Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Lenovo Laptop extremely slow. Malware and/or software issues suspected

Started by Jamazz , Aug 15 2022 09:55 AM

This topic is locked

#16
Jamazz

Posted 18 August 2022 - 08:08 PM

Member

Topic Starter
Member
90 posts

The Laptop is all back in one piece. Aside from the increased airflow, and a new battery, sadly, there's not much change in operating behavior.

I am running the scan for browser.dll, but the process is taking a while, and FRST is occasionally showing 'Not Responding' in the window.

I confirmed the BIOS ver you mentioned is the right one for this model, using the S/N on the Lenovo website. I downloaded it but am waiting for the results of FRST, to update BIOS. More to come...

#17
Jamazz

Posted 19 August 2022 - 05:47 AM

Member

Topic Starter
Member
90 posts

So, last night, I changed the power options to balanced, cause the way they were customized before, the laptop had the ability to, while on battery, just run itself down to 0 and hard shut off. With sleep mode enabled, it had gone into sleep mode overnight while plugged in. This morning, I had to hold the power button down to shut it down. It was hung at the login screen and I couldn't do anything. Whatever search FRST completed will have to be done again. I powered it back on, but it is still taking forever for it to load. It's still spinning at the Lenovo splash for 10 min. Probably because I had to hard shut down.

When we started cleaning it up, it was able to boot much faster. I think the majority of the issues with it stem from abrupt power loss, one too many times.

#18
Jamazz

Posted 19 August 2022 - 05:49 AM

Member

Topic Starter
Member
90 posts

I think I am going to update BIOS first, then search for browser.dll, unless you want those results, first...

#19
RKinner

Posted 19 August 2022 - 06:09 AM

Malware Expert

Expert
24,624 posts

Probably need to rerun SFC & DISM

#20
Jamazz

Posted 19 August 2022 - 06:17 AM

Member

Topic Starter
Member
90 posts

Okay, holding off on FRST search, and BIOS, and moving onto SFC and DISM.

#21
RKinner

Posted 19 August 2022 - 06:51 AM

Malware Expert

Expert
24,624 posts

You are correct that unexpected power loss can cause file and registry damage so should be avoided.

Usually when it suddenly takes a long time to boot what is happening is that the current settings didn't work and it had to revert to "Last Known Good."

#22
Jamazz

Posted 19 August 2022 - 02:08 PM

Member

Topic Starter
Member
90 posts

Here's the FRST search results for browser.dll

Farbar Recovery Scan Tool (x64) Version: 15-08-2022

Ran by MIKE CATHY (19-08-2022 11:15:45)

Running from C:\Users\MIKE CATHY\Desktop

Boot Mode: Normal

================== Search Files: "browser.dll" =============

C:\Windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\browser.dll

[2022-04-13 12:28][2022-04-13 12:28] 000140800 _____ (Microsoft Corporation) 7BA6EDC4B6C3EF293A59E3C4161859E6 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\r\browser.dll

[2022-04-13 11:50][2022-04-03 03:05] 000001320 _____ () 98DA22EDE4F84037D016AE981FF246F0 [File not signed]

C:\Windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\f\browser.dll

[2022-04-13 11:50][2022-04-03 03:05] 000001422 _____ () 7DB29D1CEFC4E0097B8CC39B9F5E50C6 [File not signed]

C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1889.1.16\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\r\browser.dll

[2022-08-09 16:27][2022-08-04 23:18] 000001320 ____N () 98DA22EDE4F84037D016AE981FF246F0 [File not signed]

C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1889.1.16\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\f\browser.dll

[2022-08-09 16:27][2022-08-04 23:17] 000001422 ____N () 2C54F49BF1259BF8A9C5E1C5A1AD0452 [File not signed]

====== End of Search ======

#23
RKinner

Posted 19 August 2022 - 02:58 PM

Malware Expert

Expert
24,624 posts

The file appears to be missing from C:\Windows\System32 but the first one in the list is the correct file so let's see if FRST can put a copy of the file into the correct folder. This should be a quick fix but I do want it to reboot to see if the error gets fixed.

Download the attached fixlist.txt to the same location as FRST

fixlist.txt 774bytes 111 downloads

Run FRST and press Fix

A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan. Post both logs and the fix log. I need the fix log in case the fixlist doesn't work for some reason.

#24
Jamazz

Posted 19 August 2022 - 04:30 PM

Member

Topic Starter
Member
90 posts

Finished scanning.

1. FixLog

2. FRST log

3. Additions

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022

Ran by MIKE CATHY (19-08-2022 18:01:10) Run:2

Running from C:\Users\MIKE CATHY\Desktop

Loaded Profiles: MIKE CATHY

Boot Mode: Normal

==============================================

fixlist content:

*****************

Unlock: c:\Windows\System32\browser.dll

Copy C:\Windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\browser.dll c:\Windows\System32\

SetDefaultFilePermissions: c:\Windows\System32\browser.dll

CMD: sfc /SCANFILE=c:\windows\system32\browser.dll

CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

Reboot:

*****************

"c:\Windows\System32\browser.dll" => not found

Copy C:\Windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_10.0.19041.1645_none_ed81d0c35351ef0b\browser.dll c:\Windows\System32\ => Error: No automatic fix found for this entry.

"c:\Windows\System32\browser.dll" => not found

========= sfc /SCANFILE=c:\windows\system32\browser.dll =========

Windows Resource Protection could not perform the requested operation.

========= End of CMD: =========

========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

C:\Users\MIKE CATHY\Desktop>wevtutil cl "AMSI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "AMSI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "AirSpaceChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Application"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Cisco-EAP-FAST/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Cisco-EAP-LEAP/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Cisco-EAP-PEAP/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "DirectShowFilterGraph"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "DirectShowPluginControl"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Els_Hyphenation/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "EndpointMapper"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "FirstUXPerf-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "ForwardedEvents"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "General Logging"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "HardwareEvents"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "IHM_DebugChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "InstallUXPerformance-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-SST-CFD-HDA/IntelSST"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Internet Explorer"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Key Management Service"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Lenovo-Sif-Companion/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Lenovo-Sif-Core/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Lenovo-Sif-Device/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Lenovo-Sif-Settings/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MF_MediaFoundationFrameServer"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MedaFoundationVideoProc"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MedaFoundationVideoProcD3D"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationAsyncWrapper"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationContentProtection"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationDS"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationDeviceProxy"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationMP4"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationMediaEngine"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationPerformance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationPerformanceCore"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationPipeline"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationPlatform"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "MediaFoundationSrcPrefetch"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-IE-ReadingView/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-IE/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WS-Licensing/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WS-Licensing/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WS-Licensing/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccessBroker/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccessBroker/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Backup"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEEnum/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/Call"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CredProvHost/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-CredentialProviders/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite-FontCache/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-FontGroups/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IndexedDB-Server"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-International/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LanguageProfile/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Narrator-Inproc/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Diagnostics"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PriResources-Deployment/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PriResources-Deployment/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs3D/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-User-Mode-Transport/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Resource-Leak-Diagnostic/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Certification"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ntshrui"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Navigator"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Network Isolation Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "OfficeChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "OfficeDebugChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "OpenSSH/Admin"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "OpenSSH/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "OpenSSH/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "PlayReadyPerformanceChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "RTWorkQueueExtended"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "RTWorkQueueTheading"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "SMSApi"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Security"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Setup"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "SmbWmiAnalytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "System"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "SystemEventsBroker"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "TabletPC_InputPanel_Channel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "TimeBroker"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "UIManager_Channel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Uac/Debug"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_HEVCDECODER_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WMPSetup"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WMPSyncEngine"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Windows PowerShell"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "Windows.Globalization/Analytic"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "WordChannel"

C:\Users\MIKE CATHY\Desktop>wevtutil cl "muxencode"

========= End of CMD: =========

The system needed a reboot.

==== End of Fixlog 18:02:06 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022

Ran by MIKE CATHY (administrator) on LAPTOP-BPIIB8FF (LENOVO 80TV) (19-08-2022 18:14:07)

Running from C:\Users\MIKE CATHY\Desktop

Loaded Profiles: MIKE CATHY

Platform: Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(BatteryWidgetAddin).exe

(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe

(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe

(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>

(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>

(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe

(explorer.exe ->) () [File not signed] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe

(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(services.exe ->) () [File not signed] C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe

(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe

(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe

(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe

(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe

(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe

(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe

(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )

HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [809472 2016-05-16] () [File not signed]

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [250664 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (No File)

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\Run: [MicrosoftEdgeAutoLaunch_7B46DF534001DA0DC0FF30BF8F71993C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)

HKLM\...\Windows x64\Print Processors\Canon MX920 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBL.DLL [30208 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX920 series: C:\WINDOWS\system32\CNCALBL.DLL [303104 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series: C:\WINDOWS\system32\CNMLMBL.DLL [390656 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

Startup: C:\Users\MIKE CATHY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX920 series Printer WS.lnk [2022-08-12]

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12F685D0-3589-4905-97BE-2E1018974EC6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4965672 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Task: {17EA4F2C-D6C7-4BE4-A520-EBE117D9F91D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService

Task: {18FFB6C8-E7B3-4EE8-B0FF-99CE7E9985D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\28e6e7a3-b735-4617-8912-d295d3eabc16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

Task: {25580CAB-CA42-4084-A809-0086A61B0EE6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)

Task: {330C25D8-5F91-48AD-B249-73E40D4FFC2E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [147864 2022-05-12] (Lenovo -> Lenovo Group Ltd.)

Task: {44244B5A-C2D3-45A4-9B99-2AAACEFF2361} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

Task: {47CF87BC-7D80-42CD-A648-E1EBDA7DD450} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f2b2d6fe-d1c5-45a1-b339-c6eff8807f87 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

Task: {48C93C30-0F96-4E4F-BFE7-2EAF6B3F8A55} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

Task: {4C797DC6-CC26-4F86-87B5-A6843E3636DA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8814c0c9-6b55-4d9a-b3c5-3a8208799964 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

Task: {6823AA50-2B74-4A6F-8CCC-A4E6D8C94072} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

Task: {722B2178-4CEE-4031-AE4F-B68965D0F371} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32

Task: {964D0040-67AD-4E58-AAE2-26C5ED055B60} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\512cb154-b79e-4feb-be57-3b042e08c3d1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

Task: {9882DD45-532F-4E95-97D5-5226E2508815} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

Task: {9BB5E5D9-AB4E-450F-B307-FB150BD0E1AD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies)

Task: {AD374E3F-D197-4348-A328-F17922BD0AD8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

Task: {AD74FA34-928F-45A8-8EA2-59A92A0F0A26} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-09] (Microsoft Windows -> Microsoft Corporation)

Task: {B23C98A1-DB0E-43C9-9F19-0CA6BE6FAF96} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\46117c33-8f9f-4194-bfe4-abd5eab29c6f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

Task: {D9650120-11AA-4D1B-B61E-F30A00963BA7} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-09] (Microsoft Windows -> Microsoft Corporation)

Task: {DE5B2EF5-A28F-470B-8651-18120AEF983D} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService

Task: {F78750E6-6039-4269-A235-DB394B616584} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.132.1

Tcpip\..\Interfaces\{f4ca6036-760d-4fbd-a108-907e8e1f8833}: [DhcpNameServer] 192.168.132.1

Tcpip\..\Interfaces\{f84a3c4a-2052-438d-85ee-d7f4231dced6}: [DhcpNameServer] 96.7.136.14 96.7.137.14

Edge:

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]

Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2022-05-05]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]

Edge DefaultProfile: Default

Edge Profile: C:\Users\MIKE CATHY\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-19]

Chrome:

=======

CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc]

CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [625960 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [625448 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8543840 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [146944 2016-05-16] () [File not signed]

R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\NisSrv.exe [3125128 2022-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe [133560 2022-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 Browser; %SystemRoot%\System32\browser.dll [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)

S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [42000 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [235736 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [389208 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [258128 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [105560 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [24528 2022-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [48144 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [275176 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [554080 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [114112 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [89176 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [860024 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [670904 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [221656 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [324984 2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)

R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)

R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-08-15] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-19 18:14 - 2022-08-19 18:15 - 000022471 _____ C:\Users\MIKE CATHY\Desktop\FRST.txt

2022-08-19 18:01 - 2022-08-19 18:02 - 000105773 _____ C:\Users\MIKE CATHY\Desktop\Fixlog.txt

2022-08-18 22:47 - 2022-08-18 22:47 - 000000000 ____D C:\WINDOWS\Minidump

2022-08-18 22:47 - 2022-08-18 22:47 - 000000000 _____ C:\WINDOWS\Minidump\081822-122625-01.dmp

2022-08-18 21:43 - 2022-08-19 11:31 - 000001601 _____ C:\Users\MIKE CATHY\Desktop\Search.txt

2022-08-17 19:06 - 2022-08-17 19:06 - 000536231 _____ C:\Users\MIKE CATHY\Desktop\Hard Pagefaults.zip

2022-08-17 18:58 - 2022-08-17 18:58 - 000000862 _____ C:\Users\MIKE CATHY\Desktop\LatencyMon.lnk

2022-08-17 18:58 - 2022-08-17 18:58 - 000000000 ____D C:\Program Files\LatencyMon

2022-08-17 18:58 - 2021-03-09 15:07 - 000027744 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys

2022-08-17 18:56 - 2022-08-17 18:57 - 003622480 _____ (Resplendence Software Projects Sp. ) C:\Users\MIKE CATHY\Desktop\LatencyMon.exe

2022-08-17 18:52 - 2022-08-17 18:54 - 000151648 _____ C:\Users\MIKE CATHY\Desktop\Speccy Log.txt

2022-08-17 18:50 - 2022-08-17 18:50 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk

2022-08-17 18:50 - 2022-08-17 18:50 - 000000000 ____D C:\Program Files\Speccy

2022-08-17 18:48 - 2022-08-17 18:48 - 008995336 _____ (Piriform Software Ltd) C:\Users\MIKE CATHY\Desktop\spsetup132.exe

2022-08-17 18:45 - 2022-08-17 18:45 - 000014987 _____ C:\junk.txt

2022-08-17 18:42 - 2022-08-17 18:42 - 000021640 _____ C:\Users\MIKE CATHY\Desktop\Process Explorer Log.txt

2022-08-17 18:36 - 2022-08-17 18:36 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS

2022-08-17 18:35 - 2022-08-17 18:35 - 002839416 _____ (Sysinternals - www.sysinternals.com) C:\Users\MIKE CATHY\Desktop\procexp.exe

2022-08-17 06:17 - 2022-08-17 06:23 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\TeamViewer

2022-08-17 06:17 - 2022-08-17 06:17 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Roaming\TeamViewer

2022-08-17 06:14 - 2022-08-17 06:15 - 025017176 _____ (TeamViewer) C:\Users\MIKE CATHY\Desktop\TeamViewerQS.exe

2022-08-16 20:30 - 2022-08-16 20:30 - 000000000 ____D C:\WINDOWS\system32\gf2engine

2022-08-16 18:04 - 2022-08-16 18:04 - 001728054 _____ C:\Users\MIKE CATHY\Desktop\Virus Scan.bmp

2022-08-16 17:52 - 2022-08-16 17:52 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Roaming\AVG

2022-08-16 17:52 - 2022-08-16 17:52 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\CEF

2022-08-16 17:52 - 2022-08-16 17:52 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\AVG

2022-08-16 17:51 - 2022-08-16 17:51 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk

2022-08-16 17:51 - 2022-08-16 17:51 - 000002070 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk

2022-08-16 17:49 - 2022-08-16 17:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG

2022-08-16 17:48 - 2022-08-19 07:58 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update

2022-08-16 17:48 - 2022-08-16 17:48 - 000860024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000670904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000554080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000389208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000324984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000275176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000270632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe

2022-08-16 17:48 - 2022-08-16 17:48 - 000258128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000235736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000221656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000114112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000105560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000089176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000048144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000042000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000024528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys

2022-08-16 17:48 - 2022-08-16 17:48 - 000000000 ____D C:\Program Files\Common Files\AVG

2022-08-16 17:47 - 2022-08-16 17:47 - 000000000 ____D C:\Program Files\AVG

2022-08-16 17:46 - 2022-08-19 18:04 - 000000000 ____D C:\ProgramData\AVG

2022-08-16 17:45 - 2022-08-16 17:45 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MIKE CATHY\Downloads\avg_antivirus_free_setup.exe

2022-08-16 08:48 - 2022-08-19 08:02 - 000001087 _____ C:\Users\MIKE CATHY\Desktop\SpeedFan.lnk

2022-08-16 08:48 - 2022-08-19 08:02 - 000000000 ____D C:\Program Files (x86)\SpeedFan

2022-08-16 08:48 - 2022-08-16 08:48 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo

2022-08-16 08:47 - 2022-08-16 08:45 - 003086696 _____ C:\Users\MIKE CATHY\Desktop\instspeedfan452_1.exe

2022-08-16 02:09 - 2022-08-16 17:37 - 000000000 ____D C:\Program Files\Lenovo

2022-08-15 11:18 - 2022-08-19 18:15 - 000000000 ____D C:\FRST

2022-08-15 11:18 - 2022-08-17 18:12 - 000000000 ____D C:\Users\MIKE CATHY\Desktop\FRST-OlderVersion

2022-08-15 11:06 - 2022-08-17 18:12 - 002371072 _____ (Farbar) C:\Users\MIKE CATHY\Desktop\FRST64.exe

2022-08-14 22:48 - 2022-08-14 22:48 - 000000000 ___HD C:\$SysReset

2022-08-14 22:00 - 2022-08-14 22:01 - 000000000 ____D C:\Program Files (x86)\Google

2022-08-14 21:38 - 2022-08-14 21:38 - 000000000 ____D C:\WINDOWS\pss

2022-08-13 19:13 - 2022-08-13 19:13 - 000000000 __SHD C:\found.036

2022-08-13 17:19 - 2022-08-13 17:19 - 000001228 _____ C:\Users\MIKE CATHY\Desktop\WSA_SA_Report-Sat_2022-07-23_13-32-28 - Shortcut.lnk

2022-08-09 17:21 - 2022-08-09 17:21 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr

2022-08-09 17:21 - 2022-08-09 17:21 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr

2022-08-09 17:20 - 2022-08-09 17:20 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2022-08-09 17:19 - 2022-08-09 17:19 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe

2022-08-09 17:18 - 2022-08-09 17:18 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll

2022-08-09 17:18 - 2022-08-09 17:18 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

2022-08-09 17:18 - 2022-08-09 17:18 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll

2022-08-09 17:18 - 2022-08-09 17:18 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll

2022-08-09 16:19 - 2022-08-09 16:19 - 000000000 ___HD C:\$WinREAgent

2022-08-08 14:32 - 2022-08-08 14:32 - 000160229 _____ C:\Users\MIKE CATHY\Downloads\Kaitlyn D. Ibrahim, MD.pdf

2022-07-23 13:32 - 2022-07-23 13:32 - 000916254 _____ C:\Users\MIKE CATHY\Desktop\WSA_SA_Report-Sat_2022-07-23_13-32-28.bmp

2022-07-23 13:32 - 2022-07-23 13:32 - 000000079 _____ C:\Users\MIKE CATHY\Desktop\WSA_SA_Report-Sat_2022-07-23_13-32-28.html

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-19 18:06 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2022-08-19 18:05 - 2016-12-30 13:36 - 000000000 __SHD C:\Users\MIKE CATHY\IntelGraphicsProfiles

2022-08-19 18:04 - 2021-01-20 16:51 - 000008192 ___SH C:\DumpStack.log.tmp

2022-08-19 18:04 - 2020-11-19 03:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2022-08-19 18:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState

2022-08-19 18:03 - 2021-01-20 17:02 - 000000000 ____D C:\Users\MIKE CATHY

2022-08-19 18:03 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2022-08-19 18:00 - 2020-11-19 03:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2022-08-19 11:02 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2022-08-19 08:15 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps

2022-08-19 08:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2022-08-18 22:47 - 2020-03-13 23:21 - 1100929714 _____ C:\WINDOWS\MEMORY.DMP

2022-08-18 21:34 - 2017-11-10 20:01 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect

2022-08-17 03:57 - 2020-11-19 03:32 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2022-08-17 03:57 - 2020-11-19 03:32 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2022-08-16 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2022-08-16 20:39 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF

2022-08-16 17:48 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2022-08-16 02:10 - 2016-12-30 13:55 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\Lenovo

2022-08-15 20:09 - 2020-11-19 03:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2022-08-15 12:45 - 2021-12-12 14:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3710523834-1862825545-2785641031-1001

2022-08-15 12:45 - 2021-01-20 17:54 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3710523834-1862825545-2785641031-1001

2022-08-15 12:45 - 2021-01-20 17:02 - 000002405 _____ C:\Users\MIKE CATHY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2022-08-15 11:37 - 2021-01-19 14:02 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\D3DSCache

2022-08-15 10:47 - 2020-11-19 03:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2022-08-15 10:47 - 2020-11-19 03:32 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

2022-08-15 08:19 - 2017-01-03 22:39 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\Google

2022-08-13 17:50 - 2021-01-20 17:11 - 000025524 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2022-08-13 17:43 - 2017-07-08 19:36 - 000000000 ____D C:\ProgramData\WRData

2022-08-13 17:08 - 2017-07-08 19:36 - 000000000 ____D C:\Program Files\Webroot

2022-08-13 17:02 - 2017-07-08 19:37 - 000000000 ____D C:\Users\MIKE CATHY\AppData\Local\lptmp

2022-08-09 23:10 - 2020-11-19 03:30 - 000437736 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2022-08-09 23:06 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences

2022-08-09 23:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2022-08-09 17:18 - 2020-11-19 03:32 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2022-08-09 16:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates

2022-08-09 16:03 - 2016-12-30 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT

2022-08-09 15:51 - 2016-12-30 18:11 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2022-08-07 19:30 - 2016-12-30 16:55 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2022-08-05 19:57 - 2020-03-26 10:07 - 000000000 ____D C:\WINDOWS\TempInst

==================== Files in the root of some directories ========

2022-05-16 13:07 - 2012-09-20 06:00 - 000105472 _____ (CANON INC.) C:\Users\MIKE CATHY\cnmss Canon MX920 series Printer WS (Local).dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022

Ran by MIKE CATHY (19-08-2022 18:22:44)

Running from C:\Users\MIKE CATHY\Desktop

Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2021-01-20 21:55:48)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3710523834-1862825545-2785641031-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3710523834-1862825545-2785641031-503 - Limited - Disabled)

Guest (S-1-5-21-3710523834-1862825545-2785641031-501 - Limited - Disabled)

MIKE CATHY (S-1-5-21-3710523834-1862825545-2785641031-1001 - Administrator - Enabled) => C:\Users\MIKE CATHY

WDAGUtilityAccount (S-1-5-21-3710523834-1862825545-2785641031-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)

AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.7.3245 - AVG Technologies)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.68 - Conexant)

Dolby Audio X2 Windows API SDK (HKLM\...\{27DBA722-5298-4184-9535-C529EDF3C82D}) (Version: 0.7.1.56 - Dolby Laboratories, Inc.)

Dolby Audio X2 Windows APP (HKLM\...\{C55DB969-8BE0-4D7F-BF27-B8D316D944D6}) (Version: 0.7.1.59 - Dolby Laboratories, Inc.)

H&R Block Deluxe + Efile + State 2016 (HKLM-x32\...\{E7065AD9-D2DB-423B-B853-8310038D7D42}) (Version: 16.05.6401 - HRB Technology, LLC.)

H&R Block Pennsylvania 2016 (HKLM-x32\...\{BAECF4E0-1EB0-4CBA-A0D9-09BA014038A3}) (Version: 1.16.3501 - HRB Technology, LLC.)

Intel® Chipset Device Software (HKLM\...\{47DC837D-ECA6-49AF-9904-1427BB94EF4C}) (Version: 10.1.1.27 - Intel Corporation) Hidden

Intel® Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{2B8D577D-4E81-4F0B-A63D-0A4D5C897B5A}) (Version: 11.5.0.1015 - Intel Corporation) Hidden

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4471 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{FBE0EFD3-4A1F-4E28-A26B-6FAD2DD1AAE4}) (Version: 15.0.0.1039 - Intel Corporation) Hidden

LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)

Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.63 - Microsoft Corporation)

Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden

Microsoft OneDrive (HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\OneDriveSetup.exe) (Version: 22.151.0717.0001 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.887.051116 - REALTEK Semiconductor Corp.)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)

REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0286 - REALTEK Semiconductor Corp.)

Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)

User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden

User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)

Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)

Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:

=========

AdBlock -> C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2022-05-05] (BetaFish)

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)

Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.224.300.0_x64__kgqvnymyfvs32 [2022-08-13] (king.com)

Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)

Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)

Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2207.2.0_x64__k1h2ywk1493x8 [2022-08-03] (LENOVO INC.)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad]

Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-06] (Microsoft Corporation)

Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation)

Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0 [2022-08-05] (Spotify AB) [Startup Task]

Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2022-03-13] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-08-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-16 04:31 - 2022-06-16 04:31 - 000355840 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\2b8c809e451b1c9f7f7c0b7a9553a86f\Interop.CxHDAudioAPILib.ni.dll

2016-10-26 21:20 - 2016-03-10 22:07 - 001145856 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2015-10-30 03:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\Control Panel\Desktop\\Wallpaper ->

DNS Servers: 192.168.132.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SmartAudio"

HKLM\...\StartupApproved\Run: => "LenovoUtility"

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"

HKU\S-1-5-21-3710523834-1862825545-2785641031-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{68717F48-52B5-456D-86BD-947D64669C0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{B80247AF-1727-42DA-BFA4-876F51ADC2A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{6214189B-7538-4E80-BEC3-D696CD974D6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{95D0D028-FBCD-4B8C-8E11-6AF0E8442F9E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{FE83B42B-3D52-4398-A9C2-B834F5B69FC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D1EC56FA-9FA1-492A-A47A-8603953F396F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{5788E05C-47BA-43BF-9AEB-9A14288D0485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{9D4F20F3-9232-40EB-8C52-12752D8611AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{4C43D96E-3B6E-4AA8-BB68-D6C1866F4521}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{86E16723-1599-4B8F-BCEC-65971E63D25D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{D8DE283F-7584-40FC-A308-23C7860BA973}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{150E3E1C-B629-4B24-B4BD-B67F1BF6B711}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{6A50EEA1-39D2-4CB0-BA63-BC687ED6973C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{5CEFC0EC-CED1-4BC1-ADBA-73BA58341AD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{3204917C-316E-439E-8543-D2AB8BD9E8DB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

System errors:

=============

Error: (08/19/2022 06:12:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Browser service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (08/19/2022 06:12:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect.