 [SR] Verify complete
2022-06-27 11:24:47, Info                  CSI    00000276 [SR] Verifying 32 components
2022-06-27 11:24:47, Info                  CSI    00000277 [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:48, Info                  CSI    00000278 [SR] Verify complete
2022-06-27 11:24:48, Info                  CSI    00000279 [SR] Repairing 1 components
2022-06-27 11:24:48, Info                  CSI    0000027a [SR] Beginning Verify and Repair transaction
2022-06-27 11:24:48, Info                  CSI    0000027c [SR] Repairing file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2022-06-27 11:24:48, Info                  CSI    0000027d [SR] Repair complete
2022-06-27 11:24:48, Info                  CSI    0000027e [SR] Committing transaction
2022-06-27 11:24:48, Info                  CSI    00000285 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "AMSI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "AMSI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "AirSpaceChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Application"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Cisco-EAP-FAST/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Cisco-EAP-LEAP/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Cisco-EAP-PEAP/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "DirectShowFilterGraph"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "DirectShowPluginControl"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Els_Hyphenation/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "EndpointMapper"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "FirstUXPerf-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "ForwardedEvents"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "General Logging"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "HardwareEvents"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "IHM_DebugChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "InstallUXPerformance-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Internet Explorer"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Key Management Service"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationFrameServer"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProc"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProcD3D"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationAsyncWrapper"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationContentProtection"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationDS"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationDeviceProxy"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationMP4"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationMediaEngine"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformanceCore"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationPipeline"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationPlatform"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "MediaFoundationSrcPrefetch"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-IE-ReadingView/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-IE/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WS-Licensing/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WS-Licensing/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WS-Licensing/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccessBroker/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccessBroker/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Backup"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Call"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredProvHost/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredentialProviders/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite-FontCache/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FontGroups/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IndexedDB-Server"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguageProfile/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Narrator-Inproc/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Diagnostics"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PriResources-Deployment/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PriResources-Deployment/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs3D/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-User-Mode-Transport/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Leak-Diagnostic/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Certification"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Navigator"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Network Isolation Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OAlerts"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OfficeChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OfficeDebugChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OpenSSH/Admin"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OpenSSH/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "OpenSSH/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "PlayReadyPerformanceChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "RTWorkQueueExtended"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "RTWorkQueueTheading"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "SMSApi"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Security"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Setup"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "SmbWmiAnalytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "System"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "SystemEventsBroker"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "TimeBroker"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "UIManager_Channel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "USER_ESRV_SVC_QUEENCREEK"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Uac/Debug"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_HEVCDECODER_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WMPSetup"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WMPSyncEngine"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Windows PowerShell"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "Windows.Globalization/Analytic"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "WordChannel"

C:\Users\GERTY\OneDrive\Desktop>wevtutil cl "muxencode"
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.

========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 11:25:11 ====


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Did you not get Addition.txt?


  • 0

#9
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Sorry about that! I'm a ditz.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2022 01
Ran by GERTY (27-06-2022 11:37:31)
Running from C:\Users\GERTY\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2021-03-19 02:20:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1050297925-20334412-4027152003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1050297925-20334412-4027152003-503 - Limited - Disabled)
GERTY (S-1-5-21-1050297925-20334412-4027152003-1003 - Administrator - Enabled) => C:\Users\GERTY
Guest (S-1-5-21-1050297925-20334412-4027152003-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1050297925-20334412-4027152003-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.00 (x64) (HKLM\...\7-Zip) (Version: 22.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-1033-0000-0000-000000000001}) (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (HKLM-x32\...\{8EDBA74D-0686-4C99-BFDD-F894678E5B39}) (Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Help Center 1.0 (HKLM-x32\...\{E9787678-1033-0000-8E67-000000000001}) (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos 1.0 (HKLM-x32\...\{786C5747-1033-0000-B58E-000000000001}) (Version: 001.000.000 - Adobe Systems) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.6 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.43.4 - Bethesda Softworks)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CM Storm Mizar Gaming Mouse (HKLM-x32\...\{9E070A33-9857-4A95-9F10-0C5EA92D6D9F}_is1) (Version: 1.0.8 - Cooler Master)
Corsair Utility Engine (HKLM-x32\...\{BB25387A-061E-42E9-AB2F-64073B3E3180}) (Version: 2.24.50 - Corsair)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\Discord) (Version: 0.0.309 - Discord Inc.)
Documentation Manager (HKLM\...\{2E843C78-FE5B-446C-A2AC-DE311FE1D78A}) (Version: 22.140.0.3 - Intel Corporation) Hidden
Drawpile 2.1.17 (HKLM\...\{DC47B534-E365-4054-85F0-2E7C6CCB76CC}_is1) (Version: 2.1.17 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 151.4.4304 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Elite Gamer 5.3.6 (HKLM-x32\...\{548D713D-EA8D-4117-A74A-93E9592C1480}_is1) (Version: 5.3.6.0 - Cox Communications)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 76 (HKLM-x32\...\Fallout 76) (Version:  - Bethesda Softworks)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.53 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version:  - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
iCloud Outlook (HKLM\...\{F054257C-600A-4918-B730-F6829E491781}) (Version: 13.0.0.201 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{19B7322D-268B-4D88-AA3E-938F36F9DCE9}) (Version: 22.3.20.6 - Intel) Hidden
Intel® Chipset Device Software (HKLM\...\{C965318A-AA36-4F94-9ED5-AE5391F452B2}) (Version: 10.1.2.9 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5fa248d9-79b2-48fb-9add-72660adaed4e}) (Version: 10.1.2.9 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{60DC6F22-D268-44F0-8720-200033508384}) (Version: 11.0.0.1158 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{DF17C0DB-76D8-4A45-B26E-674F8455B803}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Network Connections 20.2.3001.0 (HKLM\...\{638A518B-0D2E-4143-ACF8-F3D83D822E85}) (Version: 20.2.3001.0 - Intel) Hidden
Intel® Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{9503AD68-6198-4081-9F57-1F346D7B58D4}) (Version: 14.8.16.1063 - Intel Corporation) Hidden
Intel® SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000140-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.140.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0f33739d-b6ed-44b0-9a0d-6b87544be7c0}) (Version: 22.3.20.6 - Intel)
Intel® Software Installer (HKLM-x32\...\{b3bbf46b-6ffd-4f54-8d1f-26206cfe1739}) (Version: 22.140.0.3 - Intel Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft .NET Core Host - 3.1.26 (x64) (HKLM\...\{8CD96F46-64AC-41C6-89B7-550211EF09BC}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.26 (x64) (HKLM\...\{719B5BF9-FD92-4C36-A33E-E4F4C7171979}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.26 (x64) (HKLM\...\{DCDE73DC-A733-4712-8A04-4343372D21E8}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\OneDriveSetup.exe) (Version: 22.111.0522.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.26 (x64) (HKLM\...\{22CD266C-7B5C-4399-8020-8F6CB12AAB9D}) (Version: 24.104.31323 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.26 (x64) (HKLM-x32\...\{24e939f4-9eb3-4ccf-9175-d491a44a9d78}) (Version: 3.1.26.31323 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 101.0.1 (x64 en-US)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 101.0.1.8194 - Mozilla)
MSVCRT Redists (HKLM\...\{52116C70-79F9-11E6-9541-BB95F5A309BD}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NETGEAR A7000 Genie (HKLM-x32\...\{E34F424D-99BB-4176-8BCB-F0A749D744B4}) (Version: 1.0.0.15 - NETGEAR) Hidden
NETGEAR A7000 Genie (HKLM-x32\...\InstallShield_{E34F424D-99BB-4176-8BCB-F0A749D744B4}) (Version: 1.0.0.15 - NETGEAR)
Neverwinter Nights Diamond Edition (HKLM-x32\...\1207658890_is1) (Version: 2.1.0.21 - GOG.com)
Neverwinter Nights Diamond Edition (HKLM-x32\...\GOGPACKNWNDIAMOND_is1) (Version: 2.0.0.15 - GOG.com)
NJStar Japanese WP6 (HKLM-x32\...\NJStar Japanese WP6) (Version: 6.20 - NJStar Software Corp.)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0018 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.57.785 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.2 - Rockstar Games)
RogueKiller version 15.5.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.5.3.0 - Adlice Software)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.85 (HKLM-x32\...\Skype_is1) (Version: 8.85 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
TP-Link Archer T2U Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.0.0 - TP-Link)
Twitch (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Twitch Studio (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\ZoomUMX) (Version: 5.9.6 (3799) - Zoom Video Communications, Inc.)

Packages:
=========
Any DVD -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.2.6.0_x64__y5c4dfz5b21fm [2021-11-29] (Any DVD &amp; Office App)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-15] (Autodesk Inc.)
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2022-02-03] (Duolingo Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-29] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa [2022-06-27] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-07] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-18] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-01-02] (Adobe Systems Incorporated)
Ring - Always Home -> C:\Program Files\WindowsApps\C9B3B423.RingDoorbell_2.5.12.0_x64__8wfdcxeq7xacm [2021-10-08] (Ring.com)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.111.459.2_x64__8wekyb3d8bbwe [2022-06-24] (ms-resource:PublisherDisplayName)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-10] (Twitter Inc.)
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{30282DFC-EFD6-4D64-9A72-6C7E79B92FB5} -> [iCloud Drive] => C:\Users\GERTY\iCloudDrive [2021-12-21 16:49]
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{D53F2B23-E37B-460D-82C7-5CDAA0A3BD66} -> [iCloud Photos] => C:\Users\GERTY\iCloudPhotos\Photos [2021-12-21 16:49]
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\GERTY\Dropbox [2022-01-04 10:07]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\GERTY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2020-06-02 14:35 - 2014-04-17 09:54 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2018-03-27 19:42 - 2018-03-27 19:42 - 000151040 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-10-02 08:54 - 2017-10-02 08:54 - 000013312 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-10-02 08:54 - 2017-10-02 08:54 - 001950720 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
2018-03-27 19:11 - 2018-03-27 19:11 - 000044544 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2018-03-27 19:18 - 2018-03-27 19:18 - 000197120 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2018-03-27 19:11 - 2018-03-27 19:11 - 000097280 _____ () [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2022-05-02 08:22 - 2022-05-02 08:22 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2014-04-17 09:54 - 2014-04-17 09:54 - 000126976 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A7000\EnumDevLib.dll
2020-06-02 14:35 - 2014-04-17 09:54 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2018-08-28 18:28 - 2022-03-03 19:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-08-28 18:28 - 2021-11-17 04:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-08-28 18:28 - 2021-11-17 04:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2017-08-07 17:35 - 2010-09-09 14:36 - 000319488 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2017-02-10 13:40 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-02-13 20:01 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMXLMAL.DLL
2022-06-27 11:18 - 2022-06-15 06:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-06-02 14:35 - 2014-04-17 09:54 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2020-06-02 14:35 - 2014-04-17 09:54 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2022-05-05 17:44 - 2022-05-05 17:44 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2018-08-28 18:28 - 2022-03-03 19:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2018-02-05 16:39 - 2018-02-05 16:39 - 001272320 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\LIBEAY32.dll
2018-02-05 16:39 - 2018-02-05 16:39 - 000278016 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\ssleay32.dll
2014-04-17 09:54 - 2014-04-17 09:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR\A7000\LIBEAY32.dll
2020-06-02 14:35 - 2014-04-17 09:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll
2018-04-06 11:29 - 2018-04-06 11:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 11:29 - 2018-04-06 11:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2017-10-02 09:06 - 2017-10-02 09:06 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qgif.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qicns.dll
2017-10-02 09:05 - 2017-10-02 09:05 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qico.dll
2017-10-02 09:06 - 2017-10-02 09:06 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qjpeg.dll
2017-10-02 11:11 - 2017-10-02 11:11 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qsvg.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qtga.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000271872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qtiff.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qwbmp.dll
2017-10-02 11:10 - 2017-10-02 11:10 - 000401408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\imageformats\qwebp.dll
2017-10-02 09:07 - 2017-10-02 09:07 - 001094656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\platforms\qwindows.dll
2018-03-27 19:42 - 2018-03-27 19:42 - 004770816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Core.dll
2017-10-02 08:59 - 2017-10-02 08:59 - 004963840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Gui.dll
2017-10-02 12:14 - 2017-10-02 12:14 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Multimedia.dll
2017-10-02 08:59 - 2017-10-02 08:59 - 000952832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Network.dll
2017-10-02 11:28 - 2017-10-02 11:28 - 002629632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Qml.dll
2017-10-02 11:33 - 2017-10-02 11:33 - 002846720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Quick.dll
2017-10-02 11:11 - 2017-10-02 11:11 - 000265728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Svg.dll
2017-10-02 09:04 - 2017-10-02 09:04 - 004456448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Widgets.dll
2017-10-02 12:38 - 2017-10-02 12:38 - 000234496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5WinExtras.dll
2017-10-02 08:55 - 2017-10-02 08:55 - 000150528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\Qt5Xml.dll
2017-10-02 12:12 - 2017-10-02 12:12 - 000041472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2017-10-02 12:12 - 2017-10-02 12:12 - 000015872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2017-10-02 11:36 - 2017-10-02 11:36 - 000015872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick.2\qtquick2plugin.dll
2017-10-02 12:34 - 2017-10-02 12:34 - 000257536 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-10-02 11:37 - 2017-10-02 11:37 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-10-02 11:37 - 2017-10-02 11:37 - 000015872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\Corsair Utility Engine\QtQuick\Window.2\windowplugin.dll
2014-04-17 09:54 - 2014-04-17 09:54 - 000143360 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\NETGEAR\A7000\IpLib.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\Users\GERTY\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5632]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 00:24 - 2022-06-27 11:28 - 000003384 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

2021-10-22 14:06 - 2022-04-27 12:30 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1050297925-20334412-4027152003-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "Megatron"
HKU\S-1-5-21-1050297925-20334412-4027152003-1003\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A9B503D4-7538-4650-BCC2-765E32679DD8}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{CB8DB01F-9EC9-400E-968D-7C923062C997}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{0EC04212-358F-4C8A-8BFB-73B29EF1998F}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [TCP Query User{AB2F2343-CF3E-47BD-B331-E37591469E06}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [UDP Query User{87BB3D65-5672-41AD-8C1A-A38A861CD00C}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{CDAE0B56-0E7E-4C5E-B5C0-C8BF7A3C5B86}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{A9EF383D-170E-498C-AB51-25144C1BD38F}] => (Allow) any => No File
FirewallRules: [{DF0197D0-77D3-44AF-9728-DC5123F86BE0}] => (Allow) any => No File
FirewallRules: [{BC487E40-AC15-4EA1-969D-D13EFC902593}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [UDP Query User{DC5F0DA4-6BA5-4BE8-912B-DBC80338CFD3}C:\program files\drawpile\drawpile.exe] => (Allow) C:\program files\drawpile\drawpile.exe () [File not signed]
FirewallRules: [TCP Query User{01B98EDE-E678-4D18-B9C4-A73DFFDF7CCE}C:\program files\drawpile\drawpile.exe] => (Allow) C:\program files\drawpile\drawpile.exe () [File not signed]
FirewallRules: [{EA06B3EE-206B-414C-AD5D-5A9DBA4C8C5A}] => (Allow) E:\Steam Games\steamapps\common\Our Life Beginnings And Always\OurLife.exe () [File not signed]
FirewallRules: [{9CED3F84-CBB5-4D68-87E6-EC5E0C7EA104}] => (Allow) E:\Steam Games\steamapps\common\Our Life Beginnings And Always\OurLife.exe () [File not signed]
FirewallRules: [UDP Query User{6C608232-17CC-432C-9EC8-1056DE8EB710}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{709D3CA6-FF8C-4396-B45D-57FDDE559ADE}E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steam games\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{FFC8653F-8A60-4B7C-AC52-BC0744EC7765}C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe (Twitch Interactive, Inc. -> )
FirewallRules: [TCP Query User{302D36C5-F795-43E4-A0A8-FBD93FE2F4F7}C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\gerty\appdata\roaming\twitch studio\bin\twitchstudioagent.exe (Twitch Interactive, Inc. -> )
FirewallRules: [{CD4F97C1-C990-4021-AF68-5AD1BF38C3BA}] => (Allow) E:\Steam Games\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{25585AC5-C60E-4BF4-97D2-6BC2EAF6620E}] => (Allow) E:\Steam Games\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6D405D97-7691-4FCE-AA2B-85C4896E5A17}] => (Allow) E:\Steam Games\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{DD728E4F-054D-4FC8-84DB-896F3D10EDFB}] => (Allow) E:\Steam Games\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{3DC3F819-C6D6-4634-9680-04D693695E53}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9C5676CA-9C96-4FE6-974B-E839012EA4C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{70C91BF1-D9F3-416C-AA2F-0840DA1D64A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{85C13FB4-5210-4B5D-92AC-DF9BCC9EE5F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E04897E8-AE83-41D8-AC45-59B07F216BF6}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3MP.exe () [File not signed]
FirewallRules: [{30DD9A03-BAB9-4A92-B008-60D72F33C0F4}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3MP.exe () [File not signed]
FirewallRules: [{619CA6F0-B2AD-4DB1-BE6A-2BFB9120B17D}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{B0D6E657-7D83-48A7-8A05-6BA3FC8FA07B}] => (Allow) E:\Steam Games\steamapps\common\Assassin's Creed 3\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [UDP Query User{CCFAA39A-648B-4B8D-A5EE-701131093D5F}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{10E70563-06FC-44EC-A7B9-FF91CD05A523}E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steam games\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{46F207C4-BC5F-48F9-A319-5420FB4DA158}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{D5BA39EF-E6BC-444E-91A8-406DF3DF0AA8}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{F64EEA6C-05F0-45C7-921E-9F3553592EBA}] => (Allow) E:\Steam Games\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [File not signed]
FirewallRules: [{09F1EA84-D914-47EF-84DD-FD186BD116AC}] => (Allow) E:\Steam Games\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [File not signed]
FirewallRules: [UDP Query User{45765127-BC93-496B-86F5-FA2505E282C2}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{562C2E7F-0E29-47B0-9375-45D97C4A44C9}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7CC0C86E-003F-49C4-9B48-1296C7FD9FB2}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [TCP Query User{00C2B617-9E11-493B-AF50-87DDAF72C7A1}E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe] => (Allow) E:\ghost recon breakpoint\epic games\theescapists2\theescapists2.exe () [File not signed]
FirewallRules: [UDP Query User{BF25D04B-3C68-4A9B-9968-17AE1535ABB8}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{AFFB4DF3-0C7D-418D-A66E-EFDCD99C6C9A}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C5EE8CD6-ADBA-434E-998D-2E8148018748}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{D0614AAB-ED60-4969-8DE9-5AE2B683681A}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{3DB847DF-6A33-4930-AF1D-BAD1ED596C5C}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{CD3D541D-CBBE-4591-B825-E4F9E12BB4C9}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{4DE8E973-DA2E-4F98-B320-CE83FEFD0158}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{0431C31E-319F-4FC7-8458-2B5B4536C49A}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FD26703F-2C9D-42AA-BD31-8C6D5B08D98D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{CC5830BE-7D33-44A5-B3F6-F7075B940940}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{8D6EF81F-2808-4260-97F2-93E4A6248758}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FA82C2E6-C48D-4370-B4BF-767B6CF5CD54}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F8565B69-7979-457B-A325-E026D57A24BE}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{C0DAE235-4624-4AD2-ACC8-8766EDD7E2C6}] => (Allow) LPort=53
FirewallRules: [{A65C35E5-8223-4384-9977-03140C806616}] => (Allow) LPort=1542
FirewallRules: [{D76A4A15-9384-4BFD-A91D-F43A5403FB9A}] => (Allow) LPort=1542
FirewallRules: [{A99C2346-D66D-417E-8A20-FE7997A361EC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{DD4DFBC9-B891-4A21-9E3B-3ED9E3BF367F}] => (Allow) LPort=53
FirewallRules: [{4795DAE0-1C7E-4C4A-BD16-8475BBC5D204}] => (Allow) LPort=53
FirewallRules: [UDP Query User{FD9A5B44-8656-4EE8-8078-7DB9D1DE934C}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe => No File
FirewallRules: [TCP Query User{5E2DD937-3EEB-4394-9EDC-76A73E40BC9F}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe => No File
FirewallRules: [{3CDA542A-9E6A-4EA9-9432-D7325EF2F11E}] => (Allow) E:\Ghost Recon Breakpoint\Epic Games\BreakpointDemo\GRB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{11C9AAE7-22E2-481A-9A0C-3C4BC702E77E}] => (Allow) E:\Ghost Recon Breakpoint\Epic Games\BreakpointDemo\GRB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{1367E74A-A420-46F9-AFC1-CBBC44E3CFBE}] => (Allow) C:\Users\GERTY\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7D33F73-0E10-41DD-89FE-29E12F73F757}] => (Allow) C:\Users\GERTY\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{31456AE8-48AB-456F-9BBB-686DB6878F39}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{AF50636A-121D-4D52-84DA-0EA87C237629}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{1810BCFF-DA29-41F7-AF91-93B655C714BD}E:\overwatch\overwatch test\_ptr_\overwatch.exe] => (Allow) E:\overwatch\overwatch test\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{8121CE03-D4AE-4B28-A8F4-E5107E46140B}E:\overwatch\overwatch test\_ptr_\overwatch.exe] => (Allow) E:\overwatch\overwatch test\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{33E26C7C-1AF8-4668-99FC-4FB0B75D170F}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{87745352-45D5-45A9-8E80-51FC6360F735}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{22BFA261-A11B-4F35-8F5A-7E124E39DD2E}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{46BFBA74-C0E1-4F1E-B1DF-08D740379035}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{96143B86-B94D-48B2-9D70-83CF42BC2DB2}] => (Allow) E:\Steam Games\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
FirewallRules: [{7C587257-D034-4204-9806-13F8631DC8EB}] => (Allow) E:\Steam Games\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
FirewallRules: [{D9007579-FB3C-4C19-A7DA-CDB2A2EDE2C0}] => (Allow) E:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{338100E5-C1D1-48A2-AEBE-67D86F4306B6}] => (Allow) E:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{20C6E52F-D026-4C23-B100-B2A927F60653}E:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) E:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{CB6B5500-36E3-4BBE-BD81-80C3E86B0849}E:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) E:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{006EDB72-4643-4D3B-BE51-F20E9E992224}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3DF99DB6-016E-49F2-94C9-3B6481821B67}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{791AFFED-CD23-431B-8687-0BA50E186CCE}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{D61A5871-7DFB-4EB4-80A1-3AFB2C7C5300}] => (Allow) E:\Steam Games\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4330C004-6AB7-408A-9F32-8A135D1EA0BE}E:\fallout76.exe] => (Allow) E:\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{0B13AE7A-09CA-408C-B8FB-1914272262B4}E:\fallout76.exe] => (Allow) E:\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{78769D88-600D-4673-B31E-577038C4272C}E:\fallout 76\fallout76.exe] => (Allow) E:\fallout 76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{BC89A233-9424-4360-8A38-B47029B52182}E:\fallout 76\fallout76.exe] => (Allow) E:\fallout 76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{673D3F3F-CC58-4ADC-89B7-618871FEAA33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7DFFDD0-DA99-47F7-AFBF-CE40616CE33B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{2DCF31CA-E675-4B4F-8BBA-B8A11AFAEE62}E:\overwatch\call of duty black ops 4\blackops4.exe] => (Allow) E:\overwatch\call of duty black ops 4\blackops4.exe => No File
FirewallRules: [TCP Query User{80F544F5-50E1-4F78-BB94-96F0C015CF5F}E:\overwatch\call of duty black ops 4\blackops4.exe] => (Allow) E:\overwatch\call of duty black ops 4\blackops4.exe => No File
FirewallRules: [UDP Query User{1E662723-C01D-4461-895B-170886C9520A}E:\steam games\steam cmd\steamcmd.exe] => (Allow) E:\steam games\steam cmd\steamcmd.exe => No File
FirewallRules: [TCP Query User{6CD252C5-DC8B-4DB6-A8E6-8EE30103773D}E:\steam games\steam cmd\steamcmd.exe] => (Allow) E:\steam games\steam cmd\steamcmd.exe => No File
FirewallRules: [UDP Query User{A052084F-EB4F-435A-892F-ACAC0CEE3944}E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe => No File
FirewallRules: [TCP Query User{460159AD-16CB-44FC-AF90-BD19E6BBDCF9}E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) E:\steam games\steamapps\common\life is feudal your own\server\cm_yo_server.exe => No File
FirewallRules: [{E8659CAC-17DD-4219-8E52-BE29A2498E27}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{14825586-4E25-4A6D-9DE5-CA563F22520A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{88A3AE44-AC63-4EBD-B12A-C241CFB8CB34}] => (Allow) E:\Steam Games\steamapps\common\Monster Prom\MonsterProm.exe () [File not signed]
FirewallRules: [{C56CBAD6-C5B0-49F0-B854-CC75DB1C37EA}] => (Allow) E:\Steam Games\steamapps\common\Monster Prom\MonsterProm.exe () [File not signed]
FirewallRules: [UDP Query User{122F5D86-76E1-415C-8026-8604F16C4B96}E:\overwatch\overwatch test\overwatch.exe] => (Allow) E:\overwatch\overwatch test\overwatch.exe => No File
FirewallRules: [TCP Query User{6B9B9BA2-5EF8-4E18-B11F-68592B23C657}E:\overwatch\overwatch test\overwatch.exe] => (Allow) E:\overwatch\overwatch test\overwatch.exe => No File
FirewallRules: [UDP Query User{B841B5D7-BEAD-4040-A7C9-11547FA09C9D}E:\overwatch\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{BCD049EC-92A7-4CF2-9AE2-C017325CD551}E:\overwatch\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch\overwatch.exe => No File
FirewallRules: [{014CB464-5EB1-4737-B6BB-4F4D9C42FCA1}] => (Allow) E:\Steam Games\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{7CD9F055-514D-45AB-A457-52BC1D434109}] => (Allow) E:\Steam Games\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [UDP Query User{77715599-4F1C-4044-A9DF-4A708F902F45}C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{459C16E4-14A2-4C1C-A660-04D4E23D18ED}C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{B39B154C-FC97-435F-821A-A37780A72BCF}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{FA76D0CF-075A-4363-9514-F963CC95BFA2}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{18EB99B6-5F2A-463F-8E67-3CC45BB23357}] => (Allow) E:\Steam Games\steamapps\common\Arcanum\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{8E8368D8-D6DE-4573-9B09-48C27E5340B4}] => (Allow) E:\Steam Games\steamapps\common\Arcanum\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [UDP Query User{B4DEFC11-07FF-4286-BBBC-6DF3B51453D0}C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{550D2328-1087-4E3C-8ADF-3353BDA95A85}C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{3054267E-1868-4A8E-AFFA-CCF59B3AA887}E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe => No File
FirewallRules: [TCP Query User{E4138FCC-D26F-419F-805C-F95FDF44D4D3}E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\citadel\citadel\binaries\win64\citadel-win64-shipping.exe => No File
FirewallRules: [UDP Query User{FD575C1E-A517-497C-B1C5-C44093DB2D0D}E:\steam games\gta5.exe] => (Allow) E:\steam games\gta5.exe => No File
FirewallRules: [TCP Query User{E2CAF1C6-E563-4CA4-9FDF-57405C63A274}E:\steam games\gta5.exe] => (Allow) E:\steam games\gta5.exe => No File
FirewallRules: [UDP Query User{AD5C3D7B-4399-4BE4-9B00-BB52EC420DA2}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe => No File
FirewallRules: [TCP Query User{3BF0FC19-DA0A-422A-ABFA-DB544511BA85}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe => No File
FirewallRules: [UDP Query User{FF972BC0-481B-482C-B1CB-50DE1FDE35B4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6640E70A-CC8D-41A8-847D-DA2A75047227}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{60505648-B81D-405B-9E47-7E6BC6300075}C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DE994DA7-B12D-476A-BEB8-316A639DA32D}C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe => No File
FirewallRules: [{334E2213-3979-41BE-90E6-8CB75DE19761}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F78EA14F-D057-4384-8558-9F3CA4864AD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AB206EE5-8119-4FF9-AF2A-01F4EA6B100A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{ECBF4CA8-C696-4E90-8377-CEC2FB6058AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{7255ACEF-C51F-4586-85A0-66D036251B33}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{982DB5B5-FD21-47D9-A725-4C5CAA062637}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe => No File
FirewallRules: [{315938F6-3811-4AB2-9DA6-15B9B9785D33}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{445FA8A9-914B-4311-AFDB-6B76D1770019}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{5EDEE191-FA0F-43F9-B621-887D925B847F}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{915700E6-1931-4A0F-84B3-C08D86C83746}] => (Allow) E:\Steam Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [UDP Query User{2578CF56-C835-421A-880B-EB5F3C1168B3}C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{86F5727C-AD3D-4A85-87EB-D38462137689}C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe => No File
FirewallRules: [{12ACC185-64A2-4EE4-A14D-72EC713F42AF}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [{277D23B9-C3FA-4CF8-8CB1-690F3F665DA6}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [{37963AA7-D45E-4B6F-A098-9C0EAFACC6E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [{FCB05930-01A7-4EF2-AE30-BBDD9068B53A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe => No File
FirewallRules: [UDP Query User{327E06AB-31F0-4CB2-95B9-BE38E414CEFD}C:\program files (x86)\drawpile\drawpile.exe] => (Allow) C:\program files (x86)\drawpile\drawpile.exe => No File
FirewallRules: [TCP Query User{957AC16B-FD18-454D-9D1B-CEA463C0C964}C:\program files (x86)\drawpile\drawpile.exe] => (Allow) C:\program files (x86)\drawpile\drawpile.exe => No File
FirewallRules: [{A4B731D6-388C-4C5F-8E9A-1208ED77010B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{6598CC64-256B-4FD0-9F78-AD8BEBEE115A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{82E42F33-01C6-4099-952B-2E8C6629CD5C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{7AB98F54-E5B9-4EB2-999F-705C8C8BE053}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{B040755A-3A9C-400B-A204-EBBFCFF1E8AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0F649131-63CC-407E-B86D-E3C04EDCA14E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4409DEC7-E938-473E-A0DE-1C0D1D880745}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File
FirewallRules: [{0AB91D02-E2BA-4E32-A524-AFB1FFBF197B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B7883E63-6731-4016-9154-241074DF0CF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0BA5B24-5D4E-4580-80C5-276E74CD29A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7EC202C2-63B5-4D6D-82BB-0572B1CD8E92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{58051E84-A0E4-4301-A073-D2E455CE18C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{FF603290-AC74-4CFA-B93F-C50F50A9BD40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{DFA28548-8687-4C51-B757-A407D4A20A59}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{161B836B-730F-44D1-8938-161EAF33437C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{AC7EC16F-A817-44EC-8250-FFA99564A74B}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [UDP Query User{93DC9C59-AF3D-440C-AB41-BFC45C0AF1EE}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [TCP Query User{01483AE3-21B7-432D-B3FA-44E1619CA6BE}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{13FD088B-436E-4F68-84A4-AB71CA72F90C}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [{7A934D11-4827-4ABF-8B58-077A414DD632}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{36AF852C-65C6-4A10-8CBE-8B8A50922448}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{22DA7D49-A1AD-48C4-98CB-56345CC51023}] => (Allow) E:\Steam Games\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe () [File not signed]
FirewallRules: [{84F29C88-8C3F-483D-814F-2F4685E0F813}] => (Allow) E:\Steam Games\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{1E8B3A34-2038-4734-AA19-99D258D7DD2D}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{888D4C07-7376-4173-8903-06FEFF6DCA93}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [{01619E90-5328-4F85-ACFA-1D451D43F5EF}] => (Allow) C:\Users\GERTY\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{00A96CAA-BA31-4FC3-B5B8-0782AF2B8454}] => (Allow) C:\Users\GERTY\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{C92F4746-0469-4C4B-B847-62C77A57A00B}] => (Allow) C:\Users\GERTY\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{FB415F8F-C06B-43DB-98E3-98FB76C04E03}] => (Allow) C:\Users\GERTY\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [{4B1E5A1F-7553-4BC1-B299-8B54BE97D5E7}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{E9DB65C9-70E6-4120-84AC-2BDFCB5418F3}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{F0BC452D-1525-4D45-A2EE-8408B5ABB6FA}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{1F07D3EF-E3F4-44EF-B068-76A2AC0CD836}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{A8E96C6C-AB6C-40BD-8437-343B84D73ACD}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{0D889D9A-959C-4EF3-A692-15132AD935FA}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{4D7C8B3E-41ED-4B88-A69C-444C50CFF4A6}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{52D763FF-633A-4550-A4FA-A1B7205155FF}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{B517C879-ED21-4AE9-A767-21C6F2D0DEF5}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{7DF99736-53E5-4495-B805-9D31A3E0B2C9}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{598A3709-CADE-4476-B178-8DC724FE71A5}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{6C0240C3-899B-45A2-8644-1983E6158ACB}] => (Allow) E:\Steam Games\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{2776A20C-35E5-44CD-A600-BCC4980926B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E8916EB5-D53C-4BA2-A84E-3380E095D3FA}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{9268A5BE-5B71-47E2-A2E2-9C1CAA0E5FFF}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{21089A85-483A-42AC-B42E-76B14E56A0FB}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{796838C5-6ED1-42FC-ADEA-3D4238F6D684}C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{80E5D400-E556-43AA-A626-9E63744EB57A}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{FFA552A4-269D-477C-8F80-696DE6E2EF47}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DE668766-11AA-4A8A-8C37-09B56F380723}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{97AF1194-E1E9-44A1-AFD3-2CCA4CA539C1}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{A59DAA1A-CABE-48CF-A644-AA156E353D19}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{B275ED5F-1344-48FE-959A-51F3C375E8BA}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{1D1647D0-BB74-48AA-94E4-B481B43F0C08}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{C3FE855A-E167-463F-9509-AA935118A5C9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [{542FB86D-9F85-46A3-8D6F-0F76FF3FC225}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{C0716729-0B3F-42C0-998C-09E00EC57906}] => (Allow) E:\Steam Games\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{3AB0B598-1D27-4FBB-9639-3BE4B4998D8F}] => (Allow) E:\Steam Games\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{5E60BB65-26E0-4DE5-BF61-F4B15FDF61FA}] => (Allow) E:\Steam Games\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{6C8365D6-AA1D-4491-9697-A476DE781535}] => (Allow) E:\Steam Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CFEA03D2-8363-4761-B407-256688CD4987}] => (Allow) E:\Steam Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{724E222B-0C6F-4E68-83AC-31B3E2EDD0F9}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{43FCBC2E-5AE3-4760-9BA7-17A2C067B84F}E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{18E64B47-FAD7-41C5-89CB-FD7A3997D1B2}] => (Allow) E:\Steam Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0C248347-6D07-4F55-853B-42F1A0965091}] => (Allow) E:\Steam Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{90FC8DA4-168C-4EB0-B98A-2995EAEB940E}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6DD34024-F22F-40D9-818F-FBE2E5E6D578}E:\overwatch\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F34AB431-8490-4EEA-BCF3-BF0F84E73542}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe => No File
FirewallRules: [{1FABDBFE-8F15-46D7-85EA-12B75A0F867E}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe => No File
FirewallRules: [{81749E8E-15FC-47FB-BB6D-1BF82535BBA8}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe => No File
FirewallRules: [{D87A5FFE-96F7-4B21-9C6F-76D7366C0194}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe => No File
FirewallRules: [{575D285E-9F6C-49BE-A3DE-4B00A40A5E39}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe => No File
FirewallRules: [{B9848DA7-5D87-4D12-892D-7D211CE5FB4C}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe => No File
FirewallRules: [TCP Query User{B1F84444-DE3B-4041-A7F0-CAE1D0CC3CEC}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Allow) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe => No File
FirewallRules: [UDP Query User{176C111B-2D9F-49F5-87FD-9D949A16478C}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Allow) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe => No File
FirewallRules: [{1A38D33B-4D48-410C-9235-A7760D1E8F9A}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [{CB488928-0186-4E63-9630-224B97D8F5CC}] => (Allow) any => No File
FirewallRules: [{2CA328CB-63C8-4659-97E5-EB3D6BC2CC0B}] => (Allow) any => No File
FirewallRules: [{578F5F65-F8E6-415B-B169-430BF5EDFECB}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{7DE8DDD9-3042-41F3-B066-AFBDECDE72EF}] => (Allow) E:\Steam Games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{15FA4A31-5C54-4006-BD7F-E8A38A044FC7}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [{C7A01E2F-CA09-45F9-B128-6D1ECB29C15E}] => (Allow) any => No File
FirewallRules: [{95FBF99A-8CB9-4076-98BB-6AF1BD6BE981}] => (Allow) any => No File
FirewallRules: [{F1D3B6A2-D38D-4DCA-94B3-65DB24FD39BA}] => (Allow) E:\Steam Games\steamapps\common\Dread Hunger\DreadHunger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{DD9B0D95-4FB8-442A-83EC-AF106900B031}] => (Allow) E:\Steam Games\steamapps\common\Dread Hunger\DreadHunger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B3A1F8EC-6857-47C3-8965-EA04B2273AC8}E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{423A8134-0CB4-4BCB-8543-DC30AC7E7E48}E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe] => (Allow) E:\steam games\steamapps\common\dread hunger\dreadhunger\binaries\win64\dreadhunger-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F760AE82-6DFC-4CFA-969C-014E945885FB}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{4992FE45-C3C1-4026-AA5B-6DFAA25D7212}] => (Allow) E:\Steam Games\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E1F7FF75-5848-4078-8658-15870E2A1CEB}] => (Allow) C:\Program Files (x86)\Elite Gamer\gpnc\gpnc.exe (WTFast -> )
FirewallRules: [{DF84EA72-4987-4833-B9A3-1198D5A8E1F3}] => (Allow) any => No File
FirewallRules: [{3D36005E-007A-41D5-9F57-26182B630DAF}] => (Allow) any => No File
FirewallRules: [TCP Query User{A9BD9260-B401-4697-9188-B60274861F2B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{5892A19E-F038-4CDD-89F5-858289096129}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{8C48FC6A-5A7B-43EE-97EF-40F810BB900C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{5FFF1D67-4A3B-44D4-B9CC-1779B7785B9A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{EF07D4A0-D786-442B-9512-87FDF03716F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0DFB4079-CE15-4649-8BD0-9BA986C05BA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5FB98D2A-B1E4-470D-BD32-94E3899EB2E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{58AF0B54-5A2E-474D-847B-D1CA8692B42F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C059A945-0D28-4A29-BD2D-5A736E308DA5}] => (Allow) E:\Steam Games\steamapps\common\We Were Here\We Were Here.exe () [File not signed]
FirewallRules: [{07349C46-51BA-4EF0-BBD0-23E74B94C9C4}] => (Allow) E:\Steam Games\steamapps\common\We Were Here\We Were Here.exe () [File not signed]
FirewallRules: [{DB6E41D4-A92E-4BA2-8BC8-FB87A6D184F2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{908DBF6F-E660-48BE-A6AC-2DDD6C5B30B4}] => (Allow) E:\Steam Games\steamapps\common\We Were Here Too\We Were Here Too.exe () [File not signed]
FirewallRules: [{ECCDB083-0D81-4DCB-AA7C-91B7230C94DB}] => (Allow) E:\Steam Games\steamapps\common\We Were Here Too\We Were Here Too.exe () [File not signed]
FirewallRules: [TCP Query User{D0DAA01C-D783-476F-9D94-504A421B6C60}E:\steam games\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steam games\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [UDP Query User{A32B0271-310F-4587-95EB-6E0A90A040A9}E:\steam games\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steam games\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [{31CAE619-C16E-46B4-97F8-7116797A64B9}] => (Allow) E:\Steam Games\steamapps\common\Bloodhunt\Tiger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{26431DB3-C022-4A76-815F-CB189CFEEDF7}] => (Allow) E:\Steam Games\steamapps\common\Bloodhunt\Tiger.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{4009A9A8-D579-4D29-B271-217A1A27B1D9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{935186F5-A780-4AE6-A8E1-9957A7CE6E71}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F619E9C5-F3DE-4A91-83C8-EE12BB5C6944}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C8506215-C06B-4D94-A6CE-0ACD26660AC0}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{33D05257-4093-45A0-ADC3-5BF4DD314544}] => (Allow) E:\Steam Games\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{0225413F-9C1B-4802-B0F8-D62EC176FD38}] => (Allow) E:\Steam Games\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{5BC39FD5-CAC9-4D46-B2ED-DB10386653C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE0E10DD-C92A-4D9D-A763-BDF933122694}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{483E2845-D326-4D6D-8E4B-1746778ED78D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00FA83FD-26F9-49CD-98CB-EC0D170D97CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FA66EF3C-3309-4AB5-8E4D-29F696A5AF29}E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{529A6750-5330-4432-83D2-0951854F7AE6}E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\ghost recon breakpoint\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{59B739FD-EBAC-4B1E-B35C-87FB11D27D97}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{F0FB0894-64C1-48B6-B20A-0CAB1E3F7EE5}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{4B551164-7133-4F6D-8982-24BDFBCD5AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0B6A4F19-2527-4146-A988-D4C48010F6E7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1918F5C2-1D95-4433-887B-0D28ACEC6E94}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED76811B-AC02-4480-BD52-2E99955199C7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42B68C0F-0A16-405F-A71B-F419E461EE0E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

07-06-2022 18:22:46 Scheduled Checkpoint
16-06-2022 08:10:23 Windows Modules Installer
23-06-2022 10:26:37 Scheduled Checkpoint
24-06-2022 14:16:43 Removed ZeroTier One
26-06-2022 16:30:47 Installed Intel® Wireless Bluetooth®

==================== Faulty Device Manager Devices ============

Name: Intel® Wireless Bluetooth®
Description: Intel® Wireless Bluetooth®
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (06/27/2022 11:36:28 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-33JOO9N)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/27/2022 11:28:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OriginWebHelperService.exe, version: 10.5.56.33908, time stamp: 0x5dd474e2
Faulting module name: OriginWebHelperService.exe, version: 10.5.56.33908, time stamp: 0x5dd474e2
Exception code: 0xc0000005
Fault offset: 0x00098210
Faulting process id: 0x14c8
Faulting application start time: 0x01d88a53beae50b6
Faulting application path: E:\Origin\OriginWebHelperService.exe
Faulting module path: E:\Origin\OriginWebHelperService.exe
Report Id: 1affd736-4525-4ff7-90c6-3783daab31ff
Faulting package full name:
Faulting package-relative application ID:

Error: (06/27/2022 11:28:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (06/27/2022 11:28:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (06/27/2022 11:29:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/27/2022 11:28:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/27/2022 11:28:47 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.

Error: (06/27/2022 11:28:47 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.

Error: (06/27/2022 11:27:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/27/2022 11:27:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} did not register with DCOM within the required timeout.

Error: (06/27/2022 11:27:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/27/2022 11:27:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-33JOO9N)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


==================== Memory info ===========================

BIOS: American Megatrends Inc. ALASKA - 1072009 04/28/2016
Motherboard: Gigabyte Technology Co., Ltd. X99-SLI-CF
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 23%
Total physical RAM: 32093.97 MB
Available physical RAM: 24650.56 MB
Total Virtual: 36957.97 MB
Available Virtual: 27905.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.42 GB) (Free:113.87 GB) (Model: SanDisk SD8SBAT256G1122) NTFS
Drive e: (New Volume) (Fixed) (Total:1862.89 GB) (Free:358.53 GB) (Model: TOSHIBA DT01ACA200) NTFS

\\?\Volume{d94dcd1d-5f2a-43c4-a696-dab205e169f2}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{bcdb8272-b10f-4936-b778-5ddf3be95478}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{32b00b45-9836-4c18-b209-d77d3c916b40}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Let's do one more quick fixlist as before to remove some deadwood (You have some remnants of McAfee's True Key foistware which is causing errors) and a suspicious Alternate Data Stream.  This one should be quick and probably will not require a reboot but it would be a good idea to reboot before running FRST again.

 

Attached File  fixlist.txt   2.69KB   111 downloads

 

Also Origin is causing errors.  It's usually installed when you install a game so you might want to uninstall it and reinstall it next time you play the game hopefully with a newer error free version.

 

https://www.origin.c.../store/download

 

In Firefox you have the Ad Block Plus extension.  Ad Block Plus accepts bribes from companies to ignore their software so I prefer Ublock Origin which is a better adblocker anyway.

 

 

 

 


  • 0

Advertisements


#11
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hello!

I've taken your suggestions and uninstalled adblock  plus in exchange for Ublock Origin and I've removed and redowloaded Origin. But in the process of doing this I noticed that someone had hacked into my Duolingo account now and changed the email locking me out. I've contacted duolingo support to get this resolved but I can only assume a monster would do something so malicious for a language learning software.

 

Anyway. Here is the fixlog.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-06-2022 01
Ran by GERTY (28-06-2022 17:28:27) Run:2
Running from C:\Users\GERTY\OneDrive\Desktop
Loaded Profiles: GERTY
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {445DA7CA-E069-47D4-9E5D-36520F2E66C6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E7D5E6B7-2D89-4917-A642-AFB03D9A7715} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\Users\GERTY\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5632]
FF Extension: (FxIF) - C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{6e0746af-fa34-4e33-a478-0a0a8785b8a1}.xpi [2021-01-22]
S2 0315601655649074mcinstcleanup; C:\ProgramData\McInstTemp0315601655649074\McInst.exe [939432 2018-12-16] (McAfee, Inc. -> McAfee, Inc.)
2022-06-19 07:31 - 2017-05-18 21:38 - 000000000 ____D C:\ProgramData\McAfee
2022-06-18 17:07 - 2022-06-18 17:07 - 000000000 _____ () C:\ProgramData\R3X8UXYKO0WH0IB1E3EE.exe
CustomCLSID: HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File


*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{445DA7CA-E069-47D4-9E5D-36520F2E66C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{445DA7CA-E069-47D4-9E5D-36520F2E66C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7D5E6B7-2D89-4917-A642-AFB03D9A7715}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7D5E6B7-2D89-4917-A642-AFB03D9A7715}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
HKLM\System\CurrentControlSet\Control\Lsa\\"Notification Packages"="scecli" => value restored successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\Users\GERTY\AppData\Local\Temp => ":$DATA​" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\GERTY\AppData\Roaming\Mozilla\Firefox\Profiles\spvnkvcx.default-1528494074254\Extensions\{6e0746af-fa34-4e33-a478-0a0a8785b8a1}.xpi => moved successfully
0315601655649074mcinstcleanup => service not found.
C:\ProgramData\McAfee => moved successfully
"C:\ProgramData\R3X8UXYKO0WH0IB1E3EE.exe" => not found
HKU\S-1-5-21-1050297925-20334412-4027152003-1003_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1} => removed successfully

==== End of Fixlog 17:28:37 ====


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Sounds like you might have an enemy.  Do you know when the password was changed?  Was it after we started or before?


  • 0

#13
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
The email/password was changed at 3:53 pm yesterday my time. It definitely sounds like someone was mad that I started taking my stuff back.
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I understand it is possible to hack into devices like Ring Cameras and home automation devices so make sure they have uptodate software.  Ditto for your router.  You should change the default password on your router if you haven't already.  Wouldn't hurt to reset the router to default first in case it's already been hacked.  (You will have to redo any WiFi setup so you want to be connected to the router via an Ethernet cord when you do the reset)   Also make sure that your Windows' login (Gerty) has a strong password.  One thing you could do tho it's a bit of a pain is to create a new login say BigG and make it an administrator with a strong password.  Then log in to BiG and remove Gerty's Admin privileges.  That will reduce the chances of a hack doing major damage but anytime you want to install software you will have to right click and run as admin then give the BigG password.  


  • 0

#15
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

So in this order I: changed the wifi password to something very strong, then while the wifi was off on the PC I made a new admin account, then revoked admin priv for Gerty. Then I changed gerty's pw to something stronger as well. Then i reconnected to the wifi. I'm going through the laborious process of changing all the pwords to everything I own whether Its been compromised or not and I suggested to my family they do the same. The ring pword is also being changed (since its not my ring camera but my mothers).

 

I don't know who I pissed off so bad. This feels like a never-ending nightmare.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP