Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Chrome not working; cannot reinstall + other issues

Chrome not working NordVPN Microsoft Office Teams

  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP

There is a limit to how many attachments you can upload.  After hitting More Reply Options you should see how many KB you still have to upload to the right of the Attach this file button.  You can free up more by deleting some of your earlier attachments from earlier posts.  Click on your profile picture then on Edit My Profile then Manage Attachments and you will get a list of attachments.  Best to remove attachments from earlier topics rather than the current topic.


  • 0

Advertisements


#17
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

RKinner--

 

I finished running the FRST logs. I hope it's OK to paste them here (per your instructions). 

FRST
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by indre (administrator) on DESKTOP-EL88UDV (Dell Inc. OptiPlex 7440 AIO) (21-09-2022 17:57:29)
Running from C:\Users\indre\Desktop
Loaded Profiles: indre
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2075 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Systems, Incorporated -> ) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\FullTrustNotifier.exe <2>
(C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe ->) (Adobe Systems, Incorporated -> ) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe ->) (Digiarty Software, Inc. -> ) C:\Program Files (x86)\DearMob\5KPlayer\Airplay.exe
(C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_isolation.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksdeui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe ->) (Dell Inc -> CREDANT Technologies, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.UserProcess.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\DELL\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <5>
(C:\Program Files\WD Desktop App\kdd.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(cmd.exe ->) (AO Kaspersky Lab -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\plugin-nm-server-v2.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxCUIService.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(explorer.exe ->) (Amazon.com Services LLC -> Amazon.com Services LLC) C:\Users\indre\AppData\Local\Amazon Music\Amazon Music Helper.exe
(explorer.exe ->) (Digiarty Software, Inc. -> DearMob) C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(explorer.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\DELL\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> CREDANT Technologies, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dell Inc -> Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe
(services.exe ->) (Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e192e6f3fb1cfc71\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxCUIService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel® Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853248 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1176208 2017-11-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81380632 2022-08-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5930664 2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2020-05-10] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1067528 2022-08-01] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2253824 2022-09-02] (Western Digital Technologies, Inc.) [File not signed]
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [81920 2022-09-16] (IDrive, Inc. -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1999360 2022-09-16] (IDrive, Inc. -> Prosoftnet)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe [520520 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-17] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [19957744 2020-07-20] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [5KPlayer] => C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe [28298416 2020-11-06] (Digiarty Software, Inc. -> DearMob)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491880 2022-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491880 2022-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Amazon Music Helper] => C:\Users\indre\AppData\Local\Amazon Music\Amazon Music Helper.exe [2364136 2022-08-29] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [MicrosoftEdgeAutoLaunch_BC89F74D4A624CBBDDBE674EE3E0DCB7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-09-20] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\indre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-09-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08E2F16C-4C59-4C34-A03C-C83EEEDEBBDE} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {0C0614F0-18B6-495C-99F1-B61633EE7B2A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {0E107EE9-EEF8-480E-8C33-78E3BF76A637} - System32\Tasks\GoogleUpdateTaskMachineCore{06460A97-B630-4D12-8B39-D4A2780E78F0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-09-21] (Google LLC -> Google LLC)
Task: {100B6404-6CCC-4018-A014-D597C7618766} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14B04756-2580-4AB3-9350-357AC3C835BF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A7083EE-1560-4F9B-A7D4-B95F3616D602} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1E20F289-46AA-4529-B808-962BFEF268A3} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {296A4BE8-8902-490B-A25E-95C111CE49B3} - System32\Tasks\WD Discovery Service Task indre => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [79640 2022-08-30] (Western Digital Technologies, Inc. -> )
Task: {39820E81-9B7D-411F-A870-C6BEBCB2BF30} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {3DDB5713-5663-4799-B2F6-7058A89D22E7} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {4045CF22-5707-4412-95CB-E0F107C7D1D3} - System32\Tasks\GoogleUpdateTaskMachineUA{2B0E60C8-E5C9-435D-AE3F-CA0B18A33643} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-09-21] (Google LLC -> Google LLC)
Task: {436F3EDB-E7F2-409F-863A-7CF02B20E8CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {4BE97605-CD81-4915-9F76-A1B3ABD543F3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {57DABF48-DFC7-400C-B29B-492FF8550638} - System32\Tasks\SensorFramework-LogonTask-{100ee514-48c8-f419-6760-6fb8cb2767cd} => C:\Program Files (x86)\Microsoft Intune Management Extension\SensorLogonTask.exe SensorFramework-LogonTask-{100ee514-48c8-f419-6760-6fb8cb2767cd} (No File)
Task: {5EF9065E-7942-4205-9A7E-625FDF39B32F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {5F8016B5-B006-4905-8429-B317DEBB6EB7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D0AA64B-75B4-49CF-9C53-3BF5D9356A9D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {72D1A690-09F3-468C-9CF7-06219605059A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2022-06-21] (Dell Inc -> Dell Inc.)
Task: {77CD022A-C3AF-423F-9B06-60A655930163} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7ED6E7E3-A177-4A53-91A2-1D8CEFEAA71D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {82F39D33-C846-4F84-8898-8F68198ADD97} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {8B3F29DA-404A-4CB9-8309-9D94ECAA8D3F} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink)
Task: {8D960D58-2C65-4690-A008-63A3B9664FD6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {B11E9FFA-C95C-4D42-BF8F-57C13DBCFB84} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {C8F83BFB-17D1-4216-9FDB-8A1D4EC6F071} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-07-17] (Garmin International, Inc. -> )
Task: {D4C22D3B-F5CF-463E-9D7D-3DF2048566BE} - System32\Tasks\Run Dashboardindre => C:\Program Files (x86)\Western Digital\SSD Dashboard\Dashboard.exe (No File)
Task: {D6A7A9A7-BA76-41A0-9C69-2C91F981F25F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmtNonCritical\DD4B2BB6-A253-401B-A25E-FF19DD697B8F\Queued Schedule created for queued alerts => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {E275C8F9-54BE-4E4F-8E85-113C4BCFBAC5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4EB95E3-3934-4831-8639-C2570619ECDB} - System32\Tasks\WD Device Agent Task indre => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [724760 2022-08-30] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {ED082E4D-DEE0-46A9-B2E0-0AB299BCFE27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFEB58D0-ABA3-4550-89B1-3E64A90A578C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB2684E5-A584-479A-9F89-467339E8063A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79b54ee4-f8e3-4a70-9b1c-941bcd878883}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{79b54ee4-f8e3-4a70-9b1c-941bcd878883}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d6ef5443-2cd7-486e-843e-79ccb5a10cac}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{d6ef5443-2cd7-486e-843e-79ccb5a10cac}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
DownloadDir: C:\Users\indre\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\indre\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-21]
Edge DownloadDir: Default -> C:\Users\indre\Downloads
Edge Notifications: Default -> hxxps://filehippo.com
Edge Extension: (Kaspersky Protection) - C:\Users\indre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-02]
Edge Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2022-09-09]
Edge HKU\S-1-5-21-1593158232-969496310-2340663774-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
 
FireFox:
========
FF DefaultProfile: 1cu7vqt4.default-1534000050440
FF ProfilePath: C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704 [2022-09-21]
FF Notifications: Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704 -> hxxps://cahealthcorps.lightning.force.com; hxxps://www.picard.fr; hxxps://mail.google.com; hxxps://www.verizon.com
FF Extension: (Honey) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704\Extensions\[email protected] [2021-06-24]
FF Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704\Extensions\[email protected] [2022-02-16] [UpdateUrl:hxxps://special.s.kaspersky-labs.com/firefox_extensions/kpm_win_add_on/update.json]
FF Extension: (Kaspersky Protection) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704\Extensions\[email protected] [2022-08-01]
FF ProfilePath: C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440 [2022-09-20]
FF Homepage: Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440 -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440 -> hxxps://www.watchepisodes4.com
FF Extension: (Notifier for Gmail™) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440\Extensions\[email protected] [2019-03-31]
FF Extension: (Honey) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440\Extensions\[email protected] [2019-09-08]
FF Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440\Extensions\[email protected] [2019-10-15] [UpdateUrl:hxxps://special.s.kaspersky-labs.com/firefox_extensions/kpm_win_add_on/update.json]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-08-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-08-01] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-11-21] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-07-18] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-11-21] <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-07-18] <==== ATTENTION
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default [2022-09-21]
CHR Extension: (Kaspersky Protection) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-02]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-09-13]
CHR Extension: (Notifier for Gmail™) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-21]
CHR Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2022-09-02]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-09-19]
CHR Extension: (Google Docs Offline) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-23]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2022-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\indre\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-12]
CHR Profile: C:\Users\indre\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-21]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-1593158232-969496310-2340663774-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923656 2022-08-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131256 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2016-06-07] (Dell Inc. -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [138448 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [151552 2015-06-29] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44448 2022-04-27] (Dell Inc -> )
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe [22280 2016-07-13] (Dell Inc -> CREDANT Technologies, Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe [35080 2016-07-13] (Dell Inc -> Dell Inc.)
R3 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe [52488 2016-07-13] (Dell Inc -> Dell, Inc.)
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [134560 2022-02-19] (Dell Inc -> Dell)
S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [414208 2022-09-16] (IDrive, Inc. -> Prosoftnet)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel® Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel® Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.7; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksde.exe [32008 2022-07-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [300408 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1411056 2020-07-20] (Plex, Inc. -> Plex, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [137056 2022-06-21] (Dell Inc -> Dell Inc.)
S2 tcsd_win32.exe; C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\tcsd_win32.exe [1636352 2012-12-10] (Security Innovation, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-03-10] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1586112 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [95680 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [360008 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_klif_klark_052DDBD0; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\052DDBD0EDED349AFBD4C2289646C77D\klupd_klif_klark.sys [357136 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187192 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270752 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 NDivert; C:\Program Files\NordVPN\7.0.15.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.)
R0 SEDFilter; C:\WINDOWS\System32\DRIVERS\SEDFilter.sys [197808 2016-07-13] (Dell Inc -> Dell Inc.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13920 2016-09-11] (SlimWare Utilities Inc. -> )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Intel® Wireless Display -> Windows ® Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2022-09-02] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-21] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-21] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2022-03-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-09-21 17:57 - 2022-09-21 17:58 - 000054588 ____C C:\Users\indre\Desktop\FRST.txt
2022-09-21 17:54 - 2022-09-21 17:54 - 000000000 ____D C:\Users\indre\Downloads\FRST-OlderVersion
2022-09-21 17:53 - 2022-09-21 17:53 - 000187192 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-09-21 17:51 - 2022-09-21 17:54 - 002371072 _____ (Farbar) C:\Users\indre\Desktop\FRST64.exe
2022-09-21 17:26 - 2022-09-21 17:26 - 005066722 _____ C:\Users\indre\Downloads\CONSOLIDATED EMSA Invoice Review Tracker 092022 (1).xlsx
2022-09-21 16:46 - 2022-09-21 16:46 - 014278656 _____ C:\Users\indre\Downloads\WindowsPCHealthCheckSetup.msi
2022-09-21 16:46 - 2022-09-21 16:46 - 000001347 ____C C:\Users\indre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-09-21 16:46 - 2022-09-21 16:46 - 000000000 ____D C:\Users\indre\AppData\Local\PCHealthCheck
2022-09-21 16:20 - 2022-09-21 16:20 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-21 16:20 - 2022-09-21 16:20 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-21 16:19 - 2022-09-21 16:19 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{2B0E60C8-E5C9-435D-AE3F-CA0B18A33643}
2022-09-21 16:19 - 2022-09-21 16:19 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{06460A97-B630-4D12-8B39-D4A2780E78F0}
2022-09-21 16:19 - 2022-09-21 16:19 - 000000000 ____D C:\Program Files\Google
2022-09-21 16:18 - 2022-09-21 16:18 - 092324400 _____ (Google LLC) C:\Users\indre\Downloads\ChromeStandaloneSetup64.exe
2022-09-21 16:14 - 2022-09-21 16:14 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-09-21 16:14 - 2022-09-21 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-09-21 16:14 - 2022-09-21 16:14 - 000000000 ____D C:\Program Files\VS Revo Group
2022-09-21 16:13 - 2022-09-21 16:13 - 007521232 _____ (VS Revo Group ) C:\Users\indre\Downloads\revosetup.exe
2022-09-21 16:07 - 2022-09-21 16:07 - 001427176 _____ (Google LLC) C:\Users\indre\Downloads\ChromeSetup(2).exe
2022-09-21 15:52 - 2022-09-21 15:52 - 001427176 _____ (Google LLC) C:\Users\indre\Downloads\ChromeSetup(1).exe
2022-09-21 15:38 - 2022-09-21 15:38 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-09-21 15:38 - 2022-09-21 15:38 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-09-21 14:31 - 2022-09-21 14:31 - 000001422 ____C C:\Users\indre\Desktop\Step 3 for comp fix for RKinner.txt
2022-09-21 13:18 - 2022-09-21 13:18 - 000003109 ____C C:\Users\indre\Desktop\Step 2 for comp fix for RKinner.txt
2022-09-21 13:05 - 2022-09-21 13:05 - 000000522 ____C C:\Users\indre\Desktop\Step 1 for comp fix for RKinner.txt
2022-09-21 12:01 - 2022-09-21 12:01 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BEAB6EB1CE5-7-0_c_w_.exe
2022-09-21 11:58 - 2022-09-21 11:58 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BEA9506C534-7-0_c_w_.exe
2022-09-21 11:55 - 2022-09-21 11:55 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BEA031FAE51-7-0_c_w_.exe
2022-09-21 05:36 - 2022-09-21 05:36 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BB4C581E5DE-7-0_c_w_.exe
2022-09-21 05:34 - 2022-09-21 05:34 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BB4A17E8811-7-0_c_w_.exe
2022-09-21 05:27 - 2022-09-21 05:27 - 274571184 _____ (Citrix Systems, Inc.) C:\Users\indre\Downloads\CitrixWorkspaceApp.exe
2022-09-21 04:37 - 2022-09-21 04:37 - 000025152 _____ C:\Users\indre\Desktop\Temecula invoices to date 092022.xlsx
2022-09-21 03:40 - 2022-09-21 03:40 - 000265600 _____ C:\Users\indre\Downloads\ZoomInfoContactContributor(1).exe
2022-09-21 02:42 - 2022-09-21 13:57 - 002589142 _____ C:\Users\indre\Desktop\junk junk EMSA T 092022 PM.xlsx
2022-09-21 02:40 - 2022-09-21 02:40 - 005394205 _____ C:\Users\indre\Downloads\CONSOLIDATED EMSA Invoice Review Tracker 092022.xlsx
2022-09-21 01:23 - 2022-09-21 01:23 - 002187661 _____ C:\Users\indre\Downloads\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (2).xlsx
2022-09-21 01:19 - 2022-09-21 01:19 - 000607911 _____ C:\Users\indre\Downloads\Jeremy EMSA Invoice Submissions September 20 2022.xlsx
2022-09-21 01:16 - 2022-09-21 01:16 - 002187232 _____ C:\Users\indre\Downloads\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (1).xlsx
2022-09-21 01:11 - 2022-09-21 01:11 - 002185307 _____ C:\Users\indre\Downloads\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422.xlsx
2022-09-21 01:01 - 2022-09-21 01:02 - 002169171 _____ C:\Users\indre\Downloads\Copy of 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (2).xlsx
2022-09-21 01:01 - 2022-09-21 01:01 - 002169171 _____ C:\Users\indre\Downloads\Copy of 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422.xlsx
2022-09-21 01:01 - 2022-09-21 01:01 - 002169171 _____ C:\Users\indre\Downloads\Copy of 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (1).xlsx
2022-09-21 00:57 - 2022-09-21 00:57 - 002172514 _____ C:\Users\indre\Downloads\Joseph 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422.xlsx
2022-09-21 00:21 - 2022-09-21 00:21 - 001427176 _____ (Google LLC) C:\Users\indre\Downloads\ChromeSetup.exe
2022-09-20 23:01 - 2022-09-20 23:03 - 000000000 ____D C:\Users\indre\AppData\Local\NordVPN
2022-09-20 23:01 - 2022-09-20 23:02 - 000001959 ____C C:\Users\indre\Desktop\NordVPN.lnk
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\ProgramData\NordVPN
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\Program Files\NordVPN
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2022-09-20 23:00 - 2022-09-20 23:00 - 000000000 ____D C:\ProgramData\NordUpdater
2022-09-20 23:00 - 2022-09-20 23:00 - 000000000 ____D C:\Program Files\NordUpdater
2022-09-20 22:46 - 2022-09-20 22:46 - 000000000 ____D C:\Users\indre\AppData\Local\Sentry
2022-09-20 20:26 - 2022-09-20 20:26 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 000012251 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-20 20:25 - 2022-09-20 20:25 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-20 20:12 - 2022-09-20 20:12 - 000000000 ___HD C:\$WinREAgent
2022-09-20 16:25 - 2022-09-20 16:26 - 000000000 ___DC C:\Users\indre\Desktop\NordVPN crap
2022-09-20 11:06 - 2022-09-20 14:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-09-19 09:17 - 2022-09-19 09:18 - 000000000 ___HD C:\adobeTemp
2022-09-18 00:43 - 2022-09-18 00:43 - 000000163 ____C C:\Users\indre\Desktop\heehaw.txt
2022-09-16 18:01 - 2022-09-16 18:49 - 000089311 _____ C:\Users\indre\Desktop\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 UPDATED.xlsx
2022-09-16 15:13 - 2022-09-16 15:13 - 000001135 _____ C:\Users\Public\Desktop\IDrive.lnk
2022-09-16 15:13 - 2022-09-16 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDrive
2022-09-16 14:28 - 2022-09-16 04:15 - 000173906 ____C C:\Users\indre\Desktop\St. Joes with misapplied credit memos check # 367007 (GS-3121).pdf
2022-09-16 14:28 - 2022-09-16 04:14 - 000184927 ____C C:\Users\indre\Desktop\St. Joes with misapplied credit memos check # 366534 (GS-1959).pdf
2022-09-16 14:28 - 2022-09-16 04:13 - 000189004 ____C C:\Users\indre\Desktop\St. Joes with misapplied credit memo check # 372393 (GS-3261).pdf
2022-09-15 15:52 - 2022-09-15 15:56 - 000304212 ____C C:\Users\indre\Desktop\OAK VALLEY HOSPITAL DISTRICT GS-266 061521 for SA.pdf
2022-09-15 08:21 - 2022-09-15 08:21 - 000001247 _____ C:\Users\Public\Desktop\WD Security.lnk
2022-09-15 08:20 - 2022-09-15 08:20 - 000001192 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2022-09-15 08:18 - 2021-06-02 09:01 - 002981056 _____ (Intel Corporation) C:\WINDOWS\system32\iaStorAfsService.exe
2022-09-15 08:18 - 2021-06-02 09:01 - 000220352 _____ (Intel Corporation) C:\WINDOWS\system32\iaStorAfsNative.exe
2022-09-15 08:18 - 2021-06-02 09:01 - 000113328 _____ (Intel Corporation) C:\WINDOWS\system32\Optane.dll
2022-09-15 08:18 - 2021-06-02 09:01 - 000073408 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAfs.sys
2022-09-14 19:36 - 2022-09-14 19:36 - 000002015 ____C C:\Users\indre\Desktop\Oak Valley Crap.txt
2022-09-14 19:12 - 2022-09-14 19:12 - 000142048 ____C C:\Users\indre\Desktop\Oak Valley with misapplied credit check # 158666 COPY.pdf
2022-09-14 14:07 - 2022-09-15 21:10 - 000043124 _____ C:\Users\indre\Desktop\Oak Valley invoices to date 091422.xlsx
2022-09-14 00:39 - 2022-09-14 00:39 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2022-09-14 00:39 - 2022-09-14 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-09-14 00:39 - 2022-09-14 00:39 - 000000000 ____D C:\Program Files\iTunes
2022-09-13 20:03 - 2022-09-13 20:03 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-13 20:03 - 2022-09-13 20:03 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-13 20:03 - 2022-09-13 20:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-13 13:24 - 2022-09-13 13:24 - 000665405 ____C C:\Users\indre\Desktop\Oak Valley Credit Memo GS-008CR.pdf
2022-09-13 12:47 - 2022-09-14 13:51 - 000029865 _____ C:\Users\indre\Desktop\Oak Valley invoices to date 091322.xlsx
2022-09-13 10:44 - 2022-09-13 10:44 - 000360008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-09-08 22:48 - 2022-09-08 22:48 - 000000000 ____D C:\Users\indre\Creative Cloud Files
2022-09-02 00:15 - 2022-09-02 00:15 - 000025704 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2022-08-30 12:44 - 2022-08-30 12:44 - 000001281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-08-30 12:44 - 2022-08-30 12:44 - 000001151 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-08-22 05:37 - 2022-08-22 05:37 - 000001514 _____ C:\Users\indre\Desktop\Kaspersky Password Manager.lnk
2022-08-22 05:37 - 2022-08-22 05:37 - 000000000 ____D C:\Program Files (x86)\dotnet
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-09-21 17:58 - 2022-06-05 12:16 - 000000000 ____D C:\ProgramData\IDrive
2022-09-21 17:57 - 2019-11-08 23:10 - 000000000 ____D C:\FRST
2022-09-21 17:48 - 2016-11-18 22:39 - 000000000 ___DC C:\Users\indre\AppData\LocalLow\Mozilla
2022-09-21 17:45 - 2022-02-08 17:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-21 17:37 - 2021-01-08 22:13 - 000000000 ____D C:\Users\indre\AppData\Roaming\5KPlayer
2022-09-21 17:37 - 2019-07-12 12:50 - 000000000 ___DC C:\Users\indre\AppData\Roaming\WD Discovery
2022-09-21 17:37 - 2019-07-12 12:50 - 000000000 ____D C:\Users\indre\.wdc
2022-09-21 17:36 - 2016-09-11 19:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-21 17:36 - 2016-09-11 19:30 - 000000000 __SHD C:\Users\indre\IntelGraphicsProfiles
2022-09-21 17:30 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-21 17:26 - 2017-11-15 23:37 - 000000000 ___DC C:\Users\indre\AppData\Local\Packages
2022-09-21 17:12 - 2021-03-02 03:06 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-09-21 16:56 - 2021-03-10 11:01 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-21 16:56 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-21 16:51 - 2021-10-09 19:22 - 000000000 ____D C:\Program Files\TeamViewer
2022-09-21 16:51 - 2021-03-10 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-21 16:51 - 2021-03-10 10:51 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-21 16:51 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-21 16:03 - 2021-02-11 18:26 - 000000000 ____D C:\WINDOWS\SensorFramework
2022-09-21 15:59 - 2016-09-11 19:56 - 000000000 ___DC C:\Users\indre\AppData\Local\Google
2022-09-21 13:37 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-21 12:01 - 2019-09-08 06:25 - 000000000 ____D C:\Users\indre\AppData\Local\SquirrelTemp
2022-09-21 11:46 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-21 05:32 - 2020-04-29 23:59 - 000000000 ____D C:\Users\indre\AppData\Local\Citrix
2022-09-21 05:29 - 2020-04-29 23:57 - 000000000 ____D C:\Program Files (x86)\Citrix
2022-09-21 05:29 - 2016-09-18 09:35 - 000000000 ___DC C:\Users\indre\AppData\Local\CrashDumps
2022-09-21 00:35 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-21 00:35 - 2018-05-23 14:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-21 00:27 - 2018-05-28 15:00 - 000000000 ___DC C:\Users\indre\AppData\Local\D3DSCache
2022-09-20 23:55 - 2021-03-10 10:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-20 22:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-20 22:46 - 2021-01-13 15:03 - 000000000 ____D C:\Users\indre\AppData\Roaming\Citrix
2022-09-20 20:56 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-20 20:56 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-20 20:32 - 2021-03-10 10:51 - 000458192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-20 20:29 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-09-20 20:29 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-09-20 20:25 - 2021-03-10 10:53 - 003012608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-20 20:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-20 18:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Registration
2022-09-20 14:37 - 2019-11-21 01:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-20 11:33 - 2021-09-25 19:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-20 11:33 - 2019-11-21 01:01 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-17 11:13 - 2020-06-23 21:09 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-17 11:13 - 2020-06-23 21:09 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-16 22:19 - 2017-07-15 20:02 - 000013891 ____C C:\Users\indre\Documents\Indy's Finances.xlsx
2022-09-16 17:24 - 2021-02-20 16:19 - 000000000 ___DC C:\Users\indre\Desktop\Work Stuff
2022-09-16 16:47 - 2016-09-17 01:49 - 000000000 ___DC C:\Users\indre\Documents\Funny stuff
2022-09-16 15:13 - 2022-06-05 12:16 - 000000000 ____D C:\Program Files (x86)\IDriveWindows
2022-09-16 11:39 - 2016-08-09 19:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-09-15 08:21 - 2019-07-12 12:14 - 000000000 ____D C:\Program Files (x86)\Western Digital
2022-09-15 08:21 - 2016-08-09 19:33 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-15 08:20 - 2021-03-02 03:06 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-09-15 08:18 - 2017-05-21 14:10 - 000000000 ____D C:\Program Files\Intel
2022-09-14 17:21 - 2021-12-12 22:03 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1593158232-969496310-2340663774-1001
2022-09-14 17:21 - 2021-03-10 10:59 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1593158232-969496310-2340663774-1001
2022-09-14 17:21 - 2021-03-10 10:52 - 000002381 ____C C:\Users\indre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-14 00:44 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-13 17:05 - 2016-09-12 20:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 17:00 - 2016-09-12 20:20 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-11 23:56 - 2022-08-01 10:22 - 000000000 ____D C:\Users\indre\AppData\Roaming\com.adobe.dunamis
2022-09-11 19:07 - 2021-03-10 10:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-11 19:07 - 2016-09-16 22:23 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-09-10 11:23 - 2022-02-21 19:39 - 000000000 ___DC C:\Users\indre\Desktop\Lingoda
2022-09-10 10:25 - 2021-03-02 03:16 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-09-10 10:25 - 2021-03-02 03:16 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-08 22:48 - 2021-03-10 10:52 - 000000000 ____D C:\Users\indre
2022-09-05 15:30 - 2019-07-06 12:57 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-09-05 15:27 - 2019-07-06 12:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-09-05 15:27 - 2019-04-21 20:37 - 000000000 ___DC C:\Users\indre\AppData\Local\Plex Media Server
2022-09-03 23:02 - 2022-02-08 00:12 - 000000000 ____D C:\Users\indre\AppData\Local\Amazon Music
2022-09-02 06:22 - 2022-02-08 00:12 - 000001261 ____C C:\Users\indre\Desktop\Amazon Music.lnk
2022-09-01 17:38 - 2021-09-21 16:08 - 000000000 ___DC C:\Users\indre\Documents\Outlook Files
2022-08-30 12:44 - 2019-07-06 12:59 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-08-30 02:14 - 2019-07-12 12:50 - 000000000 ____D C:\Program Files\WD Desktop App
2022-08-30 02:13 - 2021-03-10 10:59 - 000003236 _____ C:\WINDOWS\system32\Tasks\WD Discovery Service Task indre
2022-08-30 02:13 - 2021-03-10 10:59 - 000003172 _____ C:\WINDOWS\system32\Tasks\WD Device Agent Task indre
2022-08-26 17:26 - 2022-04-05 20:23 - 000000000 ____D C:\Program Files\dotnet
2022-08-26 13:27 - 2021-02-11 18:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Intune Management Extension
2022-08-25 21:54 - 2021-03-02 03:06 - 000000000 ____D C:\Program Files\Adobe
2022-08-23 02:53 - 2021-03-10 10:59 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-22 05:37 - 2022-07-02 16:39 - 000001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk
 
==================== Files in the root of some directories ========
 
2021-01-05 14:41 - 2021-01-05 14:41 - 000000171 _____ () C:\Users\indre\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2021-01-08 11:47 - 2021-01-08 11:47 - 000003584 _____ () C:\Users\indre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-03-02 03:22 - 2021-03-02 03:22 - 000000000 _____ () C:\Users\indre\AppData\Local\oobelibMkey.log
2018-11-19 21:23 - 2018-11-19 21:23 - 000000017 ____C () C:\Users\indre\AppData\Local\resmon.resmoncfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by indre (21-09-2022 17:58:49)
Running from C:\Users\indre\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2075 (X64) (2021-03-10 14:59:13)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1593158232-969496310-2340663774-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1593158232-969496310-2340663774-503 - Limited - Disabled)
Guest (S-1-5-21-1593158232-969496310-2340663774-501 - Limited - Disabled)
indre (S-1-5-21-1593158232-969496310-2340663774-1001 - Administrator - Enabled) => C:\Users\indre
WDAGUtilityAccount (S-1-5-21-1593158232-969496310-2340663774-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.4 - DearMob, Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 22.002.20212 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.002.20212 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.8.0.592 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601013}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Amazon Amazon Music) (Version: 9.2.1.2362 - Amazon.com Services LLC)
Angry Birds (HKLM-x32\...\{2F7D5734-056F-4A0A-A1C7-CA1AAE5BB1EB}) (Version: 1.6.3.1 - Rovio)
ANT Drivers Installer x64 (HKLM\...\{A071AD95-7C51-4DAF-8EDE-9F4177B7E461}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E}) (Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
BBCiPlayerDownloads (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\bbciplayerdownloads) (Version: 2.13.8 - British Broadcasting Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BurnAware Free 12.8 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CutePDF Form Filler 3.6 (Evaluation) (HKLM-x32\...\CutePDF Form Filler (Evaluation)_is1) (Version:  - Acro Software Inc.)
CyberLink Media Suite 12 (HKLM-x32\...\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}) (Version: 12.2.0324.52004 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7027 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5201 - CyberLink Corp.) Hidden
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2826.0 - CyberLink Corp.) Hidden
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.2.0 - Dell Inc.)
Dell Data Protection | Client Security Framework (HKLM\...\{FAE38E46-ECB2-44EA-A52B-6955AA6B1B3A}) (Version: 8.10.0.39 - Dell, Inc.)
Dell Data Protection | Security Tools (HKLM-x32\...\{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.10.0.34 - Dell, Inc.) Hidden
Dell Data Protection | Security Tools (HKLM-x32\...\InstallShield_{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.10.0.34 - Dell, Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{4F8A3BC3-641C-4B0D-AF46-EA3354016EA7}) (Version: 3.11.4.29 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
DELLOSD (HKLM-x32\...\{BED3193A-897B-47F6-AEDC-45D147122957}) (Version: 1.0.0.0 - DELL)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
Elevated Installer (HKLM-x32\...\{227800FE-F7F3-4D26-8747-B6310897C027}) (Version: 6.16.0.0 - Garmin Ltd or its subsidiaries) Hidden
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Garmin Express (HKLM-x32\...\{15948BCE-93A0-4A0E-B5D5-8835A9910B0F}) (Version: 6.16.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{efd0980b-3809-4ebf-bc23-b9f085da971a}) (Version: 6.16.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.18.34.21 - HP Inc.)
IDrive version 6.7.4.28 (HKLM-x32\...\IDrive_is1) (Version: 6.7.4.28 - Pro Softnet Corp)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Chipset Device Software (HKLM\...\{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}) (Version: 10.1.1.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Network Connections 20.3.300.1 (HKLM\...\{2CC91F8D-A76E-4528-92C3-63F87D3E5D00}) (Version: 20.3.300.1 - Intel) Hidden
Intel® Network Connections 20.3.300.1 (HKLM\...\PROSetDX) (Version: 20.3.300.1 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7263 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{8B93CAC3-6008-4C17-9FB0-B4F6F90FF316}) (Version: 17.2.0.1009 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{A6961DC0-8F0E-4593-B336-FD3E7F27999C}) (Version: 16.8.4.1011 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5a64c890-83f9-4399-b0c9-5e9a80890fdd}) (Version: 21.40.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{68A981A0-ED59-41E0-B45E-7A78F643120D}) (Version: 21.40.1.3406 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IQmango DVD Ripper 4.5.4 (HKLM-x32\...\{86036AD1-2F62-4FC0-B83A-C6C9B1956DA6}_is1) (Version: 4.5.4 - cyan soft ltd)
iTunes (HKLM\...\{E42D1B4D-78C2-4144-8E4D-FA82C53B68A4}) (Version: 12.12.5.8 - Apple Inc.)
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\{8EA4CE61-2D79-40AE-BB6B-F241A53B5656}) (Version: 10.1.0.360 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{8EA4CE61-2D79-40AE-BB6B-F241A53B5656}) (Version: 10.1.0.360 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{820D9D71-B118-35C7-B5C5-D0D099BFB7E2}) (Version: 21.7.7.393 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{820D9D71-B118-35C7-B5C5-D0D099BFB7E2}) (Version: 21.7.7.393 - Kaspersky)
LaserJet 1020 series (HKLM-x32\...\HP-LaserJet 1020 series) (Version:  - )
Logitech Unifying Software 2.52 (HKLM\...\Logitech Unifying) (Version: 2.52.33 - Logitech)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM-x32\...\{df65a075-27e0-4afc-baea-ecaadef7b85c}) (Version: 6.0.8.31513 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Famille et Petite Entreprise 2016 - fr-fr (HKLM\...\HomeBusinessRetail - fr-fr) (Version: 16.0.15601.20148 - Microsoft Corporation)
Microsoft Office Hogar y Empresas 2016 - es-es (HKLM\...\HomeBusinessRetail - es-es) (Version: 16.0.15601.20148 - Microsoft Corporation)
Microsoft Office Home and Business 2016 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 16.0.15601.20148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\OneDriveSetup.exe) (Version: 22.176.0821.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 105.0 (x64 en-US)) (Version: 105.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{3514220a-de26-4b4c-bb10-666544ecbc02}) (Version:  - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.73 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.0.15.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Plex (HKLM-x32\...\Plex) (Version: 1.8.2 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{1DA14DB5-1E2D-4508-B0D6-A9B73CAD069A}) (Version: 1.19.5112 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{4c1641fa-1324-437a-926a-8926e456a904}) (Version: 1.19.5.3112 - Plex, Inc.)
Pretty Good Solitaire version 12.4.0 (HKLM-x32\...\Pretty Good Solitaire_is1) (Version: 12.4.0 - Goodsol Development Inc.)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Security Innovation TSS (HKLM\...\{0C11FE22-53F2-4C9B-9E79-824B10D0976E}) (Version: 2.1.42 - Security Innovation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Stopping Plex (HKLM-x32\...\{5F0F3F66-E47A-462C-90D5-345917DACD3C}) (Version: 1.19.5112 - Plex, Inc.) Hidden
TeamViewer (HKLM\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD Backup (HKLM-x32\...\{2d518703-86c4-46c8-99c1-f3789dd3ecd0}) (Version: 1.9.7435.38388 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{5491B486-8812-4202-AB8C-865AB636ACF0}) (Version: 1.9.7435.38388 - Western Digital Technologies, Inc) Hidden
WD Desktop App 2.1.0.329 (HKLM-x32\...\{0ae8a965-eef9-4710-8f82-6a6051bfbb72}) (Version: 2.1.0.329 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.329 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.329 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.3.385 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{1DFE86C7-1DD2-4843-963F-E0145CE007E1}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{9254284c-bbea-4d1a-8eb1-e0314ae75b0e}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{3014bd63-c388-4f5c-8fb5-d45d99b75f0e}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD Security (HKLM-x32\...\{a27f2c1a-95e0-4913-86ae-22e999f5e37d}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A5310C34-ABA7-47BA-89A7-2CE2917BA9D6}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (08/10/2017 15.7.5.1025) (HKLM\...\FF1B55CEF8D39B696D1F5DF141ACFA7A5D1F2743) (Version: 08/10/2017 15.7.5.1025 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter  (08/10/2017 15.7.5.1025) (HKLM\...\6D773A6E21B2A480569157737F58E8FF7DC6608A) (Version: 08/10/2017 15.7.5.1025 - Intel Corporation)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\ZoomUMX) (Version: 5.11.1 (6602) - Zoom Video Communications, Inc.)
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-03-02] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
Colors of the Rainbow -> C:\Program Files\WindowsApps\Microsoft.ColorsoftheRainbow_1.0.0.0_neutral__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation)
CyberLink Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.CyberLinkMediaSuiteEssentials_1.0.10.0_x86__mcezb6ze687jp [2018-03-13] (CYBERLINK CORPORATION.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.11.20.0_x64__htrsf667h5kn2 [2022-06-28] (Dell Inc)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe [2022-02-17] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.6090.0_x64__8wekyb3d8bbwe [2022-07-21] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-10-07] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-08-30] (Adobe Systems Incorporated)
The Backgammon -> C:\Program Files\WindowsApps\6918E89D.TheBackgammon_1.2.10.0_x64__66n08swfvvka0 [2020-12-19] (UNBALANCE corp.) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-EBC3F2259B82} -> [Creative Cloud Files] => C:\Users\indre\Creative Cloud Files [2022-09-08 22:48]
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{115AF810-A46A-4043-AABB-5A8536D300D3}\InprocServer32 -> C:\Program Files\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll (Helios Software Solutions Ltd -> )
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\indre\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [          0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-09-09] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [          0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-09-09] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [          0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-09-09] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2021-05-21] () [File not signed] [File is in use]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-09-09] () [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {829157bc-9784-383a-94c4-ce328ec21648} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-09-09] () [File not signed]
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2021-05-21] () [File not signed] [File is in use]
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-09-09] () [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {829157bc-9784-383a-94c4-ce328ec21648} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxDTCM.dll [2020-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1_S-1-5-21-1593158232-969496310-2340663774-1001: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => C:\Program Files\TextPad 8\System\ShellExt64.dll [2016-02-28] (Helios Software Solutions Ltd -> )
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-01-08 22:13 - 2019-06-20 22:12 - 000075264 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libgcc_s_seh-1.dll
2021-01-08 22:13 - 2019-06-20 22:12 - 001430016 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libstdc++-6.dll
2021-01-08 22:13 - 2019-06-20 22:17 - 000215040 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libupnp.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 005034496 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2022-08-30 02:13 - 2022-08-30 02:13 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2022-08-30 02:13 - 2022-08-30 02:13 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2022-08-30 02:13 - 2022-08-30 02:13 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2021-07-26 02:54 - 2021-07-26 02:54 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2021-04-26 13:12 - 2021-04-26 13:12 - 000192000 _____ (Andrew Arnott) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\Nerdbank.Streams.dll
2022-06-21 15:40 - 2022-06-21 15:40 - 000129024 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DiagsHelper.dll
2022-06-21 15:41 - 2022-06-21 15:41 - 000031744 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.AutoUpdateUtilities.dll
2022-06-21 15:40 - 2022-06-21 15:40 - 000012288 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DownloadManager.dll
2022-06-21 15:41 - 2022-06-21 15:41 - 000012800 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DriverProcessor.dll
2022-06-21 15:43 - 2022-06-21 15:43 - 000012288 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.WebServiceInfrastructure.dll
2022-02-08 00:12 - 2020-04-02 12:15 - 002266624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\indre\AppData\Local\Amazon Music\QtCore4.dll
2022-02-08 00:12 - 2020-04-02 12:25 - 006267392 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\indre\AppData\Local\Amazon Music\QtGui4.dll
2022-02-08 00:12 - 2020-04-02 12:16 - 000802816 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\indre\AppData\Local\Amazon Music\QtNetwork4.dll
2021-01-08 22:13 - 2020-04-01 07:41 - 015414272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avcodec-58.dll
2021-01-08 22:13 - 2020-04-01 07:41 - 003311616 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avformat-58.dll
2021-01-08 22:13 - 2020-04-01 07:41 - 000690688 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avutil-56.dll
2021-01-08 22:13 - 2020-04-01 07:41 - 000126464 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\swresample-3.dll
2021-01-08 22:13 - 2020-04-01 07:41 - 000544256 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\swscale-5.dll
2021-05-21 15:43 - 2021-05-21 15:43 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2022-02-20 06:42 - 2022-02-20 06:42 - 004451328 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\NHibernate.dll
2021-01-08 22:13 - 2019-06-20 22:16 - 000082944 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\pthreadVC2.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 000874496 _____ (Pro-Softnet Corporation, U.S.A) [File not signed] C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 001663488 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\IDriveWindows\SQLite.Interop.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000169984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libvlc.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 002197504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libvlccore.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_concat_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000051200 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_imem_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000084992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_mms_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000123392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_realrtsp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_wasapi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libattachment_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000175104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libcdda_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000286720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdshow_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000284160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdtv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000270336 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdnav_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000180224 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdread_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libfilesystem_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000105984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libftp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000053760 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libhttp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000135168 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libhttps_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libidummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libimem_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 002432512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblibbluray_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000791040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblive555_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000188928 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libnfs_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000653312 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\librtp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000053760 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsatip_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libscreen_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsdp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000832000 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsftp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libshm_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsmb_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libtcp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000043008 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libtimecode_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libudp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000086016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvcd_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000084480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvdr_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 002146816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvnc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_dummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_file_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_http_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000657920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_livehttp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000443392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_shout_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_udp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudio_format_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000048640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudiobargraph_a_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libchorus_flanger_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libcompressor_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000060416 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libequalizer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libgain_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libkaraoke_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000149504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmad_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmono_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libnormvol_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libparam_eq_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000025600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libremap_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 001500160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsamplerate_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000032768 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_pitch_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 001048064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspatialaudio_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000093696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspatializer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspeex_resampler_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libstereo_widen_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtospdif_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libugly_resampler_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libfloat_mixer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libinteger_mixer_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libadummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libafile_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libamem_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000039936 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libdirectsound_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000047104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libmmdevice_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwasapi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwaveout_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000088064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liba52_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libadpcm_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaes3_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 007614976 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaom_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaraw_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 026777088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libavcodec_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000068096 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcdg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000101376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcrystalhd_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcvdsub_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000259584 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libd3d11va_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 001253888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdav1d_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000191488 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdca_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000042496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libddummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdmo_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000089088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdvbsub_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000218112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdxva2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libedummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000280064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfaad_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000429056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libflac_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000311296 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfluidsynth_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libg711_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000220160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libjpeg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000075264 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libkate_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 002533376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibass_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000125952 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibmpeg2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblpcm_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000117248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmft_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000333824 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmpg123_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liboggspots_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000328704 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libopus_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000184320 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libqsv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librawvideo_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librtpvideo_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 001435648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libschroedinger_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libscte18_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libscte27_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000671744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsdl_image_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspdif_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000145408 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspeex_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspudec_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libstl_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000055808 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubsdec_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubstx3g_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000031744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubsusf_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsvcdsub_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libt140_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtextst_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000315392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtheora_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000101376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libttml_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000138240 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtwolame_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:01 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libuleaddvaudio_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000765440 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvorbis_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 003690496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvpx_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000167424 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libwebvtt_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001010176 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libx264_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 004764160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libx265_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001494016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libzvbi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libdummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libgestures_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000064512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libhotkeys_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libnetsync_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libntservice_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000073728 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\liboldrc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libwin_hotkeys_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libwin_msg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000192512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\d3d11\libdirect3d11_filters_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000142848 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\d3d9\libdirect3d9_filters_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 002265600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libadaptive_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libaiff_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000097792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libasf_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libau_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000113664 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libavi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libcaf_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_cdg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000088064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_chromecast_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_stl_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemuxdump_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdiracsys_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdirectory_demux_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libes_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000094720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libflacsys_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000356352 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libgme_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000124416 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libh26x_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libimage_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000025600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmjpeg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001723392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmkv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000296960 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmp4_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000085504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpgv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnoseek_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000056832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnsc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnsv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnuv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000323584 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libogg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000149504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libplaylist_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libps_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libpva_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawaud_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawdv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawvid_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000039936 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libreal_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001231872 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsid_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsmf_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000098304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsubtitle_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000304640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libts_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libtta_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000040960 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libty_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvc1_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000085504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvobsub_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvoc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libwav_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libxa_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000049152 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\keystore\libfile_keystore_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\keystore\libmemory_keystore_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\logger\libconsole_logger_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000044544 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\logger\libfile_logger_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000041984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libfolder_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001478656 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libtaglib_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000086016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaddonsfsstorage_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000078848 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaddonsvorepository_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000054784 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaudioscrobbler_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000050688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libexport_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000061440 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libfingerprinter_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001379328 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libgnutls_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\liblogger_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libstats_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000100352 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libvod_rtsp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001485312 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libxml_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000051712 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_asf_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_avi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_dummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000227840 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_mp4_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_mpjpeg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000073728 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ogg_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000069632 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ps_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000144384 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ts_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_wav_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000030208 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_a52_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000043008 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_av1_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_copy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dirac_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dts_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_flac_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000153088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_h264_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000116224 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_hevc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mlp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000070656 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000033792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000033792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000040448 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_vc1_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libmediadirs_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libpodcast_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000132608 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libsap_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000437248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libupnp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libwindrive_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libaudiobargraph_v_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\liblogo_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libmarq_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libmosaic_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000663552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libremoteosd_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000053248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\librss_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000031744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libsubsdelay_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000400896 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_extractor\libarchive_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libadf_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000047104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libaribcam_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libcache_block_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libcache_read_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000059392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libhds_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libinflate_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libprefetch_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\librecord_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libskiptags_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_autodel_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000048640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_bridge_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001233920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_chromaprint_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001088000 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_chromecast_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_cycle_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_delay_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_description_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_display_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_dummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000075776 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_duplicate_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_es_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_gather_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000052736 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_record_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000773632 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_rtp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_setid_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_smem_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000050688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_standard_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_stats_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000049664 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_transcode_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 002077696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libfreetype_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libsapi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000017920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libtdummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000046592 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libchain_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libgrey_yuv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000109056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_10_p010_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000111616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_nv12_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000059904 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000120832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000035840 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_i420_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000029696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\librv32_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000821248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libswscale_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuvp_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i420_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i422_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000074752 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libadjust_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libalphamask_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libanaglyph_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libantiflicker_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000039424 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libball_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000166912 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libblend_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libblendbench_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libbluescreen_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcanvas_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcolorthres_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcroppadd_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000136704 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libdeinterlace_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libedgedetection_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\liberase_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libextract_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libfps_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libfreeze_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgaussianblur_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgradfun_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000042496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgradient_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000034304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgrain_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000031232 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libhqdn3d_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libinvert_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmagnify_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000034304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmirror_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmotionblur_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmotiondetect_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\liboldmovie_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libposterize_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000121856 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpostproc_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpsychedelic_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000089088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpuzzle_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libripple_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000062464 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\librotate_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscale_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscene_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libsepia_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libsharpen_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000035328 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libtransform_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libvhs_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libwave_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000818688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libcaca_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000346624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d11_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000268288 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d9_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000246272 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirectdraw_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdrawable_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000044544 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libflaschen_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000094720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libgl_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000304640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libglwin32_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libvdummy_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libvmem_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000096768 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwgl_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000230400 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwingdi_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwinhibit_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libyuv_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libclone_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libpanoramix_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000058880 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libwall_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000038400 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libglspectrum_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000208384 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libgoom_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 001702912 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libprojectm_plugin.dll
2021-01-08 22:13 - 2020-06-03 22:02 - 000056832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libvisual_plugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> DefaultScope {97FF47F7-FF6D-4CCE-B19F-284086150FBF} URL = 
SearchScopes: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> {97FF47F7-FF6D-4CCE-B19F-284086150FBF} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2}' -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2}' -> No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Filler Evaluation\CPFillerCoE.dll [2014-03-27] (Acro Software Inc. -> Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  No File
Toolbar: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  No File
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://meetny.webex.com/client/WBXclient-T30L10NSP6EP6-20000/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\webcompanion.com -> hxxp://webcompanion.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 03:24 - 2019-01-10 23:55 - 000002507 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\indre\Pictures\My Pictures\New Panthers 061619\new babies (2).JPG
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\StartupApproved\Run: => "GarminExpress"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C620C6DC-9A72-4BF1-B267-DB7AE08A3DD0}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{6BC7D328-6FE1-4391-822C-7CD587FF3C47}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{362AE850-004B-4E3D-A1F0-63C9D9DE46A0}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{EC993133-439F-45E9-9CED-18A966CB5D03}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{F26FF42A-FABC-4237-AF27-9A74BAD6E0C7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B71B19F6-E012-4D87-BC64-170CDB9AE748}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FF6FAF1B-3C9B-4453-9D51-82A62172D810}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A551C3A-B926-43D8-9A75-06A3CEEB5AAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{AD297B5D-2C9A-4E26-9193-5DEFE2B8D5DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{6CC73312-41C6-4002-A0B0-4F73A84DBE2F}] => (Allow) LPort=8888
FirewallRules: [{277A97E1-8E11-4C68-985D-B7CC9AFC4A42}] => (Allow) LPort=8888
FirewallRules: [{B768845C-68FA-4F5D-8CB0-8915F5518FBE}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [TCP Query User{56C4283E-A791-4CBC-9F68-AC60C8E0C7B4}C:\users\indre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{1DC4DC8A-7F42-44CE-9FE4-78B806402CE0}C:\users\indre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{3E499D19-4DBA-4DEF-8CF8-19DA405CDB89}] => (Block) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{69A76876-400F-4C97-9AC9-188D74D4DEA6}] => (Block) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{FE7FEA92-FE61-4E07-AB28-B07698433507}] => (Allow) LPort=8889
FirewallRules: [{DED84BE3-3BD6-4E0D-A420-B30E49FC626F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{56381F91-7873-4CEA-8ABE-E10213107A2E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D9EE57A0-5523-4DA8-9EC9-6CBF39C32A11}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [UDP Query User{197FA23F-71D6-465A-83BB-23D60DC347BE}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [TCP Query User{79063D85-DE36-4C34-B5E6-783F52C6F06C}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe (Digiarty Software, Inc. -> )
FirewallRules: [UDP Query User{3914E5C9-71B6-4184-8EA6-A15B1071F3C4}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe (Digiarty Software, Inc. -> )
FirewallRules: [{ED8636A9-B3C5-4BC8-B266-C93C0B01F6C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64D73266-73FE-4F51-B801-33D712966109}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3E19432F-99CA-4E4E-A82C-5C37780343A0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{786AB687-DB7D-49D3-9014-3C63076A3EBA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E4CD8501-48A9-4B64-9EA2-E666F51D49C7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{15DAFF22-B96C-45D9-A3E4-5744AEC15E70}] => (Allow) C:\Users\indre\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EFC3F55B-34D2-4129-B3C2-279C84877515}] => (Allow) C:\Users\indre\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4168DDF1-1D2A-45E6-8F11-795F91217C74}] => (Allow) C:\Users\indre\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{73B43B08-0778-4694-A364-39426B481EC9}] => (Allow) C:\Program Files (x86)\Sidify\Sidify Apple Music Converter Free\Sidify Apple Music Converter Free.exe.exe => No File
FirewallRules: [{95574978-ECB0-4573-B108-064973B3DB5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{70D9CBF8-3A70-4B0B-85CD-8F9E7BB76335}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55FAA614-9866-4BFE-9FEC-394F0ADF9873}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{362225BF-9BD0-4D18-B255-6625D9FFC79F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3469E87-93E4-4C30-9500-64C84FF3627A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA607599-92CC-4101-824E-9F0DC5ACEA7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D95E075C-D7C7-46C3-85B0-0979AD6968DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{636885FE-56DD-4363-A755-C33E15FA68F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03C27E0F-D81E-4D7A-A2F4-A8D10A329C63}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB64EA8E-60D5-47A9-AFF5-A60FFD5146F8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9385E613-7436-4EF9-8AA3-E829F36C0A45}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
20-09-2022 20:09:58 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Kaspersky VPN
Description: Kaspersky VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky VPN Provider
Service: kltun
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/21/2022 05:59:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:58:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:57:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:56:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:55:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:54:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:53:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
Error: (09/21/2022 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service 5KPlayer-DESKTOP-EL88UDV._airplay._tcp.local. port 8080.
 
 
System errors:
=============
Error: (09/21/2022 05:40:13 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-EL88UDV)
Description: DCOM got error "2" attempting to start the service LMS with arguments "Unavailable" in order to run the server:
{80C25488-192B-4DE2-8150-5B2D2A2F835E}
 
Error: (09/21/2022 05:40:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (09/21/2022 04:55:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-EL88UDV)
Description: DCOM got error "2" attempting to start the service LMS with arguments "Unavailable" in order to run the server:
{80C25488-192B-4DE2-8150-5B2D2A2F835E}
 
Error: (09/21/2022 04:55:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (09/21/2022 04:51:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (09/21/2022 04:07:30 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-EL88UDV)
Description: DCOM got error "2" attempting to start the service LMS with arguments "Unavailable" in order to run the server:
{80C25488-192B-4DE2-8150-5B2D2A2F835E}
 
Error: (09/21/2022 04:07:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (09/21/2022 04:03:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error: 
The system cannot find the file specified.
 
 
Windows Defender:
================
Date: 2022-09-21 15:51:05
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-09-21 15:40:18
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-09-21 15:04:45
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-09-21 13:26:22
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-09-21 12:52:02
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-09-21 16:53:59
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2022-09-21 16:48:00
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.12.2 03/04/2020
Motherboard: Dell Inc. 0X2MKR
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 82%
Total physical RAM: 7888.79 MB
Available physical RAM: 1348.92 MB
Total Virtual: 16080.79 MB
Available Virtual: 8171.38 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:224.66 GB) (Free:79.63 GB) (Model: THNSN5256GPU7 NVMe TOSHIBA 256GB) NTFS
Drive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1722.86 GB) (Model: WD My Passport 25E1 USB Device) NTFS
 
\\?\Volume{9418ee22-8e7f-4668-b204-a94b09d00e55}\ () (Fixed) (Total:0.51 GB) (Free:0.06 GB) NTFS
\\?\Volume{616afac5-ee60-493d-8f6b-5152f9f29468}\ (Image) (Fixed) (Total:12.69 GB) (Free:0.63 GB) NTFS
\\?\Volume{dbd7410f-196c-49b5-bb90-bbf877a175c2}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4FCEFFCB)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 93BB7254)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

Will I be able to find this thread when you move it to the Malware area?

Many thanks for all your help!!!

  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
Do you need the 5Kplayer?  It seems to be loading a lot of files.
 
Download the attached fixlist.txt to the same location as FRST
 
 
Attached File  fixlist.txt   3.86KB   105 downloads
Run FRST and press Fix
Should take about 30 minutes since we are testing a bunch of system files to make sure they haven't been messed with.  Be patient.
 
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.  Don't know if the fix list will do any good but shouldn't hurt.  I am removing some policies which look odd but for all I know they may have been put there by Kaspersky.  Make sure you post the fixlog as it may have some useful info.
 
When you tried to disable the Kaspersky firewall did you look in Kasperky's settings or in Windows?  This feels like a firewall blocking access to google.com or blocking Chrome.
 
 
 
 
 
 

  • 0

#19
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

I uninstalled the 5K Player. To be honest, I'm not sure when or why I downloaded it.

I'm going to run the fix and then post the log for you.

When I disabled the Kaspersky and Windows firewalls, I didn't really know what to look for--I just disabled them all. Let's see what this Fix does and then go from there.

I'm so grateful for all your help!

 


  • 0

#20
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

Here's the Fix Log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by indre (21-09-2022 20:17:31) Run:1
Running from C:\Users\indre\Desktop
Loaded Profiles: indre
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
Task: {57DABF48-DFC7-400C-B29B-492FF8550638} - System32\Tasks\SensorFramework-LogonTask-{100ee514-48c8-f419-6760-6fb8cb2767cd} => C:\Program Files (x86)\Microsoft Intune Management Extension\SensorLogonTask.exe SensorFramework-LogonTask-{100ee514-48c8-f419-6760-6fb8cb2767cd} (No File)
Task: {D4C22D3B-F5CF-463E-9D7D-3DF2048566BE} - System32\Tasks\Run Dashboardindre => C:\Program Files (x86)\Western Digital\SSD Dashboard\Dashboard.exe (No File)
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\indre\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [TCP Query User{56C4283E-A791-4CBC-9F68-AC60C8E0C7B4}C:\users\indre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{1DC4DC8A-7F42-44CE-9FE4-78B806402CE0}C:\users\indre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{3E499D19-4DBA-4DEF-8CF8-19DA405CDB89}] => (Block) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{69A76876-400F-4C97-9AC9-188D74D4DEA6}] => (Block) C:\users\indre\appdata\roaming\spotify\spotify.exe => No File
CMD: ping google.com
CMD: tracert -d google.com
CMD: netstat -rn
CMD: ipconfig /all
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************

HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57DABF48-DFC7-400C-B29B-492FF8550638}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57DABF48-DFC7-400C-B29B-492FF8550638}" => removed successfully
C:\WINDOWS\System32\Tasks\SensorFramework-LogonTask-{100ee514-48c8-f419-6760-6fb8cb2767cd} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SensorFramework-LogonTask-{100ee514-48c8-f419-6760-6fb8cb2767cd}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D4C22D3B-F5CF-463E-9D7D-3DF2048566BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4C22D3B-F5CF-463E-9D7D-3DF2048566BE}" => removed successfully
C:\WINDOWS\System32\Tasks\Run Dashboardindre => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run Dashboardindre" => removed successfully
HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{56C4283E-A791-4CBC-9F68-AC60C8E0C7B4}C:\users\indre\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1DC4DC8A-7F42-44CE-9FE4-78B806402CE0}C:\users\indre\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E499D19-4DBA-4DEF-8CF8-19DA405CDB89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69A76876-400F-4C97-9AC9-188D74D4DEA6}" => removed successfully

========= ping google.com =========


Pinging google.com [142.250.80.46] with 32 bytes of data:
Reply from 142.250.80.46: bytes=32 time=3ms TTL=117
Reply from 142.250.80.46: bytes=32 time=4ms TTL=117
Reply from 142.250.80.46: bytes=32 time=6ms TTL=117
Reply from 142.250.80.46: bytes=32 time=5ms TTL=117

Ping statistics for 142.250.80.46:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 6ms, Average = 4ms

========= End of CMD: =========


========= tracert -d google.com =========


Tracing route to google.com [142.250.80.46]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     2 ms     3 ms     2 ms  142.250.80.46

Trace complete.

========= End of CMD: =========


========= netstat -rn =========

===========================================================================
Interface List
  6...00 ff 2c 60 4c 1e ......TAP-NordVPN Windows Adapter V9
 13...f4 8e 38 d4 eb b9 ......Intel® Ethernet Connection (2) I219-LM
 21...e4 a4 71 92 dd 17 ......Intel® Dual Band Wireless-AC 8260
  4...e4 a4 71 92 dd 18 ......Microsoft Wi-Fi Direct Virtual Adapter
 12...e6 a4 71 92 dd 17 ......Microsoft Wi-Fi Direct Virtual Adapter #2
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.151     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link     192.168.1.151    281
    192.168.1.151  255.255.255.255         On-link     192.168.1.151    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.151    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.151    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.151    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
 13    281 fe80::/64                On-link
 13    281 fe80::4a8:d0f6:2a71:9c9c/128
                                    On-link
  1    331 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========= End of CMD: =========


========= ipconfig /all =========


Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-EL88UDV
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : fios-router.home

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-NordVPN Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-2C-60-4C-1E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : fios-router.home
   Description . . . . . . . . . . . : Intel® Ethernet Connection (2) I219-LM
   Physical Address. . . . . . . . . : F4-8E-38-D4-EB-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4a8:d0f6:2a71:9c9c%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.151(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 21, 2022 8:14:45 PM
   Lease Expires . . . . . . . . . . : Thursday, September 22, 2022 8:14:45 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 687115832
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3C-20-25-F4-8E-38-D4-EB-B9
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       fios-router.home

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : fios-router.home
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 8260
   Physical Address. . . . . . . . . : E4-A4-71-92-DD-17
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : E4-A4-71-92-DD-18
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : E6-A4-71-92-DD-17
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

========= End of CMD: =========


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19044.2075


[==                         3.8%                           ]

[==                         3.9%                           ]

[==                         4.1%                           ]

[==                         4.5%                           ]

[==                         4.9%                           ]

[===                        5.2%                           ]

[===                        5.6%                           ]

[===                        5.9%                           ]

[===                        6.1%                           ]

[===                        6.6%                           ]

[====                       7.3%                           ]

[====                       7.8%                           ]

[====                       8.1%                           ]

[====                       8.2%                           ]

[=====                      8.9%                           ]

[=====                      9.5%                           ]

[=====                      10.0%                          ]

[=====                      10.3%                          ]

[======                     10.9%                          ]

[======                     11.2%                          ]

[======                     11.6%                          ]

[======                     12.0%                          ]

[=======                    12.5%                          ]

[=======                    13.0%                          ]

[=======                    13.3%                          ]

[=======                    13.4%                          ]

[=======                    13.6%                          ]

[========                   13.9%                          ]

[========                   14.3%                          ]

[========                   14.8%                          ]

[========                   15.2%                          ]

[=========                  15.8%                          ]

[=========                  16.2%                          ]

[=========                  16.8%                          ]

[==========                 17.7%                          ]

[==========                 18.7%                          ]

[===========                19.7%                          ]

[===========                20.7%                          ]

[============               21.4%                          ]

[============               22.2%                          ]

[=============              23.1%                          ]

[=============              24.1%                          ]

[==============             24.8%                          ]

[==============             25.5%                          ]

[==============             25.7%                          ]

[===============            26.1%                          ]

[===============            26.6%                          ]

[===============            26.9%                          ]

[===============            27.0%                          ]

[===============            27.1%                          ]

[===============            27.2%                          ]

[================           27.7%                          ]

[================           28.3%                          ]

[================           28.9%                          ]

[=================          29.8%                          ]

[=================          30.6%                          ]

[=================          30.9%                          ]

[==================         31.8%                          ]

[==================         32.0%                          ]

[==================         32.3%                          ]

[===================        32.8%                          ]

[===================        33.0%                          ]

[===================        33.6%                          ]

[===================        34.0%                          ]

[===================        34.3%                          ]

[====================       34.7%                          ]

[====================       34.9%                          ]

[====================       35.2%                          ]

[====================       35.8%                          ]

[=====================      36.4%                          ]

[=====================      36.5%                          ]

[=====================      36.8%                          ]

[=====================      37.6%                          ]

[=====================      37.7%                          ]

[=====================      37.9%                          ]

[======================     38.1%                          ]

[======================     38.2%                          ]

[======================     38.3%                          ]

[======================     38.5%                          ]

[======================     38.5%                          ]

[======================     38.6%                          ]

[======================     38.8%                          ]

[======================     39.0%                          ]

[======================     39.2%                          ]

[======================     39.2%                          ]

[======================     39.3%                          ]

[======================     39.3%                          ]

[======================     39.5%                          ]

[======================     39.6%                          ]

[=======================    39.8%                          ]

[=======================    39.8%                          ]

[=======================    40.2%                          ]

[=======================    40.5%                          ]

[=======================    40.7%                          ]

[=======================    40.7%                          ]

[=======================    40.8%                          ]

[=======================    40.8%                          ]

[=======================    41.0%                          ]

[=======================    41.1%                          ]

[=======================    41.2%                          ]

[=======================    41.4%                          ]

[=======================    41.4%                          ]

[========================   41.6%                          ]

[========================   41.7%                          ]

[========================   41.7%                          ]

[========================   41.7%                          ]

[========================   41.8%                          ]

[========================   41.9%                          ]

[========================   42.2%                          ]

[========================   42.3%                          ]

[========================   42.6%                          ]

[========================   42.8%                          ]

[========================   43.0%                          ]

[=========================  43.2%                          ]

[=========================  43.5%                          ]

[=========================  43.5%                          ]

[=========================  43.8%                          ]

[=========================  43.9%                          ]

[=========================  44.0%                          ]

[=========================  44.1%                          ]

[=========================  44.1%                          ]

[=========================  44.4%                          ]

[=========================  44.5%                          ]

[========================== 44.8%                          ]

[========================== 45.0%                          ]

[========================== 45.2%                          ]

[========================== 45.4%                          ]

[========================== 45.6%                          ]

[========================== 45.7%                          ]

[========================== 46.0%                          ]

[========================== 46.1%                          ]

[========================== 46.3%                          ]

[========================== 46.4%                          ]

[===========================46.7%                          ]

[===========================46.9%                          ]

[===========================47.1%                          ]

[===========================47.2%                          ]

[===========================47.3%                          ]

[===========================47.5%                          ]

[===========================47.7%                          ]

[===========================48.0%                          ]

[===========================48.1%                          ]

[===========================48.2%                          ]

[===========================48.5%                          ]

[===========================48.8%                          ]

[===========================49.2%                          ]

[===========================49.5%                          ]

[===========================49.7%                          ]

[===========================50.0%                          ]

[===========================50.3%                          ]

[===========================50.6%                          ]

[===========================50.9%                          ]

[===========================51.3%                          ]

[===========================51.7%                          ]

[===========================51.8%                          ]

[===========================52.2%                          ]

[===========================52.3%                          ]

[===========================52.3%                          ]

[===========================52.4%                          ]

[===========================52.4%                          ]

[===========================52.4%                          ]

[===========================52.5%                          ]

[===========================52.5%                          ]

[===========================52.5%                          ]

[===========================52.6%                          ]

[===========================52.7%                          ]

[===========================52.7%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.9%                          ]

[===========================52.9%                          ]

[===========================52.9%                          ]

[===========================53.0%                          ]

[===========================53.0%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.2%                          ]

[===========================53.2%                          ]

[===========================53.3%                          ]

[===========================53.3%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.5%                          ]

[===========================53.6%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.8%                          ]

[===========================53.8%                          ]

[===========================53.9%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.1%                          ]

[===========================54.1%                          ]

[===========================54.2%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.4%                          ]

[===========================54.4%                          ]

[===========================54.4%                          ]

[===========================54.5%                          ]

[===========================54.5%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.8%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================55.1%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.3%                          ]

[===========================55.3%                          ]

[===========================55.4%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.6%                          ]

[===========================55.6%                          ]

[===========================55.6%                          ]

[===========================55.7%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.9%                          ]

[===========================55.9%                          ]

[===========================56.0%                          ]

[===========================56.0%                          ]

[===========================56.1%                          ]

[===========================56.1%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.4%                          ]

[===========================56.6%                          ]

[===========================56.8%                          ]

[===========================56.9%=                         ]

[===========================57.0%=                         ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.2%=                         ]

[===========================57.4%=                         ]

[===========================57.7%=                         ]

[===========================58.0%=                         ]

[===========================58.0%=                         ]

[===========================58.0%=                         ]

[===========================59.0%==                        ]

[===========================59.5%==                        ]

[===========================59.8%==                        ]

[===========================60.1%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


========= SFC /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.


========= End of CMD: =========


========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========

2022-09-21 20:33:19, Info                  CSI    00000011 [SR] Verifying 100 components
2022-09-21 20:33:19, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:19, Info                  CSI    00000013 [SR] Verify complete
2022-09-21 20:33:19, Info                  CSI    00000014 [SR] Verifying 100 components
2022-09-21 20:33:19, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:19, Info                  CSI    00000016 [SR] Verify complete
2022-09-21 20:33:19, Info                  CSI    00000017 [SR] Verifying 100 components
2022-09-21 20:33:19, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:19, Info                  CSI    00000019 [SR] Verify complete
2022-09-21 20:33:19, Info                  CSI    0000001a [SR] Verifying 100 components
2022-09-21 20:33:19, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:20, Info                  CSI    0000001c [SR] Verify complete
2022-09-21 20:33:20, Info                  CSI    0000001d [SR] Verifying 100 components
2022-09-21 20:33:20, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:20, Info                  CSI    0000001f [SR] Verify complete
2022-09-21 20:33:20, Info                  CSI    00000020 [SR] Verifying 100 components
2022-09-21 20:33:20, Info                  CSI    00000021 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:20, Info                  CSI    00000022 [SR] Verify complete
2022-09-21 20:33:20, Info                  CSI    00000023 [SR] Verifying 100 components
2022-09-21 20:33:20, Info                  CSI    00000024 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:21, Info                  CSI    00000025 [SR] Verify complete
2022-09-21 20:33:21, Info                  CSI    00000026 [SR] Verifying 100 components
2022-09-21 20:33:21, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:22, Info                  CSI    00000028 [SR] Verify complete
2022-09-21 20:33:22, Info                  CSI    00000029 [SR] Verifying 100 components
2022-09-21 20:33:22, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:22, Info                  CSI    0000002b [SR] Verify complete
2022-09-21 20:33:22, Info                  CSI    0000002c [SR] Verifying 100 components
2022-09-21 20:33:22, Info                  CSI    0000002d [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:24, Info                  CSI    0000002e [SR] Verify complete
2022-09-21 20:33:24, Info                  CSI    0000002f [SR] Verifying 100 components
2022-09-21 20:33:24, Info                  CSI    00000030 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:25, Info                  CSI    00000031 [SR] Verify complete
2022-09-21 20:33:25, Info                  CSI    00000032 [SR] Verifying 100 components
2022-09-21 20:33:25, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:32, Info                  CSI    00000034 [SR] Verify complete
2022-09-21 20:33:32, Info                  CSI    00000035 [SR] Verifying 100 components
2022-09-21 20:33:32, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:33, Info                  CSI    00000037 [SR] Verify complete
2022-09-21 20:33:33, Info                  CSI    00000038 [SR] Verifying 100 components
2022-09-21 20:33:33, Info                  CSI    00000039 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:33, Info                  CSI    0000003a [SR] Verify complete
2022-09-21 20:33:33, Info                  CSI    0000003b [SR] Verifying 100 components
2022-09-21 20:33:33, Info                  CSI    0000003c [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:34, Info                  CSI    0000003d [SR] Verify complete
2022-09-21 20:33:34, Info                  CSI    0000003e [SR] Verifying 100 components
2022-09-21 20:33:34, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:35, Info                  CSI    00000041 [SR] Verify complete
2022-09-21 20:33:35, Info                  CSI    00000042 [SR] Verifying 100 components
2022-09-21 20:33:35, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:35, Info                  CSI    00000044 [SR] Verify complete
2022-09-21 20:33:36, Info                  CSI    00000045 [SR] Verifying 100 components
2022-09-21 20:33:36, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:36, Info                  CSI    00000047 [SR] Verify complete
2022-09-21 20:33:36, Info                  CSI    00000048 [SR] Verifying 100 components
2022-09-21 20:33:36, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:37, Info                  CSI    0000004a [SR] Verify complete
2022-09-21 20:33:37, Info                  CSI    0000004b [SR] Verifying 100 components
2022-09-21 20:33:37, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:38, Info                  CSI    0000004d [SR] Verify complete
2022-09-21 20:33:38, Info                  CSI    0000004e [SR] Verifying 100 components
2022-09-21 20:33:38, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:39, Info                  CSI    00000050 [SR] Verify complete
2022-09-21 20:33:39, Info                  CSI    00000051 [SR] Verifying 100 components
2022-09-21 20:33:39, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:40, Info                  CSI    00000053 [SR] Verify complete
2022-09-21 20:33:40, Info                  CSI    00000054 [SR] Verifying 100 components
2022-09-21 20:33:40, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:41, Info                  CSI    00000056 [SR] Verify complete
2022-09-21 20:33:41, Info                  CSI    00000057 [SR] Verifying 100 components
2022-09-21 20:33:41, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:42, Info                  CSI    00000059 [SR] Verify complete
2022-09-21 20:33:42, Info                  CSI    0000005a [SR] Verifying 100 components
2022-09-21 20:33:42, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:42, Info                  CSI    0000005c [SR] Verify complete
2022-09-21 20:33:42, Info                  CSI    0000005d [SR] Verifying 100 components
2022-09-21 20:33:42, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:43, Info                  CSI    0000005f [SR] Verify complete
2022-09-21 20:33:43, Info                  CSI    00000060 [SR] Verifying 100 components
2022-09-21 20:33:43, Info                  CSI    00000061 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:44, Info                  CSI    00000063 [SR] Verify complete
2022-09-21 20:33:44, Info                  CSI    00000064 [SR] Verifying 100 components
2022-09-21 20:33:44, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:45, Info                  CSI    00000066 [SR] Verify complete
2022-09-21 20:33:45, Info                  CSI    00000067 [SR] Verifying 100 components
2022-09-21 20:33:45, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:45, Info                  CSI    00000069 [SR] Verify complete
2022-09-21 20:33:45, Info                  CSI    0000006a [SR] Verifying 100 components
2022-09-21 20:33:45, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:46, Info                  CSI    0000006c [SR] Verify complete
2022-09-21 20:33:46, Info                  CSI    0000006d [SR] Verifying 100 components
2022-09-21 20:33:46, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:47, Info                  CSI    00000070 [SR] Verify complete
2022-09-21 20:33:47, Info                  CSI    00000071 [SR] Verifying 100 components
2022-09-21 20:33:47, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:47, Info                  CSI    00000073 [SR] Verify complete
2022-09-21 20:33:48, Info                  CSI    00000074 [SR] Verifying 100 components
2022-09-21 20:33:48, Info                  CSI    00000075 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:48, Info                  CSI    00000076 [SR] Verify complete
2022-09-21 20:33:48, Info                  CSI    00000077 [SR] Verifying 100 components
2022-09-21 20:33:48, Info                  CSI    00000078 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:48, Info                  CSI    00000079 [SR] Verify complete
2022-09-21 20:33:48, Info                  CSI    0000007a [SR] Verifying 100 components
2022-09-21 20:33:48, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:49, Info                  CSI    0000007c [SR] Verify complete
2022-09-21 20:33:49, Info                  CSI    0000007d [SR] Verifying 100 components
2022-09-21 20:33:49, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:50, Info                  CSI    0000007f [SR] Verify complete
2022-09-21 20:33:50, Info                  CSI    00000080 [SR] Verifying 100 components
2022-09-21 20:33:50, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:50, Info                  CSI    00000082 [SR] Verify complete
2022-09-21 20:33:50, Info                  CSI    00000083 [SR] Verifying 100 components
2022-09-21 20:33:50, Info                  CSI    00000084 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:51, Info                  CSI    00000085 [SR] Verify complete
2022-09-21 20:33:51, Info                  CSI    00000086 [SR] Verifying 100 components
2022-09-21 20:33:51, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:52, Info                  CSI    00000089 [SR] Verify complete
2022-09-21 20:33:53, Info                  CSI    0000008a [SR] Verifying 100 components
2022-09-21 20:33:53, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:54, Info                  CSI    0000008d [SR] Verify complete
2022-09-21 20:33:54, Info                  CSI    0000008e [SR] Verifying 100 components
2022-09-21 20:33:54, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:55, Info                  CSI    00000090 [SR] Verify complete
2022-09-21 20:33:55, Info                  CSI    00000091 [SR] Verifying 100 components
2022-09-21 20:33:55, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2022-09-21 20:33:57, Info                  CSI    00000096 [SR] Verify complete
2022-09-21 20:33:57, Info                  CSI    00000097 [SR] Verifying 100 components
2022-09-21 20:33:57, Info                  CSI    00000098 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:00, Info                  CSI    0000009c [SR] Verify complete
2022-09-21 20:34:00, Info                  CSI    0000009d [SR] Verifying 100 components
2022-09-21 20:34:00, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:01, Info                  CSI    000000a0 [SR] Verify complete
2022-09-21 20:34:01, Info                  CSI    000000a1 [SR] Verifying 100 components
2022-09-21 20:34:01, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:03, Info                  CSI    000000a4 [SR] Verify complete
2022-09-21 20:34:03, Info                  CSI    000000a5 [SR] Verifying 100 components
2022-09-21 20:34:03, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:04, Info                  CSI    000000a8 [SR] Verify complete
2022-09-21 20:34:04, Info                  CSI    000000a9 [SR] Verifying 100 components
2022-09-21 20:34:04, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:06, Info                  CSI    000000ac [SR] Verify complete
2022-09-21 20:34:06, Info                  CSI    000000ad [SR] Verifying 100 components
2022-09-21 20:34:06, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:06, Info                  CSI    000000af [SR] Verify complete
2022-09-21 20:34:06, Info                  CSI    000000b0 [SR] Verifying 100 components
2022-09-21 20:34:06, Info                  CSI    000000b1 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:07, Info                  CSI    000000b2 [SR] Verify complete
2022-09-21 20:34:07, Info                  CSI    000000b3 [SR] Verifying 100 components
2022-09-21 20:34:07, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:07, Info                  CSI    000000b5 [SR] Verify complete
2022-09-21 20:34:07, Info                  CSI    000000b6 [SR] Verifying 100 components
2022-09-21 20:34:07, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:09, Info                  CSI    000000b9 [SR] Verify complete
2022-09-21 20:34:09, Info                  CSI    000000ba [SR] Verifying 100 components
2022-09-21 20:34:09, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:10, Info                  CSI    000000be [SR] Verify complete
2022-09-21 20:34:11, Info                  CSI    000000bf [SR] Verifying 100 components
2022-09-21 20:34:11, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:11, Info                  CSI    000000c1 [SR] Verify complete
2022-09-21 20:34:11, Info                  CSI    000000c2 [SR] Verifying 100 components
2022-09-21 20:34:11, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:12, Info                  CSI    000000c4 [SR] Verify complete
2022-09-21 20:34:12, Info                  CSI    000000c5 [SR] Verifying 100 components
2022-09-21 20:34:12, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:13, Info                  CSI    000000c7 [SR] Verify complete
2022-09-21 20:34:13, Info                  CSI    000000c8 [SR] Verifying 100 components
2022-09-21 20:34:13, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:13, Info                  CSI    000000ca [SR] Verify complete
2022-09-21 20:34:13, Info                  CSI    000000cb [SR] Verifying 100 components
2022-09-21 20:34:13, Info                  CSI    000000cc [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:14, Info                  CSI    000000cd [SR] Verify complete
2022-09-21 20:34:14, Info                  CSI    000000ce [SR] Verifying 100 components
2022-09-21 20:34:14, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:15, Info                  CSI    000000d1 [SR] Verify complete
2022-09-21 20:34:15, Info                  CSI    000000d2 [SR] Verifying 100 components
2022-09-21 20:34:15, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:16, Info                  CSI    000000d5 [SR] Verify complete
2022-09-21 20:34:16, Info                  CSI    000000d6 [SR] Verifying 100 components
2022-09-21 20:34:16, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:18, Info                  CSI    000000da [SR] Verify complete
2022-09-21 20:34:18, Info                  CSI    000000db [SR] Verifying 100 components
2022-09-21 20:34:18, Info                  CSI    000000dc [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:19, Info                  CSI    000000dd [SR] Verify complete
2022-09-21 20:34:19, Info                  CSI    000000de [SR] Verifying 100 components
2022-09-21 20:34:19, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:19, Info                  CSI    000000e0 [SR] Verify complete
2022-09-21 20:34:19, Info                  CSI    000000e1 [SR] Verifying 100 components
2022-09-21 20:34:19, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:20, Info                  CSI    000000e3 [SR] Verify complete
2022-09-21 20:34:20, Info                  CSI    000000e4 [SR] Verifying 100 components
2022-09-21 20:34:20, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:21, Info                  CSI    000000e6 [SR] Verify complete
2022-09-21 20:34:21, Info                  CSI    000000e7 [SR] Verifying 100 components
2022-09-21 20:34:21, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:22, Info                  CSI    000000e9 [SR] Verify complete
2022-09-21 20:34:22, Info                  CSI    000000ea [SR] Verifying 100 components
2022-09-21 20:34:22, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:23, Info                  CSI    000000ec [SR] Verify complete
2022-09-21 20:34:23, Info                  CSI    000000ed [SR] Verifying 100 components
2022-09-21 20:34:23, Info                  CSI    000000ee [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:24, Info                  CSI    000000ef [SR] Verify complete
2022-09-21 20:34:24, Info                  CSI    000000f0 [SR] Verifying 100 components
2022-09-21 20:34:24, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:24, Info                  CSI    000000f2 [SR] Verify complete
2022-09-21 20:34:24, Info                  CSI    000000f3 [SR] Verifying 100 components
2022-09-21 20:34:24, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:25, Info                  CSI    000000f5 [SR] Verify complete
2022-09-21 20:34:25, Info                  CSI    000000f6 [SR] Verifying 100 components
2022-09-21 20:34:25, Info                  CSI    000000f7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:26, Info                  CSI    000000f8 [SR] Verify complete
2022-09-21 20:34:26, Info                  CSI    000000f9 [SR] Verifying 100 components
2022-09-21 20:34:26, Info                  CSI    000000fa [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:27, Info                  CSI    000000fb [SR] Verify complete
2022-09-21 20:34:27, Info                  CSI    000000fc [SR] Verifying 100 components
2022-09-21 20:34:27, Info                  CSI    000000fd [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:27, Info                  CSI    000000fe [SR] Verify complete
2022-09-21 20:34:27, Info                  CSI    000000ff [SR] Verifying 100 components
2022-09-21 20:34:27, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:28, Info                  CSI    00000101 [SR] Verify complete
2022-09-21 20:34:28, Info                  CSI    00000102 [SR] Verifying 100 components
2022-09-21 20:34:28, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:29, Info                  CSI    00000104 [SR] Verify complete
2022-09-21 20:34:29, Info                  CSI    00000105 [SR] Verifying 100 components
2022-09-21 20:34:29, Info                  CSI    00000106 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:29, Info                  CSI    00000107 [SR] Verify complete
2022-09-21 20:34:30, Info                  CSI    00000108 [SR] Verifying 100 components
2022-09-21 20:34:30, Info                  CSI    00000109 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:30, Info                  CSI    0000010a [SR] Verify complete
2022-09-21 20:34:30, Info                  CSI    0000010b [SR] Verifying 100 components
2022-09-21 20:34:30, Info                  CSI    0000010c [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:31, Info                  CSI    0000010d [SR] Verify complete
2022-09-21 20:34:31, Info                  CSI    0000010e [SR] Verifying 100 components
2022-09-21 20:34:31, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:32, Info                  CSI    00000110 [SR] Verify complete
2022-09-21 20:34:32, Info                  CSI    00000111 [SR] Verifying 100 components
2022-09-21 20:34:32, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:33, Info                  CSI    00000113 [SR] Verify complete
2022-09-21 20:34:33, Info                  CSI    00000114 [SR] Verifying 100 components
2022-09-21 20:34:33, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:34, Info                  CSI    00000116 [SR] Verify complete
2022-09-21 20:34:34, Info                  CSI    00000117 [SR] Verifying 100 components
2022-09-21 20:34:34, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:35, Info                  CSI    00000119 [SR] Verify complete
2022-09-21 20:34:35, Info                  CSI    0000011a [SR] Verifying 100 components
2022-09-21 20:34:35, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:36, Info                  CSI    0000011c [SR] Verify complete
2022-09-21 20:34:36, Info                  CSI    0000011d [SR] Verifying 100 components
2022-09-21 20:34:36, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:38, Info                  CSI    00000124 [SR] Verify complete
2022-09-21 20:34:38, Info                  CSI    00000125 [SR] Verifying 100 components
2022-09-21 20:34:38, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:40, Info                  CSI    00000128 [SR] Verify complete
2022-09-21 20:34:40, Info                  CSI    00000129 [SR] Verifying 100 components
2022-09-21 20:34:40, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:41, Info                  CSI    0000012b [SR] Verify complete
2022-09-21 20:34:41, Info                  CSI    0000012c [SR] Verifying 100 components
2022-09-21 20:34:41, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:42, Info                  CSI    0000012f [SR] Verify complete
2022-09-21 20:34:42, Info                  CSI    00000130 [SR] Verifying 100 components
2022-09-21 20:34:42, Info                  CSI    00000131 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:44, Info                  CSI    00000133 [SR] Verify complete
2022-09-21 20:34:44, Info                  CSI    00000134 [SR] Verifying 100 components
2022-09-21 20:34:44, Info                  CSI    00000135 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:45, Info                  CSI    00000136 [SR] Verify complete
2022-09-21 20:34:45, Info                  CSI    00000137 [SR] Verifying 100 components
2022-09-21 20:34:45, Info                  CSI    00000138 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:46, Info                  CSI    00000139 [SR] Verify complete
2022-09-21 20:34:46, Info                  CSI    0000013a [SR] Verifying 100 components
2022-09-21 20:34:46, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:47, Info                  CSI    0000013c [SR] Verify complete
2022-09-21 20:34:47, Info                  CSI    0000013d [SR] Verifying 100 components
2022-09-21 20:34:47, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:48, Info                  CSI    00000140 [SR] Verify complete
2022-09-21 20:34:49, Info                  CSI    00000141 [SR] Verifying 100 components
2022-09-21 20:34:49, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:49, Info                  CSI    00000143 [SR] Verify complete
2022-09-21 20:34:49, Info                  CSI    00000144 [SR] Verifying 100 components
2022-09-21 20:34:49, Info                  CSI    00000145 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:50, Info                  CSI    00000146 [SR] Verify complete
2022-09-21 20:34:50, Info                  CSI    00000147 [SR] Verifying 100 components
2022-09-21 20:34:50, Info                  CSI    00000148 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:51, Info                  CSI    00000149 [SR] Verify complete
2022-09-21 20:34:51, Info                  CSI    0000014a [SR] Verifying 100 components
2022-09-21 20:34:51, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:51, Info                  CSI    0000014c [SR] Verify complete
2022-09-21 20:34:52, Info                  CSI    0000014d [SR] Verifying 100 components
2022-09-21 20:34:52, Info                  CSI    0000014e [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:53, Info                  CSI    00000150 [SR] Verify complete
2022-09-21 20:34:53, Info                  CSI    00000151 [SR] Verifying 100 components
2022-09-21 20:34:53, Info                  CSI    00000152 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:53, Info                  CSI    00000153 [SR] Verify complete
2022-09-21 20:34:54, Info                  CSI    00000154 [SR] Verifying 100 components
2022-09-21 20:34:54, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:54, Info                  CSI    00000156 [SR] Verify complete
2022-09-21 20:34:54, Info                  CSI    00000157 [SR] Verifying 100 components
2022-09-21 20:34:54, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:55, Info                  CSI    00000159 [SR] Verify complete
2022-09-21 20:34:55, Info                  CSI    0000015a [SR] Verifying 100 components
2022-09-21 20:34:55, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:56, Info                  CSI    0000015c [SR] Verify complete
2022-09-21 20:34:56, Info                  CSI    0000015d [SR] Verifying 100 components
2022-09-21 20:34:56, Info                  CSI    0000015e [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:56, Info                  CSI    0000015f [SR] Verify complete
2022-09-21 20:34:56, Info                  CSI    00000160 [SR] Verifying 100 components
2022-09-21 20:34:56, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:57, Info                  CSI    00000162 [SR] Verify complete
2022-09-21 20:34:57, Info                  CSI    00000163 [SR] Verifying 100 components
2022-09-21 20:34:57, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:58, Info                  CSI    00000165 [SR] Verify complete
2022-09-21 20:34:58, Info                  CSI    00000166 [SR] Verifying 100 components
2022-09-21 20:34:58, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:59, Info                  CSI    00000168 [SR] Verify complete
2022-09-21 20:34:59, Info                  CSI    00000169 [SR] Verifying 100 components
2022-09-21 20:34:59, Info                  CSI    0000016a [SR] Beginning Verify and Repair transaction
2022-09-21 20:34:59, Info                  CSI    0000016b [SR] Verify complete
2022-09-21 20:35:00, Info                  CSI    0000016c [SR] Verifying 100 components
2022-09-21 20:35:00, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:00, Info                  CSI    0000016f [SR] Verify complete
2022-09-21 20:35:01, Info                  CSI    00000170 [SR] Verifying 100 components
2022-09-21 20:35:01, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:01, Info                  CSI    00000173 [SR] Verify complete
2022-09-21 20:35:01, Info                  CSI    00000174 [SR] Verifying 100 components
2022-09-21 20:35:01, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:02, Info                  CSI    00000176 [SR] Verify complete
2022-09-21 20:35:02, Info                  CSI    00000177 [SR] Verifying 100 components
2022-09-21 20:35:02, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:03, Info                  CSI    00000179 [SR] Verify complete
2022-09-21 20:35:03, Info                  CSI    0000017a [SR] Verifying 100 components
2022-09-21 20:35:03, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:03, Info                  CSI    0000017c [SR] Verify complete
2022-09-21 20:35:04, Info                  CSI    0000017d [SR] Verifying 100 components
2022-09-21 20:35:04, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:04, Info                  CSI    0000017f [SR] Verify complete
2022-09-21 20:35:04, Info                  CSI    00000180 [SR] Verifying 100 components
2022-09-21 20:35:04, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:05, Info                  CSI    00000182 [SR] Verify complete
2022-09-21 20:35:05, Info                  CSI    00000183 [SR] Verifying 100 components
2022-09-21 20:35:05, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:06, Info                  CSI    00000185 [SR] Verify complete
2022-09-21 20:35:06, Info                  CSI    00000186 [SR] Verifying 100 components
2022-09-21 20:35:06, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:07, Info                  CSI    00000188 [SR] Verify complete
2022-09-21 20:35:07, Info                  CSI    00000189 [SR] Verifying 100 components
2022-09-21 20:35:07, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:07, Info                  CSI    0000018b [SR] Verify complete
2022-09-21 20:35:08, Info                  CSI    0000018c [SR] Verifying 100 components
2022-09-21 20:35:08, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:08, Info                  CSI    0000018e [SR] Verify complete
2022-09-21 20:35:08, Info                  CSI    0000018f [SR] Verifying 100 components
2022-09-21 20:35:08, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:10, Info                  CSI    00000192 [SR] Verify complete
2022-09-21 20:35:10, Info                  CSI    00000193 [SR] Verifying 100 components
2022-09-21 20:35:10, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:11, Info                  CSI    00000195 [SR] Verify complete
2022-09-21 20:35:11, Info                  CSI    00000196 [SR] Verifying 100 components
2022-09-21 20:35:11, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:11, Info                  CSI    00000198 [SR] Verify complete
2022-09-21 20:35:11, Info                  CSI    00000199 [SR] Verifying 100 components
2022-09-21 20:35:11, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:12, Info                  CSI    0000019b [SR] Verify complete
2022-09-21 20:35:12, Info                  CSI    0000019c [SR] Verifying 100 components
2022-09-21 20:35:12, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:13, Info                  CSI    0000019e [SR] Verify complete
2022-09-21 20:35:13, Info                  CSI    0000019f [SR] Verifying 100 components
2022-09-21 20:35:13, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:13, Info                  CSI    000001a1 [SR] Verify complete
2022-09-21 20:35:13, Info                  CSI    000001a2 [SR] Verifying 100 components
2022-09-21 20:35:13, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:14, Info                  CSI    000001a4 [SR] Verify complete
2022-09-21 20:35:14, Info                  CSI    000001a5 [SR] Verifying 100 components
2022-09-21 20:35:14, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:15, Info                  CSI    000001a7 [SR] Verify complete
2022-09-21 20:35:15, Info                  CSI    000001a8 [SR] Verifying 100 components
2022-09-21 20:35:15, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:16, Info                  CSI    000001aa [SR] Verify complete
2022-09-21 20:35:16, Info                  CSI    000001ab [SR] Verifying 100 components
2022-09-21 20:35:16, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:17, Info                  CSI    000001ad [SR] Verify complete
2022-09-21 20:35:17, Info                  CSI    000001ae [SR] Verifying 100 components
2022-09-21 20:35:17, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:17, Info                  CSI    000001b0 [SR] Verify complete
2022-09-21 20:35:17, Info                  CSI    000001b1 [SR] Verifying 100 components
2022-09-21 20:35:17, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:18, Info                  CSI    000001b3 [SR] Verify complete
2022-09-21 20:35:18, Info                  CSI    000001b4 [SR] Verifying 100 components
2022-09-21 20:35:18, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:19, Info                  CSI    000001b6 [SR] Verify complete
2022-09-21 20:35:19, Info                  CSI    000001b7 [SR] Verifying 100 components
2022-09-21 20:35:19, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:20, Info                  CSI    000001b9 [SR] Verify complete
2022-09-21 20:35:20, Info                  CSI    000001ba [SR] Verifying 100 components
2022-09-21 20:35:20, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:21, Info                  CSI    000001bf [SR] Verify complete
2022-09-21 20:35:21, Info                  CSI    000001c0 [SR] Verifying 100 components
2022-09-21 20:35:21, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:21, Info                  CSI    000001c2 [SR] Verify complete
2022-09-21 20:35:21, Info                  CSI    000001c3 [SR] Verifying 100 components
2022-09-21 20:35:21, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:22, Info                  CSI    000001c5 [SR] Verify complete
2022-09-21 20:35:22, Info                  CSI    000001c6 [SR] Verifying 100 components
2022-09-21 20:35:22, Info                  CSI    000001c7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:22, Info                  CSI    000001c8 [SR] Verify complete
2022-09-21 20:35:22, Info                  CSI    000001c9 [SR] Verifying 100 components
2022-09-21 20:35:22, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:23, Info                  CSI    000001cb [SR] Verify complete
2022-09-21 20:35:23, Info                  CSI    000001cc [SR] Verifying 100 components
2022-09-21 20:35:23, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:24, Info                  CSI    000001cf [SR] Verify complete
2022-09-21 20:35:24, Info                  CSI    000001d0 [SR] Verifying 100 components
2022-09-21 20:35:24, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:25, Info                  CSI    000001d2 [SR] Verify complete
2022-09-21 20:35:25, Info                  CSI    000001d3 [SR] Verifying 100 components
2022-09-21 20:35:25, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:25, Info                  CSI    000001d5 [SR] Verify complete
2022-09-21 20:35:25, Info                  CSI    000001d6 [SR] Verifying 100 components
2022-09-21 20:35:25, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:26, Info                  CSI    000001d8 [SR] Verify complete
2022-09-21 20:35:27, Info                  CSI    000001d9 [SR] Verifying 100 components
2022-09-21 20:35:27, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:27, Info                  CSI    000001db [SR] Verify complete
2022-09-21 20:35:27, Info                  CSI    000001dc [SR] Verifying 100 components
2022-09-21 20:35:27, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:29, Info                  CSI    000001df [SR] Verify complete
2022-09-21 20:35:29, Info                  CSI    000001e0 [SR] Verifying 100 components
2022-09-21 20:35:29, Info                  CSI    000001e1 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:29, Info                  CSI    000001e2 [SR] Verify complete
2022-09-21 20:35:29, Info                  CSI    000001e3 [SR] Verifying 100 components
2022-09-21 20:35:29, Info                  CSI    000001e4 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:30, Info                  CSI    000001e5 [SR] Verify complete
2022-09-21 20:35:30, Info                  CSI    000001e6 [SR] Verifying 100 components
2022-09-21 20:35:30, Info                  CSI    000001e7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:31, Info                  CSI    000001e8 [SR] Verify complete
2022-09-21 20:35:31, Info                  CSI    000001e9 [SR] Verifying 100 components
2022-09-21 20:35:31, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:32, Info                  CSI    000001eb [SR] Verify complete
2022-09-21 20:35:32, Info                  CSI    000001ec [SR] Verifying 100 components
2022-09-21 20:35:32, Info                  CSI    000001ed [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:32, Info                  CSI    000001ee [SR] Verify complete
2022-09-21 20:35:32, Info                  CSI    000001ef [SR] Verifying 100 components
2022-09-21 20:35:32, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:33, Info                  CSI    000001f5 [SR] Verify complete
2022-09-21 20:35:33, Info                  CSI    000001f6 [SR] Verifying 100 components
2022-09-21 20:35:33, Info                  CSI    000001f7 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:34, Info                  CSI    000001f8 [SR] Verify complete
2022-09-21 20:35:34, Info                  CSI    000001f9 [SR] Verifying 100 components
2022-09-21 20:35:34, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:35, Info                  CSI    000001fb [SR] Verify complete
2022-09-21 20:35:35, Info                  CSI    000001fc [SR] Verifying 100 components
2022-09-21 20:35:35, Info                  CSI    000001fd [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:36, Info                  CSI    000001fe [SR] Verify complete
2022-09-21 20:35:36, Info                  CSI    000001ff [SR] Verifying 100 components
2022-09-21 20:35:36, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:37, Info                  CSI    00000201 [SR] Verify complete
2022-09-21 20:35:37, Info                  CSI    00000202 [SR] Verifying 100 components
2022-09-21 20:35:37, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:38, Info                  CSI    00000205 [SR] Verify complete
2022-09-21 20:35:38, Info                  CSI    00000206 [SR] Verifying 100 components
2022-09-21 20:35:38, Info                  CSI    00000207 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:39, Info                  CSI    00000208 [SR] Verify complete
2022-09-21 20:35:39, Info                  CSI    00000209 [SR] Verifying 100 components
2022-09-21 20:35:39, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:39, Info                  CSI    0000020b [SR] Verify complete
2022-09-21 20:35:39, Info                  CSI    0000020c [SR] Verifying 100 components
2022-09-21 20:35:39, Info                  CSI    0000020d [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:40, Info                  CSI    0000020e [SR] Verify complete
2022-09-21 20:35:40, Info                  CSI    0000020f [SR] Verifying 100 components
2022-09-21 20:35:40, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:42, Info                  CSI    00000211 [SR] Verify complete
2022-09-21 20:35:42, Info                  CSI    00000212 [SR] Verifying 100 components
2022-09-21 20:35:42, Info                  CSI    00000213 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:42, Info                  CSI    00000214 [SR] Verify complete
2022-09-21 20:35:42, Info                  CSI    00000215 [SR] Verifying 100 components
2022-09-21 20:35:42, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:43, Info                  CSI    00000217 [SR] Verify complete
2022-09-21 20:35:43, Info                  CSI    00000218 [SR] Verifying 100 components
2022-09-21 20:35:43, Info                  CSI    00000219 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:44, Info                  CSI    0000021a [SR] Verify complete
2022-09-21 20:35:44, Info                  CSI    0000021b [SR] Verifying 100 components
2022-09-21 20:35:44, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:44, Info                  CSI    0000021d [SR] Verify complete
2022-09-21 20:35:45, Info                  CSI    0000021e [SR] Verifying 100 components
2022-09-21 20:35:45, Info                  CSI    0000021f [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:45, Info                  CSI    00000220 [SR] Verify complete
2022-09-21 20:35:45, Info                  CSI    00000221 [SR] Verifying 100 components
2022-09-21 20:35:45, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:46, Info                  CSI    00000223 [SR] Verify complete
2022-09-21 20:35:46, Info                  CSI    00000224 [SR] Verifying 100 components
2022-09-21 20:35:46, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:47, Info                  CSI    00000226 [SR] Verify complete
2022-09-21 20:35:47, Info                  CSI    00000227 [SR] Verifying 100 components
2022-09-21 20:35:47, Info                  CSI    00000228 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:47, Info                  CSI    00000229 [SR] Verify complete
2022-09-21 20:35:47, Info                  CSI    0000022a [SR] Verifying 100 components
2022-09-21 20:35:47, Info                  CSI    0000022b [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:48, Info                  CSI    0000022c [SR] Verify complete
2022-09-21 20:35:48, Info                  CSI    0000022d [SR] Verifying 100 components
2022-09-21 20:35:48, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:49, Info                  CSI    00000230 [SR] Verify complete
2022-09-21 20:35:49, Info                  CSI    00000231 [SR] Verifying 100 components
2022-09-21 20:35:49, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:50, Info                  CSI    00000233 [SR] Verify complete
2022-09-21 20:35:50, Info                  CSI    00000234 [SR] Verifying 41 components
2022-09-21 20:35:50, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:50, Info                  CSI    00000236 [SR] Verify complete
2022-09-21 20:35:50, Info                  CSI    00000237 [SR] Repairing 0 components
2022-09-21 20:35:50, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2022-09-21 20:35:50, Info                  CSI    00000239 [SR] Repair complete

========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


C:\Users\indre\Desktop>wevtutil cl "AMSI/Debug"

C:\Users\indre\Desktop>wevtutil cl "AMSI/Operational"

C:\Users\indre\Desktop>wevtutil cl "AirSpaceChannel"

C:\Users\indre\Desktop>wevtutil cl "Analytic"

C:\Users\indre\Desktop>wevtutil cl "Application"

C:\Users\indre\Desktop>wevtutil cl "Cisco-EAP-FAST/Debug"

C:\Users\indre\Desktop>wevtutil cl "Cisco-EAP-LEAP/Debug"

C:\Users\indre\Desktop>wevtutil cl "Cisco-EAP-PEAP/Debug"

C:\Users\indre\Desktop>wevtutil cl "Dell"

C:\Users\indre\Desktop>wevtutil cl "DirectShowFilterGraph"

C:\Users\indre\Desktop>wevtutil cl "DirectShowPluginControl"

C:\Users\indre\Desktop>wevtutil cl "Els_Hyphenation/Analytic"

C:\Users\indre\Desktop>wevtutil cl "EndpointMapper"

C:\Users\indre\Desktop>wevtutil cl "FirstUXPerf-Analytic"

C:\Users\indre\Desktop>wevtutil cl "ForwardedEvents"

C:\Users\indre\Desktop>wevtutil cl "General Logging"

C:\Users\indre\Desktop>wevtutil cl "HP CASL Framework"

C:\Users\indre\Desktop>wevtutil cl "HardwareEvents"

C:\Users\indre\Desktop>wevtutil cl "IHM_DebugChannel"

C:\Users\indre\Desktop>wevtutil cl "InstallUXPerformance-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Intel-GFX-Info/Application"

C:\Users\indre\Desktop>wevtutil cl "Intel-GFX-Info/System"

C:\Users\indre\Desktop>wevtutil cl "Intel-SST-CFD-HDA/IntelSST"

C:\Users\indre\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug"

C:\Users\indre\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance"

C:\Users\indre\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug"

C:\Users\indre\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance"

C:\Users\indre\Desktop>wevtutil cl "Internet Explorer"

C:\Users\indre\Desktop>wevtutil cl "Kaspersky Event Log"

C:\Users\indre\Desktop>wevtutil cl "Key Management Service"

C:\Users\indre\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT"

C:\Users\indre\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy"

C:\Users\indre\Desktop>wevtutil cl "MF_MediaFoundationFrameServer"

C:\Users\indre\Desktop>wevtutil cl "MedaFoundationVideoProc"

C:\Users\indre\Desktop>wevtutil cl "MedaFoundationVideoProcD3D"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationAsyncWrapper"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationContentProtection"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationDS"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationDeviceProxy"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationMP4"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationMediaEngine"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationPerformance"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationPerformanceCore"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationPipeline"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationPlatform"

C:\Users\indre\Desktop>wevtutil cl "MediaFoundationSrcPrefetch"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-AppV-Client-Streamingux/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-AppV-Client/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-AppV-Client/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-AppV-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-AppV-Client/Virtual Applications"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-AppV-SharedPerformance/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Client-License-Flexible-Platform/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Client-License-Flexible-Platform/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Client-License-Flexible-Platform/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-IE-ReadingView/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-IE/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-Admin/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-Agent Driver/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-Agent Driver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-App Agent/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-App Agent/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-App Agent/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-IPC/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-SQM Uploader/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-SQM Uploader/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-User Experience Virtualization-SQM Uploader/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WS-Licensing/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WS-Licensing/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WS-Licensing/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccess/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccess/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccessBroker/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AssignedAccessBroker/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Backup"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-DrivePreparationTool/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-DrivePreparationTool/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEEnum/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BranchCache/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BranchCacheClientEventProvider/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BranchCacheEventProvider/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BranchCacheMonitoring/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BranchCacheSMB/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-BranchCacheSMB/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/Call"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CredProvHost/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-CredentialProviders/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Deduplication/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Deduplication/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Deduplication/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Deduplication/Scrubbing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite-FontCache/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DucUpdateAgent/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EmbeddedAppLauncher/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EmbeddedAppLauncher/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-FontGroups/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IndexedDB-Server"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-International/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-KeyboardFilter/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-KeyboardFilter/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-KeyboardFilter/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LanguageProfile/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Narrator-Inproc/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-NvdimmN/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Diagnostics"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OcpUpdateAgent/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OfflineFiles/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OfflineFiles/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OfflineFiles/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OfflineFiles/SyncLog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-INvdimm/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-NvdimmN/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-VirtualNvdimm/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PmemDisk/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PriResources-Deployment/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PriResources-Deployment/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintBRM/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs3D/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-User-Mode-Transport/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Resource-Leak-Diagnostic/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SENSE/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Certification"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmBus/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ScmDisk0101/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SecureAssessment/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SenseIR/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TenantRestrictions/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WDAG-PolicyEvaluator-CSP/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WDAG-PolicyEvaluator-GP/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WDAG-Service/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WDAG-Service/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinHttp-Pca"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Pca"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ntshrui"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug"

C:\Users\indre\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug"

C:\Users\indre\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic"

C:\Users\indre\Desktop>wevtutil cl "Navigator"

C:\Users\indre\Desktop>wevtutil cl "Network Isolation Operational"

C:\Users\indre\Desktop>wevtutil cl "OAlerts"

C:\Users\indre\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel"

C:\Users\indre\Desktop>wevtutil cl "OfficeChannel"

C:\Users\indre\Desktop>wevtutil cl "OfficeDebugChannel"

C:\Users\indre\Desktop>wevtutil cl "OpenSSH/Admin"

C:\Users\indre\Desktop>wevtutil cl "OpenSSH/Debug"

C:\Users\indre\Desktop>wevtutil cl "OpenSSH/Operational"

C:\Users\indre\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel"

C:\Users\indre\Desktop>wevtutil cl "PlayReadyPerformanceChannel"

C:\Users\indre\Desktop>wevtutil cl "RTWorkQueueExtended"

C:\Users\indre\Desktop>wevtutil cl "RTWorkQueueTheading"

C:\Users\indre\Desktop>wevtutil cl "SMSApi"

C:\Users\indre\Desktop>wevtutil cl "Security"

C:\Users\indre\Desktop>wevtutil cl "Setup"

C:\Users\indre\Desktop>wevtutil cl "SmbWmiAnalytic"

C:\Users\indre\Desktop>wevtutil cl "System"

C:\Users\indre\Desktop>wevtutil cl "SystemEventsBroker"

C:\Users\indre\Desktop>wevtutil cl "TabletPC_InputPanel_Channel"

C:\Users\indre\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM"

C:\Users\indre\Desktop>wevtutil cl "TimeBroker"

C:\Users\indre\Desktop>wevtutil cl "UIManager_Channel"

C:\Users\indre\Desktop>wevtutil cl "Uac/Debug"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_HEVCDECODER_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL"

C:\Users\indre\Desktop>wevtutil cl "WMPSetup"

C:\Users\indre\Desktop>wevtutil cl "WMPSyncEngine"

C:\Users\indre\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational"

C:\Users\indre\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\Users\indre\Desktop>wevtutil cl "Windows PowerShell"

C:\Users\indre\Desktop>wevtutil cl "Windows.Globalization/Analytic"

C:\Users\indre\Desktop>wevtutil cl "WordChannel"

C:\Users\indre\Desktop>wevtutil cl "isaAgentLog"

C:\Users\indre\Desktop>wevtutil cl "muxencode"

========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 20:36:27 ====

******

I will now run FRST again and get you those logs.

THANK YOU!!!


  • 0

#21
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

Here are the latest FRST logs.

FRST Log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by indre (administrator) on DESKTOP-EL88UDV (Dell Inc. OptiPlex 7440 AIO) (21-09-2022 20:53:46)
Running from C:\Users\indre\Desktop
Loaded Profiles: indre
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2075 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_isolation.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksdeui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\DELL\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <5>
(C:\Program Files\WD Desktop App\kdd.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(cmd.exe ->) (AO Kaspersky Lab -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\plugin-nm-server-v2.exe <2>
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe <2>
(DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxCUIService.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(explorer.exe ->) (Amazon.com Services LLC -> Amazon.com Services LLC) C:\Users\indre\AppData\Local\Amazon Music\Amazon Music Helper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\DELL\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> CREDANT Technologies, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dell Inc -> Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe
(services.exe ->) (Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e192e6f3fb1cfc71\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxCUIService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel® Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(svchost.exe ->) (Intel® Intel Network Drivers -> Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc.) [File not signed] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853248 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1176208 2017-11-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81380632 2022-08-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5930664 2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2020-05-10] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1067528 2022-08-01] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2253824 2022-09-02] (Western Digital Technologies, Inc.) [File not signed]
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [81920 2022-09-16] (IDrive, Inc. -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1999360 2022-09-16] (IDrive, Inc. -> Prosoftnet)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe [520520 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-17] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [19957744 2020-07-20] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491880 2022-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491880 2022-09-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [Amazon Music Helper] => C:\Users\indre\AppData\Local\Amazon Music\Amazon Music Helper.exe [2364136 2022-08-29] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [MicrosoftEdgeAutoLaunch_BC89F74D4A624CBBDDBE674EE3E0DCB7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-09-20] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\indre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-09-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08E2F16C-4C59-4C34-A03C-C83EEEDEBBDE} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {0C0614F0-18B6-495C-99F1-B61633EE7B2A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {0E107EE9-EEF8-480E-8C33-78E3BF76A637} - System32\Tasks\GoogleUpdateTaskMachineCore{06460A97-B630-4D12-8B39-D4A2780E78F0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-09-21] (Google LLC -> Google LLC)
Task: {100B6404-6CCC-4018-A014-D597C7618766} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14B04756-2580-4AB3-9350-357AC3C835BF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A7083EE-1560-4F9B-A7D4-B95F3616D602} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1E20F289-46AA-4529-B808-962BFEF268A3} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {296A4BE8-8902-490B-A25E-95C111CE49B3} - System32\Tasks\WD Discovery Service Task indre => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [79640 2022-08-30] (Western Digital Technologies, Inc. -> )
Task: {39820E81-9B7D-411F-A870-C6BEBCB2BF30} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {3DDB5713-5663-4799-B2F6-7058A89D22E7} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {4045CF22-5707-4412-95CB-E0F107C7D1D3} - System32\Tasks\GoogleUpdateTaskMachineUA{2B0E60C8-E5C9-435D-AE3F-CA0B18A33643} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-09-21] (Google LLC -> Google LLC)
Task: {436F3EDB-E7F2-409F-863A-7CF02B20E8CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {4BE97605-CD81-4915-9F76-A1B3ABD543F3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EF9065E-7942-4205-9A7E-625FDF39B32F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {5F8016B5-B006-4905-8429-B317DEBB6EB7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D0AA64B-75B4-49CF-9C53-3BF5D9356A9D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {72D1A690-09F3-468C-9CF7-06219605059A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2022-06-21] (Dell Inc -> Dell Inc.)
Task: {77CD022A-C3AF-423F-9B06-60A655930163} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7ED6E7E3-A177-4A53-91A2-1D8CEFEAA71D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {82F39D33-C846-4F84-8898-8F68198ADD97} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {8B3F29DA-404A-4CB9-8309-9D94ECAA8D3F} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink)
Task: {8D960D58-2C65-4690-A008-63A3B9664FD6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {B11E9FFA-C95C-4D42-BF8F-57C13DBCFB84} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {C8F83BFB-17D1-4216-9FDB-8A1D4EC6F071} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-07-17] (Garmin International, Inc. -> )
Task: {D6A7A9A7-BA76-41A0-9C69-2C91F981F25F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmtNonCritical\DD4B2BB6-A253-401B-A25E-FF19DD697B8F\Queued Schedule created for queued alerts => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {E275C8F9-54BE-4E4F-8E85-113C4BCFBAC5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4EB95E3-3934-4831-8639-C2570619ECDB} - System32\Tasks\WD Device Agent Task indre => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [724760 2022-08-30] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {ED082E4D-DEE0-46A9-B2E0-0AB299BCFE27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFEB58D0-ABA3-4550-89B1-3E64A90A578C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB2684E5-A584-479A-9F89-467339E8063A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79b54ee4-f8e3-4a70-9b1c-941bcd878883}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{79b54ee4-f8e3-4a70-9b1c-941bcd878883}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d6ef5443-2cd7-486e-843e-79ccb5a10cac}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{d6ef5443-2cd7-486e-843e-79ccb5a10cac}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\indre\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\indre\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-21]
Edge DownloadDir: Default -> C:\Users\indre\Downloads
Edge Notifications: Default -> hxxps://filehippo.com
Edge Extension: (Kaspersky Protection) - C:\Users\indre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-02]
Edge Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2022-09-09]
Edge HKU\S-1-5-21-1593158232-969496310-2340663774-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: 1cu7vqt4.default-1534000050440
FF ProfilePath: C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704 [2022-09-21]
FF Notifications: Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704 -> hxxps://cahealthcorps.lightning.force.com; hxxps://www.picard.fr; hxxps://mail.google.com; hxxps://www.verizon.com
FF Extension: (Honey) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704\Extensions\[email protected] [2021-06-24]
FF Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704\Extensions\[email protected] [2022-02-16] [UpdateUrl:hxxps://special.s.kaspersky-labs.com/firefox_extensions/kpm_win_add_on/update.json]
FF Extension: (Kaspersky Protection) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\7kqbxs5t.default-release-1582899762704\Extensions\[email protected] [2022-08-01]
FF ProfilePath: C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440 [2022-09-20]
FF Homepage: Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440 -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440 -> hxxps://www.watchepisodes4.com
FF Extension: (Notifier for Gmail™) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440\Extensions\[email protected] [2019-03-31]
FF Extension: (Honey) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440\Extensions\[email protected] [2019-09-08]
FF Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Roaming\Mozilla\Firefox\Profiles\1cu7vqt4.default-1534000050440\Extensions\[email protected] [2019-10-15] [UpdateUrl:hxxps://special.s.kaspersky-labs.com/firefox_extensions/kpm_win_add_on/update.json]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-08-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-08-01] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-11-21] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-07-18] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-11-21] <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-07-18] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default [2022-09-21]
CHR Extension: (Kaspersky Protection) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-02]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-09-13]
CHR Extension: (Notifier for Gmail™) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-21]
CHR Extension: (Kaspersky Password Manager) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2022-09-02]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-09-19]
CHR Extension: (Google Docs Offline) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-23]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2022-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\indre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\indre\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-12]
CHR Profile: C:\Users\indre\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-21]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-1593158232-969496310-2340663774-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923656 2022-08-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131256 2022-09-16] (Microsoft Corporation -> Microsoft Corporation)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2016-06-07] (Dell Inc. -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [138448 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [151552 2015-06-29] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44448 2022-04-27] (Dell Inc -> )
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe [22280 2016-07-13] (Dell Inc -> CREDANT Technologies, Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe [35080 2016-07-13] (Dell Inc -> Dell Inc.)
R3 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe [52488 2016-07-13] (Dell Inc -> Dell, Inc.)
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [134560 2022-02-19] (Dell Inc -> Dell)
S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [414208 2022-09-16] (IDrive, Inc. -> Prosoftnet)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel® Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel® Wireless Display -> Intel)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.7; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7\ksde.exe [32008 2022-07-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [300408 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1411056 2020-07-20] (Plex, Inc. -> Plex, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [137056 2022-06-21] (Dell Inc -> Dell Inc.)
S2 tcsd_win32.exe; C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\tcsd_win32.exe [1636352 2012-12-10] (Security Innovation, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-03-10] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1586112 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [95680 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [357136 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187192 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270752 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 NDivert; C:\Program Files\NordVPN\7.0.15.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.)
R0 SEDFilter; C:\WINDOWS\System32\DRIVERS\SEDFilter.sys [197808 2016-07-13] (Dell Inc -> Dell Inc.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13920 2016-09-11] (SlimWare Utilities Inc. -> )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Intel® Wireless Display -> Windows ® Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2022-09-02] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-21] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-21] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2022-03-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-21 20:53 - 2022-09-21 20:54 - 000053244 ____C C:\Users\indre\Desktop\FRST.txt
2022-09-21 20:17 - 2022-09-21 20:36 - 000184767 ____C C:\Users\indre\Desktop\Fixlog.txt
2022-09-21 20:09 - 2022-09-21 20:09 - 000003952 _____ C:\Users\indre\Downloads\fixlist.txt
2022-09-21 17:58 - 2022-09-21 18:00 - 000125123 ____C C:\Users\indre\Desktop\Addition1.txt
2022-09-21 17:57 - 2022-09-21 18:00 - 000075593 ____C C:\Users\indre\Desktop\FRST1.txt
2022-09-21 17:54 - 2022-09-21 17:54 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-09-21 17:54 - 2022-09-21 17:54 - 000000000 ____D C:\Users\indre\Downloads\FRST-OlderVersion
2022-09-21 17:53 - 2022-09-21 17:53 - 000187192 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-09-21 17:51 - 2022-09-21 17:54 - 002371072 _____ (Farbar) C:\Users\indre\Desktop\FRST64.exe
2022-09-21 17:26 - 2022-09-21 17:26 - 005066722 _____ C:\Users\indre\Downloads\CONSOLIDATED EMSA Invoice Review Tracker 092022 (1).xlsx
2022-09-21 16:46 - 2022-09-21 16:46 - 014278656 _____ C:\Users\indre\Downloads\WindowsPCHealthCheckSetup.msi
2022-09-21 16:46 - 2022-09-21 16:46 - 000001347 ____C C:\Users\indre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-09-21 16:46 - 2022-09-21 16:46 - 000000000 ____D C:\Users\indre\AppData\Local\PCHealthCheck
2022-09-21 16:20 - 2022-09-21 16:20 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-21 16:20 - 2022-09-21 16:20 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-21 16:19 - 2022-09-21 16:19 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{2B0E60C8-E5C9-435D-AE3F-CA0B18A33643}
2022-09-21 16:19 - 2022-09-21 16:19 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{06460A97-B630-4D12-8B39-D4A2780E78F0}
2022-09-21 16:19 - 2022-09-21 16:19 - 000000000 ____D C:\Program Files\Google
2022-09-21 16:18 - 2022-09-21 16:18 - 092324400 _____ (Google LLC) C:\Users\indre\Downloads\ChromeStandaloneSetup64.exe
2022-09-21 16:14 - 2022-09-21 16:14 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-09-21 16:14 - 2022-09-21 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-09-21 16:14 - 2022-09-21 16:14 - 000000000 ____D C:\Program Files\VS Revo Group
2022-09-21 16:13 - 2022-09-21 16:13 - 007521232 _____ (VS Revo Group ) C:\Users\indre\Downloads\revosetup.exe
2022-09-21 16:07 - 2022-09-21 16:07 - 001427176 _____ (Google LLC) C:\Users\indre\Downloads\ChromeSetup(2).exe
2022-09-21 15:52 - 2022-09-21 15:52 - 001427176 _____ (Google LLC) C:\Users\indre\Downloads\ChromeSetup(1).exe
2022-09-21 15:38 - 2022-09-21 15:38 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-09-21 15:38 - 2022-09-21 15:38 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-09-21 14:31 - 2022-09-21 14:31 - 000001422 ____C C:\Users\indre\Desktop\Step 3 for comp fix for RKinner.txt
2022-09-21 13:18 - 2022-09-21 13:18 - 000003109 ____C C:\Users\indre\Desktop\Step 2 for comp fix for RKinner.txt
2022-09-21 13:05 - 2022-09-21 13:05 - 000000522 ____C C:\Users\indre\Desktop\Step 1 for comp fix for RKinner.txt
2022-09-21 12:01 - 2022-09-21 12:01 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BEAB6EB1CE5-7-0_c_w_.exe
2022-09-21 11:58 - 2022-09-21 11:58 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BEA9506C534-7-0_c_w_.exe
2022-09-21 11:55 - 2022-09-21 11:55 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BEA031FAE51-7-0_c_w_.exe
2022-09-21 05:36 - 2022-09-21 05:36 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BB4C581E5DE-7-0_c_w_.exe
2022-09-21 05:34 - 2022-09-21 05:34 - 001441064 _____ C:\Users\indre\Downloads\TeamsSetupx64_s_8DA9BB4A17E8811-7-0_c_w_.exe
2022-09-21 05:27 - 2022-09-21 05:27 - 274571184 _____ (Citrix Systems, Inc.) C:\Users\indre\Downloads\CitrixWorkspaceApp.exe
2022-09-21 04:37 - 2022-09-21 04:37 - 000025152 _____ C:\Users\indre\Desktop\Temecula invoices to date 092022.xlsx
2022-09-21 03:40 - 2022-09-21 03:40 - 000265600 _____ C:\Users\indre\Downloads\ZoomInfoContactContributor(1).exe
2022-09-21 02:42 - 2022-09-21 13:57 - 002589142 _____ C:\Users\indre\Desktop\junk junk EMSA T 092022 PM.xlsx
2022-09-21 02:40 - 2022-09-21 02:40 - 005394205 _____ C:\Users\indre\Downloads\CONSOLIDATED EMSA Invoice Review Tracker 092022.xlsx
2022-09-21 01:23 - 2022-09-21 01:23 - 002187661 _____ C:\Users\indre\Downloads\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (2).xlsx
2022-09-21 01:19 - 2022-09-21 01:19 - 000607911 _____ C:\Users\indre\Downloads\Jeremy EMSA Invoice Submissions September 20 2022.xlsx
2022-09-21 01:16 - 2022-09-21 01:16 - 002187232 _____ C:\Users\indre\Downloads\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (1).xlsx
2022-09-21 01:11 - 2022-09-21 01:11 - 002185307 _____ C:\Users\indre\Downloads\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422.xlsx
2022-09-21 01:01 - 2022-09-21 01:02 - 002169171 _____ C:\Users\indre\Downloads\Copy of 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (2).xlsx
2022-09-21 01:01 - 2022-09-21 01:01 - 002169171 _____ C:\Users\indre\Downloads\Copy of 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422.xlsx
2022-09-21 01:01 - 2022-09-21 01:01 - 002169171 _____ C:\Users\indre\Downloads\Copy of 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 (1).xlsx
2022-09-21 00:57 - 2022-09-21 00:57 - 002172514 _____ C:\Users\indre\Downloads\Joseph 9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422.xlsx
2022-09-21 00:21 - 2022-09-21 00:21 - 001427176 _____ (Google LLC) C:\Users\indre\Downloads\ChromeSetup.exe
2022-09-20 23:01 - 2022-09-20 23:03 - 000000000 ____D C:\Users\indre\AppData\Local\NordVPN
2022-09-20 23:01 - 2022-09-20 23:02 - 000001959 ____C C:\Users\indre\Desktop\NordVPN.lnk
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\ProgramData\NordVPN
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\Program Files\NordVPN
2022-09-20 23:01 - 2022-09-20 23:01 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2022-09-20 23:00 - 2022-09-20 23:00 - 000000000 ____D C:\ProgramData\NordUpdater
2022-09-20 23:00 - 2022-09-20 23:00 - 000000000 ____D C:\Program Files\NordUpdater
2022-09-20 22:46 - 2022-09-20 22:46 - 000000000 ____D C:\Users\indre\AppData\Local\Sentry
2022-09-20 20:26 - 2022-09-20 20:26 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-09-20 20:26 - 2022-09-20 20:26 - 000012251 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-20 20:25 - 2022-09-20 20:25 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-20 20:12 - 2022-09-20 20:12 - 000000000 ___HD C:\$WinREAgent
2022-09-20 16:25 - 2022-09-20 16:26 - 000000000 ___DC C:\Users\indre\Desktop\NordVPN crap
2022-09-20 11:06 - 2022-09-20 14:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-09-19 09:17 - 2022-09-19 09:18 - 000000000 ___HD C:\adobeTemp
2022-09-18 00:43 - 2022-09-18 00:43 - 000000163 ____C C:\Users\indre\Desktop\heehaw.txt
2022-09-16 18:01 - 2022-09-16 18:49 - 000089311 _____ C:\Users\indre\Desktop\9.14.22 ASSIGNMENT - First Surge ProLink Invoices (Zeroed Out)_CONSOLIDATED EMSA Invoice Review Tracker 091422 UPDATED.xlsx
2022-09-16 15:13 - 2022-09-16 15:13 - 000001135 _____ C:\Users\Public\Desktop\IDrive.lnk
2022-09-16 15:13 - 2022-09-16 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDrive
2022-09-16 14:28 - 2022-09-16 04:15 - 000173906 ____C C:\Users\indre\Desktop\St. Joes with misapplied credit memos check # 367007 (GS-3121).pdf
2022-09-16 14:28 - 2022-09-16 04:14 - 000184927 ____C C:\Users\indre\Desktop\St. Joes with misapplied credit memos check # 366534 (GS-1959).pdf
2022-09-16 14:28 - 2022-09-16 04:13 - 000189004 ____C C:\Users\indre\Desktop\St. Joes with misapplied credit memo check # 372393 (GS-3261).pdf
2022-09-15 15:52 - 2022-09-15 15:56 - 000304212 ____C C:\Users\indre\Desktop\OAK VALLEY HOSPITAL DISTRICT GS-266 061521 for SA.pdf
2022-09-15 08:21 - 2022-09-15 08:21 - 000001247 _____ C:\Users\Public\Desktop\WD Security.lnk
2022-09-15 08:20 - 2022-09-15 08:20 - 000001192 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2022-09-15 08:18 - 2021-06-02 09:01 - 002981056 _____ (Intel Corporation) C:\WINDOWS\system32\iaStorAfsService.exe
2022-09-15 08:18 - 2021-06-02 09:01 - 000220352 _____ (Intel Corporation) C:\WINDOWS\system32\iaStorAfsNative.exe
2022-09-15 08:18 - 2021-06-02 09:01 - 000113328 _____ (Intel Corporation) C:\WINDOWS\system32\Optane.dll
2022-09-15 08:18 - 2021-06-02 09:01 - 000073408 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAfs.sys
2022-09-14 19:36 - 2022-09-14 19:36 - 000002015 ____C C:\Users\indre\Desktop\Oak Valley Crap.txt
2022-09-14 19:12 - 2022-09-14 19:12 - 000142048 ____C C:\Users\indre\Desktop\Oak Valley with misapplied credit check # 158666 COPY.pdf
2022-09-14 14:07 - 2022-09-15 21:10 - 000043124 _____ C:\Users\indre\Desktop\Oak Valley invoices to date 091422.xlsx
2022-09-14 00:39 - 2022-09-14 00:39 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2022-09-14 00:39 - 2022-09-14 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-09-14 00:39 - 2022-09-14 00:39 - 000000000 ____D C:\Program Files\iTunes
2022-09-13 20:03 - 2022-09-13 20:03 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-13 20:03 - 2022-09-13 20:03 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-13 20:03 - 2022-09-13 20:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-13 13:24 - 2022-09-13 13:24 - 000665405 ____C C:\Users\indre\Desktop\Oak Valley Credit Memo GS-008CR.pdf
2022-09-13 12:47 - 2022-09-14 13:51 - 000029865 _____ C:\Users\indre\Desktop\Oak Valley invoices to date 091322.xlsx
2022-09-08 22:48 - 2022-09-08 22:48 - 000000000 ____D C:\Users\indre\Creative Cloud Files
2022-09-02 00:15 - 2022-09-02 00:15 - 000025704 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2022-08-30 12:44 - 2022-08-30 12:44 - 000001281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-08-30 12:44 - 2022-08-30 12:44 - 000001151 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-08-22 05:37 - 2022-08-22 05:37 - 000001514 _____ C:\Users\indre\Desktop\Kaspersky Password Manager.lnk
2022-08-22 05:37 - 2022-08-22 05:37 - 000000000 ____D C:\Program Files (x86)\dotnet

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-21 20:54 - 2022-06-05 12:16 - 000000000 ____D C:\ProgramData\IDrive
2022-09-21 20:54 - 2021-03-10 11:01 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-21 20:54 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-21 20:54 - 2019-11-08 23:10 - 000000000 ____D C:\FRST
2022-09-21 20:53 - 2022-02-08 17:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-21 20:52 - 2016-11-18 22:39 - 000000000 ___DC C:\Users\indre\AppData\LocalLow\Mozilla
2022-09-21 20:51 - 2016-09-11 19:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-21 20:50 - 2019-07-12 12:50 - 000000000 ___DC C:\Users\indre\AppData\Roaming\WD Discovery
2022-09-21 20:50 - 2019-07-12 12:50 - 000000000 ____D C:\Users\indre\.wdc
2022-09-21 20:49 - 2021-10-09 19:22 - 000000000 ____D C:\Program Files\TeamViewer
2022-09-21 20:49 - 2021-03-10 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-21 20:49 - 2021-03-10 10:51 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-21 20:49 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-21 20:49 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-21 20:49 - 2016-09-11 19:30 - 000000000 __SHD C:\Users\indre\IntelGraphicsProfiles
2022-09-21 20:34 - 2021-03-02 03:06 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-09-21 20:33 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-21 20:20 - 2021-12-12 22:03 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1593158232-969496310-2340663774-1001
2022-09-21 20:20 - 2021-03-10 10:59 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1593158232-969496310-2340663774-1001
2022-09-21 20:20 - 2021-03-10 10:52 - 000002381 ____C C:\Users\indre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-21 20:08 - 2021-01-08 22:13 - 000000000 ____D C:\Users\indre\AppData\Roaming\5KPlayer
2022-09-21 18:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Registration
2022-09-21 17:26 - 2017-11-15 23:37 - 000000000 ___DC C:\Users\indre\AppData\Local\Packages
2022-09-21 16:03 - 2021-02-11 18:26 - 000000000 ____D C:\WINDOWS\SensorFramework
2022-09-21 15:59 - 2016-09-11 19:56 - 000000000 ___DC C:\Users\indre\AppData\Local\Google
2022-09-21 13:37 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-21 12:01 - 2019-09-08 06:25 - 000000000 ____D C:\Users\indre\AppData\Local\SquirrelTemp
2022-09-21 05:32 - 2020-04-29 23:59 - 000000000 ____D C:\Users\indre\AppData\Local\Citrix
2022-09-21 05:29 - 2020-04-29 23:57 - 000000000 ____D C:\Program Files (x86)\Citrix
2022-09-21 05:29 - 2016-09-18 09:35 - 000000000 ___DC C:\Users\indre\AppData\Local\CrashDumps
2022-09-21 00:35 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-21 00:35 - 2018-05-23 14:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-21 00:27 - 2018-05-28 15:00 - 000000000 ___DC C:\Users\indre\AppData\Local\D3DSCache
2022-09-20 23:55 - 2021-03-10 10:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-20 22:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-20 22:46 - 2021-01-13 15:03 - 000000000 ____D C:\Users\indre\AppData\Roaming\Citrix
2022-09-20 20:56 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-20 20:56 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-20 20:32 - 2021-03-10 10:51 - 000458192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-09-20 20:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-20 20:29 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-09-20 20:29 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-09-20 20:25 - 2021-03-10 10:53 - 003012608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-20 20:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-20 14:37 - 2019-11-21 01:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-20 11:33 - 2021-09-25 19:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-20 11:33 - 2019-11-21 01:01 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-17 11:13 - 2020-06-23 21:09 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-17 11:13 - 2020-06-23 21:09 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-16 22:19 - 2017-07-15 20:02 - 000013891 ____C C:\Users\indre\Documents\Indy's Finances.xlsx
2022-09-16 17:24 - 2021-02-20 16:19 - 000000000 ___DC C:\Users\indre\Desktop\Work Stuff
2022-09-16 16:47 - 2016-09-17 01:49 - 000000000 ___DC C:\Users\indre\Documents\Funny stuff
2022-09-16 15:13 - 2022-06-05 12:16 - 000000000 ____D C:\Program Files (x86)\IDriveWindows
2022-09-16 11:39 - 2016-08-09 19:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-09-15 08:21 - 2019-07-12 12:14 - 000000000 ____D C:\Program Files (x86)\Western Digital
2022-09-15 08:21 - 2016-08-09 19:33 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-15 08:20 - 2021-03-02 03:06 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-09-15 08:18 - 2017-05-21 14:10 - 000000000 ____D C:\Program Files\Intel
2022-09-14 00:44 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 00:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-13 17:05 - 2016-09-12 20:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 17:00 - 2016-09-12 20:20 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-11 23:56 - 2022-08-01 10:22 - 000000000 ____D C:\Users\indre\AppData\Roaming\com.adobe.dunamis
2022-09-11 19:07 - 2021-03-10 10:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-11 19:07 - 2016-09-16 22:23 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-09-10 11:23 - 2022-02-21 19:39 - 000000000 ___DC C:\Users\indre\Desktop\Lingoda
2022-09-10 10:25 - 2021-03-02 03:16 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-09-10 10:25 - 2021-03-02 03:16 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-08 22:48 - 2021-03-10 10:52 - 000000000 ____D C:\Users\indre
2022-09-05 15:30 - 2019-07-06 12:57 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-09-05 15:27 - 2019-07-06 12:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-09-05 15:27 - 2019-04-21 20:37 - 000000000 ___DC C:\Users\indre\AppData\Local\Plex Media Server
2022-09-03 23:02 - 2022-02-08 00:12 - 000000000 ____D C:\Users\indre\AppData\Local\Amazon Music
2022-09-02 06:22 - 2022-02-08 00:12 - 000001261 ____C C:\Users\indre\Desktop\Amazon Music.lnk
2022-09-01 17:38 - 2021-09-21 16:08 - 000000000 ___DC C:\Users\indre\Documents\Outlook Files
2022-08-30 12:44 - 2019-07-06 12:59 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-08-30 02:14 - 2019-07-12 12:50 - 000000000 ____D C:\Program Files\WD Desktop App
2022-08-30 02:13 - 2021-03-10 10:59 - 000003236 _____ C:\WINDOWS\system32\Tasks\WD Discovery Service Task indre
2022-08-30 02:13 - 2021-03-10 10:59 - 000003172 _____ C:\WINDOWS\system32\Tasks\WD Device Agent Task indre
2022-08-26 17:26 - 2022-04-05 20:23 - 000000000 ____D C:\Program Files\dotnet
2022-08-26 13:27 - 2021-02-11 18:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Intune Management Extension
2022-08-25 21:54 - 2021-03-02 03:06 - 000000000 ____D C:\Program Files\Adobe
2022-08-23 02:53 - 2021-03-10 10:59 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-22 05:37 - 2022-07-02 16:39 - 000001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk

==================== Files in the root of some directories ========

2021-01-05 14:41 - 2021-01-05 14:41 - 000000171 _____ () C:\Users\indre\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2021-01-08 11:47 - 2021-01-08 11:47 - 000003584 _____ () C:\Users\indre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-03-02 03:22 - 2021-03-02 03:22 - 000000000 _____ () C:\Users\indre\AppData\Local\oobelibMkey.log
2018-11-19 21:23 - 2018-11-19 21:23 - 000000017 ____C () C:\Users\indre\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Addition Log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by indre (21-09-2022 20:55:29)
Running from C:\Users\indre\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2075 (X64) (2021-03-10 14:59:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1593158232-969496310-2340663774-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1593158232-969496310-2340663774-503 - Limited - Disabled)
Guest (S-1-5-21-1593158232-969496310-2340663774-501 - Limited - Disabled)
indre (S-1-5-21-1593158232-969496310-2340663774-1001 - Administrator - Enabled) => C:\Users\indre
WDAGUtilityAccount (S-1-5-21-1593158232-969496310-2340663774-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 22.002.20212 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.002.20212 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.8.0.592 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601013}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\Amazon Amazon Music) (Version: 9.2.1.2362 - Amazon.com Services LLC)
Angry Birds (HKLM-x32\...\{2F7D5734-056F-4A0A-A1C7-CA1AAE5BB1EB}) (Version: 1.6.3.1 - Rovio)
ANT Drivers Installer x64 (HKLM\...\{A071AD95-7C51-4DAF-8EDE-9F4177B7E461}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E}) (Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
BBCiPlayerDownloads (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\bbciplayerdownloads) (Version: 2.13.8 - British Broadcasting Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BurnAware Free 12.8 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CutePDF Form Filler 3.6 (Evaluation) (HKLM-x32\...\CutePDF Form Filler (Evaluation)_is1) (Version:  - Acro Software Inc.)
CyberLink Media Suite 12 (HKLM-x32\...\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}) (Version: 12.2.0324.52004 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7027 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5201 - CyberLink Corp.) Hidden
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2826.0 - CyberLink Corp.) Hidden
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.2.0 - Dell Inc.)
Dell Data Protection | Client Security Framework (HKLM\...\{FAE38E46-ECB2-44EA-A52B-6955AA6B1B3A}) (Version: 8.10.0.39 - Dell, Inc.)
Dell Data Protection | Security Tools (HKLM-x32\...\{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.10.0.34 - Dell, Inc.) Hidden
Dell Data Protection | Security Tools (HKLM-x32\...\InstallShield_{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.10.0.34 - Dell, Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{4F8A3BC3-641C-4B0D-AF46-EA3354016EA7}) (Version: 3.11.4.29 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
DELLOSD (HKLM-x32\...\{BED3193A-897B-47F6-AEDC-45D147122957}) (Version: 1.0.0.0 - DELL)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
Elevated Installer (HKLM-x32\...\{227800FE-F7F3-4D26-8747-B6310897C027}) (Version: 6.16.0.0 - Garmin Ltd or its subsidiaries) Hidden
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Garmin Express (HKLM-x32\...\{15948BCE-93A0-4A0E-B5D5-8835A9910B0F}) (Version: 6.16.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{efd0980b-3809-4ebf-bc23-b9f085da971a}) (Version: 6.16.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.18.34.21 - HP Inc.)
IDrive version 6.7.4.28 (HKLM-x32\...\IDrive_is1) (Version: 6.7.4.28 - Pro Softnet Corp)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Chipset Device Software (HKLM\...\{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}) (Version: 10.1.1.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Network Connections 20.3.300.1 (HKLM\...\{2CC91F8D-A76E-4528-92C3-63F87D3E5D00}) (Version: 20.3.300.1 - Intel) Hidden
Intel® Network Connections 20.3.300.1 (HKLM\...\PROSetDX) (Version: 20.3.300.1 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7263 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{8B93CAC3-6008-4C17-9FB0-B4F6F90FF316}) (Version: 17.2.0.1009 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{A6961DC0-8F0E-4593-B336-FD3E7F27999C}) (Version: 16.8.4.1011 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5a64c890-83f9-4399-b0c9-5e9a80890fdd}) (Version: 21.40.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{68A981A0-ED59-41E0-B45E-7A78F643120D}) (Version: 21.40.1.3406 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IQmango DVD Ripper 4.5.4 (HKLM-x32\...\{86036AD1-2F62-4FC0-B83A-C6C9B1956DA6}_is1) (Version: 4.5.4 - cyan soft ltd)
iTunes (HKLM\...\{E42D1B4D-78C2-4144-8E4D-FA82C53B68A4}) (Version: 12.12.5.8 - Apple Inc.)
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\{8EA4CE61-2D79-40AE-BB6B-F241A53B5656}) (Version: 10.1.0.360 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{8EA4CE61-2D79-40AE-BB6B-F241A53B5656}) (Version: 10.1.0.360 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{820D9D71-B118-35C7-B5C5-D0D099BFB7E2}) (Version: 21.7.7.393 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{820D9D71-B118-35C7-B5C5-D0D099BFB7E2}) (Version: 21.7.7.393 - Kaspersky)
LaserJet 1020 series (HKLM-x32\...\HP-LaserJet 1020 series) (Version:  - )
Logitech Unifying Software 2.52 (HKLM\...\Logitech Unifying) (Version: 2.52.33 - Logitech)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM-x32\...\{df65a075-27e0-4afc-baea-ecaadef7b85c}) (Version: 6.0.8.31513 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Famille et Petite Entreprise 2016 - fr-fr (HKLM\...\HomeBusinessRetail - fr-fr) (Version: 16.0.15601.20148 - Microsoft Corporation)
Microsoft Office Hogar y Empresas 2016 - es-es (HKLM\...\HomeBusinessRetail - es-es) (Version: 16.0.15601.20148 - Microsoft Corporation)
Microsoft Office Home and Business 2016 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 16.0.15601.20148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\OneDriveSetup.exe) (Version: 22.181.0828.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 105.0 (x64 en-US)) (Version: 105.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{3514220a-de26-4b4c-bb10-666544ecbc02}) (Version:  - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.73 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.0.15.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Plex (HKLM-x32\...\Plex) (Version: 1.8.2 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{1DA14DB5-1E2D-4508-B0D6-A9B73CAD069A}) (Version: 1.19.5112 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{4c1641fa-1324-437a-926a-8926e456a904}) (Version: 1.19.5.3112 - Plex, Inc.)
Pretty Good Solitaire version 12.4.0 (HKLM-x32\...\Pretty Good Solitaire_is1) (Version: 12.4.0 - Goodsol Development Inc.)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Security Innovation TSS (HKLM\...\{0C11FE22-53F2-4C9B-9E79-824B10D0976E}) (Version: 2.1.42 - Security Innovation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Stopping Plex (HKLM-x32\...\{5F0F3F66-E47A-462C-90D5-345917DACD3C}) (Version: 1.19.5112 - Plex, Inc.) Hidden
TeamViewer (HKLM\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD Backup (HKLM-x32\...\{2d518703-86c4-46c8-99c1-f3789dd3ecd0}) (Version: 1.9.7435.38388 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{5491B486-8812-4202-AB8C-865AB636ACF0}) (Version: 1.9.7435.38388 - Western Digital Technologies, Inc) Hidden
WD Desktop App 2.1.0.329 (HKLM-x32\...\{0ae8a965-eef9-4710-8f82-6a6051bfbb72}) (Version: 2.1.0.329 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.329 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.329 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.3.385 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{1DFE86C7-1DD2-4843-963F-E0145CE007E1}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{9254284c-bbea-4d1a-8eb1-e0314ae75b0e}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{3014bd63-c388-4f5c-8fb5-d45d99b75f0e}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD Security (HKLM-x32\...\{a27f2c1a-95e0-4913-86ae-22e999f5e37d}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A5310C34-ABA7-47BA-89A7-2CE2917BA9D6}) (Version: 2.1.0.115 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (08/10/2017 15.7.5.1025) (HKLM\...\FF1B55CEF8D39B696D1F5DF141ACFA7A5D1F2743) (Version: 08/10/2017 15.7.5.1025 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter  (08/10/2017 15.7.5.1025) (HKLM\...\6D773A6E21B2A480569157737F58E8FF7DC6608A) (Version: 08/10/2017 15.7.5.1025 - Intel Corporation)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\ZoomUMX) (Version: 5.11.1 (6602) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-03-02] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
Colors of the Rainbow -> C:\Program Files\WindowsApps\Microsoft.ColorsoftheRainbow_1.0.0.0_neutral__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation)
CyberLink Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.CyberLinkMediaSuiteEssentials_1.0.10.0_x86__mcezb6ze687jp [2018-03-13] (CYBERLINK CORPORATION.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.11.20.0_x64__htrsf667h5kn2 [2022-06-28] (Dell Inc)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe [2022-02-17] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.6090.0_x64__8wekyb3d8bbwe [2022-07-21] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-10-07] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-08-30] (Adobe Systems Incorporated)
The Backgammon -> C:\Program Files\WindowsApps\6918E89D.TheBackgammon_1.2.10.0_x64__66n08swfvvka0 [2020-12-19] (UNBALANCE corp.) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-EBC3F2259B82} -> [Creative Cloud Files] => C:\Users\indre\Creative Cloud Files [2022-09-08 22:48]
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{115AF810-A46A-4043-AABB-5A8536D300D3}\InprocServer32 -> C:\Program Files\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll (Helios Software Solutions Ltd -> )
CustomCLSID: HKU\S-1-5-21-1593158232-969496310-2340663774-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [           WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [          0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-09-09] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [          0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-09-09] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [          0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-09-09] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2021-05-21] () [File not signed] [File is in use]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-09-09] () [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {829157bc-9784-383a-94c4-ce328ec21648} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-09-09] () [File not signed]
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2021-05-21] () [File not signed] [File is in use]
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-09-09] () [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {829157bc-9784-383a-94c4-ce328ec21648} => C:\Program Files\WD Desktop App\kda.DLL [2022-08-18] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxDTCM.dll [2020-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2022-02-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1_S-1-5-21-1593158232-969496310-2340663774-1001: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => C:\Program Files\TextPad 8\System\ShellExt64.dll [2016-02-28] (Helios Software Solutions Ltd -> )

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-05 12:16 - 2022-09-09 00:11 - 005034496 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2022-08-30 02:13 - 2022-08-30 02:13 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2022-08-30 02:13 - 2022-08-30 02:13 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2022-08-30 02:13 - 2022-08-30 02:13 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2021-07-26 02:54 - 2021-07-26 02:54 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2021-04-26 13:12 - 2021-04-26 13:12 - 000192000 _____ (Andrew Arnott) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\Nerdbank.Streams.dll
2022-06-21 15:40 - 2022-06-21 15:40 - 000129024 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DiagsHelper.dll
2022-06-21 15:41 - 2022-06-21 15:41 - 000031744 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.AutoUpdateUtilities.dll
2022-06-21 15:40 - 2022-06-21 15:40 - 000012288 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DownloadManager.dll
2022-06-21 15:41 - 2022-06-21 15:41 - 000012800 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DriverProcessor.dll
2022-06-21 15:43 - 2022-06-21 15:43 - 000012288 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.WebServiceInfrastructure.dll
2022-02-08 00:12 - 2020-04-02 12:15 - 002266624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\indre\AppData\Local\Amazon Music\QtCore4.dll
2022-02-08 00:12 - 2020-04-02 12:25 - 006267392 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\indre\AppData\Local\Amazon Music\QtGui4.dll
2022-02-08 00:12 - 2020-04-02 12:16 - 000802816 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\indre\AppData\Local\Amazon Music\QtNetwork4.dll
2021-05-21 15:43 - 2021-05-21 15:43 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2022-02-20 06:42 - 2022-02-20 06:42 - 004451328 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\NHibernate.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 000874496 _____ (Pro-Softnet Corporation, U.S.A) [File not signed] C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll
2022-06-05 12:16 - 2022-09-09 00:11 - 001663488 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\IDriveWindows\SQLite.Interop.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1593158232-969496310-2340663774-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> DefaultScope {97FF47F7-FF6D-4CCE-B19F-284086150FBF} URL =
SearchScopes: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> {97FF47F7-FF6D-4CCE-B19F-284086150FBF} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2}' -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {5F3C2DA0-75C3-4F79-B70F-ADB47AD8D0E2}' -> No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Filler Evaluation\CPFillerCoE.dll [2014-03-27] (Acro Software Inc. -> Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  No File
Toolbar: HKU\S-1-5-21-1593158232-969496310-2340663774-1001 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  No File
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://meetny.webex.com/client/WBXclient-T30L10NSP6EP6-20000/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2019-01-10 23:55 - 000002507 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\indre\Pictures\My Pictures\New Panthers 061619\new babies (2).JPG
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1593158232-969496310-2340663774-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C620C6DC-9A72-4BF1-B267-DB7AE08A3DD0}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{6BC7D328-6FE1-4391-822C-7CD587FF3C47}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{362AE850-004B-4E3D-A1F0-63C9D9DE46A0}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{EC993133-439F-45E9-9CED-18A966CB5D03}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{F26FF42A-FABC-4237-AF27-9A74BAD6E0C7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B71B19F6-E012-4D87-BC64-170CDB9AE748}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FF6FAF1B-3C9B-4453-9D51-82A62172D810}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A551C3A-B926-43D8-9A75-06A3CEEB5AAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{AD297B5D-2C9A-4E26-9193-5DEFE2B8D5DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{6CC73312-41C6-4002-A0B0-4F73A84DBE2F}] => (Allow) LPort=8888
FirewallRules: [{277A97E1-8E11-4C68-985D-B7CC9AFC4A42}] => (Allow) LPort=8888
FirewallRules: [{B768845C-68FA-4F5D-8CB0-8915F5518FBE}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{FE7FEA92-FE61-4E07-AB28-B07698433507}] => (Allow) LPort=8889
FirewallRules: [{DED84BE3-3BD6-4E0D-A420-B30E49FC626F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{56381F91-7873-4CEA-8ABE-E10213107A2E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D9EE57A0-5523-4DA8-9EC9-6CBF39C32A11}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [UDP Query User{197FA23F-71D6-465A-83BB-23D60DC347BE}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [TCP Query User{79063D85-DE36-4C34-B5E6-783F52C6F06C}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe (Digiarty Software, Inc. -> )
FirewallRules: [UDP Query User{3914E5C9-71B6-4184-8EA6-A15B1071F3C4}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe (Digiarty Software, Inc. -> )
FirewallRules: [{ED8636A9-B3C5-4BC8-B266-C93C0B01F6C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64D73266-73FE-4F51-B801-33D712966109}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3E19432F-99CA-4E4E-A82C-5C37780343A0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{786AB687-DB7D-49D3-9014-3C63076A3EBA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E4CD8501-48A9-4B64-9EA2-E666F51D49C7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{15DAFF22-B96C-45D9-A3E4-5744AEC15E70}] => (Allow) C:\Users\indre\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EFC3F55B-34D2-4129-B3C2-279C84877515}] => (Allow) C:\Users\indre\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4168DDF1-1D2A-45E6-8F11-795F91217C74}] => (Allow) C:\Users\indre\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{73B43B08-0778-4694-A364-39426B481EC9}] => (Allow) C:\Program Files (x86)\Sidify\Sidify Apple Music Converter Free\Sidify Apple Music Converter Free.exe.exe => No File
FirewallRules: [{95574978-ECB0-4573-B108-064973B3DB5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{70D9CBF8-3A70-4B0B-85CD-8F9E7BB76335}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55FAA614-9866-4BFE-9FEC-394F0ADF9873}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{362225BF-9BD0-4D18-B255-6625D9FFC79F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3469E87-93E4-4C30-9500-64C84FF3627A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA607599-92CC-4101-824E-9F0DC5ACEA7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D95E075C-D7C7-46C3-85B0-0979AD6968DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{636885FE-56DD-4363-A755-C33E15FA68F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03C27E0F-D81E-4D7A-A2F4-A8D10A329C63}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB64EA8E-60D5-47A9-AFF5-A60FFD5146F8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9385E613-7436-4EF9-8AA3-E829F36C0A45}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

20-09-2022 20:09:58 Windows Modules Installer

==================== Faulty Device Manager Devices ============

Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Kaspersky VPN
Description: Kaspersky VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky VPN Provider
Service: kltun
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================

System errors:
=============
Error: (09/21/2022 08:53:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-EL88UDV)
Description: DCOM got error "2" attempting to start the service LMS with arguments "Unavailable" in order to run the server:
{80C25488-192B-4DE2-8150-5B2D2A2F835E}

Error: (09/21/2022 08:53:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/21/2022 08:49:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/21/2022 08:41:35 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-EL88UDV)
Description: DCOM got error "2" attempting to start the service LMS with arguments "Unavailable" in order to run the server:
{80C25488-192B-4DE2-8150-5B2D2A2F835E}

Error: (09/21/2022 08:41:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/21/2022 08:37:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.


CodeIntegrity:
===============
Date: 2022-09-21 20:51:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.12.2 03/04/2020
Motherboard: Dell Inc. 0X2MKR
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 91%
Total physical RAM: 7888.79 MB
Available physical RAM: 642.69 MB
Total Virtual: 16080.79 MB
Available Virtual: 7554.46 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:224.66 GB) (Free:77.28 GB) (Model: THNSN5256GPU7 NVMe TOSHIBA 256GB) NTFS
Drive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1720.41 GB) (Model: WD My Passport 25E1 USB Device) NTFS

\\?\Volume{9418ee22-8e7f-4668-b204-a94b09d00e55}\ () (Fixed) (Total:0.51 GB) (Free:0.06 GB) NTFS
\\?\Volume{616afac5-ee60-493d-8f6b-5152f9f29468}\ (Image) (Fixed) (Total:12.69 GB) (Free:0.63 GB) NTFS
\\?\Volume{dbd7410f-196c-49b5-bb90-bbf877a175c2}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4FCEFFCB)

Partition: GPT.

==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 93BB7254)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

 

I'll wait for your next instruction!

Thank you!!


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
Found something that time:

========= tracert -d google.com =========
 
 
Tracing route to google.com [142.250.80.46]
over a maximum of 30 hops:
 
  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     2 ms     3 ms     2 ms  142.250.80.46
 
Trace complete.

 

 

Normally when you do a traceroute it show you how the packets get from your PC to the destination and gives you a list of different routers that pass the packet along.  I am in Florida so the packets have to pass through a bunch of routers before getting to google.com which is located in Mountain View CA.  

Tracing route to google.com [142.251.35.238]
over a maximum of 30 hops:
 
  1     2 ms     2 ms     3 ms  192.168.68.1
  2     4 ms     4 ms     3 ms  192.168.0.1
  3    32 ms    24 ms    28 ms  66.174.39.85
  4     *        *       33 ms  69.83.39.48
  5     *        *        *     Request timed out.
  6    53 ms    27 ms    28 ms  69.83.39.114
  7     *        *        *     Request timed out.
  8    56 ms    23 ms    22 ms  69.83.43.46
  9    73 ms    23 ms    25 ms  69.83.43.6
 10    45 ms    43 ms    22 ms  69.83.43.7
 11    44 ms    28 ms    31 ms  140.222.236.55
 12    34 ms    28 ms    28 ms  204.148.85.230
 13    50 ms    28 ms    34 ms  209.85.253.117
 14    46 ms    30 ms    32 ms  142.251.66.77
 15    59 ms    33 ms    44 ms  142.251.35.238
 
Trace complete.

 

 

I don't know where you are but unless you are camped out in the parking lot of Google in Mountain View and using their WiFi I don't know how you can get to the real google.com in only 2 hops.  The first entry is your own router and the second says we are there.  No way that's true.  Do you have a separate proxy appliance?  Some businesses will have a separate box that stores website info for websites that are often visited.  These will pretend to be the actual website.  This is supposed to speed up your connection but I think it's mostly a leftover from early days when the internet was much slower.  Unlikely that you would have one at home but perhaps your ISP might have one online to reduce traffic. 

 

Have you tried going to google.com with your Edge browser?  Does that work?

 

How many hops do you get if you type:

 

tracert -d f1.com

into a Admin Command Prompt

 

How many for

tracert -d yahoo.com

 

Can you log on to your own router or do you have to get your ISP to do that?  Do you have a separate router and modem/cable box?  How do you connect?  What company provides your Internet connection?  If you have a separate modem it might be worth unplugging it for 10 seconds then start it back up.  It may have just gotten messed up and restarting it might clear up the problem.

 

Normally the login info is on a sticker on the router if you got it from you internet provider.  (Just open a browser and go to 192.168.1.1. It should ask you for a logon and password.  If it's your own router tell me the make and model number and I can find the default login/password for it.)  

 

What we are looking for is a route to 142.250.80.46

 

Trying to figure out who it talks to.  You will probably need to give me the make and model so I can look up how to check the routing.


  • 0

#23
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

Some of this is a bit over my head, but I will do my best to answer. (If I get something wrong, please explain--I do not have anything approaching your level of expertise!)

So, I live in Manhattan and use Verizon FIOS as my Internet provider.

Not sure whether I have a proxy appliance (or what that is). I just have a router and that's it.

I work from home for an entity in California. When I log into Office, I enter my work email, which is then authenticated--and then I can access all my shared work files. I should be using the laptop they gave me, but it's too small and I do too much data crunching. Plus, my desktop is a Dell Business All-in-One PC, so I can't hook up the laptop they gave me to my main computer. (I have another monitor that I use with my main All-in-One desktop.) I'm very careful about keeping the two separate. Would my computer be using an online ISP to get to my worksite? (Sorry for all the dumb questions.)

Yes, I can reach google.com via Edge. It looks like I'm signed into Google there and can access all my gmail accounts, calendar, etc.
 

You asked: How many hops do you get if you type:

tracert -d f1.com

into a Admin Command Prompt

I get this:
Microsoft Windows [Version 10.0.19044.2075]
© Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>tracert -d f1.com

Tracing route to f1.com [67.199.248.12]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     3 ms     4 ms     4 ms  67.199.248.12

Trace complete.


You asked:

How many for

tracert -d yahoo.com
I get this:
 

 

C:\WINDOWS\system32>tracert -d yahoo.com

Tracing route to yahoo.com [74.6.143.26]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     4 ms     3 ms     5 ms  74.6.143.26

Trace complete.


You asked the following:

> Can you log on to your own router or do you have to get your ISP to do that? Sorry, not sure what this means. I have a router/modem. I turn on my computer, and I'm automatically connected. Could you please explain? (Sorry for not understanding!)

> Do you have a separate router and modem/cable box?  How do you connect?  What company provides your Internet connection? I have a router/modem (if I'm not mistaken). I get my internet service via Verizon FIOS. I connect by just turning on my computer. (Sorry, could you please explain? I don't think I am answering these questions very well.)

> If you have a separate modem it might be worth unplugging it for 10 seconds then start it back up.  It may have just gotten messed up and restarting it might clear up the problem. Shall I go ahead and so this? I'd be happy to try.

> Normally the login info is on a sticker on the router if you got it from you internet provider. (Just open a browser and go to 192.168.1.1. It should ask you for a logon and password.  If it's your own router tell me the make and model number and I can find the default login/password for it.) Yes, I see that sticker. The router/modem is a FIOS one. The model number is FiOS-G1100. There are all sorts of numbers and codes and passwords--I just use the one for Wifi. Is there anything else you need regarding this router?

Please let me know what else you need! Thank you!!!


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP

OK.  Looks like I was barking up the wrong tree.  Never worked with fiber but apparently it doesn't follow the usual rules.  The fact that f1.com and yahoo.com all use only one hop means that's normal on fiber.

 

Let's try something different.

 

Try clearing the cache in Chrome:

 

https://support.goog...latform=Desktop

 

If that doesn't help then try  moving the profile files to another location:

 

Close Chrome

Press "Windows-R," type or paste

"%LOCALAPPDATA%\Google\Chrome\User Data\" 

Select the Default folder and right click on it and Cut then move to your desktop and Ctrl + v

 

Repeat for Guest Profile and System Profile

 

Bring up Chrome.  It will create new profiles without any user modifications.  Perhaps something in the profile caused the problem.  Apparently these were not removed when we uninstalled and reinstalled Chrome.


  • 0

#25
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

Clearing the cache did not work. So I followed your next step. It told me I could create a new profile etc., but when I went to sign on to sync, no Internet. Skipped syncing and just tried to open NY Times--no internet.

And now all my bookmarks are gone, many of which I needed for work etc. etc. etc. This is becoming a horror show. (Obviously not your fault! You've been wonderful and extraordinarily generous.)

I just do not understand why internet cannot be accessed via Chrome. I've lost two days of work and I'm beginning to despair.

A good friend, who is also a computer expert like you, suggested that I may have been the victim of a Microsoft push update that I didn't even know happened.

Some other questions: I don't understand most of those data logs I sent you, but some of my Kaspersky (e.g. the VPN) is not working (although the fundamental security stuff is working), and I see error messages.

And the thing that got me started on this was post was Nord VPN: it just won't let me log in. It keeps saying that there's an authentication error. (Nord VPN usually just starts when I turn on my computer.) I think Nord VPN needs Chrome.

Is there anything else we could possibly try?

Also, a side question: when I log onto Office.com with my work email and authenticate, I can access everything but Teams. Teams just goes in this weird loop. Apparently it's a common problem. It never happened in Chrome but it's happening in Edge and in Firefox. I tried this fix and it doesn't work: https://learn.micros...in/sign-in-loop

Thank you again for your kind patience.

Incidentally, I know that we can't get Nord VPN to sign in, but would you be able to help me restore my Kaspersky VPN? I need VPN for a website I want to visit later.


  • 0

Advertisements


#26
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

I just tried to reinstall Kaspersky VPN, but it won't let me. Everything runs through Chrome.


  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP

OK.  We can undo the profile stuff.  Close Chrome

Windows Key + r and paste in 

"%LOCALAPPDATA%\Google\Chrome\User Data\" 
 
 
 
Now go to your desktop select the Default folder and Copy it (Ctrl + c) now go to the User Data folder and paste (Ctrl + v) Let it overwrite any like named files.
 
As far as your VPN goes, Settings, Network & Internet, Proxy, turn on Automatically detect settings was this off or on before?  Put it back the way it was.  Default is On.
Other suggestions:
 
You might try uninstalling Nord VPN using Repo with the advanced scan like we tried on Chrome and download a new copy and install it.  I assume you have a record of any licenses or password you need for it.
 
I have another friend in Australia whose Nord VPN recently stopped working.  He had to get their tech support involved to make it work again.  Oddly enough he lost Edge (which he was using at the time)  at the same time but Chrome (which he wasn't using) still worked.
I wonder if losing Nord took out Chrome.  Usually a VPN will block you from going to the Internet without going through the VPN.  Not sure exactly how they do that.
Perhaps uninstalling Nord might help.
 
Bedtime for me.

  • 0

#28
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

Have a good night and hopefully you'll still be able to work with me tomorrow. Thank you for all you do!


  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP

I'm back.  Only sleep 5 hours at night which is why I need the nap.  

 

Found a recent fix for your problem.  The example is in German but I would think that the forms are laid out the same in English.

 

https://technical-ti...ike-google-7885

 

If that doesn't work:

 

There is a portable version of Chrome.  Let's see if it works:

 

https://portableapps...chrome_portable

 

Just click on Download from SourceForge.

 

Then once it downloads, open it.  It will ask you a few questions then when you get the Finish page, check the option to run Chrome Portable before hitting Finish.

 

There is an old fix for Chrome not connecting.  It's related to a program you don't have but perhaps Kaspersky is making the same mistake:

 

https://superuser.co...to-the-internet

 

So you don't have to edit the registry yourself I have created a .reg file which will do it for you.  

Close Chrome first.  Make sure that it is not running in the background.  Restoring the Default folder should have set the continue to run in the background option but best to make sure.

 

Download the attached chromefix file

Attached File  chromefix.reg   244bytes   95 downloads

and save it then go to the download folder and right click and Merge.  Ignore the warning.

 

Open Chrome and test.  If it doesn't help download chromeunfix file

 

and repeat the above.

Attached Files


  • 0

#30
IndyBlue

IndyBlue

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 138 posts

I was just about to write you--it seems that the below issue is a major issue for Chrome users. I tried every solution offered online but nothing worked. But I see that you kindly sent me some other things to try. I will do all the things you posted above and report back.

THANK YOU!!! 

Attached Thumbnails

  • ERR CONN RESET.JPG

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP