Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Likely infection - google search redirects


  • Please log in to reply

#1
koupernikus

koupernikus

    Member

  • Member
  • PipPip
  • 15 posts

Hello and thanks for any assistance provided. Let one of my kids play on the PC for a bit, he tried to install some games from a shady AF website and... now whenever I try a web search it'll redirect through yahoo instead of google (full redirect after loading google's search, google is selected as default search engine.) I've ran malwarebytes and tried clearing out my cache so now I come to you. 


 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by olyti (administrator) on MSI (Micro-Star International Co., Ltd. GS66 Stealth 10SF) (20-10-2022 08:49:29)
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Platform: Microsoft Windows 11 Home Version 22H2 22621.674 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe.old
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\AudioVisualizer\ChromaVisualizer.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe <13>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe
(C:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22AD.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe <7>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <30>
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Rivet Networks LLC) C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\KillerIntelligenceCenter.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_af5df92252aaf9f0\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2>
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.59.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_12.93.6001.0_x64__8wekyb3d8bbwe\XboxIdp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Microsoft) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteamsupdate.exe <2>
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5987456 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12844920 2022-09-28] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0527Helper] => C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\Installer\setup.exe [3350952 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Steam] => C:\Steam\steam.exe [4234088 2022-10-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Norton Download Manager{NS-22211151-SHPD-FSD5250006}] => C:\Users\Public\Downloads\Norton\{NS-22211151-SHPD-FSD5250006}\FSDUI_Custom.exe /m /WIN10_UPGRADE "C:\Users\olyti\AppData\Local\Temp\{ACB18532-3DE2-46CE-A1B8-C0316BEC9FBE}\Upgrade.exe" /m (No File) <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [MicrosoftEdgeAutoLaunch_D30A67E0D8865ABC16D6E6E5594A3C48] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [streamlink-twitch-gui] => C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe [2081280 2022-03-13] (The NW.js Community) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Entertainment] => C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe [134353921 2022-06-13] (Entertainment application) [File not signed] <==== ATTENTION
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {020C20C7-2254-47D5-A072-F8FE77A24974} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-06] (Microsoft Windows -> )
Task: {0E9D6F75-D3E3-4A66-8FEB-59EA5D8325E2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0EEC08EA-88A4-40D2-8E51-AC372FF12112} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1253720C-DF1D-432E-ABD5-CFE8542EAA00} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {13874124-0973-4636-B069-E2BAA300845A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {332C2166-38E7-4D16-A828-28B1818915FA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {35FA916E-7995-450D-B2C8-090E02EECB1C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {430E7B8B-5FCB-4C60-9789-B53FEA9C9A8C} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4A8F1B73-807F-45ED-BF66-8E221CA739ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6167BAC4-E8B3-4DA1-A97F-6629760B8002} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6302DFFD-9EE6-4930-9056-A1600F5206C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6492DE10-4013-4F02-8761-90E2A67A04BB} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {666CBBC0-DB4C-4B55-8F77-FD1413619CD1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {671E75F8-BC4B-4DF2-9696-1ED894C53FAC} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {69831915-6808-4DA2-B48E-CF5230B79EDB} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {6A8390B8-0C1B-4D4E-91D2-80AF5891C6C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6B7A010A-D145-45AC-A1B5-34E8A388CB0B} - System32\Tasks\Opera scheduled Autoupdate 1665787781 => C:\Users\olyti\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-09-27] (Opera Norway AS -> Opera Software)
Task: {7914F9BC-5FEF-4C7D-BCAB-55116D9B913A} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [544680 2021-10-14] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7E1654C6-EA21-4EC5-954D-35CD36E14424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8537E0BE-6A73-4A8B-AF75-4F9C87C59A29} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {85CF76D8-EB28-443F-A805-99ADFBEC3DD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {886ADADB-53C3-44CA-8895-76EDA48A3425} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {90982FFD-B73C-49D1-88A2-722F5046B968} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {975E17ED-32FC-48CB-94F8-D40BBC515AE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {9A6C2161-FEE5-4926-B363-24A961D4F0E9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCCF0B3-E1BB-49C3-BF78-E6F7FCA4CC8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9D567404-1F70-450D-9AB8-0B250A8C8570} - System32\Tasks\OneDC_Updater => C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5311400 2021-04-16] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {BE122147-85C1-492C-8636-25F9346B1F98} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C5BB144B-621E-4315-A555-72D2E9F83CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C8549770-3EA9-4ACE-90B5-9E317EE82781} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D4497137-A762-4AF4-9D49-51E270D48401} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {DFFE6C06-8C5A-4DDF-B2CB-59A3FF912E85} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EC102570-8047-4AC3-A02D-996FAD6CF3D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EC6B4537-41C9-4C5F-858D-7B8E808E47C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EDE4AD87-F00E-48EB-A867-31D2962F6879} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [217088 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {FFF8C01D-6F55-4323-A7AE-A11329AB4585} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72c79358-0494-433e-98e3-d5ca75fe66db}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf5b0e02-27bd-40f0-99ea-fad733c4282f}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-20]
Edge Notifications: Default -> hxxps://app.slack.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=NMTE
Edge Session Restore: Default -> is enabled.
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-10-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-09-29]
Edge Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-09-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default [2021-09-02]
CHR Extension: (Slides) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-27]
CHR Extension: (Docs) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-27]
CHR Extension: (Google Drive) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-27]
CHR Extension: (YouTube) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-27]
CHR Extension: (Sheets) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-27]
CHR Extension: (Gmail) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-27]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-20]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-02]
CHR HomePage: Profile 1 -> hxxps://www.reddit.com/
CHR Extension: (Slides) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-02]
CHR Extension: (Docs) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-02]
CHR Extension: (Google Drive) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-02]
CHR Extension: (YouTube) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-02]
CHR Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-09-02]
CHR Extension: (Sheets) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-02]
CHR Extension: (Cisco Webex Extension) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-09-02]
CHR Extension: (Grammarly for Chrome) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-09-02]
CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-02]
CHR Extension: (Gmail) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-02]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-20]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Opera: 
=======
OPR Profile: C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable [2022-10-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-14]
OPR Extension: (Opera Wallet) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-14]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9856600 2022-10-18] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610472 2022-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [588264 2021-11-11] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncHelper.exe [3383704 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [74048 2022-03-30] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2432832 2022-03-30] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2893136 2022-03-30] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73528 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [74064 2022-03-30] (Intel Corporation -> Intel® Corporation)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [168056 2019-05-07] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [87976 2021-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [207488 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\OneDriveUpdaterService.exe [3804040 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-26] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-18] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-09-28] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 THXService; C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [234792 2022-01-19] (Tobii AB -> Tobii AB)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S2 cphs; %SystemRoot%\System32\IntelCpHeciSvc.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-06] (Microsoft Corporation) [File not signed]
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2021-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [185536 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-11] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl7ffd2702; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B04055D-C8AA-44D7-8A14-813231C871E6}\MpKslDrv.sys [228632 2022-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43936 2022-07-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
S3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-06] (Microsoft Windows -> Realtek Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008f; C:\WINDOWS\System32\drivers\RzDev_008f.sys [63216 2022-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0241; C:\WINDOWS\System32\drivers\RzDev_0241.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0290; C:\WINDOWS\System32\drivers\RzDev_0290.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0292; C:\WINDOWS\System32\drivers\RzDev_0292.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0527; C:\WINDOWS\System32\drivers\RzDev_0527.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2021-04-14] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [37280 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_5f23057de8eba7db\SteelSeries-Sonar-VAD.sys [92856 2022-09-21] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R3 sTHXVAD; C:\WINDOWS\System32\drivers\THXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-20 08:49 - 2022-10-20 08:49 - 000000000 ____D C:\FRST
2022-10-20 08:37 - 2022-10-20 08:37 - 000000000 ____D C:\Users\olyti\AppData\Local\chrome_accessibility
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Faerin Games
2022-10-18 21:38 - 2022-10-18 21:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Soda Pop Minatures and Underbite Games
2022-10-18 15:34 - 2022-10-18 15:35 - 000000000 ____D C:\ProgramData\HP
2022-10-18 07:23 - 2022-10-18 07:23 - 000000000 ____D C:\Users\olyti\AppData\Local\Entertainment
2022-10-18 07:23 - 2022-06-13 02:52 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Entertainment
2022-10-16 13:52 - 2022-10-16 13:52 - 000000000 ____D C:\Users\olyti\AppData\Local\devil bartender
2022-10-15 23:13 - 2022-10-15 23:14 - 000000000 ____D C:\Users\olyti\AppData\Local\ASTLIBRA
2022-10-15 23:07 - 2022-10-15 23:07 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-15 22:49 - 2022-10-15 22:49 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Ozaak
2022-10-15 22:09 - 2022-10-15 22:09 - 083119912 _____ (Discord Inc.) C:\Users\olyti\Downloads\DiscordSetup (2).exe
2022-10-15 22:04 - 2022-10-15 22:04 - 000000000 ____D C:\Users\olyti\AppData\Local\Ronin
2022-10-15 00:06 - 2022-10-15 00:06 - 000000000 ____D C:\Users\olyti\AppData\Local\ProjectCoral
2022-10-14 16:49 - 2022-10-14 16:49 - 000004134 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1665787781
2022-10-14 16:49 - 2022-10-14 16:49 - 000001402 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Opera Software
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Local\Opera Software
2022-10-13 23:12 - 2022-10-16 09:44 - 000000000 ____D C:\Program Files\dotnet
2022-10-13 23:12 - 2022-10-14 08:28 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vortex
2022-10-13 23:12 - 2022-10-13 23:12 - 000002063 _____ C:\Users\Public\Desktop\Vortex.lnk
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Users\olyti\AppData\Local\vortex-updater
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2022-10-13 21:58 - 2022-10-13 22:00 - 000000000 ____D C:\Users\olyti\Documents\Dyson Sphere Program
2022-10-13 21:58 - 2022-10-13 21:58 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Youthcat Studio
2022-10-13 21:49 - 2022-10-13 21:49 - 000004028 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3139933802-399766682-36797096-1001_0
2022-10-13 21:22 - 2022-10-13 21:22 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-13 21:22 - 2022-10-13 21:22 - 000000000 ___HD C:\$WinREAgent
2022-10-11 23:25 - 2022-10-11 23:25 - 000000000 ____D C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui
2022-10-11 23:16 - 2022-10-11 23:16 - 000000000 ____D C:\Users\olyti\AppData\Local\streamlink-twitch-gui
2022-10-09 10:56 - 2019-03-15 02:36 - 003753088 _____ (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPScanTRDrv_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 002952200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkinsE311.exe
2022-10-09 10:56 - 2019-03-15 02:36 - 000592000 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia2_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000392200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkstsE311LM.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000327688 _____ (HP Inc.) C:\WINDOWS\system32\hpinkcoiE311.dll
2022-10-07 15:14 - 2022-10-07 15:14 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\SuperMegaTeam
2022-10-07 08:12 - 2022-10-07 08:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Hide Games
2022-10-06 21:14 - 2022-10-06 21:14 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-06 21:14 - 2022-10-06 21:14 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-06 21:10 - 2022-10-06 21:10 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-06 20:12 - 2022-10-06 20:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\QHS
2022-10-06 20:09 - 2022-10-06 20:09 - 000000000 ____D C:\Users\olyti\AppData\Local\rmmz-game
2022-10-06 19:56 - 2022-10-06 19:56 - 000000000 ____D C:\Users\olyti\AppData\Local\Potionomics
2022-10-06 19:39 - 2022-10-06 19:39 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\RebornEntertainment
2022-10-06 19:38 - 2022-10-06 19:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\DefaultCompany
2022-10-04 23:13 - 2022-10-04 23:13 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Dark Light Studio
2022-10-04 22:30 - 2022-10-04 22:30 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Trigon fan
2022-10-03 23:42 - 2022-10-03 23:42 - 003079632 _____ C:\Users\olyti\Downloads\Naga Pro_Mouse_FirmwareUpdater_v2.02.00_r1.exe
2022-10-03 23:38 - 2022-10-03 23:38 - 003709216 _____ C:\Users\olyti\Downloads\DeathStalkerV2Pro_FirmwareUpdater_v1.01.02_r1 (1).exe
2022-10-02 22:33 - 2022-10-02 22:33 - 003709216 _____ C:\Users\olyti\Downloads\DeathStalkerV2Pro_FirmwareUpdater_v1.01.02_r1.exe
2022-10-01 18:30 - 2022-10-01 18:30 - 000001143 _____ C:\Users\Public\Desktop\GShade Control Panel.lnk
2022-10-01 18:30 - 2022-10-01 18:30 - 000000091 _____ C:\Users\Public\Desktop\GShade Visual Guide.url
2022-10-01 18:30 - 2022-10-01 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GShade
2022-10-01 18:29 - 2022-10-01 18:29 - 000000000 ____D C:\Users\Public\GShade Custom Shaders
2022-10-01 10:48 - 2022-10-01 10:48 - 001781654 _____ C:\Users\olyti\Downloads\Canyon_Logo-2-COL-White-REV-HORZ.eps
2022-09-30 16:28 - 2022-09-30 16:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-30 16:27 - 2022-10-14 19:15 - 000807834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-30 16:26 - 2022-10-19 19:10 - 000004138 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2865D8D3-0E3F-42D6-9DB0-FBC78E111295}
2022-09-30 16:26 - 2022-10-14 23:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-30 16:26 - 2022-10-14 23:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-30 16:26 - 2022-10-13 21:49 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-09-30 16:26 - 2022-10-13 21:49 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-09-30 16:26 - 2022-10-13 21:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-30 16:26 - 2022-10-10 18:58 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001
2022-09-30 16:26 - 2022-10-10 18:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-30 16:26 - 2022-09-30 16:26 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-09-30 16:26 - 2022-09-30 16:26 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-09-30 16:26 - 2022-09-30 16:26 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2022-09-30 16:26 - 2022-09-30 16:26 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-09-30 16:26 - 2022-09-30 16:26 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002826 _____ C:\WINDOWS\system32\Tasks\OneDC_Updater
2022-09-30 16:26 - 2022-09-30 16:26 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002280 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000002184 _____ C:\WINDOWS\system32\Tasks\OmApSvcBroker
2022-09-30 16:26 - 2022-09-30 16:26 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000000020 ___SH C:\Users\olyti\ntuser.ini
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\IsolatedStorage
2022-09-30 16:26 - 2020-05-30 11:23 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3202656799-1986057151-242305456-500
2022-09-30 16:26 - 2019-11-13 11:43 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3246922579-2884849309-941848276-500
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-09-30 16:24 - 2022-09-30 16:24 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-09-30 16:23 - 2022-10-19 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-30 16:23 - 2022-10-13 21:43 - 000607720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-30 16:00 - 2022-09-30 16:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-30 15:59 - 2022-10-13 21:48 - 000000000 ____D C:\Users\olyti
2022-09-30 15:59 - 2022-05-06 23:19 - 000001281 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-09-30 15:59 - 2022-05-06 23:19 - 000000407 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-09-30 15:58 - 2022-09-30 16:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2022-09-30 15:55 - 2022-09-30 15:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-09-30 15:54 - 2022-09-30 15:54 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\addins
2022-09-30 15:46 - 2022-09-30 15:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-30 15:24 - 2022-10-13 00:02 - 000000000 ___DC C:\WINDOWS\Panther
2022-09-29 22:27 - 2022-09-29 22:27 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Unknown Worlds
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-29 17:56 - 2022-09-23 19:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-29 17:56 - 2022-09-23 19:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-29 17:56 - 2022-09-23 19:27 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-29 17:56 - 2022-09-23 19:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-29 17:56 - 2022-09-23 16:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-29 17:56 - 2022-09-23 16:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-09-29 17:56 - 2022-09-21 18:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-29 17:56 - 2022-07-15 10:59 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-09-29 17:56 - 2021-06-02 08:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-09-29 17:55 - 2022-09-29 17:55 - 825894408 _____ (NVIDIA Corporation) C:\Users\olyti\Downloads\517.48-notebook-win10-win11-64bit-international-dch-whql.exe
2022-09-29 17:49 - 2022-09-07 08:56 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-09-29 17:49 - 2022-09-07 08:56 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ C:\Users\olyti\AppData\Local\2450563487
2022-09-29 17:48 - 2022-09-29 17:48 - 000000000 ____D C:\Users\olyti\AppData\Local\Arkane Studios
2022-09-24 23:41 - 2022-09-24 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\CD Projekt Red
2022-09-24 23:39 - 2022-09-24 23:39 - 000000000 ____D C:\Users\olyti\AppData\Local\REDEngine
2022-09-24 22:25 - 2022-09-24 22:25 - 000000000 ____D C:\Users\olyti\AppData\Local\Prometheus
2022-09-24 12:26 - 2022-09-24 12:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Cuphead
2022-09-23 15:10 - 2022-09-23 15:10 - 000095979 _____ C:\Users\olyti\Downloads\download (15).html
2022-09-23 08:58 - 2022-09-23 08:58 - 000177106 _____ C:\Users\olyti\Downloads\download (14).html
2022-09-22 14:33 - 2022-09-22 14:33 - 000508495 _____ C:\Users\olyti\Downloads\download (13).html
2022-09-22 14:30 - 2022-09-22 14:30 - 000544581 _____ C:\Users\olyti\Downloads\download (12).html
2022-09-20 19:33 - 2022-09-20 19:33 - 000000000 ____D C:\Users\olyti\Documents\EMBIRD64
2022-09-20 18:56 - 2022-09-20 18:56 - 000051866 _____ (Simon Owen) C:\WINDOWS\FdUninstall.exe
2022-09-20 18:56 - 2022-09-20 18:56 - 000000000 ____D C:\Embird
2022-09-20 18:29 - 2022-09-20 18:30 - 242179800 _____ C:\Users\olyti\Downloads\embird2022b1069_x64_setup.exe
2022-09-20 16:11 - 2022-09-20 16:11 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\IronGate
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-20 08:44 - 2021-04-27 23:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-20 08:44 - 2021-04-17 18:04 - 000000000 ____D C:\Steam
2022-10-20 08:29 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-20 08:29 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-20 08:29 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-20 08:29 - 2022-03-05 21:51 - 000000000 ____D C:\Users\olyti\.tobii
2022-10-20 08:29 - 2021-04-18 00:43 - 000000000 ____D C:\Users\olyti\AppData\Local\CrashDumps
2022-10-20 00:50 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-10-20 00:35 - 2021-12-17 01:26 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2022-10-19 23:20 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-19 22:59 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-18 19:34 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\PlaceholderTileLogoFolder
2022-10-18 15:35 - 2021-04-17 17:05 - 000000000 ____D C:\Users\olyti\AppData\Local\Packages
2022-10-18 15:35 - 2019-11-13 11:43 - 000000000 ____D C:\ProgramData\Packages
2022-10-18 07:25 - 2021-04-17 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\D3DSCache
2022-10-16 09:45 - 2020-05-30 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-15 20:32 - 2022-03-11 18:26 - 000000000 ____D C:\XboxGames
2022-10-15 00:01 - 2021-04-17 17:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-14 11:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-14 04:58 - 2019-11-13 13:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 22:24 - 2021-04-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 22:23 - 2021-04-17 23:53 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-13 21:54 - 2019-11-13 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-13 21:52 - 2021-11-10 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-10-13 21:51 - 2021-11-10 18:44 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-10-13 21:43 - 2021-04-22 13:18 - 000012288 ___SH C:\DumpStack.log.tmp
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-13 21:42 - 2022-05-06 23:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-13 21:42 - 2021-09-09 17:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-13 21:25 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-11 18:23 - 2021-04-27 23:07 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 08:22 - 2021-08-26 22:29 - 000000000 ____D C:\Users\olyti\AppData\Roaming\projectascension
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascension Launcher
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\Program Files\Ascension Launcher
2022-10-10 18:58 - 2021-04-25 09:39 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-09 11:09 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-06 21:17 - 2022-05-06 23:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-06 21:17 - 2022-05-06 23:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-06 20:52 - 2021-05-31 10:54 - 000000000 ____D C:\Users\olyti\AppData\Roaming\rsilauncher
2022-10-06 19:56 - 2021-05-08 00:40 - 000000000 ____D C:\Users\olyti\AppData\Local\UnrealEngine
2022-10-03 20:04 - 2021-04-17 17:05 - 000000000 __SHD C:\Users\olyti\IntelGraphicsProfiles
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\ProgramData\Razer
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\Program Files (x86)\Razer
2022-10-02 16:48 - 2022-04-04 21:43 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-01 18:30 - 2021-10-23 17:19 - 000000000 ____D C:\Program Files\GShade
2022-10-01 18:29 - 2021-10-23 17:19 - 000000000 ____D C:\Users\Public\GShade Backups
2022-10-01 18:08 - 2022-03-05 21:51 - 000000000 ____D C:\ProgramData\Tobii
2022-09-30 16:48 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-30 16:26 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-30 16:26 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-30 16:26 - 2019-11-13 11:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-30 16:24 - 2020-05-30 10:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-30 16:23 - 2022-08-11 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tower of Fantasy
2022-09-30 16:23 - 2022-05-14 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline
2022-09-30 16:23 - 2022-05-06 23:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-30 16:23 - 2022-03-05 19:39 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2022-03-04 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RazerCentral
2022-09-30 16:23 - 2022-02-10 00:22 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games
2022-09-30 16:23 - 2021-09-05 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
2022-09-30 16:23 - 2021-06-18 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-09-30 16:23 - 2021-06-05 06:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-30 16:23 - 2021-04-30 18:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-09-30 16:23 - 2021-04-17 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-30 16:23 - 2021-04-17 23:04 - 000000000 ____D C:\Program Files\UNP
2022-09-30 16:23 - 2021-04-17 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2021-04-17 17:07 - 000000000 ___RD C:\Users\olyti\OneDrive
2022-09-30 16:23 - 2020-05-30 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI True Color
2022-09-30 16:23 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-30 16:23 - 2020-05-30 10:34 - 000000000 ____D C:\Program Files\Intel
2022-09-30 16:23 - 2019-11-13 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 16:23 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-30 16:06 - 2022-05-06 23:28 - 000000000 ____D C:\WINDOWS\Setup
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-30 16:00 - 2021-04-17 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2022-09-30 16:00 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2022-09-30 15:57 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-29 17:59 - 2021-10-30 22:36 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA
2022-09-29 17:58 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-29 17:21 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\SteelSeries
2022-09-24 23:38 - 2021-06-18 10:44 - 000000000 ____D C:\Users\olyti\AppData\Local\cache
2022-09-23 09:10 - 2021-11-19 23:04 - 000153064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-09-23 09:10 - 2021-06-18 10:29 - 002835944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-09-23 09:10 - 2021-06-18 10:29 - 000447976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-09-23 09:10 - 2021-06-18 10:29 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-09-23 09:10 - 2021-06-18 10:29 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-09-23 09:10 - 2021-06-18 10:29 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-09-23 09:10 - 2021-06-18 10:29 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
 
==================== Files in the root of some directories ========
 
2022-08-11 08:41 - 2022-08-11 08:41 - 000001004 _____ () C:\Users\olyti\AppData\Roaming\tof_launcher.reg
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ () C:\Users\olyti\AppData\Local\2450563487
2021-11-06 22:23 - 2021-11-06 22:23 - 000007598 _____ () C:\Users\olyti\AppData\Local\Resmon.ResmonCfg
 
==================== FLock ==============================
 
2022-05-06 23:24 C:\WINDOWS\system32\WebThreatDefSvc
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by olyti (20-10-2022 08:51:17)
Running from C:\Users\olyti\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.674 (X64) (2022-09-30 22:26:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3139933802-399766682-36797096-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3139933802-399766682-36797096-503 - Limited - Disabled)
Guest (S-1-5-21-3139933802-399766682-36797096-501 - Limited - Disabled)
olyti (S-1-5-21-3139933802-399766682-36797096-1001 - Administrator - Enabled) => C:\Users\olyti
WDAGUtilityAccount (S-1-5-21-3139933802-399766682-36797096-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Disabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Games (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.2.8063.2 - Amazon.com Services, Inc.)
Ascension Launcher 1.92 (HKLM\...\{58D22CF7-EECE-433A-B4B3-A268FF8487B1}_is1) (Version: 1.92 - Project Ascension)
Command & Conquer™ Remastered Collection (HKLM-x32\...\{CB92A22C-0421-4513-9EE4-00519B4A12CC}) (Version: 1.153.11.25007 - Electronic Arts Inc. (en_US))
Crowfall_Live (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Crowfall_Live) (Version: 1.0.0.0 - ACE)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.24.0.5281 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{1ea29ff4-ac27-4775-b029-95e63cac9adb}) (Version: 12.24.0.5281 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Fdrawcmd.sys 1.0.1.11 (HKLM-x32\...\fdrawcmd) (Version: 1.0.1.11 - Simon Owen)
FINAL FANTASY XI (HKLM-x32\...\{07EB4C8B-3869-49B4-8CF8-D6D9FB8C8026}) (Version: 1.2.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
GShade 3.5.2 (HKLM\...\GShade) (Version:  - GPOSERS)
Intel® Chipset Device Software (HKLM\...\{B4BF76D4-C8E0-4341-A8C5-A33D1C506DED}) (Version: 10.1.18263.8193 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel® Corporation)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{F9B9A5A4-D66B-411A-B28F-D7A8863B432E}) (Version: 2.2.1457 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{B10DC0D5-964E-45F2-8068-67B8FCD393F8}) (Version: 2.2.1446 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 3.0.58.0 - Portrait Displays, Inc.)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 91.0.4516.30 (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Opera 91.0.4516.30) (Version: 91.0.4516.30 - Opera Software)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PlayOnline Viewer (HKLM-x32\...\{81784E3A-1BDA-4743-B5F8-04E59DC7E031}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1015.100615 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RSI Launcher 1.5.5 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.5.5 - Cloud Imperium Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 25.0.0 (HKLM\...\SteelSeries GG) (Version: 25.0.0 - SteelSeries ApS)
Tobii Experience Software For Windows (HKLM\...\{68DDA3A1-29A0-4FB1-8EBF-F25EF0A0EF58}) (Version: 4.59.0.18364 - Tobii AB)
Tower of Fantasy (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\tof_launcher) (Version:  - Hotta Studio)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
 
Packages:
=========
An Elder Scrolls Legend: Battlespire -> C:\Program Files\WindowsApps\BethesdaSoftworks.AnElderScrollsLegendBattlespire_1.3.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-12] (Microsoft Corp.)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Coral Island -> C:\Program Files\WindowsApps\HumbleBundle.CoralIsland_0.1.49295.0_x64__q2mcdwmzx4qja [2022-10-19] (Humble Bundle)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-04-17] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag [2022-06-21] (Rivet Networks LLC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-05-30] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-09-30] (Microsoft Corp.)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corp.)
ms-resource:Appname -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52074.0_x64__8wekyb3d8bbwe [2022-10-18] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-09-30] (Microsoft Corporation)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-30] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-10] (INTEL CORP) [Startup Task]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-04-17] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm [2022-08-10] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
Offworld Trading Company -> C:\Program Files\WindowsApps\StardockEntertainment.OffworldTradingCompany_1.0.82.0_x64__w7tm8b8tp1rkt [2022-08-16] (Stardock Entertainment)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-09-08] (Realtek Semiconductor Corp)
Slay The Spire -> C:\Program Files\WindowsApps\HumbleBundle.SlayTheSpire_2.4.0.0_x86__q2mcdwmzx4qja [2022-07-05] (Humble Bundle)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-15] (Spotify AB) [Startup Task]
The Elder Scrolls Adventures: Redguard -> C:\Program Files\WindowsApps\BethesdaSoftworks.TheElderScrollsAdventuresRedguar_1.4.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.60.17163.0_x64__j9ea20k37yd2w [2022-03-05] (Tobii AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
Trek To Yomi [Win10] -> C:\Program Files\WindowsApps\DevolverDigital.TrekToYomiWin10_1.0.7.0_x64__6kzv4j18v0c96 [2022-10-15] (Devolver Digital)
Vampire Survivors (Game Preview) -> C:\Program Files\WindowsApps\poncle.VampireSurvivors_0.11.304.0_x64__9pv5cyp4vwdsr [2022-09-16] (poncle)
Warhammer 40,000™: Battlesector™ -> C:\Program Files\WindowsApps\SlitherineSoftwareUKLtd.Warhammer40000Battlesector_1.1.33.0_x64__e7kchnf2m4530 [2022-07-28] (Slitherine Software UK Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-13] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3139933802-399766682-36797096-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>  -> No File
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\nvshext.dll [2022-09-23] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>  -> No File
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-08-12 02:14 - 2022-08-08 20:52 - 001427968 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-08-05 09:11 - 2022-08-05 09:11 - 020758528 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm\Nahimic3.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000420352 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libegl.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 006374400 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libglesv2.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 004030976 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\vk_swiftshader.dll
2021-10-30 22:27 - 2021-10-30 22:27 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2019-07-02 16:07 - 2019-07-02 16:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
2021-10-30 22:27 - 2021-10-30 22:27 - 001612800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\SQLite.Interop.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 001844736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\ffmpeg.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 015924736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\node.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 174965248 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000980992 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw_elf.dll
2022-10-18 11:34 - 2022-10-18 11:34 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-10-18 11:34 - 2022-10-18 11:34 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-10-18 11:34 - 2022-10-18 11:34 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-10-18 11:34 - 2022-10-18 11:34 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-10-18 11:34 - 2022-10-18 11:34 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-10-18 11:34 - 2022-10-18 11:34 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> DefaultScope {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\olyti\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3139933802-399766682-36797096-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\olyti\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ffxiv_12122021_131827_888.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "Norton Download Manager{NS-22211151-SHPD-FSD5250006}"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{57F5CA79-AD82-4F75-81D5-59B87C0DA1E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{06D35A3B-CA79-4F6A-8143-686F164C937F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E1225DDF-11E8-4449-9B27-29C804804791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CDB1B76-5307-4647-A529-1D51436978B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F47C274A-1CA7-4306-834A-0CA0E4521805}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [{9F62DBA0-F911-451F-9A74-D63B4F9F9407}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [UDP Query User{2AE7CDB6-7707-4CB6-B8D7-D12D5D5BE8EA}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{5082E1F3-9419-415F-8E84-9B298D08EDBC}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{F6954A2B-AF48-4F0B-B97D-724C81193708}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{389A9C3D-DFCD-44FD-ACA5-434680FCBCB7}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{59B1A946-6E24-434C-A9EC-37B841863465}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{E20CAA85-A347-4C47-96A7-8CC33E376374}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{0EFCFA03-D09E-4860-B85E-6861B289AB2B}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{5C6F48D9-A3D4-4BFE-B41C-0A6437C03FCA}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{9FB95E41-688C-46D1-9E73-0B012762E64B}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{75621C35-0CDE-4A43-A65A-82F73027DDAB}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{EF55A5E0-8D64-4A77-BB95-B8E245B79047}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3AB61B73-9263-44E3-BF77-92F8E3BE8B68}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3DC8D835-8BA8-448A-B6BE-25AD4B392F8B}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{8DFB67B6-0C13-40EE-B6F2-58B2E7DBC9CA}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{1522EED5-5522-4C63-B9B3-E717D8E9EF5E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [File not signed]
FirewallRules: [{1AD494B4-DD9F-402F-A15A-8C06104F463B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{4EC0CBF8-2056-4E2E-BA51-00D3EE50009B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [UDP Query User{1E3510CC-FE8B-4A40-BB66-328FAF856DBD}C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe] => (Allow) C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe => No File
FirewallRules: [TCP Query User{2D419849-A46B-4575-B8D6-0C0B3DB4B635}C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe] => (Allow) C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe => No File
FirewallRules: [UDP Query User{E523A3A1-C957-4E1F-BD1E-9A55D7FCCB99}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{1BBBBF13-F560-4D3A-8E0A-42B9AD3E6F76}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{0BC2DD59-92BD-4291-AB7C-605F7CEC58C6}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{7FAD18D6-87A1-4690-8A4A-2B6B28E0EC4E}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{4A31B107-955F-4643-9121-76B2289A1017}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{C9FCAD55-582C-43ED-9BE4-7ED57802AE0B}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{87ED5109-6433-48EB-905C-83A6C6F6763A}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{7AE9E5C6-30BF-4E94-9ABE-501DF8DFDFAC}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{BBDE1370-A1AF-4B6D-BF4D-6ACF00BABF37}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [{C77CE587-39C2-4811-9874-9E919D058989}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [{E22F4414-256C-4998-B4D1-573FF6748E39}] => (Allow) C:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [{64EC9F32-7EA6-401A-8BF5-4E7E04239D92}] => (Allow) C:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [UDP Query User{B295D693-5A48-42C8-908A-640EB57C32F3}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{2DE238EE-8758-407B-9EC6-27E028D3A49D}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{B947DE67-224A-41E5-9F10-F3DB9BB5E1D6}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{EA80B650-7BB3-445C-8248-15394BBCFC3C}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{A135AEB3-1545-4A9A-84D6-B3CC258DE947}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{A212D0C9-8653-45DC-8C5B-CCA1EBA829FA}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{5EDBC7B7-E8F2-4834-9DE3-7A6347D0B378}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{4B2C02B6-E383-47A4-AC82-0075E96D51BA}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{EDEF3CB9-E796-4ECB-B71E-643CC28B3CCC}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{FF3F3F11-FDF4-4F32-8179-F6B2FDA6FE78}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{6BDEC23A-E2C8-435B-91BA-ED8A8ED7BC8D}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{60F73CAB-E0B7-48DA-AE07-297CBFC6A51C}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{F70E9553-D698-4381-92A3-838E9AB08FA4}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [TCP Query User{20D31CE8-E4B9-4D3F-96E0-3908F68E0E12}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [{DE750991-1B01-4BB5-A16A-0CE00325C68B}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{F3854973-6B81-4836-8E47-5BA2A1E4708D}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{D00DCF5F-AEA8-4776-9F2F-8BF98845E4D8}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{43278E45-26DD-40ED-A623-A055BD552DFD}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{E7242E90-F583-448E-8CA7-F6C6108AE32E}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2DCB557D-1B63-4040-A947-B453EFC04BD7}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{726EBFD4-D8A5-475D-B7A0-0B160755E3C3}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{478C939E-E594-44D1-AE20-071F2BB56449}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{0C618E4B-6A1D-403D-9603-E4D79B3798E6}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{522D38E7-E40C-4407-982A-6F9DF16D44A3}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{63FA1E32-6998-4BE6-927E-6B8B01DC7A5D}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{333EB221-0413-4816-B800-9C7EB8E49C17}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{2AF06201-7AF3-45E1-9024-74102713FA20}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8A680465-B8D9-46D2-A5B0-A186635C2FD3}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B2C2CCA4-0B84-449F-9EFE-0F35A0AC61EC}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{DFEEB1C7-34A2-45D9-B77E-4531D498FF04}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{E1580716-6F77-4BC6-88A2-E53DB31C05E1}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{D24C171C-9AC2-4E66-B8E5-1FE11A1778F4}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{72A15286-E488-42CD-B687-97386209D5E6}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{8963092A-82D3-4E01-BC74-FB8AA5DC866B}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{17B0662F-A78E-4B48-877B-F9EE455EF07C}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{EABE7D84-ABC0-43AC-8185-34D27FDAA1E3}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{57362E65-43AC-424A-944B-36BE16D35D7D}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0058F547-8A38-450A-8B90-DA021B251B25}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3C05002-D9E0-44E0-9461-AC4710F94127}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02325BC3-B7A1-4F4B-9936-592536AC5D00}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68538345-9987-4FC9-89E9-1C63BAF4D58D}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{11E91444-35E0-4F2B-B893-E565490F78C6}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{EB8D79D8-795B-4C3D-A4A0-EE95E7F53DBA}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{9F059180-29BA-42F0-BBE2-C07C6EE65450}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{DCD5F566-DFE5-468A-A7F7-C7D40BCCFDA4}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{C8D8A701-541D-486B-945D-FD7E78A295EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{11EA62F8-C6C7-4B5A-813F-16DA4FD5E135}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6DA1FDA5-DB9D-4610-804D-8EA49CF61619}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{9D5F8B2A-E9FD-4631-992A-9B0278B1D9A2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{62DE4036-B7B8-4FD5-B137-C3CA20CF1CB2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{39F4B399-12B8-4F8E-BC1D-46B2EEFDEA2B}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B4F89464-FDF5-4405-9D44-3B7F82FB187C}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{8BD1B7C6-E217-40FE-88D1-D580A8A68EB1}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3F8C9BC2-2A8F-4994-8EF1-B249AC259429}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B5A107BA-BC36-41CA-AA90-68AEF973C290}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{2930AD3B-0906-467F-8E57-2D82CEB8CE6B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A93DAED4-6E92-4FC8-B887-A3AB79B66122}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FE3CAC21-17E0-4D3E-B542-7A2B1D72607B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{1CE78791-24E4-4478-A1FC-D9A4CAEB3E71}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{07CBC086-7222-4F48-BBE1-2E92DF1AECD6}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{55C8A6FE-4378-4411-8B26-1FE0D796A976}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{42C6F4B4-905E-43B1-9899-204E3FFC3D88}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{7001B18F-521B-457F-A8FF-FD1C2EFD2786}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{78B4F9BF-FB9A-49FC-8B1B-0F81E9180F79}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{1E084E40-9CD4-4609-A882-004CA966B88B}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{B84688B3-8466-48B3-9ADC-00B64DF6BCE8}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [TCP Query User{9859FF70-CC36-4CED-A580-546B0F0D5B88}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [UDP Query User{44CD8378-7BD6-49D1-92B5-3E0BFC5C73E4}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [TCP Query User{657EEE1B-C880-496C-8F0C-AAF85BF2935A}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{13668A7D-9C20-457E-82B7-193ED3DEE9C8}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{03468686-AF5B-46C9-B126-874FC312475F}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6B51F98E-EBB3-4169-8AA4-610403EA735E}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{1C3C024C-F4C0-4005-801C-83C8AA93551A}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6A82F5FF-2085-49B2-992A-C2FD9021CC99}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{B07A290C-0B41-44F2-8017-EFACDE75F2B1}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{97B81EC1-F667-4B2A-AD25-B790568A75A7}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{827BD318-4373-48D9-A018-59F9C17EFEA2}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{26395699-8EF1-410B-A413-DC271DA8F1A5}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2FFCA926-F8F8-465C-83BD-E685C46F6681}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{FB209C8F-DE2E-4190-83F6-B260F3DA065F}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{3BFE6C29-B013-4606-8D18-7EB874FF777E}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7463DC97-B1BF-4454-ABB5-F0688AAAEE1C}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{77DE23E8-61A4-4CA3-A5D3-A590AFB9243F}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{5F26DEE2-35F7-4F47-B982-1310C2174F40}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [{B418CB8C-5280-4826-9525-39DD4BA054C6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{E989079C-4488-4291-A2D3-A0B1B2882BA6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{BA8C81C2-AF8F-4DB9-BF13-E78C97D50637}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B6B4F4B0-C39C-4534-A328-B1AD38957059}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{3449C722-8273-4931-8148-BE167F04A8AB}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{3644136A-488E-4B39-A71A-5701F9210CFF}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [TCP Query User{7C49AFAA-E8D0-4391-90E2-BAC62D289185}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [UDP Query User{D511C8FC-DF44-4A09-A942-E80C2C3FC642}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [{26248D88-12CD-4F65-BCDB-8E9C617615B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{78134CEA-5724-4234-9307-E51EE300994F}C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe] => (Allow) C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe => No File
FirewallRules: [UDP Query User{877B41C7-50E0-415C-88B7-1F20380DEB4E}C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe] => (Allow) C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe => No File
FirewallRules: [{BE9072EA-873B-4DE5-A124-CC908A93452E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [{53D7019F-158F-48C9-8CD2-5AF2C271331E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [TCP Query User{8E84898E-2FBB-486A-B258-77C4FD5EE413}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1170733F-8D30-464E-A89B-3F4B3D86FC23}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{CDDFDAD7-1E8F-408F-BF30-92143E6AB201}] => (Allow) C:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{EB97ECB9-FF53-42DB-9C6A-A7E2B4778BA4}] => (Allow) C:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [TCP Query User{628BD29F-5298-4FCA-8501-11817BBB91BC}C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C375FFED-EC6D-4212-A48B-A250FF654B37}C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe => No File
FirewallRules: [{8077C9F8-0B7E-4206-985B-FD7741A08985}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{B6357431-E771-49A7-A279-46510BB6AD8C}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{A6E2336F-B76A-43E2-BC5D-87CB2EF54F94}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{138D5959-0B49-419B-AC5F-707ACF366141}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [TCP Query User{2EAE4178-6800-493A-BD37-D3B7CCD305B8}C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe => No File
FirewallRules: [UDP Query User{FD060547-F5F6-405D-A7FA-1F4EB84C7658}C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe => No File
FirewallRules: [{51607EE3-9B20-4A13-8605-30EFEEFF0991}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{1CC54A21-4E14-4BDC-AD46-312CA8A6F50E}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{453AA7A4-3C4D-4AEB-9804-E49B45327346}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{36695B1E-BC4F-4176-9D32-841DDDAFCC7E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CB0C1AF-FE49-4647-A113-F21517D1E446}] => (Allow) LPort=32682
FirewallRules: [{E632C5AA-9611-49CE-AAE1-53BB6E9A13CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6B5A34-7118-4DCA-BE9D-F1C38A5D1287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC4F6EF5-5582-4705-BFD6-3BB689A157AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B6D7B28-EBE3-4D00-A4C0-FCD08513CE2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CDC4F736-2EF9-4A73-A2B5-512B27FD7651}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe (Access Denied)  [File not signed]
FirewallRules: [UDP Query User{40CF5F55-E4EC-4B41-8B14-70E581250729}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe (Access Denied)  [File not signed]
FirewallRules: [{09F7AC35-6867-43DE-B656-8AB1F1C424D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5E2350C-0C6C-4467-B457-F9CF6B10F8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D8BE34C-AA62-4694-9C6D-37BBAB8B1D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89180A0E-7EC1-4EDC-9AFB-E06622A0831A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D69E67D-D1F0-4B92-BABE-229416EC1D0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1F8857D-B060-46AA-BF04-32F97E9410FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF6B875-B37F-4D94-A51B-9B186FED8011}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21E4844F-6BBD-4E63-B056-4CC4AD625F2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D258C20E-6423-4B41-8438-BB66B751198A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A20A225-A2B4-429D-9D77-EE80C779D08C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1EA87F4-BD38-4753-A14B-421A32ACDB75}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D7DB026-1C11-409B-8E2D-0DF5E1644BA9}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe () [File not signed]
FirewallRules: [UDP Query User{D2D1D5A3-0C14-43AF-A6EC-9BBE687C142B}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe () [File not signed]
 
==================== Restore Points =========================
 
13-10-2022 21:22:41 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/20/2022 08:29:03 AM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0x36dc
Faulting application start time: 0x0x1d8e453b7f90daf
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 62201b5b-fc62-46d5-b01b-303eafcec6a1
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/20/2022 08:29:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: LEDKeeper2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at MSI_LED.App.WriteInfoLog()
   at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at System.Windows.Application.Run()
   at MSI_LED.App.Main()
 
Error: (10/19/2022 11:20:31 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program msteamsupdate.exe version 22260.203.1605.4995 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Error: (10/19/2022 10:51:36 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0xdadc
Faulting application start time: 0x0x1d8e423108df56a
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 8a565a89-db85-4627-a08c-e3a54e971fda
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/19/2022 10:51:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: LEDKeeper2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at MSI_LED.App.WriteInfoLog()
   at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at System.Windows.Application.Run()
   at MSI_LED.App.Main()
 
Error: (10/19/2022 04:01:14 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0x50a0
Faulting application start time: 0x0x1d8e3860857a78b
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: fccafa15-5e4e-4bc7-a7dd-5b14a826e9bb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/19/2022 04:01:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: LEDKeeper2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at MSI_LED.App.WriteInfoLog()
   at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at System.Windows.Application.Run()
   at MSI_LED.App.Main()
 
Error: (10/18/2022 08:54:34 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0xa420
Faulting application start time: 0x0x1d8e35ae7200ae7
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 8a7502aa-41d4-4f07-8962-6868d65cdf4e
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/20/2022 12:50:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
 
Error: (10/20/2022 12:50:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJBH4-Microsoft.Windows.Photos.
 
Error: (10/20/2022 12:50:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9N36PPMP8S23-A-Volute.Nahimic.
 
Error: (10/18/2022 08:55:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9N36PPMP8S23-A-Volute.Nahimic.
 
Error: (10/18/2022 08:54:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
 
Error: (10/18/2022 08:54:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJBH4-Microsoft.Windows.Photos.
 
Error: (10/18/2022 03:37:24 PM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel® Wi-Fi 6 AX201 160MHz : Has encountered an internal error and has failed.
5005 - Driver internal error
 
Error: (10/18/2022 03:37:23 PM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel® Wi-Fi 6 AX201 160MHz : Has determined that the network adapter is not functioning properly.
5002 - uCode SW error (SysAssert, NMI)
 
 
Windows Defender:
================
Date: 2022-10-20 00:26:32
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-18 23:15:31
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-18 08:56:36
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-16 00:54:24
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-15 02:37:04
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
 
Date: 2022-10-14 16:49:25
Description: 
Microsoft Defender Antivirus has encountered an error trying to upload a suspicious file for further analysis.
Filename: C:\Users\olyti\Downloads\OperaSetup.exe
Sha256: 01f82068938e60ee76a3768b2d6af6430206264c08eead31a28162e93b597d4e
Current security intelligence Version: AV: 1.377.228.0, AS: 1.377.228.0
Current Engine Version: 1.1.19700.3
Error code: 0x80071112
 
CodeIntegrity:
===============
Date: 2022-10-20 08:35:54
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2022-10-14 08:41:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-10-13 21:43:09
Description: 
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
 
Date: 2022-10-13 21:43:09
Description: 
The driver \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys is blocked from loading as the driver has been revoked by Microsoft.
 
Date: 2022-10-07 17:36:47
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. E16V1IMS.112 11/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-16V1
Processor: Intel® Core™ i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 72%
Total physical RAM: 16271.16 MB
Available physical RAM: 4410.38 MB
Total Virtual: 28559.16 MB
Available Virtual: 8006.59 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:931.07 GB) (Free:214.59 GB) (Model: WDC PC SN730 SDBPNTY-1T00-1032) NTFS
 
\\?\Volume{36435878-acf8-4bb2-9fd1-d15095c2f0d5}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.29 GB) NTFS
\\?\Volume{4f3a491b-a684-4533-917a-2d3361a4b85a}\ (BIOS_RVY) (Fixed) (Total:21.5 GB) (Free:0.69 GB) NTFS
\\?\Volume{cbfef310-9523-4385-ab65-ebb45e3a3813}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: AE696746)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Is the redirect in all of your browsers or just one?

 

What date was your son playing on the PC?

 

Please update your Killer Wireless driver.  Your current one is causing errors.

https://www.intel.co...ance-suite.html

 

Mystic Light is not working correctly.  Probably not win 11 compatible.  I think it came with your MSI motherboard since the path is: MSI\One Dragon Center\Mystic_Light.  Check with them and see if they have a newer version of their stuff.

 

I need to run a fixlist to check your system files and to have virustotal check some files that I don't recognize.  Will take about 35 minutes on a good system but I have seen it time out after an hour on a slow one.  Will reboot when done. Best to pause your anti-virus while working with FRST.  Faster and less chance of the anti-virus interfering.

 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   14.94KB   105 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 

 

 

 

 


  • 0

#3
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

It's probably been about a week. The redirect only occurs on the original browser, microsoft Edge. It doesn't happen on firefox or chrome or Opera. As far as mystic light goes it's always had errors but I'll see what they have. I tried to do the wireless fix you posted but it gives an error saying I can't update killer wireless when killer ethernet is installed. I also have a trojan that has tried to get me to authorize it, Entertainment application tm trademark reserved or some obvious BS like that. probably a stupid miner app. Now for logs. Fixlog first, then FRST and Addition in a following post because of post length. 
 

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by olyti (21-10-2022 08:20:12) Run:2
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
VirusTotal: C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe.old
VirusTotal: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe 
VirusTotal: C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
VirusTotal: C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
VirusTotal: C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
VirusTotal: C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe
VirusTotal: C:\Windows\ThunderboltService.exe
VirusTotal: C:\Windows\System32\NahimicSvc64.exe
VirusTotal: C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe
VirusTotal: C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe 
VirusTotal: C:\WINDOWS\SysWOW64\GameMon.des 
VirusTotal: C:\WINDOWS\system32\drivers\fdrawcmd.sys
VirusTotal: C:\WINDOWS\system32\drivers\ksophon_x64.sys
VirusTotal: C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys
VirusTotal: C:\WINDOWS\System32\drivers\RoutePolicy.sys
VirusTotal: C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\SQLite.Interop.dll
CMD: sc config LightKeeperService start=disabled
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Norton Download Manager{NS-22211151-SHPD-FSD5250006}] => C:\Users\Public\Downloads\Norton\{NS-22211151-SHPD-FSD5250006}\FSDUI_Custom.exe /m /WIN10_UPGRADE "C:\Users\olyti\AppData\Local\Temp\{ACB18532-3DE2-46CE-A1B8-C0316BEC9FBE}\Upgrade.exe" /m (No File) <==== ATTENTION
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\Installer\setup.exe [3350952 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Norton Download Manager{NS-22211151-SHPD-FSD5250006}] => C:\Users\Public\Downloads\Norton\{NS-22211151-SHPD-FSD5250006}\FSDUI_Custom.exe /m /WIN10_UPGRADE "C:\Users\olyti\AppData\Local\Temp\{ACB18532-3DE2-46CE-A1B8-C0316BEC9FBE}\Upgrade.exe" /m (No File) <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [MicrosoftEdgeAutoLaunch_D30A67E0D8865ABC16D6E6E5594A3C48] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {332C2166-38E7-4D16-A828-28B1818915FA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D4497137-A762-4AF4-9D49-51E270D48401} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {DFFE6C06-8C5A-4DDF-B2CB-59A3FF912E85} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
S2 cphs; %SystemRoot%\System32\IntelCpHeciSvc.exe [X]
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>  -> No File
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>  -> No File
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>  -> No File
FirewallRules: [UDP Query User{1E3510CC-FE8B-4A40-BB66-328FAF856DBD}C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe] => (Allow) C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe => No File
FirewallRules: [TCP Query User{2D419849-A46B-4575-B8D6-0C0B3DB4B635}C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe] => (Allow) C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe => No File
FirewallRules: [{E22F4414-256C-4998-B4D1-573FF6748E39}] => (Allow) C:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [{64EC9F32-7EA6-401A-8BF5-4E7E04239D92}] => (Allow) C:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [{A93DAED4-6E92-4FC8-B887-A3AB79B66122}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FE3CAC21-17E0-4D3E-B542-7A2B1D72607B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{78134CEA-5724-4234-9307-E51EE300994F}C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe] => (Allow) C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe => No File
FirewallRules: [UDP Query User{877B41C7-50E0-415C-88B7-1F20380DEB4E}C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe] => (Allow) C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe => No File
FirewallRules: [{CDDFDAD7-1E8F-408F-BF30-92143E6AB201}] => (Allow) C:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{EB97ECB9-FF53-42DB-9C6A-A7E2B4778BA4}] => (Allow) C:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [TCP Query User{628BD29F-5298-4FCA-8501-11817BBB91BC}C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C375FFED-EC6D-4212-A48B-A250FF654B37}C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe => No File
FirewallRules: [TCP Query User{2EAE4178-6800-493A-BD37-D3B7CCD305B8}C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe => No File
FirewallRules: [UDP Query User{FD060547-F5F6-405D-A7FA-1F4EB84C7658}C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe => No File
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
VirusTotal: C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe.old => https://www.virustot...10d2-1666205202
VirusTotal: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe => https://www.virustot...38dd-1666279141
VirusTotal: C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe => https://www.virustot...a18e-1666105112
VirusTotal: C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe => https://www.virustot...eaa5-1652331750
VirusTotal: C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe => https://www.virustot...51dd-1666361187
VirusTotal: C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe => https://www.virustot...5613-1666361190
VirusTotal: C:\Windows\ThunderboltService.exe => https://www.virustot...426b-1666361190
VirusTotal: C:\Windows\System32\NahimicSvc64.exe => https://www.virustot...2607-1666361192
VirusTotal: C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe => (3) Error
VirusTotal: C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe => https://www.virustot...69d0-1666361201
VirusTotal: C:\WINDOWS\SysWOW64\GameMon.des => https://www.virustot...4517-1666361214
VirusTotal: C:\WINDOWS\system32\drivers\fdrawcmd.sys => https://www.virustot...6e87-1666361215
VirusTotal: C:\WINDOWS\system32\drivers\ksophon_x64.sys => https://www.virustot...edb3-1666361228
VirusTotal: C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys => https://www.virustot...b6c4-1666362056
VirusTotal: C:\WINDOWS\System32\drivers\RoutePolicy.sys => https://www.virustot...63e2-1666362057
VirusTotal: C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\SQLite.Interop.dll => https://www.virustot...e3be-1666362060
 
========= sc config LightKeeperService start=disabled =========
 
[SC] ChangeServiceConfig SUCCESS
 
========= End of CMD: =========
 
"HKU\S-1-5-21-3139933802-399766682-36797096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Norton Download Manager{NS-22211151-SHPD-FSD5250006}" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}" => not found
"HKU\S-1-5-21-3139933802-399766682-36797096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Norton Download Manager{NS-22211151-SHPD-FSD5250006}" => not found
"HKU\S-1-5-21-3139933802-399766682-36797096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_D30A67E0D8865ABC16D6E6E5594A3C48" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{332C2166-38E7-4D16-A828-28B1818915FA}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4497137-A762-4AF4-9D49-51E270D48401}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFFE6C06-8C5A-4DDF-B2CB-59A3FF912E85}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => not found
cphs => service not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayExcluded => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayPending => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayProtected => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayExcluded => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayPending => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayProtected => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\NortonLifeLock.Norton.Antivirus.IEContextMenu => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\NortonLifeLock.Norton.Antivirus.IEContextMenu => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\NortonLifeLock.Norton.Antivirus.IEContextMenu => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1E3510CC-FE8B-4A40-BB66-328FAF856DBD}C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2D419849-A46B-4575-B8D6-0C0B3DB4B635}C:\xboxgames\sins of a solar empire- rebellion\content\xboxshim.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E22F4414-256C-4998-B4D1-573FF6748E39}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64EC9F32-7EA6-401A-8BF5-4E7E04239D92}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A93DAED4-6E92-4FC8-B887-A3AB79B66122}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE3CAC21-17E0-4D3E-B542-7A2B1D72607B}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{78134CEA-5724-4234-9307-E51EE300994F}C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{877B41C7-50E0-415C-88B7-1F20380DEB4E}C:\program files\modifiablewindowsapps\darkestdungeonpc\_windowsgamepass\darkest.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CDDFDAD7-1E8F-408F-BF30-92143E6AB201}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB97ECB9-FF53-42DB-9C6A-A7E2B4778BA4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{628BD29F-5298-4FCA-8501-11817BBB91BC}C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C375FFED-EC6D-4212-A48B-A250FF654B37}C:\steam\steamapps\common\absolute tactics demo\atbtt_4_18_b\binaries\win64\atbtt_4_18_b-win64-shipping.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2EAE4178-6800-493A-BD37-D3B7CCD305B8}C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD060547-F5F6-405D-A7FA-1F4EB84C7658}C:\steam\steamapps\common\potionomics demo\potionomics\binaries\win64\potionomics-win64-shipping.exe" => not found
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.22621.1
 
Image Version: 10.0.22621.674
 
 
[==                         3.8%                           ] 
 
[==                         4.8%                           ] 
 
[===                        5.7%                           ] 
 
[===                        6.7%                           ] 
 
[====                       7.7%                           ] 
 
[=====                      8.7%                           ] 
 
[=====                      9.7%                           ] 
 
[======                     10.6%                          ] 
 
[======                     11.6%                          ] 
 
[=======                    12.6%                          ] 
 
[=======                    13.6%                          ] 
 
[========                   14.6%                          ] 
 
[=========                  15.5%                          ] 
 
[=========                  16.5%                          ] 
 
[==========                 17.5%                          ] 
 
[==========                 18.0%                          ] 
 
[===========                19.0%                          ] 
 
[===========                19.2%                          ] 
 
[===========                19.2%                          ] 
 
[===========                20.2%                          ] 
 
[============               21.1%                          ] 
 
[============               22.1%                          ] 
 
[=============              23.1%                          ] 
 
[=============              24.1%                          ] 
 
[==============             25.1%                          ] 
 
[===============            26.0%                          ] 
 
[===============            27.0%                          ] 
 
[================           28.0%                          ] 
 
[================           29.0%                          ] 
 
[=================          30.0%                          ] 
 
[=================          30.9%                          ] 
 
[==================         31.9%                          ] 
 
[==================         32.7%                          ] 
 
[===================        33.6%                          ] 
 
[====================       34.6%                          ] 
 
[====================       35.5%                          ] 
 
[=====================      36.4%                          ] 
 
[=====================      37.4%                          ] 
 
[======================     38.3%                          ] 
 
[======================     39.3%                          ] 
 
[=======================    39.9%                          ] 
 
[=======================    40.7%                          ] 
 
[=======================    40.8%                          ] 
 
[========================   41.8%                          ] 
 
[========================   42.5%                          ] 
 
[=========================  43.2%                          ] 
 
[=========================  44.2%                          ] 
 
[========================== 45.1%                          ] 
 
[========================== 46.1%                          ] 
 
[===========================47.1%                          ] 
 
[===========================48.1%                          ] 
 
[===========================49.1%                          ] 
 
[===========================50.0%                          ] 
 
[===========================51.0%                          ] 
 
[===========================52.0%                          ] 
 
[===========================52.2%                          ] 
 
[===========================52.2%                          ] 
 
[===========================52.4%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.7%                          ] 
 
[===========================52.8%                          ] 
 
[===========================52.8%                          ] 
 
[===========================53.0%                          ] 
 
[===========================53.0%                          ] 
 
[===========================53.1%                          ] 
 
[===========================53.1%                          ] 
 
[===========================53.1%                          ] 
 
[===========================53.2%                          ] 
 
[===========================53.3%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.5%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.8%                          ] 
 
[===========================53.9%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.4%                          ] 
 
[===========================54.5%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.7%                          ] 
 
[===========================54.8%                          ] 
 
[===========================54.8%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.6%                          ] 
 
[===========================55.7%                          ] 
 
[===========================55.8%                          ] 
 
[===========================56.0%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.6%                          ] 
 
[===========================56.8%                          ] 
 
[===========================57.0%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.2%=                         ] 
 
[===========================57.7%=                         ] 
 
[===========================58.5%=                         ] 
 
[===========================59.5%==                        ] 
 
[===========================59.5%==                        ] 
 
[===========================59.5%==                        ] 
 
[===========================62.3%====                      ] 
 
[===========================84.9%=================         ] 
 
[==========================100.0%==========================] 
The restore operation completed successfully.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
Beginning system scan.  This process will take some time.
 
Beginning verification phase of system scan.
 
Verification 0% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.
 
Windows Resource Protection did not find any integrity violations.
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2022-10-15 15:03:07, Info                  CSI    00000006 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000008 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000009 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    0000000b [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    0000000c [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    0000000d [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    0000000e [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    0000000f [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000011 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000012 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000014 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000015 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000017 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000018 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000019 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    0000001a [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    0000001b [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    0000001c [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    0000001d [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    0000001e [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000020 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000021 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000023 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000024 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000025 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000026 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000027 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000028 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    00000029 [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    0000002a [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    0000002c [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    0000002d [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:07, Info                  CSI    0000002f [SR] Verify complete
2022-10-15 15:03:07, Info                  CSI    00000030 [SR] Verifying 1 components
2022-10-15 15:03:07, Info                  CSI    00000031 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000032 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000033 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000034 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000035 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000036 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000038 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000039 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    0000003b [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    0000003c [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    0000003e [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    0000003f [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000041 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000042 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000044 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000045 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000047 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000048 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    0000004a [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    0000004b [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    0000004d [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    0000004e [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000050 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000051 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000053 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000054 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000056 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    00000057 [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    00000059 [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    0000005a [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    0000005c [SR] Verify complete
2022-10-15 15:03:08, Info                  CSI    0000005d [SR] Verifying 1 components
2022-10-15 15:03:08, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2022-10-15 15:03:08, Info                  CSI    0000005f [SR] Verify complete
2022-10-21 08:09:13, Info                  CSI    00000011 [SR] Verifying 100 components
2022-10-21 08:09:13, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:13, Info                  CSI    00000013 [SR] Verify complete
2022-10-21 08:09:13, Info                  CSI    00000014 [SR] Verifying 100 components
2022-10-21 08:09:13, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:13, Info                  CSI    00000016 [SR] Verify complete
2022-10-21 08:09:13, Info                  CSI    00000017 [SR] Verifying 100 components
2022-10-21 08:09:13, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:14, Info                  CSI    00000019 [SR] Verify complete
2022-10-21 08:09:14, Info                  CSI    0000001a [SR] Verifying 100 components
2022-10-21 08:09:14, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:14, Info                  CSI    0000001c [SR] Verify complete
2022-10-21 08:09:14, Info                  CSI    0000001d [SR] Verifying 100 components
2022-10-21 08:09:14, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:16, Info                  CSI    0000001f [SR] Verify complete
2022-10-21 08:09:16, Info                  CSI    00000020 [SR] Verifying 100 components
2022-10-21 08:09:16, Info                  CSI    00000021 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:17, Info                  CSI    00000022 [SR] Verify complete
2022-10-21 08:09:17, Info                  CSI    00000023 [SR] Verifying 100 components
2022-10-21 08:09:17, Info                  CSI    00000024 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:20, Info                  CSI    00000025 [SR] Verify complete
2022-10-21 08:09:20, Info                  CSI    00000026 [SR] Verifying 100 components
2022-10-21 08:09:20, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:24, Info                  CSI    00000028 [SR] Verify complete
2022-10-21 08:09:24, Info                  CSI    00000029 [SR] Verifying 100 components
2022-10-21 08:09:24, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:25, Info                  CSI    0000002b [SR] Verify complete
2022-10-21 08:09:25, Info                  CSI    0000002c [SR] Verifying 100 components
2022-10-21 08:09:25, Info                  CSI    0000002d [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:25, Info                  CSI    0000002e [SR] Verify complete
2022-10-21 08:09:25, Info                  CSI    0000002f [SR] Verifying 100 components
2022-10-21 08:09:25, Info                  CSI    00000030 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:26, Info                  CSI    00000032 [SR] Verify complete
2022-10-21 08:09:26, Info                  CSI    00000033 [SR] Verifying 100 components
2022-10-21 08:09:26, Info                  CSI    00000034 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:27, Info                  CSI    00000035 [SR] Verify complete
2022-10-21 08:09:27, Info                  CSI    00000036 [SR] Verifying 100 components
2022-10-21 08:09:27, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:27, Info                  CSI    00000038 [SR] Verify complete
2022-10-21 08:09:27, Info                  CSI    00000039 [SR] Verifying 100 components
2022-10-21 08:09:27, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:27, Info                  CSI    0000003b [SR] Verify complete
2022-10-21 08:09:28, Info                  CSI    0000003c [SR] Verifying 100 components
2022-10-21 08:09:28, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:28, Info                  CSI    0000003e [SR] Verify complete
2022-10-21 08:09:28, Info                  CSI    0000003f [SR] Verifying 100 components
2022-10-21 08:09:28, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:29, Info                  CSI    00000041 [SR] Verify complete
2022-10-21 08:09:29, Info                  CSI    00000042 [SR] Verifying 100 components
2022-10-21 08:09:29, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:30, Info                  CSI    00000044 [SR] Verify complete
2022-10-21 08:09:30, Info                  CSI    00000045 [SR] Verifying 100 components
2022-10-21 08:09:30, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:30, Info                  CSI    00000047 [SR] Verify complete
2022-10-21 08:09:30, Info                  CSI    00000048 [SR] Verifying 100 components
2022-10-21 08:09:30, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:31, Info                  CSI    0000004a [SR] Verify complete
2022-10-21 08:09:31, Info                  CSI    0000004b [SR] Verifying 100 components
2022-10-21 08:09:31, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:32, Info                  CSI    0000004d [SR] Verify complete
2022-10-21 08:09:32, Info                  CSI    0000004e [SR] Verifying 100 components
2022-10-21 08:09:32, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:32, Info                  CSI    00000050 [SR] Verify complete
2022-10-21 08:09:32, Info                  CSI    00000051 [SR] Verifying 100 components
2022-10-21 08:09:32, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:33, Info                  CSI    00000053 [SR] Verify complete
2022-10-21 08:09:33, Info                  CSI    00000054 [SR] Verifying 100 components
2022-10-21 08:09:33, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:34, Info                  CSI    00000056 [SR] Verify complete
2022-10-21 08:09:34, Info                  CSI    00000057 [SR] Verifying 100 components
2022-10-21 08:09:34, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:34, Info                  CSI    00000059 [SR] Verify complete
2022-10-21 08:09:34, Info                  CSI    0000005a [SR] Verifying 100 components
2022-10-21 08:09:34, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:35, Info                  CSI    0000005c [SR] Verify complete
2022-10-21 08:09:35, Info                  CSI    0000005d [SR] Verifying 100 components
2022-10-21 08:09:35, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:35, Info                  CSI    0000005f [SR] Verify complete
2022-10-21 08:09:35, Info                  CSI    00000060 [SR] Verifying 100 components
2022-10-21 08:09:35, Info                  CSI    00000061 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:35, Info                  CSI    00000062 [SR] Verify complete
2022-10-21 08:09:36, Info                  CSI    00000063 [SR] Verifying 100 components
2022-10-21 08:09:36, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:36, Info                  CSI    00000065 [SR] Verify complete
2022-10-21 08:09:36, Info                  CSI    00000066 [SR] Verifying 100 components
2022-10-21 08:09:36, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:36, Info                  CSI    00000068 [SR] Verify complete
2022-10-21 08:09:36, Info                  CSI    00000069 [SR] Verifying 100 components
2022-10-21 08:09:36, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:37, Info                  CSI    0000006b [SR] Verify complete
2022-10-21 08:09:37, Info                  CSI    0000006c [SR] Verifying 100 components
2022-10-21 08:09:37, Info                  CSI    0000006d [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:37, Info                  CSI    0000006e [SR] Verify complete
2022-10-21 08:09:37, Info                  CSI    0000006f [SR] Verifying 100 components
2022-10-21 08:09:37, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:38, Info                  CSI    00000071 [SR] Verify complete
2022-10-21 08:09:38, Info                  CSI    00000072 [SR] Verifying 100 components
2022-10-21 08:09:38, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:38, Info                  CSI    00000074 [SR] Verify complete
2022-10-21 08:09:38, Info                  CSI    00000075 [SR] Verifying 100 components
2022-10-21 08:09:38, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:39, Info                  CSI    00000077 [SR] Verify complete
2022-10-21 08:09:39, Info                  CSI    00000078 [SR] Verifying 100 components
2022-10-21 08:09:39, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:40, Info                  CSI    0000007b [SR] Verify complete
2022-10-21 08:09:40, Info                  CSI    0000007c [SR] Verifying 100 components
2022-10-21 08:09:40, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:41, Info                  CSI    0000007e [SR] Verify complete
2022-10-21 08:09:41, Info                  CSI    0000007f [SR] Verifying 100 components
2022-10-21 08:09:41, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:42, Info                  CSI    00000081 [SR] Verify complete
2022-10-21 08:09:42, Info                  CSI    00000082 [SR] Verifying 100 components
2022-10-21 08:09:42, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:44, Info                  CSI    00000084 [SR] Verify complete
2022-10-21 08:09:44, Info                  CSI    00000085 [SR] Verifying 100 components
2022-10-21 08:09:44, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:45, Info                  CSI    00000088 [SR] Verify complete
2022-10-21 08:09:45, Info                  CSI    00000089 [SR] Verifying 100 components
2022-10-21 08:09:45, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:46, Info                  CSI    0000008b [SR] Verify complete
2022-10-21 08:09:46, Info                  CSI    0000008c [SR] Verifying 100 components
2022-10-21 08:09:46, Info                  CSI    0000008d [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:47, Info                  CSI    0000008f [SR] Verify complete
2022-10-21 08:09:47, Info                  CSI    00000090 [SR] Verifying 100 components
2022-10-21 08:09:47, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:47, Info                  CSI    00000092 [SR] Verify complete
2022-10-21 08:09:47, Info                  CSI    00000093 [SR] Verifying 100 components
2022-10-21 08:09:47, Info                  CSI    00000094 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:47, Info                  CSI    00000095 [SR] Verify complete
2022-10-21 08:09:47, Info                  CSI    00000096 [SR] Verifying 100 components
2022-10-21 08:09:47, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:48, Info                  CSI    00000099 [SR] Verify complete
2022-10-21 08:09:48, Info                  CSI    0000009a [SR] Verifying 100 components
2022-10-21 08:09:48, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:49, Info                  CSI    0000009d [SR] Verify complete
2022-10-21 08:09:49, Info                  CSI    0000009e [SR] Verifying 100 components
2022-10-21 08:09:49, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:51, Info                  CSI    000000a2 [SR] Verify complete
2022-10-21 08:09:51, Info                  CSI    000000a3 [SR] Verifying 100 components
2022-10-21 08:09:51, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:51, Info                  CSI    000000a5 [SR] Verify complete
2022-10-21 08:09:51, Info                  CSI    000000a6 [SR] Verifying 100 components
2022-10-21 08:09:51, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:52, Info                  CSI    000000a8 [SR] Verify complete
2022-10-21 08:09:52, Info                  CSI    000000a9 [SR] Verifying 100 components
2022-10-21 08:09:52, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:52, Info                  CSI    000000ab [SR] Verify complete
2022-10-21 08:09:52, Info                  CSI    000000ac [SR] Verifying 100 components
2022-10-21 08:09:52, Info                  CSI    000000ad [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:53, Info                  CSI    000000ae [SR] Verify complete
2022-10-21 08:09:53, Info                  CSI    000000af [SR] Verifying 100 components
2022-10-21 08:09:53, Info                  CSI    000000b0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:53, Info                  CSI    000000b2 [SR] Verify complete
2022-10-21 08:09:53, Info                  CSI    000000b3 [SR] Verifying 100 components
2022-10-21 08:09:53, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:54, Info                  CSI    000000b5 [SR] Verify complete
2022-10-21 08:09:54, Info                  CSI    000000b6 [SR] Verifying 100 components
2022-10-21 08:09:54, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:56, Info                  CSI    000000b9 [SR] Verify complete
2022-10-21 08:09:56, Info                  CSI    000000ba [SR] Verifying 100 components
2022-10-21 08:09:56, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:56, Info                  CSI    000000bc [SR] Verify complete
2022-10-21 08:09:56, Info                  CSI    000000bd [SR] Verifying 100 components
2022-10-21 08:09:56, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:57, Info                  CSI    000000bf [SR] Verify complete
2022-10-21 08:09:57, Info                  CSI    000000c0 [SR] Verifying 100 components
2022-10-21 08:09:57, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:57, Info                  CSI    000000c2 [SR] Verify complete
2022-10-21 08:09:57, Info                  CSI    000000c3 [SR] Verifying 100 components
2022-10-21 08:09:57, Info                  CSI    000000c4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:58, Info                  CSI    000000c5 [SR] Verify complete
2022-10-21 08:09:58, Info                  CSI    000000c6 [SR] Verifying 100 components
2022-10-21 08:09:58, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:09:59, Info                  CSI    000000c8 [SR] Verify complete
2022-10-21 08:09:59, Info                  CSI    000000c9 [SR] Verifying 100 components
2022-10-21 08:09:59, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:00, Info                  CSI    000000cc [SR] Verify complete
2022-10-21 08:10:00, Info                  CSI    000000cd [SR] Verifying 100 components
2022-10-21 08:10:00, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:00, Info                  CSI    000000cf [SR] Verify complete
2022-10-21 08:10:01, Info                  CSI    000000d0 [SR] Verifying 100 components
2022-10-21 08:10:01, Info                  CSI    000000d1 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:01, Info                  CSI    000000d2 [SR] Verify complete
2022-10-21 08:10:01, Info                  CSI    000000d3 [SR] Verifying 100 components
2022-10-21 08:10:01, Info                  CSI    000000d4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:02, Info                  CSI    000000d5 [SR] Verify complete
2022-10-21 08:10:02, Info                  CSI    000000d6 [SR] Verifying 100 components
2022-10-21 08:10:02, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:02, Info                  CSI    000000d8 [SR] Verify complete
2022-10-21 08:10:02, Info                  CSI    000000d9 [SR] Verifying 100 components
2022-10-21 08:10:02, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:03, Info                  CSI    000000db [SR] Verify complete
2022-10-21 08:10:03, Info                  CSI    000000dc [SR] Verifying 100 components
2022-10-21 08:10:03, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:03, Info                  CSI    000000de [SR] Verify complete
2022-10-21 08:10:03, Info                  CSI    000000df [SR] Verifying 100 components
2022-10-21 08:10:03, Info                  CSI    000000e0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:04, Info                  CSI    000000e1 [SR] Verify complete
2022-10-21 08:10:04, Info                  CSI    000000e2 [SR] Verifying 100 components
2022-10-21 08:10:04, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:04, Info                  CSI    000000e4 [SR] Verify complete
2022-10-21 08:10:04, Info                  CSI    000000e5 [SR] Verifying 100 components
2022-10-21 08:10:04, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:05, Info                  CSI    000000e7 [SR] Verify complete
2022-10-21 08:10:05, Info                  CSI    000000e8 [SR] Verifying 100 components
2022-10-21 08:10:05, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:06, Info                  CSI    000000ea [SR] Verify complete
2022-10-21 08:10:06, Info                  CSI    000000eb [SR] Verifying 100 components
2022-10-21 08:10:06, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:06, Info                  CSI    000000ed [SR] Verify complete
2022-10-21 08:10:06, Info                  CSI    000000ee [SR] Verifying 100 components
2022-10-21 08:10:06, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:07, Info                  CSI    000000f0 [SR] Verify complete
2022-10-21 08:10:07, Info                  CSI    000000f1 [SR] Verifying 100 components
2022-10-21 08:10:07, Info                  CSI    000000f2 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:08, Info                  CSI    000000f3 [SR] Verify complete
2022-10-21 08:10:08, Info                  CSI    000000f4 [SR] Verifying 100 components
2022-10-21 08:10:08, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:09, Info                  CSI    000000f6 [SR] Verify complete
2022-10-21 08:10:09, Info                  CSI    000000f7 [SR] Verifying 100 components
2022-10-21 08:10:09, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:10, Info                  CSI    000000fa [SR] Verify complete
2022-10-21 08:10:10, Info                  CSI    000000fb [SR] Verifying 100 components
2022-10-21 08:10:10, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:12, Info                  CSI    000000fe [SR] Verify complete
2022-10-21 08:10:12, Info                  CSI    000000ff [SR] Verifying 100 components
2022-10-21 08:10:12, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:12, Info                  CSI    00000101 [SR] Verify complete
2022-10-21 08:10:12, Info                  CSI    00000102 [SR] Verifying 100 components
2022-10-21 08:10:12, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:13, Info                  CSI    00000104 [SR] Verify complete
2022-10-21 08:10:13, Info                  CSI    00000105 [SR] Verifying 100 components
2022-10-21 08:10:13, Info                  CSI    00000106 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:14, Info                  CSI    00000108 [SR] Verify complete
2022-10-21 08:10:14, Info                  CSI    00000109 [SR] Verifying 100 components
2022-10-21 08:10:14, Info                  CSI    0000010a [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:15, Info                  CSI    0000010b [SR] Verify complete
2022-10-21 08:10:15, Info                  CSI    0000010c [SR] Verifying 100 components
2022-10-21 08:10:15, Info                  CSI    0000010d [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:16, Info                  CSI    0000010e [SR] Verify complete
2022-10-21 08:10:16, Info                  CSI    0000010f [SR] Verifying 100 components
2022-10-21 08:10:16, Info                  CSI    00000110 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:17, Info                  CSI    00000111 [SR] Verify complete
2022-10-21 08:10:17, Info                  CSI    00000112 [SR] Verifying 100 components
2022-10-21 08:10:17, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:18, Info                  CSI    00000114 [SR] Verify complete
2022-10-21 08:10:18, Info                  CSI    00000115 [SR] Verifying 100 components
2022-10-21 08:10:18, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:18, Info                  CSI    00000117 [SR] Verify complete
2022-10-21 08:10:18, Info                  CSI    00000118 [SR] Verifying 100 components
2022-10-21 08:10:18, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:19, Info                  CSI    0000011a [SR] Verify complete
2022-10-21 08:10:19, Info                  CSI    0000011b [SR] Verifying 100 components
2022-10-21 08:10:19, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:19, Info                  CSI    0000011d [SR] Verify complete
2022-10-21 08:10:19, Info                  CSI    0000011e [SR] Verifying 100 components
2022-10-21 08:10:19, Info                  CSI    0000011f [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:20, Info                  CSI    00000120 [SR] Verify complete
2022-10-21 08:10:20, Info                  CSI    00000121 [SR] Verifying 100 components
2022-10-21 08:10:20, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:20, Info                  CSI    00000123 [SR] Verify complete
2022-10-21 08:10:21, Info                  CSI    00000124 [SR] Verifying 100 components
2022-10-21 08:10:21, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:21, Info                  CSI    00000126 [SR] Verify complete
2022-10-21 08:10:21, Info                  CSI    00000127 [SR] Verifying 100 components
2022-10-21 08:10:21, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:22, Info                  CSI    00000129 [SR] Verify complete
2022-10-21 08:10:22, Info                  CSI    0000012a [SR] Verifying 100 components
2022-10-21 08:10:22, Info                  CSI    0000012b [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:22, Info                  CSI    0000012c [SR] Verify complete
2022-10-21 08:10:22, Info                  CSI    0000012d [SR] Verifying 100 components
2022-10-21 08:10:22, Info                  CSI    0000012e [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:22, Info                  CSI    0000012f [SR] Verify complete
2022-10-21 08:10:23, Info                  CSI    00000130 [SR] Verifying 100 components
2022-10-21 08:10:23, Info                  CSI    00000131 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:23, Info                  CSI    00000132 [SR] Verify complete
2022-10-21 08:10:23, Info                  CSI    00000133 [SR] Verifying 100 components
2022-10-21 08:10:23, Info                  CSI    00000134 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:24, Info                  CSI    00000136 [SR] Verify complete
2022-10-21 08:10:24, Info                  CSI    00000137 [SR] Verifying 100 components
2022-10-21 08:10:24, Info                  CSI    00000138 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:24, Info                  CSI    00000139 [SR] Verify complete
2022-10-21 08:10:24, Info                  CSI    0000013a [SR] Verifying 100 components
2022-10-21 08:10:24, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:25, Info                  CSI    0000013c [SR] Verify complete
2022-10-21 08:10:25, Info                  CSI    0000013d [SR] Verifying 100 components
2022-10-21 08:10:25, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:25, Info                  CSI    0000013f [SR] Verify complete
2022-10-21 08:10:25, Info                  CSI    00000140 [SR] Verifying 100 components
2022-10-21 08:10:25, Info                  CSI    00000141 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:26, Info                  CSI    00000142 [SR] Verify complete
2022-10-21 08:10:26, Info                  CSI    00000143 [SR] Verifying 100 components
2022-10-21 08:10:26, Info                  CSI    00000144 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:26, Info                  CSI    00000145 [SR] Verify complete
2022-10-21 08:10:26, Info                  CSI    00000146 [SR] Verifying 100 components
2022-10-21 08:10:26, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:27, Info                  CSI    00000148 [SR] Verify complete
2022-10-21 08:10:27, Info                  CSI    00000149 [SR] Verifying 100 components
2022-10-21 08:10:27, Info                  CSI    0000014a [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:27, Info                  CSI    0000014b [SR] Verify complete
2022-10-21 08:10:27, Info                  CSI    0000014c [SR] Verifying 100 components
2022-10-21 08:10:27, Info                  CSI    0000014d [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:29, Info                  CSI    00000150 [SR] Verify complete
2022-10-21 08:10:29, Info                  CSI    00000151 [SR] Verifying 100 components
2022-10-21 08:10:29, Info                  CSI    00000152 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:30, Info                  CSI    00000153 [SR] Verify complete
2022-10-21 08:10:30, Info                  CSI    00000154 [SR] Verifying 100 components
2022-10-21 08:10:30, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:31, Info                  CSI    00000156 [SR] Verify complete
2022-10-21 08:10:31, Info                  CSI    00000157 [SR] Verifying 100 components
2022-10-21 08:10:31, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:31, Info                  CSI    00000159 [SR] Verify complete
2022-10-21 08:10:31, Info                  CSI    0000015a [SR] Verifying 100 components
2022-10-21 08:10:31, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:32, Info                  CSI    0000015c [SR] Verify complete
2022-10-21 08:10:32, Info                  CSI    0000015d [SR] Verifying 100 components
2022-10-21 08:10:32, Info                  CSI    0000015e [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:32, Info                  CSI    0000015f [SR] Verify complete
2022-10-21 08:10:32, Info                  CSI    00000160 [SR] Verifying 100 components
2022-10-21 08:10:32, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:33, Info                  CSI    00000162 [SR] Verify complete
2022-10-21 08:10:33, Info                  CSI    00000163 [SR] Verifying 100 components
2022-10-21 08:10:33, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:33, Info                  CSI    00000165 [SR] Verify complete
2022-10-21 08:10:33, Info                  CSI    00000166 [SR] Verifying 100 components
2022-10-21 08:10:33, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:34, Info                  CSI    00000168 [SR] Verify complete
2022-10-21 08:10:34, Info                  CSI    00000169 [SR] Verifying 100 components
2022-10-21 08:10:34, Info                  CSI    0000016a [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:34, Info                  CSI    0000016b [SR] Verify complete
2022-10-21 08:10:34, Info                  CSI    0000016c [SR] Verifying 100 components
2022-10-21 08:10:34, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:35, Info                  CSI    0000016e [SR] Verify complete
2022-10-21 08:10:35, Info                  CSI    0000016f [SR] Verifying 100 components
2022-10-21 08:10:35, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:36, Info                  CSI    00000171 [SR] Verify complete
2022-10-21 08:10:36, Info                  CSI    00000172 [SR] Verifying 100 components
2022-10-21 08:10:36, Info                  CSI    00000173 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:36, Info                  CSI    00000174 [SR] Verify complete
2022-10-21 08:10:36, Info                  CSI    00000175 [SR] Verifying 100 components
2022-10-21 08:10:36, Info                  CSI    00000176 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:37, Info                  CSI    00000177 [SR] Verify complete
2022-10-21 08:10:37, Info                  CSI    00000178 [SR] Verifying 100 components
2022-10-21 08:10:37, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:37, Info                  CSI    0000017a [SR] Verify complete
2022-10-21 08:10:37, Info                  CSI    0000017b [SR] Verifying 100 components
2022-10-21 08:10:37, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:37, Info                  CSI    0000017d [SR] Verify complete
2022-10-21 08:10:37, Info                  CSI    0000017e [SR] Verifying 100 components
2022-10-21 08:10:37, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:38, Info                  CSI    00000180 [SR] Verify complete
2022-10-21 08:10:38, Info                  CSI    00000181 [SR] Verifying 100 components
2022-10-21 08:10:38, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:39, Info                  CSI    00000184 [SR] Verify complete
2022-10-21 08:10:39, Info                  CSI    00000185 [SR] Verifying 100 components
2022-10-21 08:10:39, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:39, Info                  CSI    00000187 [SR] Verify complete
2022-10-21 08:10:39, Info                  CSI    00000188 [SR] Verifying 100 components
2022-10-21 08:10:39, Info                  CSI    00000189 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:40, Info                  CSI    0000018a [SR] Verify complete
2022-10-21 08:10:40, Info                  CSI    0000018b [SR] Verifying 100 components
2022-10-21 08:10:40, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:41, Info                  CSI    0000018d [SR] Verify complete
2022-10-21 08:10:41, Info                  CSI    0000018e [SR] Verifying 100 components
2022-10-21 08:10:41, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:41, Info                  CSI    00000190 [SR] Verify complete
2022-10-21 08:10:41, Info                  CSI    00000191 [SR] Verifying 100 components
2022-10-21 08:10:41, Info                  CSI    00000192 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:42, Info                  CSI    00000193 [SR] Verify complete
2022-10-21 08:10:42, Info                  CSI    00000194 [SR] Verifying 100 components
2022-10-21 08:10:42, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:43, Info                  CSI    00000196 [SR] Verify complete
2022-10-21 08:10:43, Info                  CSI    00000197 [SR] Verifying 100 components
2022-10-21 08:10:43, Info                  CSI    00000198 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:43, Info                  CSI    00000199 [SR] Verify complete
2022-10-21 08:10:43, Info                  CSI    0000019a [SR] Verifying 100 components
2022-10-21 08:10:43, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:44, Info                  CSI    0000019c [SR] Verify complete
2022-10-21 08:10:44, Info                  CSI    0000019d [SR] Verifying 100 components
2022-10-21 08:10:44, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:44, Info                  CSI    0000019f [SR] Verify complete
2022-10-21 08:10:45, Info                  CSI    000001a0 [SR] Verifying 100 components
2022-10-21 08:10:45, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:45, Info                  CSI    000001a2 [SR] Verify complete
2022-10-21 08:10:45, Info                  CSI    000001a3 [SR] Verifying 100 components
2022-10-21 08:10:45, Info                  CSI    000001a4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:46, Info                  CSI    000001a5 [SR] Verify complete
2022-10-21 08:10:46, Info                  CSI    000001a6 [SR] Verifying 100 components
2022-10-21 08:10:46, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:47, Info                  CSI    000001a8 [SR] Verify complete
2022-10-21 08:10:47, Info                  CSI    000001a9 [SR] Verifying 100 components
2022-10-21 08:10:47, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:47, Info                  CSI    000001ab [SR] Verify complete
2022-10-21 08:10:47, Info                  CSI    000001ac [SR] Verifying 100 components
2022-10-21 08:10:47, Info                  CSI    000001ad [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:48, Info                  CSI    000001ae [SR] Verify complete
2022-10-21 08:10:48, Info                  CSI    000001af [SR] Verifying 100 components
2022-10-21 08:10:48, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:48, Info                  CSI    000001b1 [SR] Verify complete
2022-10-21 08:10:48, Info                  CSI    000001b2 [SR] Verifying 100 components
2022-10-21 08:10:48, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:49, Info                  CSI    000001b4 [SR] Verify complete
2022-10-21 08:10:49, Info                  CSI    000001b5 [SR] Verifying 100 components
2022-10-21 08:10:49, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:50, Info                  CSI    000001b7 [SR] Verify complete
2022-10-21 08:10:50, Info                  CSI    000001b8 [SR] Verifying 100 components
2022-10-21 08:10:50, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:50, Info                  CSI    000001ba [SR] Verify complete
2022-10-21 08:10:50, Info                  CSI    000001bb [SR] Verifying 100 components
2022-10-21 08:10:50, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:51, Info                  CSI    000001bd [SR] Verify complete
2022-10-21 08:10:51, Info                  CSI    000001be [SR] Verifying 100 components
2022-10-21 08:10:51, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:52, Info                  CSI    000001c0 [SR] Verify complete
2022-10-21 08:10:52, Info                  CSI    000001c1 [SR] Verifying 100 components
2022-10-21 08:10:52, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:52, Info                  CSI    000001c3 [SR] Verify complete
2022-10-21 08:10:52, Info                  CSI    000001c4 [SR] Verifying 100 components
2022-10-21 08:10:52, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:53, Info                  CSI    000001c6 [SR] Verify complete
2022-10-21 08:10:53, Info                  CSI    000001c7 [SR] Verifying 100 components
2022-10-21 08:10:53, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:53, Info                  CSI    000001c9 [SR] Verify complete
2022-10-21 08:10:53, Info                  CSI    000001ca [SR] Verifying 100 components
2022-10-21 08:10:53, Info                  CSI    000001cb [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:54, Info                  CSI    000001cc [SR] Verify complete
2022-10-21 08:10:54, Info                  CSI    000001cd [SR] Verifying 100 components
2022-10-21 08:10:54, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:54, Info                  CSI    000001cf [SR] Verify complete
2022-10-21 08:10:54, Info                  CSI    000001d0 [SR] Verifying 100 components
2022-10-21 08:10:54, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:55, Info                  CSI    000001d3 [SR] Verify complete
2022-10-21 08:10:55, Info                  CSI    000001d4 [SR] Verifying 59 components
2022-10-21 08:10:55, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:55, Info                  CSI    000001d6 [SR] Verify complete
2022-10-21 08:10:55, Info                  CSI    000001d7 [SR] Repairing 0 components
2022-10-21 08:10:55, Info                  CSI    000001d8 [SR] Beginning Verify and Repair transaction
2022-10-21 08:10:55, Info                  CSI    000001d9 [SR] Repair complete
2022-10-21 08:23:00, Info                  CSI    00000011 [SR] Verifying 100 components
2022-10-21 08:23:00, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:00, Info                  CSI    00000013 [SR] Verify complete
2022-10-21 08:23:01, Info                  CSI    00000014 [SR] Verifying 100 components
2022-10-21 08:23:01, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:01, Info                  CSI    00000016 [SR] Verify complete
2022-10-21 08:23:01, Info                  CSI    00000017 [SR] Verifying 100 components
2022-10-21 08:23:01, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:02, Info                  CSI    00000019 [SR] Verify complete
2022-10-21 08:23:02, Info                  CSI    0000001a [SR] Verifying 100 components
2022-10-21 08:23:02, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:02, Info                  CSI    0000001c [SR] Verify complete
2022-10-21 08:23:02, Info                  CSI    0000001d [SR] Verifying 100 components
2022-10-21 08:23:02, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:03, Info                  CSI    0000001f [SR] Verify complete
2022-10-21 08:23:03, Info                  CSI    00000020 [SR] Verifying 100 components
2022-10-21 08:23:03, Info                  CSI    00000021 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:05, Info                  CSI    00000022 [SR] Verify complete
2022-10-21 08:23:05, Info                  CSI    00000023 [SR] Verifying 100 components
2022-10-21 08:23:05, Info                  CSI    00000024 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:07, Info                  CSI    00000025 [SR] Verify complete
2022-10-21 08:23:07, Info                  CSI    00000026 [SR] Verifying 100 components
2022-10-21 08:23:07, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:12, Info                  CSI    00000028 [SR] Verify complete
2022-10-21 08:23:12, Info                  CSI    00000029 [SR] Verifying 100 components
2022-10-21 08:23:12, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:13, Info                  CSI    0000002b [SR] Verify complete
2022-10-21 08:23:13, Info                  CSI    0000002c [SR] Verifying 100 components
2022-10-21 08:23:13, Info                  CSI    0000002d [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:13, Info                  CSI    0000002e [SR] Verify complete
2022-10-21 08:23:13, Info                  CSI    0000002f [SR] Verifying 100 components
2022-10-21 08:23:13, Info                  CSI    00000030 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:14, Info                  CSI    00000032 [SR] Verify complete
2022-10-21 08:23:14, Info                  CSI    00000033 [SR] Verifying 100 components
2022-10-21 08:23:14, Info                  CSI    00000034 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:15, Info                  CSI    00000035 [SR] Verify complete
2022-10-21 08:23:15, Info                  CSI    00000036 [SR] Verifying 100 components
2022-10-21 08:23:15, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:15, Info                  CSI    00000038 [SR] Verify complete
2022-10-21 08:23:15, Info                  CSI    00000039 [SR] Verifying 100 components
2022-10-21 08:23:15, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:15, Info                  CSI    0000003b [SR] Verify complete
2022-10-21 08:23:16, Info                  CSI    0000003c [SR] Verifying 100 components
2022-10-21 08:23:16, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:16, Info                  CSI    0000003e [SR] Verify complete
2022-10-21 08:23:16, Info                  CSI    0000003f [SR] Verifying 100 components
2022-10-21 08:23:16, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:17, Info                  CSI    00000041 [SR] Verify complete
2022-10-21 08:23:17, Info                  CSI    00000042 [SR] Verifying 100 components
2022-10-21 08:23:17, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:18, Info                  CSI    00000044 [SR] Verify complete
2022-10-21 08:23:18, Info                  CSI    00000045 [SR] Verifying 100 components
2022-10-21 08:23:18, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:18, Info                  CSI    00000047 [SR] Verify complete
2022-10-21 08:23:18, Info                  CSI    00000048 [SR] Verifying 100 components
2022-10-21 08:23:18, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:19, Info                  CSI    0000004a [SR] Verify complete
2022-10-21 08:23:19, Info                  CSI    0000004b [SR] Verifying 100 components
2022-10-21 08:23:19, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:20, Info                  CSI    0000004d [SR] Verify complete
2022-10-21 08:23:20, Info                  CSI    0000004e [SR] Verifying 100 components
2022-10-21 08:23:20, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:20, Info                  CSI    00000050 [SR] Verify complete
2022-10-21 08:23:21, Info                  CSI    00000051 [SR] Verifying 100 components
2022-10-21 08:23:21, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:21, Info                  CSI    00000053 [SR] Verify complete
2022-10-21 08:23:21, Info                  CSI    00000054 [SR] Verifying 100 components
2022-10-21 08:23:21, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:22, Info                  CSI    00000056 [SR] Verify complete
2022-10-21 08:23:22, Info                  CSI    00000057 [SR] Verifying 100 components
2022-10-21 08:23:22, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:22, Info                  CSI    00000059 [SR] Verify complete
2022-10-21 08:23:22, Info                  CSI    0000005a [SR] Verifying 100 components
2022-10-21 08:23:22, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:23, Info                  CSI    0000005c [SR] Verify complete
2022-10-21 08:23:23, Info                  CSI    0000005d [SR] Verifying 100 components
2022-10-21 08:23:23, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:23, Info                  CSI    0000005f [SR] Verify complete
2022-10-21 08:23:23, Info                  CSI    00000060 [SR] Verifying 100 components
2022-10-21 08:23:23, Info                  CSI    00000061 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:24, Info                  CSI    00000062 [SR] Verify complete
2022-10-21 08:23:24, Info                  CSI    00000063 [SR] Verifying 100 components
2022-10-21 08:23:24, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:24, Info                  CSI    00000065 [SR] Verify complete
2022-10-21 08:23:24, Info                  CSI    00000066 [SR] Verifying 100 components
2022-10-21 08:23:24, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:24, Info                  CSI    00000068 [SR] Verify complete
2022-10-21 08:23:24, Info                  CSI    00000069 [SR] Verifying 100 components
2022-10-21 08:23:24, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:25, Info                  CSI    0000006b [SR] Verify complete
2022-10-21 08:23:25, Info                  CSI    0000006c [SR] Verifying 100 components
2022-10-21 08:23:25, Info                  CSI    0000006d [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:25, Info                  CSI    0000006e [SR] Verify complete
2022-10-21 08:23:25, Info                  CSI    0000006f [SR] Verifying 100 components
2022-10-21 08:23:25, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:26, Info                  CSI    00000071 [SR] Verify complete
2022-10-21 08:23:26, Info                  CSI    00000072 [SR] Verifying 100 components
2022-10-21 08:23:26, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:27, Info                  CSI    00000074 [SR] Verify complete
2022-10-21 08:23:27, Info                  CSI    00000075 [SR] Verifying 100 components
2022-10-21 08:23:27, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:27, Info                  CSI    00000077 [SR] Verify complete
2022-10-21 08:23:28, Info                  CSI    00000078 [SR] Verifying 100 components
2022-10-21 08:23:28, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:28, Info                  CSI    0000007b [SR] Verify complete
2022-10-21 08:23:28, Info                  CSI    0000007c [SR] Verifying 100 components
2022-10-21 08:23:28, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:29, Info                  CSI    0000007e [SR] Verify complete
2022-10-21 08:23:29, Info                  CSI    0000007f [SR] Verifying 100 components
2022-10-21 08:23:29, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:31, Info                  CSI    00000081 [SR] Verify complete
2022-10-21 08:23:31, Info                  CSI    00000082 [SR] Verifying 100 components
2022-10-21 08:23:31, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:32, Info                  CSI    00000084 [SR] Verify complete
2022-10-21 08:23:32, Info                  CSI    00000085 [SR] Verifying 100 components
2022-10-21 08:23:32, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:34, Info                  CSI    00000088 [SR] Verify complete
2022-10-21 08:23:34, Info                  CSI    00000089 [SR] Verifying 100 components
2022-10-21 08:23:34, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:34, Info                  CSI    0000008b [SR] Verify complete
2022-10-21 08:23:34, Info                  CSI    0000008c [SR] Verifying 100 components
2022-10-21 08:23:34, Info                  CSI    0000008d [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:35, Info                  CSI    0000008f [SR] Verify complete
2022-10-21 08:23:35, Info                  CSI    00000090 [SR] Verifying 100 components
2022-10-21 08:23:35, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:35, Info                  CSI    00000092 [SR] Verify complete
2022-10-21 08:23:35, Info                  CSI    00000093 [SR] Verifying 100 components
2022-10-21 08:23:35, Info                  CSI    00000094 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:36, Info                  CSI    00000095 [SR] Verify complete
2022-10-21 08:23:36, Info                  CSI    00000096 [SR] Verifying 100 components
2022-10-21 08:23:36, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:36, Info                  CSI    00000099 [SR] Verify complete
2022-10-21 08:23:36, Info                  CSI    0000009a [SR] Verifying 100 components
2022-10-21 08:23:36, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:37, Info                  CSI    0000009d [SR] Verify complete
2022-10-21 08:23:37, Info                  CSI    0000009e [SR] Verifying 100 components
2022-10-21 08:23:37, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:39, Info                  CSI    000000a1 [SR] Verify complete
2022-10-21 08:23:39, Info                  CSI    000000a2 [SR] Verifying 100 components
2022-10-21 08:23:39, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:39, Info                  CSI    000000a4 [SR] Verify complete
2022-10-21 08:23:39, Info                  CSI    000000a5 [SR] Verifying 100 components
2022-10-21 08:23:39, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:40, Info                  CSI    000000a7 [SR] Verify complete
2022-10-21 08:23:40, Info                  CSI    000000a8 [SR] Verifying 100 components
2022-10-21 08:23:40, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:40, Info                  CSI    000000aa [SR] Verify complete
2022-10-21 08:23:40, Info                  CSI    000000ab [SR] Verifying 100 components
2022-10-21 08:23:40, Info                  CSI    000000ac [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:41, Info                  CSI    000000ad [SR] Verify complete
2022-10-21 08:23:41, Info                  CSI    000000ae [SR] Verifying 100 components
2022-10-21 08:23:41, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:41, Info                  CSI    000000b1 [SR] Verify complete
2022-10-21 08:23:42, Info                  CSI    000000b2 [SR] Verifying 100 components
2022-10-21 08:23:42, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:42, Info                  CSI    000000b4 [SR] Verify complete
2022-10-21 08:23:42, Info                  CSI    000000b5 [SR] Verifying 100 components
2022-10-21 08:23:42, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:44, Info                  CSI    000000b8 [SR] Verify complete
2022-10-21 08:23:44, Info                  CSI    000000b9 [SR] Verifying 100 components
2022-10-21 08:23:44, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:44, Info                  CSI    000000bb [SR] Verify complete
2022-10-21 08:23:44, Info                  CSI    000000bc [SR] Verifying 100 components
2022-10-21 08:23:44, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:45, Info                  CSI    000000be [SR] Verify complete
2022-10-21 08:23:45, Info                  CSI    000000bf [SR] Verifying 100 components
2022-10-21 08:23:45, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:45, Info                  CSI    000000c1 [SR] Verify complete
2022-10-21 08:23:45, Info                  CSI    000000c2 [SR] Verifying 100 components
2022-10-21 08:23:45, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:46, Info                  CSI    000000c4 [SR] Verify complete
2022-10-21 08:23:46, Info                  CSI    000000c5 [SR] Verifying 100 components
2022-10-21 08:23:46, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:47, Info                  CSI    000000c7 [SR] Verify complete
2022-10-21 08:23:47, Info                  CSI    000000c8 [SR] Verifying 100 components
2022-10-21 08:23:47, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:48, Info                  CSI    000000cb [SR] Verify complete
2022-10-21 08:23:48, Info                  CSI    000000cc [SR] Verifying 100 components
2022-10-21 08:23:48, Info                  CSI    000000cd [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:48, Info                  CSI    000000ce [SR] Verify complete
2022-10-21 08:23:49, Info                  CSI    000000cf [SR] Verifying 100 components
2022-10-21 08:23:49, Info                  CSI    000000d0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:49, Info                  CSI    000000d1 [SR] Verify complete
2022-10-21 08:23:49, Info                  CSI    000000d2 [SR] Verifying 100 components
2022-10-21 08:23:49, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:50, Info                  CSI    000000d4 [SR] Verify complete
2022-10-21 08:23:50, Info                  CSI    000000d5 [SR] Verifying 100 components
2022-10-21 08:23:50, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:50, Info                  CSI    000000d7 [SR] Verify complete
2022-10-21 08:23:50, Info                  CSI    000000d8 [SR] Verifying 100 components
2022-10-21 08:23:50, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:51, Info                  CSI    000000da [SR] Verify complete
2022-10-21 08:23:51, Info                  CSI    000000db [SR] Verifying 100 components
2022-10-21 08:23:51, Info                  CSI    000000dc [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:51, Info                  CSI    000000dd [SR] Verify complete
2022-10-21 08:23:51, Info                  CSI    000000de [SR] Verifying 100 components
2022-10-21 08:23:51, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:52, Info                  CSI    000000e0 [SR] Verify complete
2022-10-21 08:23:52, Info                  CSI    000000e1 [SR] Verifying 100 components
2022-10-21 08:23:52, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:52, Info                  CSI    000000e3 [SR] Verify complete
2022-10-21 08:23:52, Info                  CSI    000000e4 [SR] Verifying 100 components
2022-10-21 08:23:52, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:53, Info                  CSI    000000e6 [SR] Verify complete
2022-10-21 08:23:53, Info                  CSI    000000e7 [SR] Verifying 100 components
2022-10-21 08:23:53, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:54, Info                  CSI    000000e9 [SR] Verify complete
2022-10-21 08:23:54, Info                  CSI    000000ea [SR] Verifying 100 components
2022-10-21 08:23:54, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:54, Info                  CSI    000000ec [SR] Verify complete
2022-10-21 08:23:54, Info                  CSI    000000ed [SR] Verifying 100 components
2022-10-21 08:23:54, Info                  CSI    000000ee [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:55, Info                  CSI    000000ef [SR] Verify complete
2022-10-21 08:23:55, Info                  CSI    000000f0 [SR] Verifying 100 components
2022-10-21 08:23:55, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:56, Info                  CSI    000000f2 [SR] Verify complete
2022-10-21 08:23:56, Info                  CSI    000000f3 [SR] Verifying 100 components
2022-10-21 08:23:56, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:57, Info                  CSI    000000f5 [SR] Verify complete
2022-10-21 08:23:57, Info                  CSI    000000f6 [SR] Verifying 100 components
2022-10-21 08:23:57, Info                  CSI    000000f7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:23:58, Info                  CSI    000000f9 [SR] Verify complete
2022-10-21 08:23:58, Info                  CSI    000000fa [SR] Verifying 100 components
2022-10-21 08:23:58, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:00, Info                  CSI    000000fd [SR] Verify complete
2022-10-21 08:24:00, Info                  CSI    000000fe [SR] Verifying 100 components
2022-10-21 08:24:00, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:00, Info                  CSI    00000100 [SR] Verify complete
2022-10-21 08:24:00, Info                  CSI    00000101 [SR] Verifying 100 components
2022-10-21 08:24:00, Info                  CSI    00000102 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:01, Info                  CSI    00000103 [SR] Verify complete
2022-10-21 08:24:01, Info                  CSI    00000104 [SR] Verifying 100 components
2022-10-21 08:24:01, Info                  CSI    00000105 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:02, Info                  CSI    00000107 [SR] Verify complete
2022-10-21 08:24:02, Info                  CSI    00000108 [SR] Verifying 100 components
2022-10-21 08:24:02, Info                  CSI    00000109 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:03, Info                  CSI    0000010a [SR] Verify complete
2022-10-21 08:24:03, Info                  CSI    0000010b [SR] Verifying 100 components
2022-10-21 08:24:03, Info                  CSI    0000010c [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:04, Info                  CSI    0000010d [SR] Verify complete
2022-10-21 08:24:04, Info                  CSI    0000010e [SR] Verifying 100 components
2022-10-21 08:24:04, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:05, Info                  CSI    00000110 [SR] Verify complete
2022-10-21 08:24:05, Info                  CSI    00000111 [SR] Verifying 100 components
2022-10-21 08:24:05, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:06, Info                  CSI    00000113 [SR] Verify complete
2022-10-21 08:24:06, Info                  CSI    00000114 [SR] Verifying 100 components
2022-10-21 08:24:06, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:06, Info                  CSI    00000116 [SR] Verify complete
2022-10-21 08:24:06, Info                  CSI    00000117 [SR] Verifying 100 components
2022-10-21 08:24:06, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:07, Info                  CSI    00000119 [SR] Verify complete
2022-10-21 08:24:07, Info                  CSI    0000011a [SR] Verifying 100 components
2022-10-21 08:24:07, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:07, Info                  CSI    0000011c [SR] Verify complete
2022-10-21 08:24:07, Info                  CSI    0000011d [SR] Verifying 100 components
2022-10-21 08:24:07, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:08, Info                  CSI    0000011f [SR] Verify complete
2022-10-21 08:24:08, Info                  CSI    00000120 [SR] Verifying 100 components
2022-10-21 08:24:08, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:09, Info                  CSI    00000122 [SR] Verify complete
2022-10-21 08:24:09, Info                  CSI    00000123 [SR] Verifying 100 components
2022-10-21 08:24:09, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:09, Info                  CSI    00000125 [SR] Verify complete
2022-10-21 08:24:09, Info                  CSI    00000126 [SR] Verifying 100 components
2022-10-21 08:24:09, Info                  CSI    00000127 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:10, Info                  CSI    00000128 [SR] Verify complete
2022-10-21 08:24:10, Info                  CSI    00000129 [SR] Verifying 100 components
2022-10-21 08:24:10, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:10, Info                  CSI    0000012b [SR] Verify complete
2022-10-21 08:24:10, Info                  CSI    0000012c [SR] Verifying 100 components
2022-10-21 08:24:10, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:11, Info                  CSI    0000012e [SR] Verify complete
2022-10-21 08:24:11, Info                  CSI    0000012f [SR] Verifying 100 components
2022-10-21 08:24:11, Info                  CSI    00000130 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:11, Info                  CSI    00000131 [SR] Verify complete
2022-10-21 08:24:11, Info                  CSI    00000132 [SR] Verifying 100 components
2022-10-21 08:24:11, Info                  CSI    00000133 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:12, Info                  CSI    00000135 [SR] Verify complete
2022-10-21 08:24:12, Info                  CSI    00000136 [SR] Verifying 100 components
2022-10-21 08:24:12, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:12, Info                  CSI    00000138 [SR] Verify complete
2022-10-21 08:24:13, Info                  CSI    00000139 [SR] Verifying 100 components
2022-10-21 08:24:13, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:13, Info                  CSI    0000013b [SR] Verify complete
2022-10-21 08:24:13, Info                  CSI    0000013c [SR] Verifying 100 components
2022-10-21 08:24:13, Info                  CSI    0000013d [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:13, Info                  CSI    0000013e [SR] Verify complete
2022-10-21 08:24:13, Info                  CSI    0000013f [SR] Verifying 100 components
2022-10-21 08:24:13, Info                  CSI    00000140 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:14, Info                  CSI    00000141 [SR] Verify complete
2022-10-21 08:24:14, Info                  CSI    00000142 [SR] Verifying 100 components
2022-10-21 08:24:14, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:14, Info                  CSI    00000144 [SR] Verify complete
2022-10-21 08:24:14, Info                  CSI    00000145 [SR] Verifying 100 components
2022-10-21 08:24:14, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:15, Info                  CSI    00000147 [SR] Verify complete
2022-10-21 08:24:15, Info                  CSI    00000148 [SR] Verifying 100 components
2022-10-21 08:24:15, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:15, Info                  CSI    0000014a [SR] Verify complete
2022-10-21 08:24:15, Info                  CSI    0000014b [SR] Verifying 100 components
2022-10-21 08:24:15, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:17, Info                  CSI    0000014f [SR] Verify complete
2022-10-21 08:24:18, Info                  CSI    00000150 [SR] Verifying 100 components
2022-10-21 08:24:18, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:18, Info                  CSI    00000152 [SR] Verify complete
2022-10-21 08:24:18, Info                  CSI    00000153 [SR] Verifying 100 components
2022-10-21 08:24:18, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:19, Info                  CSI    00000155 [SR] Verify complete
2022-10-21 08:24:19, Info                  CSI    00000156 [SR] Verifying 100 components
2022-10-21 08:24:19, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:19, Info                  CSI    00000158 [SR] Verify complete
2022-10-21 08:24:19, Info                  CSI    00000159 [SR] Verifying 100 components
2022-10-21 08:24:19, Info                  CSI    0000015a [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:20, Info                  CSI    0000015b [SR] Verify complete
2022-10-21 08:24:20, Info                  CSI    0000015c [SR] Verifying 100 components
2022-10-21 08:24:20, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:21, Info                  CSI    0000015e [SR] Verify complete
2022-10-21 08:24:21, Info                  CSI    0000015f [SR] Verifying 100 components
2022-10-21 08:24:21, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:21, Info                  CSI    00000161 [SR] Verify complete
2022-10-21 08:24:21, Info                  CSI    00000162 [SR] Verifying 100 components
2022-10-21 08:24:21, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:22, Info                  CSI    00000164 [SR] Verify complete
2022-10-21 08:24:22, Info                  CSI    00000165 [SR] Verifying 100 components
2022-10-21 08:24:22, Info                  CSI    00000166 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:22, Info                  CSI    00000167 [SR] Verify complete
2022-10-21 08:24:22, Info                  CSI    00000168 [SR] Verifying 100 components
2022-10-21 08:24:22, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:23, Info                  CSI    0000016a [SR] Verify complete
2022-10-21 08:24:23, Info                  CSI    0000016b [SR] Verifying 100 components
2022-10-21 08:24:23, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:23, Info                  CSI    0000016d [SR] Verify complete
2022-10-21 08:24:23, Info                  CSI    0000016e [SR] Verifying 100 components
2022-10-21 08:24:23, Info                  CSI    0000016f [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:24, Info                  CSI    00000170 [SR] Verify complete
2022-10-21 08:24:24, Info                  CSI    00000171 [SR] Verifying 100 components
2022-10-21 08:24:24, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:25, Info                  CSI    00000173 [SR] Verify complete
2022-10-21 08:24:25, Info                  CSI    00000174 [SR] Verifying 100 components
2022-10-21 08:24:25, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:25, Info                  CSI    00000176 [SR] Verify complete
2022-10-21 08:24:25, Info                  CSI    00000177 [SR] Verifying 100 components
2022-10-21 08:24:25, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:25, Info                  CSI    00000179 [SR] Verify complete
2022-10-21 08:24:25, Info                  CSI    0000017a [SR] Verifying 100 components
2022-10-21 08:24:25, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:26, Info                  CSI    0000017c [SR] Verify complete
2022-10-21 08:24:26, Info                  CSI    0000017d [SR] Verifying 100 components
2022-10-21 08:24:26, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:26, Info                  CSI    0000017f [SR] Verify complete
2022-10-21 08:24:26, Info                  CSI    00000180 [SR] Verifying 100 components
2022-10-21 08:24:26, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:27, Info                  CSI    00000183 [SR] Verify complete
2022-10-21 08:24:27, Info                  CSI    00000184 [SR] Verifying 100 components
2022-10-21 08:24:27, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:27, Info                  CSI    00000186 [SR] Verify complete
2022-10-21 08:24:28, Info                  CSI    00000187 [SR] Verifying 100 components
2022-10-21 08:24:28, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:28, Info                  CSI    00000189 [SR] Verify complete
2022-10-21 08:24:28, Info                  CSI    0000018a [SR] Verifying 100 components
2022-10-21 08:24:28, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:29, Info                  CSI    0000018c [SR] Verify complete
2022-10-21 08:24:29, Info                  CSI    0000018d [SR] Verifying 100 components
2022-10-21 08:24:29, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:30, Info                  CSI    0000018f [SR] Verify complete
2022-10-21 08:24:30, Info                  CSI    00000190 [SR] Verifying 100 components
2022-10-21 08:24:30, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:30, Info                  CSI    00000192 [SR] Verify complete
2022-10-21 08:24:30, Info                  CSI    00000193 [SR] Verifying 100 components
2022-10-21 08:24:30, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:31, Info                  CSI    00000195 [SR] Verify complete
2022-10-21 08:24:31, Info                  CSI    00000196 [SR] Verifying 100 components
2022-10-21 08:24:31, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:32, Info                  CSI    00000198 [SR] Verify complete
2022-10-21 08:24:32, Info                  CSI    00000199 [SR] Verifying 100 components
2022-10-21 08:24:32, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:32, Info                  CSI    0000019b [SR] Verify complete
2022-10-21 08:24:32, Info                  CSI    0000019c [SR] Verifying 100 components
2022-10-21 08:24:32, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:33, Info                  CSI    0000019e [SR] Verify complete
2022-10-21 08:24:33, Info                  CSI    0000019f [SR] Verifying 100 components
2022-10-21 08:24:33, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:33, Info                  CSI    000001a1 [SR] Verify complete
2022-10-21 08:24:33, Info                  CSI    000001a2 [SR] Verifying 100 components
2022-10-21 08:24:33, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:34, Info                  CSI    000001a4 [SR] Verify complete
2022-10-21 08:24:34, Info                  CSI    000001a5 [SR] Verifying 100 components
2022-10-21 08:24:34, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:35, Info                  CSI    000001a7 [SR] Verify complete
2022-10-21 08:24:35, Info                  CSI    000001a8 [SR] Verifying 100 components
2022-10-21 08:24:35, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:35, Info                  CSI    000001aa [SR] Verify complete
2022-10-21 08:24:35, Info                  CSI    000001ab [SR] Verifying 100 components
2022-10-21 08:24:35, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:36, Info                  CSI    000001ad [SR] Verify complete
2022-10-21 08:24:36, Info                  CSI    000001ae [SR] Verifying 100 components
2022-10-21 08:24:36, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:37, Info                  CSI    000001b0 [SR] Verify complete
2022-10-21 08:24:37, Info                  CSI    000001b1 [SR] Verifying 100 components
2022-10-21 08:24:37, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:37, Info                  CSI    000001b3 [SR] Verify complete
2022-10-21 08:24:37, Info                  CSI    000001b4 [SR] Verifying 100 components
2022-10-21 08:24:37, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:38, Info                  CSI    000001b6 [SR] Verify complete
2022-10-21 08:24:38, Info                  CSI    000001b7 [SR] Verifying 100 components
2022-10-21 08:24:38, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:39, Info                  CSI    000001b9 [SR] Verify complete
2022-10-21 08:24:39, Info                  CSI    000001ba [SR] Verifying 100 components
2022-10-21 08:24:39, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:40, Info                  CSI    000001bc [SR] Verify complete
2022-10-21 08:24:40, Info                  CSI    000001bd [SR] Verifying 100 components
2022-10-21 08:24:40, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:40, Info                  CSI    000001bf [SR] Verify complete
2022-10-21 08:24:40, Info                  CSI    000001c0 [SR] Verifying 100 components
2022-10-21 08:24:40, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:41, Info                  CSI    000001c2 [SR] Verify complete
2022-10-21 08:24:41, Info                  CSI    000001c3 [SR] Verifying 100 components
2022-10-21 08:24:41, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:41, Info                  CSI    000001c5 [SR] Verify complete
2022-10-21 08:24:41, Info                  CSI    000001c6 [SR] Verifying 100 components
2022-10-21 08:24:41, Info                  CSI    000001c7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:42, Info                  CSI    000001c8 [SR] Verify complete
2022-10-21 08:24:42, Info                  CSI    000001c9 [SR] Verifying 100 components
2022-10-21 08:24:42, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:42, Info                  CSI    000001cb [SR] Verify complete
2022-10-21 08:24:42, Info                  CSI    000001cc [SR] Verifying 100 components
2022-10-21 08:24:42, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:42, Info                  CSI    000001ce [SR] Verify complete
2022-10-21 08:24:43, Info                  CSI    000001cf [SR] Verifying 100 components
2022-10-21 08:24:43, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:43, Info                  CSI    000001d2 [SR] Verify complete
2022-10-21 08:24:43, Info                  CSI    000001d3 [SR] Verifying 59 components
2022-10-21 08:24:43, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:44, Info                  CSI    000001d5 [SR] Verify complete
2022-10-21 08:24:44, Info                  CSI    000001d6 [SR] Repairing 0 components
2022-10-21 08:24:44, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2022-10-21 08:24:44, Info                  CSI    000001d8 [SR] Repair complete
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "AMSI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "AirSpaceChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Application" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "DirectShowFilterGraph" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "DirectShowPluginControl" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Els_Hyphenation/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "EndpointMapper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "FirstUXPerf-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "ForwardedEvents" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "General Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "HardwareEvents" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "IHM_DebugChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/Application" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/System" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-UART2/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Internet Explorer" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Key Management Service" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationFrameServer" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProcD3D" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationAsyncWrapper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationContentProtection" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationDS" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationDeviceProxy" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationMP4" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationMediaEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformanceCore" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPipeline" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPlatform" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationSrcPrefetch" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-IE/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-System-Diagnostics-DiagnosticInvoker/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Backup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Call" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/CertInUse" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Autopilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Query/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Compositor/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-SysMm/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-SysMm/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorClass/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Feedback-Service-TriggerProvider" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-KMCL-Child/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-CPU-Starvation/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Cache/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Dump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PRM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Management" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MosHost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MosHost/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-ExecutionContext/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Perflib/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing-PermissiveLearningMode/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Isolation-BrokeringFileSystem/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement-PartUtil/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Api/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Parser/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Parser/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-Diag/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Watchdog-Events/WdLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WerKernel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp-Pca" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Pca" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ZTraceMaps/Function" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ZTraceMaps/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-hidcfu/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Navigator" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Network Isolation Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OAlerts" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OfficeChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OfficeDebugChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "PlayReadyPerformanceChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "RTWorkQueueExtended" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "RTWorkQueueTheading" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SMSApi" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Setup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SmbWmiAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "System" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SystemEventsBroker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TimeBroker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "UIManager_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Uac/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WMPSetup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WMPSyncEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows PowerShell" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WordChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "muxencode" 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 08:25:01 ====

 


  • 0

#4
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by olyti (administrator) on MSI (Micro-Star International Co., Ltd. GS66 Stealth 10SF) (21-10-2022 08:28:10)
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Platform: Microsoft Windows 11 Home Version 22H2 22621.674 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(A-Volute SAS -> A-Volute) C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
(C:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <4>
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Entertainment application) [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22AD.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Users\olyti\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_af5df92252aaf9f0\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2>
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(SteelSeries ApS -> ) C:\Program Files\SteelSeries\GG\cvgamesense\SteelSeriesCVGameSense.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5987456 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12849016 2022-10-14] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0527Helper] => C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Steam] => C:\Steam\steam.exe [4234088 2022-10-18] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [streamlink-twitch-gui] => C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe [2081280 2022-03-13] (The NW.js Community) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Entertainment] => C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe [134353921 2022-06-13] (Entertainment application) [File not signed] <==== ATTENTION
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {020C20C7-2254-47D5-A072-F8FE77A24974} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-06] (Microsoft Windows -> )
Task: {0E9D6F75-D3E3-4A66-8FEB-59EA5D8325E2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0EEC08EA-88A4-40D2-8E51-AC372FF12112} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1253720C-DF1D-432E-ABD5-CFE8542EAA00} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {13874124-0973-4636-B069-E2BAA300845A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {35FA916E-7995-450D-B2C8-090E02EECB1C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {430E7B8B-5FCB-4C60-9789-B53FEA9C9A8C} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {455B934C-9A9E-423D-9E45-93C85EB88C1C} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {4766F956-3269-4F79-B2A1-0848C9AF8390} - System32\Tasks\chrome accessibility => cmd /c powershell -WindowStyle Hidden -E "CgAKACQAbwBrAD0AJAB0AHIAdQBlAAoACgAkAGoAdgBBAHIAPQAkAG4AdQBsAGwAOwAKACQAZABfAHYAYQByACAAPQAgACIAMgAzACIAOwAKAAoACgAkAHMAdAByAF8ARQBOAEMAXwBBAHMAYwA9AFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQA7AAoAJABtAHAAYQByACAAPQAgACIAVwB5AE (the data entry has 5407 more characters). <==== ATTENTION
Task: {4A8F1B73-807F-45ED-BF66-8E221CA739ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6167BAC4-E8B3-4DA1-A97F-6629760B8002} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6302DFFD-9EE6-4930-9056-A1600F5206C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6492DE10-4013-4F02-8761-90E2A67A04BB} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {666CBBC0-DB4C-4B55-8F77-FD1413619CD1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {69831915-6808-4DA2-B48E-CF5230B79EDB} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {6A8390B8-0C1B-4D4E-91D2-80AF5891C6C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6B7A010A-D145-45AC-A1B5-34E8A388CB0B} - System32\Tasks\Opera scheduled Autoupdate 1665787781 => C:\Users\olyti\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-09-27] (Opera Norway AS -> Opera Software)
Task: {7914F9BC-5FEF-4C7D-BCAB-55116D9B913A} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [544680 2021-10-14] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7E1654C6-EA21-4EC5-954D-35CD36E14424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {85CF76D8-EB28-443F-A805-99ADFBEC3DD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {886ADADB-53C3-44CA-8895-76EDA48A3425} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {90982FFD-B73C-49D1-88A2-722F5046B968} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {975E17ED-32FC-48CB-94F8-D40BBC515AE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {9A6C2161-FEE5-4926-B363-24A961D4F0E9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCCF0B3-E1BB-49C3-BF78-E6F7FCA4CC8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9D567404-1F70-450D-9AB8-0B250A8C8570} - System32\Tasks\OneDC_Updater => C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5311400 2021-04-16] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {B830899C-E11E-45EF-8B59-4D414FCF5AD9} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {BE122147-85C1-492C-8636-25F9346B1F98} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C5BB144B-621E-4315-A555-72D2E9F83CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C8549770-3EA9-4ACE-90B5-9E317EE82781} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC102570-8047-4AC3-A02D-996FAD6CF3D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EC6B4537-41C9-4C5F-858D-7B8E808E47C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EDE4AD87-F00E-48EB-A867-31D2962F6879} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [217088 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {FFF8C01D-6F55-4323-A7AE-A11329AB4585} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72c79358-0494-433e-98e3-d5ca75fe66db}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf5b0e02-27bd-40f0-99ea-fad733c4282f}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-21]
Edge Notifications: Default -> hxxps://app.slack.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=NMTE
Edge Session Restore: Default -> is enabled.
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-10-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-09-29]
Edge Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-09-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default [2021-09-02]
CHR Extension: (Slides) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-27]
CHR Extension: (Docs) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-27]
CHR Extension: (Google Drive) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-27]
CHR Extension: (YouTube) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-27]
CHR Extension: (Sheets) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-27]
CHR Extension: (Gmail) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-27]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-20]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-02]
CHR HomePage: Profile 1 -> hxxps://www.reddit.com/
CHR Extension: (Slides) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-02]
CHR Extension: (Docs) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-02]
CHR Extension: (Google Drive) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-02]
CHR Extension: (YouTube) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-02]
CHR Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-09-02]
CHR Extension: (Sheets) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-02]
CHR Extension: (Cisco Webex Extension) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-09-02]
CHR Extension: (Grammarly for Chrome) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-09-02]
CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-02]
CHR Extension: (Gmail) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-02]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-20]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Opera: 
=======
OPR Profile: C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable [2022-10-21]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-14]
OPR Extension: (Opera Wallet) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-14]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9854568 2022-10-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610472 2022-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [588264 2021-11-11] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncHelper.exe [3383704 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [74048 2022-03-30] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2432832 2022-03-30] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2893136 2022-03-30] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73528 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [74064 2022-03-30] (Intel Corporation -> Intel® Corporation)
S4 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [168056 2019-05-07] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [87976 2021-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [207488 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\OneDriveUpdaterService.exe [3804040 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-26] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-18] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
S2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-10-14] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 THXService; C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [234792 2022-01-19] (Tobii AB -> Tobii AB)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2021-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [185536 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-11] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslc7761a17; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{50AB2429-D89F-4C29-B6C6-23DF16711069}\MpKslDrv.sys [228632 2022-10-21] (Microsoft Windows -> Microsoft Corporation)
R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43936 2022-07-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-06] (Microsoft Windows -> Realtek Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008f; C:\WINDOWS\System32\drivers\RzDev_008f.sys [63216 2022-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0241; C:\WINDOWS\System32\drivers\RzDev_0241.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0290; C:\WINDOWS\System32\drivers\RzDev_0290.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0292; C:\WINDOWS\System32\drivers\RzDev_0292.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0527; C:\WINDOWS\System32\drivers\RzDev_0527.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2021-04-14] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [37280 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_5f23057de8eba7db\SteelSeries-Sonar-VAD.sys [92856 2022-09-21] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R3 sTHXVAD; C:\WINDOWS\System32\drivers\THXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-21 08:27 - 2022-10-21 08:27 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-21 08:03 - 2022-10-21 08:03 - 051973112 _____ (Rivet Networks) C:\Users\olyti\Downloads\KillerPerformanceSuite_3.1222.7101_Win10-11x64.exe
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-20 16:03 - 2022-10-20 16:03 - 000014906 _____ C:\WINDOWS\system32\Tasks\chrome accessibility
2022-10-20 08:49 - 2022-10-21 08:28 - 000000000 ____D C:\FRST
2022-10-20 08:37 - 2022-10-20 08:37 - 000000000 ____D C:\Users\olyti\AppData\Local\chrome_accessibility
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Faerin Games
2022-10-18 21:38 - 2022-10-18 21:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Soda Pop Minatures and Underbite Games
2022-10-18 15:34 - 2022-10-18 15:35 - 000000000 ____D C:\ProgramData\HP
2022-10-18 07:23 - 2022-10-18 07:23 - 000000000 ____D C:\Users\olyti\AppData\Local\Entertainment
2022-10-18 07:23 - 2022-06-13 02:52 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Entertainment
2022-10-16 13:52 - 2022-10-16 13:52 - 000000000 ____D C:\Users\olyti\AppData\Local\devil bartender
2022-10-15 23:13 - 2022-10-15 23:14 - 000000000 ____D C:\Users\olyti\AppData\Local\ASTLIBRA
2022-10-15 22:49 - 2022-10-15 22:49 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Ozaak
2022-10-15 22:09 - 2022-10-15 22:09 - 083119912 _____ (Discord Inc.) C:\Users\olyti\Downloads\DiscordSetup (2).exe
2022-10-15 22:04 - 2022-10-15 22:04 - 000000000 ____D C:\Users\olyti\AppData\Local\Ronin
2022-10-15 00:06 - 2022-10-15 00:06 - 000000000 ____D C:\Users\olyti\AppData\Local\ProjectCoral
2022-10-14 16:49 - 2022-10-14 16:49 - 000004134 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1665787781
2022-10-14 16:49 - 2022-10-14 16:49 - 000001402 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Opera Software
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Local\Opera Software
2022-10-13 23:12 - 2022-10-16 09:44 - 000000000 ____D C:\Program Files\dotnet
2022-10-13 23:12 - 2022-10-14 08:28 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vortex
2022-10-13 23:12 - 2022-10-13 23:12 - 000002063 _____ C:\Users\Public\Desktop\Vortex.lnk
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Users\olyti\AppData\Local\vortex-updater
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2022-10-13 21:58 - 2022-10-13 22:00 - 000000000 ____D C:\Users\olyti\Documents\Dyson Sphere Program
2022-10-13 21:58 - 2022-10-13 21:58 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Youthcat Studio
2022-10-13 21:22 - 2022-10-13 21:22 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-13 21:22 - 2022-10-13 21:22 - 000000000 ___HD C:\$WinREAgent
2022-10-11 23:25 - 2022-10-11 23:25 - 000000000 ____D C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui
2022-10-11 23:16 - 2022-10-11 23:16 - 000000000 ____D C:\Users\olyti\AppData\Local\streamlink-twitch-gui
2022-10-09 10:56 - 2019-03-15 02:36 - 003753088 _____ (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPScanTRDrv_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 002952200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkinsE311.exe
2022-10-09 10:56 - 2019-03-15 02:36 - 000592000 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia2_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000392200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkstsE311LM.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000327688 _____ (HP Inc.) C:\WINDOWS\system32\hpinkcoiE311.dll
2022-10-07 15:14 - 2022-10-07 15:14 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\SuperMegaTeam
2022-10-07 08:12 - 2022-10-07 08:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Hide Games
2022-10-06 21:14 - 2022-10-06 21:14 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-06 21:14 - 2022-10-06 21:14 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-06 21:10 - 2022-10-06 21:10 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-06 20:12 - 2022-10-06 20:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\QHS
2022-10-06 20:09 - 2022-10-06 20:09 - 000000000 ____D C:\Users\olyti\AppData\Local\rmmz-game
2022-10-06 19:56 - 2022-10-06 19:56 - 000000000 ____D C:\Users\olyti\AppData\Local\Potionomics
2022-10-06 19:39 - 2022-10-06 19:39 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\RebornEntertainment
2022-10-06 19:38 - 2022-10-06 19:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\DefaultCompany
2022-10-04 23:13 - 2022-10-04 23:13 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Dark Light Studio
2022-10-04 22:30 - 2022-10-04 22:30 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Trigon fan
2022-10-03 23:42 - 2022-10-03 23:42 - 003079632 _____ C:\Users\olyti\Downloads\Naga Pro_Mouse_FirmwareUpdater_v2.02.00_r1.exe
2022-10-03 23:38 - 2022-10-03 23:38 - 003709216 _____ C:\Users\olyti\Downloads\DeathStalkerV2Pro_FirmwareUpdater_v1.01.02_r1 (1).exe
2022-10-02 22:33 - 2022-10-02 22:33 - 003709216 _____ C:\Users\olyti\Downloads\DeathStalkerV2Pro_FirmwareUpdater_v1.01.02_r1.exe
2022-10-01 18:30 - 2022-10-01 18:30 - 000001143 _____ C:\Users\Public\Desktop\GShade Control Panel.lnk
2022-10-01 18:30 - 2022-10-01 18:30 - 000000091 _____ C:\Users\Public\Desktop\GShade Visual Guide.url
2022-10-01 18:30 - 2022-10-01 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GShade
2022-10-01 18:29 - 2022-10-01 18:29 - 000000000 ____D C:\Users\Public\GShade Custom Shaders
2022-10-01 10:48 - 2022-10-01 10:48 - 001781654 _____ C:\Users\olyti\Downloads\Canyon_Logo-2-COL-White-REV-HORZ.eps
2022-09-30 16:28 - 2022-09-30 16:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-30 16:27 - 2022-10-21 08:16 - 000807834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-30 16:26 - 2022-10-21 08:28 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-09-30 16:26 - 2022-10-21 08:28 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-09-30 16:26 - 2022-10-21 08:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-30 16:26 - 2022-10-21 08:23 - 000004138 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2865D8D3-0E3F-42D6-9DB0-FBC78E111295}
2022-09-30 16:26 - 2022-10-14 23:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-30 16:26 - 2022-10-14 23:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-30 16:26 - 2022-10-10 18:58 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001
2022-09-30 16:26 - 2022-10-10 18:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-30 16:26 - 2022-09-30 16:26 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-09-30 16:26 - 2022-09-30 16:26 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-09-30 16:26 - 2022-09-30 16:26 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2022-09-30 16:26 - 2022-09-30 16:26 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-09-30 16:26 - 2022-09-30 16:26 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002826 _____ C:\WINDOWS\system32\Tasks\OneDC_Updater
2022-09-30 16:26 - 2022-09-30 16:26 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002280 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000002184 _____ C:\WINDOWS\system32\Tasks\OmApSvcBroker
2022-09-30 16:26 - 2022-09-30 16:26 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000000020 ___SH C:\Users\olyti\ntuser.ini
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\IsolatedStorage
2022-09-30 16:26 - 2020-05-30 11:23 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3202656799-1986057151-242305456-500
2022-09-30 16:26 - 2019-11-13 11:43 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3246922579-2884849309-941848276-500
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-09-30 16:24 - 2022-09-30 16:24 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-09-30 16:23 - 2022-10-21 08:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-30 16:23 - 2022-10-13 21:43 - 000607720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-30 16:00 - 2022-09-30 16:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-30 15:59 - 2022-10-21 00:23 - 000000000 ____D C:\Users\olyti
2022-09-30 15:59 - 2022-05-06 23:19 - 000001281 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-09-30 15:59 - 2022-05-06 23:19 - 000000407 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-09-30 15:58 - 2022-09-30 16:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2022-09-30 15:55 - 2022-09-30 15:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-09-30 15:54 - 2022-09-30 15:54 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\addins
2022-09-30 15:46 - 2022-09-30 15:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-30 15:24 - 2022-10-13 00:02 - 000000000 ___DC C:\WINDOWS\Panther
2022-09-29 22:27 - 2022-09-29 22:27 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Unknown Worlds
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-29 17:56 - 2022-09-23 19:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-29 17:56 - 2022-09-23 19:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-29 17:56 - 2022-09-23 19:27 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-29 17:56 - 2022-09-23 19:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-29 17:56 - 2022-09-23 16:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-29 17:56 - 2022-09-23 16:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-09-29 17:56 - 2022-09-21 18:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-29 17:56 - 2022-07-15 10:59 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-09-29 17:56 - 2021-06-02 08:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-09-29 17:55 - 2022-09-29 17:55 - 825894408 _____ (NVIDIA Corporation) C:\Users\olyti\Downloads\517.48-notebook-win10-win11-64bit-international-dch-whql.exe
2022-09-29 17:49 - 2022-09-07 08:56 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-09-29 17:49 - 2022-09-07 08:56 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ C:\Users\olyti\AppData\Local\2450563487
2022-09-29 17:48 - 2022-09-29 17:48 - 000000000 ____D C:\Users\olyti\AppData\Local\Arkane Studios
2022-09-24 23:41 - 2022-09-24 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\CD Projekt Red
2022-09-24 23:39 - 2022-09-24 23:39 - 000000000 ____D C:\Users\olyti\AppData\Local\REDEngine
2022-09-24 22:25 - 2022-09-24 22:25 - 000000000 ____D C:\Users\olyti\AppData\Local\Prometheus
2022-09-24 12:26 - 2022-09-24 12:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Cuphead
2022-09-23 15:10 - 2022-09-23 15:10 - 000095979 _____ C:\Users\olyti\Downloads\download (15).html
2022-09-23 08:58 - 2022-09-23 08:58 - 000177106 _____ C:\Users\olyti\Downloads\download (14).html
2022-09-22 14:33 - 2022-09-22 14:33 - 000508495 _____ C:\Users\olyti\Downloads\download (13).html
2022-09-22 14:30 - 2022-09-22 14:30 - 000544581 _____ C:\Users\olyti\Downloads\download (12).html
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-21 08:29 - 2021-04-27 23:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-21 08:28 - 2022-03-05 21:51 - 000000000 ____D C:\Users\olyti\.tobii
2022-10-21 08:28 - 2021-04-17 18:04 - 000000000 ____D C:\Steam
2022-10-21 08:27 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-21 08:27 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-21 08:27 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-21 08:27 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-21 08:27 - 2022-05-06 23:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-21 08:27 - 2021-04-22 13:18 - 000012288 ___SH C:\DumpStack.log.tmp
2022-10-21 08:27 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-21 08:22 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-21 08:16 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-10-21 08:01 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-21 08:01 - 2021-04-18 00:43 - 000000000 ____D C:\Users\olyti\AppData\Local\CrashDumps
2022-10-21 00:34 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\SteelSeries
2022-10-21 00:24 - 2021-12-17 01:26 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2022-10-21 00:24 - 2020-05-30 10:43 - 000000000 ____D C:\ProgramData\A-Volute
2022-10-20 22:47 - 2021-04-17 17:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-20 17:16 - 2021-11-19 23:04 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-18 19:34 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\PlaceholderTileLogoFolder
2022-10-18 15:35 - 2021-04-17 17:05 - 000000000 ____D C:\Users\olyti\AppData\Local\Packages
2022-10-18 15:35 - 2019-11-13 11:43 - 000000000 ____D C:\ProgramData\Packages
2022-10-18 07:25 - 2021-04-17 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\D3DSCache
2022-10-16 09:45 - 2020-05-30 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-15 20:32 - 2022-03-11 18:26 - 000000000 ____D C:\XboxGames
2022-10-14 04:58 - 2019-11-13 13:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 22:24 - 2021-04-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 22:23 - 2021-04-17 23:53 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-13 21:54 - 2019-11-13 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-13 21:52 - 2021-11-10 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-10-13 21:51 - 2021-11-10 18:44 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-13 21:42 - 2021-09-09 17:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-12 04:39 - 2022-06-09 23:20 - 000316920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-10-12 02:55 - 2022-06-09 23:20 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-10-11 18:23 - 2021-04-27 23:07 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 08:22 - 2021-08-26 22:29 - 000000000 ____D C:\Users\olyti\AppData\Roaming\projectascension
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascension Launcher
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\Program Files\Ascension Launcher
2022-10-10 18:58 - 2021-04-25 09:39 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-09 11:09 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-06 21:17 - 2022-05-06 23:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-06 21:17 - 2022-05-06 23:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-06 20:52 - 2021-05-31 10:54 - 000000000 ____D C:\Users\olyti\AppData\Roaming\rsilauncher
2022-10-06 19:56 - 2021-05-08 00:40 - 000000000 ____D C:\Users\olyti\AppData\Local\UnrealEngine
2022-10-03 20:04 - 2021-04-17 17:05 - 000000000 __SHD C:\Users\olyti\IntelGraphicsProfiles
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\ProgramData\Razer
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\Program Files (x86)\Razer
2022-10-02 16:48 - 2022-04-04 21:43 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-01 18:30 - 2021-10-23 17:19 - 000000000 ____D C:\Program Files\GShade
2022-10-01 18:29 - 2021-10-23 17:19 - 000000000 ____D C:\Users\Public\GShade Backups
2022-10-01 18:08 - 2022-03-05 21:51 - 000000000 ____D C:\ProgramData\Tobii
2022-09-30 16:48 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-30 16:26 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-30 16:26 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-30 16:26 - 2019-11-13 11:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-30 16:24 - 2020-05-30 10:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-30 16:23 - 2022-08-11 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tower of Fantasy
2022-09-30 16:23 - 2022-05-14 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline
2022-09-30 16:23 - 2022-05-06 23:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-30 16:23 - 2022-03-05 19:39 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2022-03-04 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RazerCentral
2022-09-30 16:23 - 2022-02-10 00:22 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games
2022-09-30 16:23 - 2021-09-05 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
2022-09-30 16:23 - 2021-06-18 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-09-30 16:23 - 2021-06-05 06:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-30 16:23 - 2021-04-30 18:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-09-30 16:23 - 2021-04-17 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-30 16:23 - 2021-04-17 23:04 - 000000000 ____D C:\Program Files\UNP
2022-09-30 16:23 - 2021-04-17 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2021-04-17 17:07 - 000000000 ___RD C:\Users\olyti\OneDrive
2022-09-30 16:23 - 2020-05-30 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI True Color
2022-09-30 16:23 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-30 16:23 - 2020-05-30 10:34 - 000000000 ____D C:\Program Files\Intel
2022-09-30 16:23 - 2019-11-13 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 16:23 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-30 16:06 - 2022-05-06 23:28 - 000000000 ____D C:\WINDOWS\Setup
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-30 16:00 - 2021-04-17 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2022-09-30 16:00 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2022-09-30 15:57 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-29 17:59 - 2021-10-30 22:36 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA
2022-09-29 17:58 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-24 23:38 - 2021-06-18 10:44 - 000000000 ____D C:\Users\olyti\AppData\Local\cache
 
==================== Files in the root of some directories ========
 
2022-08-11 08:41 - 2022-08-11 08:41 - 000001004 _____ () C:\Users\olyti\AppData\Roaming\tof_launcher.reg
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ () C:\Users\olyti\AppData\Local\2450563487
2021-11-06 22:23 - 2021-11-06 22:23 - 000007598 _____ () C:\Users\olyti\AppData\Local\Resmon.ResmonCfg
 
==================== FLock ==============================
 
2022-05-06 23:24 C:\WINDOWS\system32\WebThreatDefSvc
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================


 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by olyti (21-10-2022 08:30:42)
Running from C:\Users\olyti\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.674 (X64) (2022-09-30 22:26:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3139933802-399766682-36797096-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3139933802-399766682-36797096-503 - Limited - Disabled)
Guest (S-1-5-21-3139933802-399766682-36797096-501 - Limited - Disabled)
olyti (S-1-5-21-3139933802-399766682-36797096-1001 - Administrator - Enabled) => C:\Users\olyti
WDAGUtilityAccount (S-1-5-21-3139933802-399766682-36797096-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Disabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Games (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.2.8063.2 - Amazon.com Services, Inc.)
Ascension Launcher 1.92 (HKLM\...\{58D22CF7-EECE-433A-B4B3-A268FF8487B1}_is1) (Version: 1.92 - Project Ascension)
Command & Conquer™ Remastered Collection (HKLM-x32\...\{CB92A22C-0421-4513-9EE4-00519B4A12CC}) (Version: 1.153.11.25007 - Electronic Arts Inc. (en_US))
Crowfall_Live (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Crowfall_Live) (Version: 1.0.0.0 - ACE)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.26.0.5283 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{1ea29ff4-ac27-4775-b029-95e63cac9adb}) (Version: 12.26.0.5283 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Fdrawcmd.sys 1.0.1.11 (HKLM-x32\...\fdrawcmd) (Version: 1.0.1.11 - Simon Owen)
FINAL FANTASY XI (HKLM-x32\...\{07EB4C8B-3869-49B4-8CF8-D6D9FB8C8026}) (Version: 1.2.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
GShade 3.5.2 (HKLM\...\GShade) (Version:  - GPOSERS)
Intel® Chipset Device Software (HKLM\...\{B4BF76D4-C8E0-4341-A8C5-A33D1C506DED}) (Version: 10.1.18263.8193 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel® Corporation)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{F9B9A5A4-D66B-411A-B28F-D7A8863B432E}) (Version: 2.2.1457 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{B10DC0D5-964E-45F2-8068-67B8FCD393F8}) (Version: 2.2.1446 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{B71DA3AB-24EC-9E95-A79B-7B5F92B0CEDD}) (Version: 10.1.22621.1846 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 3.0.58.0 - Portrait Displays, Inc.)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 91.0.4516.30 (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Opera 91.0.4516.30) (Version: 91.0.4516.30 - Opera Software)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PlayOnline Viewer (HKLM-x32\...\{81784E3A-1BDA-4743-B5F8-04E59DC7E031}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1015.100615 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RSI Launcher 1.5.5 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.5.5 - Cloud Imperium Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 26.0.0 (HKLM\...\SteelSeries GG) (Version: 26.0.0 - SteelSeries ApS)
Tobii Experience Software For Windows (HKLM\...\{68DDA3A1-29A0-4FB1-8EBF-F25EF0A0EF58}) (Version: 4.59.0.18364 - Tobii AB)
Tower of Fantasy (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\tof_launcher) (Version:  - Hotta Studio)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
 
Packages:
=========
An Elder Scrolls Legend: Battlespire -> C:\Program Files\WindowsApps\BethesdaSoftworks.AnElderScrollsLegendBattlespire_1.3.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-12] (Microsoft Corp.)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Coral Island -> C:\Program Files\WindowsApps\HumbleBundle.CoralIsland_0.1.49295.0_x64__q2mcdwmzx4qja [2022-10-19] (Humble Bundle)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-04-17] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag [2022-06-21] (Rivet Networks LLC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-05-30] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-09-30] (Microsoft Corp.)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corp.)
ms-resource:Appname -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52074.0_x64__8wekyb3d8bbwe [2022-10-18] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-09-30] (Microsoft Corporation)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-30] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-10] (INTEL CORP) [Startup Task]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-04-17] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm [2022-10-21] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
Offworld Trading Company -> C:\Program Files\WindowsApps\StardockEntertainment.OffworldTradingCompany_1.0.82.0_x64__w7tm8b8tp1rkt [2022-08-16] (Stardock Entertainment)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-09-08] (Realtek Semiconductor Corp)
Slay The Spire -> C:\Program Files\WindowsApps\HumbleBundle.SlayTheSpire_2.4.0.0_x86__q2mcdwmzx4qja [2022-07-05] (Humble Bundle)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-15] (Spotify AB) [Startup Task]
The Elder Scrolls Adventures: Redguard -> C:\Program Files\WindowsApps\BethesdaSoftworks.TheElderScrollsAdventuresRedguar_1.4.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.60.17163.0_x64__j9ea20k37yd2w [2022-03-05] (Tobii AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
Trek To Yomi [Win10] -> C:\Program Files\WindowsApps\DevolverDigital.TrekToYomiWin10_1.0.7.0_x64__6kzv4j18v0c96 [2022-10-15] (Devolver Digital)
Vampire Survivors (Game Preview) -> C:\Program Files\WindowsApps\poncle.VampireSurvivors_1.0.101.0_x64__9pv5cyp4vwdsr [2022-10-20] (poncle)
Warhammer 40,000™: Battlesector™ -> C:\Program Files\WindowsApps\SlitherineSoftwareUKLtd.Warhammer40000Battlesector_1.1.33.0_x64__e7kchnf2m4530 [2022-07-28] (Slitherine Software UK Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-13] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3139933802-399766682-36797096-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\nvshext.dll [2022-09-23] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-08-12 02:14 - 2022-08-08 20:52 - 001427968 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000017920 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2022-10-20 11:59 - 2022-10-20 11:59 - 003567616 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2022-10-18 20:55 - 2022-10-18 20:55 - 020899328 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm\Nahimic3.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 000440832 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\libegl.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 006535680 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\libglesv2.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 004099072 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\vk_swiftshader.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000420352 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libegl.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 006374400 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libglesv2.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 004030976 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\vk_swiftshader.dll
2021-10-30 22:27 - 2021-10-30 22:27 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll
2019-07-02 16:07 - 2019-07-02 16:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 001923072 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\ffmpeg.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 016024576 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\node.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 180464640 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\nw.dll
2022-10-18 07:23 - 2022-06-13 02:52 - 001025536 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\nw_elf.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 001844736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\ffmpeg.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 015924736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\node.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 174965248 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000980992 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw_elf.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000327168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Positioning.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000319488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5PrintSupport.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000075264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickWidgets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000396288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngine.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 103583232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineCore.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000250880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineWidgets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebChannel\declarative_webchannel.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000093696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngine\qtwebengineplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> DefaultScope {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\olyti\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3139933802-399766682-36797096-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\olyti\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ffxiv_12122021_131827_888.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "Norton Download Manager{NS-22211151-SHPD-FSD5250006}"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{57F5CA79-AD82-4F75-81D5-59B87C0DA1E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{06D35A3B-CA79-4F6A-8143-686F164C937F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E1225DDF-11E8-4449-9B27-29C804804791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CDB1B76-5307-4647-A529-1D51436978B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F47C274A-1CA7-4306-834A-0CA0E4521805}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [{9F62DBA0-F911-451F-9A74-D63B4F9F9407}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [UDP Query User{2AE7CDB6-7707-4CB6-B8D7-D12D5D5BE8EA}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{5082E1F3-9419-415F-8E84-9B298D08EDBC}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{F6954A2B-AF48-4F0B-B97D-724C81193708}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{389A9C3D-DFCD-44FD-ACA5-434680FCBCB7}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{59B1A946-6E24-434C-A9EC-37B841863465}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{E20CAA85-A347-4C47-96A7-8CC33E376374}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{0EFCFA03-D09E-4860-B85E-6861B289AB2B}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{5C6F48D9-A3D4-4BFE-B41C-0A6437C03FCA}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{9FB95E41-688C-46D1-9E73-0B012762E64B}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{75621C35-0CDE-4A43-A65A-82F73027DDAB}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{EF55A5E0-8D64-4A77-BB95-B8E245B79047}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3AB61B73-9263-44E3-BF77-92F8E3BE8B68}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3DC8D835-8BA8-448A-B6BE-25AD4B392F8B}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{8DFB67B6-0C13-40EE-B6F2-58B2E7DBC9CA}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{1522EED5-5522-4C63-B9B3-E717D8E9EF5E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [File not signed]
FirewallRules: [{1AD494B4-DD9F-402F-A15A-8C06104F463B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{4EC0CBF8-2056-4E2E-BA51-00D3EE50009B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [UDP Query User{E523A3A1-C957-4E1F-BD1E-9A55D7FCCB99}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{1BBBBF13-F560-4D3A-8E0A-42B9AD3E6F76}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{0BC2DD59-92BD-4291-AB7C-605F7CEC58C6}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{7FAD18D6-87A1-4690-8A4A-2B6B28E0EC4E}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{4A31B107-955F-4643-9121-76B2289A1017}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{C9FCAD55-582C-43ED-9BE4-7ED57802AE0B}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{87ED5109-6433-48EB-905C-83A6C6F6763A}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{7AE9E5C6-30BF-4E94-9ABE-501DF8DFDFAC}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{BBDE1370-A1AF-4B6D-BF4D-6ACF00BABF37}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [{C77CE587-39C2-4811-9874-9E919D058989}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [UDP Query User{B295D693-5A48-42C8-908A-640EB57C32F3}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{2DE238EE-8758-407B-9EC6-27E028D3A49D}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{B947DE67-224A-41E5-9F10-F3DB9BB5E1D6}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{EA80B650-7BB3-445C-8248-15394BBCFC3C}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{A135AEB3-1545-4A9A-84D6-B3CC258DE947}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{A212D0C9-8653-45DC-8C5B-CCA1EBA829FA}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{5EDBC7B7-E8F2-4834-9DE3-7A6347D0B378}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{4B2C02B6-E383-47A4-AC82-0075E96D51BA}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{EDEF3CB9-E796-4ECB-B71E-643CC28B3CCC}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{FF3F3F11-FDF4-4F32-8179-F6B2FDA6FE78}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{6BDEC23A-E2C8-435B-91BA-ED8A8ED7BC8D}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{60F73CAB-E0B7-48DA-AE07-297CBFC6A51C}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{F70E9553-D698-4381-92A3-838E9AB08FA4}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [TCP Query User{20D31CE8-E4B9-4D3F-96E0-3908F68E0E12}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [{DE750991-1B01-4BB5-A16A-0CE00325C68B}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{F3854973-6B81-4836-8E47-5BA2A1E4708D}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{D00DCF5F-AEA8-4776-9F2F-8BF98845E4D8}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{43278E45-26DD-40ED-A623-A055BD552DFD}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{E7242E90-F583-448E-8CA7-F6C6108AE32E}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2DCB557D-1B63-4040-A947-B453EFC04BD7}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{726EBFD4-D8A5-475D-B7A0-0B160755E3C3}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{478C939E-E594-44D1-AE20-071F2BB56449}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{0C618E4B-6A1D-403D-9603-E4D79B3798E6}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{522D38E7-E40C-4407-982A-6F9DF16D44A3}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{63FA1E32-6998-4BE6-927E-6B8B01DC7A5D}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{333EB221-0413-4816-B800-9C7EB8E49C17}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{2AF06201-7AF3-45E1-9024-74102713FA20}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8A680465-B8D9-46D2-A5B0-A186635C2FD3}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B2C2CCA4-0B84-449F-9EFE-0F35A0AC61EC}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{DFEEB1C7-34A2-45D9-B77E-4531D498FF04}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{E1580716-6F77-4BC6-88A2-E53DB31C05E1}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{D24C171C-9AC2-4E66-B8E5-1FE11A1778F4}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{72A15286-E488-42CD-B687-97386209D5E6}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{8963092A-82D3-4E01-BC74-FB8AA5DC866B}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{17B0662F-A78E-4B48-877B-F9EE455EF07C}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{EABE7D84-ABC0-43AC-8185-34D27FDAA1E3}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{57362E65-43AC-424A-944B-36BE16D35D7D}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0058F547-8A38-450A-8B90-DA021B251B25}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3C05002-D9E0-44E0-9461-AC4710F94127}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02325BC3-B7A1-4F4B-9936-592536AC5D00}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68538345-9987-4FC9-89E9-1C63BAF4D58D}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{11E91444-35E0-4F2B-B893-E565490F78C6}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{EB8D79D8-795B-4C3D-A4A0-EE95E7F53DBA}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{9F059180-29BA-42F0-BBE2-C07C6EE65450}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{DCD5F566-DFE5-468A-A7F7-C7D40BCCFDA4}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{C8D8A701-541D-486B-945D-FD7E78A295EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{11EA62F8-C6C7-4B5A-813F-16DA4FD5E135}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6DA1FDA5-DB9D-4610-804D-8EA49CF61619}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{9D5F8B2A-E9FD-4631-992A-9B0278B1D9A2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{62DE4036-B7B8-4FD5-B137-C3CA20CF1CB2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{39F4B399-12B8-4F8E-BC1D-46B2EEFDEA2B}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B4F89464-FDF5-4405-9D44-3B7F82FB187C}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{8BD1B7C6-E217-40FE-88D1-D580A8A68EB1}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3F8C9BC2-2A8F-4994-8EF1-B249AC259429}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B5A107BA-BC36-41CA-AA90-68AEF973C290}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{2930AD3B-0906-467F-8E57-2D82CEB8CE6B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1CE78791-24E4-4478-A1FC-D9A4CAEB3E71}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{07CBC086-7222-4F48-BBE1-2E92DF1AECD6}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{55C8A6FE-4378-4411-8B26-1FE0D796A976}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{42C6F4B4-905E-43B1-9899-204E3FFC3D88}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{7001B18F-521B-457F-A8FF-FD1C2EFD2786}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{78B4F9BF-FB9A-49FC-8B1B-0F81E9180F79}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{1E084E40-9CD4-4609-A882-004CA966B88B}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{B84688B3-8466-48B3-9ADC-00B64DF6BCE8}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [TCP Query User{9859FF70-CC36-4CED-A580-546B0F0D5B88}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [UDP Query User{44CD8378-7BD6-49D1-92B5-3E0BFC5C73E4}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [TCP Query User{657EEE1B-C880-496C-8F0C-AAF85BF2935A}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{13668A7D-9C20-457E-82B7-193ED3DEE9C8}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{03468686-AF5B-46C9-B126-874FC312475F}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6B51F98E-EBB3-4169-8AA4-610403EA735E}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{1C3C024C-F4C0-4005-801C-83C8AA93551A}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6A82F5FF-2085-49B2-992A-C2FD9021CC99}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{B07A290C-0B41-44F2-8017-EFACDE75F2B1}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{97B81EC1-F667-4B2A-AD25-B790568A75A7}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{827BD318-4373-48D9-A018-59F9C17EFEA2}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{26395699-8EF1-410B-A413-DC271DA8F1A5}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2FFCA926-F8F8-465C-83BD-E685C46F6681}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{FB209C8F-DE2E-4190-83F6-B260F3DA065F}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{3BFE6C29-B013-4606-8D18-7EB874FF777E}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7463DC97-B1BF-4454-ABB5-F0688AAAEE1C}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{77DE23E8-61A4-4CA3-A5D3-A590AFB9243F}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{5F26DEE2-35F7-4F47-B982-1310C2174F40}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [{B418CB8C-5280-4826-9525-39DD4BA054C6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{E989079C-4488-4291-A2D3-A0B1B2882BA6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{BA8C81C2-AF8F-4DB9-BF13-E78C97D50637}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B6B4F4B0-C39C-4534-A328-B1AD38957059}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{3449C722-8273-4931-8148-BE167F04A8AB}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{3644136A-488E-4B39-A71A-5701F9210CFF}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [TCP Query User{7C49AFAA-E8D0-4391-90E2-BAC62D289185}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [UDP Query User{D511C8FC-DF44-4A09-A942-E80C2C3FC642}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [{26248D88-12CD-4F65-BCDB-8E9C617615B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE9072EA-873B-4DE5-A124-CC908A93452E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [{53D7019F-158F-48C9-8CD2-5AF2C271331E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [TCP Query User{8E84898E-2FBB-486A-B258-77C4FD5EE413}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1170733F-8D30-464E-A89B-3F4B3D86FC23}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8077C9F8-0B7E-4206-985B-FD7741A08985}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{B6357431-E771-49A7-A279-46510BB6AD8C}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{A6E2336F-B76A-43E2-BC5D-87CB2EF54F94}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{138D5959-0B49-419B-AC5F-707ACF366141}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{51607EE3-9B20-4A13-8605-30EFEEFF0991}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{1CC54A21-4E14-4BDC-AD46-312CA8A6F50E}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{453AA7A4-3C4D-4AEB-9804-E49B45327346}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E632C5AA-9611-49CE-AAE1-53BB6E9A13CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6B5A34-7118-4DCA-BE9D-F1C38A5D1287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC4F6EF5-5582-4705-BFD6-3BB689A157AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B6D7B28-EBE3-4D00-A4C0-FCD08513CE2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CDC4F736-2EF9-4A73-A2B5-512B27FD7651}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe (Access Denied)  [File not signed]
FirewallRules: [UDP Query User{40CF5F55-E4EC-4B41-8B14-70E581250729}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe (Access Denied)  [File not signed]
FirewallRules: [{09F7AC35-6867-43DE-B656-8AB1F1C424D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5E2350C-0C6C-4467-B457-F9CF6B10F8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D8BE34C-AA62-4694-9C6D-37BBAB8B1D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89180A0E-7EC1-4EDC-9AFB-E06622A0831A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D69E67D-D1F0-4B92-BABE-229416EC1D0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1F8857D-B060-46AA-BF04-32F97E9410FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF6B875-B37F-4D94-A51B-9B186FED8011}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21E4844F-6BBD-4E63-B056-4CC4AD625F2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D258C20E-6423-4B41-8438-BB66B751198A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A20A225-A2B4-429D-9D77-EE80C779D08C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1EA87F4-BD38-4753-A14B-421A32ACDB75}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D7DB026-1C11-409B-8E2D-0DF5E1644BA9}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe () [File not signed]
FirewallRules: [UDP Query User{D2D1D5A3-0C14-43AF-A6EC-9BBE687C142B}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe () [File not signed]
FirewallRules: [TCP Query User{73D8059E-B9A6-4D34-A0B4-AD8A845A5173}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{93ACD40F-9757-4615-B19B-C90F15B8CE23}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{AEDB3CD5-A5F1-4969-A6BA-A667DB5E2574}] => (Allow) LPort=32682
 
==================== Restore Points =========================
 
13-10-2022 21:22:41 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (10/21/2022 08:27:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The RstMwService service terminated with the following error: 
%%2684420176
 
Error: (10/21/2022 08:26:51 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {2DE3095A-B49E-418F-B5C1-69D2CCF62A8F} did not register with DCOM within the required timeout.
 
Error: (10/21/2022 08:26:51 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===============
Date: 2022-10-21 08:27:19
Description: 
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
 
Date: 2022-10-21 08:27:19
Description: 
The driver \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys is blocked from loading as the driver has been revoked by Microsoft.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. E16V1IMS.112 11/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-16V1
Processor: Intel® Core™ i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 62%
Total physical RAM: 16271.16 MB
Available physical RAM: 6072.63 MB
Total Virtual: 28047.16 MB
Available Virtual: 14595.53 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:931.07 GB) (Free:211.21 GB) (Model: WDC PC SN730 SDBPNTY-1T00-1032) NTFS
 
\\?\Volume{36435878-acf8-4bb2-9fd1-d15095c2f0d5}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.29 GB) NTFS
\\?\Volume{4f3a491b-a684-4533-917a-2d3361a4b85a}\ (BIOS_RVY) (Fixed) (Total:21.5 GB) (Free:0.69 GB) NTFS
\\?\Volume{cbfef310-9523-4385-ab65-ebb45e3a3813}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: AE696746)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I thought there might be something with Entertainment.  It was the only one that caused an error when I tried to upload it to VirusTotal.  There is also a strange task called "
"chrome accessibility" which is actually a Powershell program.  No telling what it does and there is probably a reason they are trying to hide that.  Let's see if we can remove both with another fixlist.  This one should be quick but we still need a reboot.

 

 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   2.62KB   91 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 
 
Are you still seeing the redirects?
 
Is it still slow?
 
 

  • 0

#6
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Its not that it was slow, this laptop is moderately beefy, I was just getting weird redirects and Entertainment kept tryin to over-use my CPU and GPU. I believe that chrome assist is what's doing the redirects, everytime Malwarebytes is ran it gets the same 9 items, and once it quarantines them Chrome automatically opens up and you see powershell open briefly. Fix log first - 
 

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by olyti (21-10-2022 17:21:59) Run:4
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
(explorer.exe ->) (Entertainment application) [File not signed] C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Entertainment] => C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe [134353921 2022-06-13] (Entertainment application) [File not signed] <==== ATTENTION
C:\Users\olyti\AppData\Roaming\Entertainment
Task: {4766F956-3269-4F79-B2A1-0848C9AF8390} - System32\Tasks\chrome accessibility => cmd /c powershell -WindowStyle Hidden -E "CgAKACQAbwBrAD0AJAB0AHIAdQBlAAoACgAkAGoAdgBBAHIAPQAkAG4AdQBsAGwAOwAKACQAZABfAHYAYQByACAAPQAgACIAMgAzACIAOwAKAAoACgAkAHMAdAByAF8ARQBOAEMAXwBBAHMAYwA9AFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQA7AAoAJABtAHAAYQByACAAPQAgACIAVwB5AE (the data entry has 5407 more characters). <==== ATTENTION
2022-10-20 16:03 - 2022-10-20 16:03 - 000014906 _____ C:\WINDOWS\system32\Tasks\chrome accessibility
2022-10-20 08:37 - 2022-10-20 08:37 - 000000000 ____D C:\Users\olyti\AppData\Local\chrome_accessibility
2022-10-18 07:23 - 2022-10-18 07:23 - 000000000 ____D C:\Users\olyti\AppData\Local\Entertainment
2022-10-18 07:23 - 2022-06-13 02:52 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Entertainment
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
C:\Users\olyti\AppData\Roaming\Entertainment\Entertainment.exe => No running process found
"HKU\S-1-5-21-3139933802-399766682-36797096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Entertainment" => not found
"C:\Users\olyti\AppData\Roaming\Entertainment" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4766F956-3269-4F79-B2A1-0848C9AF8390}" => not found
"C:\WINDOWS\System32\Tasks\chrome accessibility" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\chrome accessibility" => not found
"C:\WINDOWS\system32\Tasks\chrome accessibility" => not found
"C:\Users\olyti\AppData\Local\chrome_accessibility" => not found
"C:\Users\olyti\AppData\Local\Entertainment" => not found
"C:\Users\olyti\AppData\Roaming\Entertainment" => not found
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "AMSI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "AirSpaceChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Application" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "DirectShowFilterGraph" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "DirectShowPluginControl" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Els_Hyphenation/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "EndpointMapper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "FirstUXPerf-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "ForwardedEvents" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "General Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "HardwareEvents" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "IHM_DebugChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/Application" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/System" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-UART2/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Internet Explorer" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Key Management Service" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationFrameServer" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProcD3D" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationAsyncWrapper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationContentProtection" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationDS" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationDeviceProxy" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationMP4" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationMediaEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformanceCore" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPipeline" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPlatform" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationSrcPrefetch" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-IE/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-System-Diagnostics-DiagnosticInvoker/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Backup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Call" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/CertInUse" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Autopilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Query/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Compositor/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-SysMm/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-SysMm/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorClass/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Feedback-Service-TriggerProvider" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-KMCL-Child/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-CPU-Starvation/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Cache/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Dump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PRM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Management" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MosHost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MosHost/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-ExecutionContext/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Perflib/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing-PermissiveLearningMode/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Isolation-BrokeringFileSystem/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement-PartUtil/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Api/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Parser/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Parser/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-Diag/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Watchdog-Events/WdLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WerKernel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp-Pca" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Pca" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ZTraceMaps/Function" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ZTraceMaps/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-hidcfu/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Navigator" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Network Isolation Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OAlerts" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OfficeChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OfficeDebugChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "PlayReadyPerformanceChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "RTWorkQueueExtended" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "RTWorkQueueTheading" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SMSApi" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Setup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SmbWmiAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "System" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SystemEventsBroker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TimeBroker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "UIManager_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Uac/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WMPSetup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WMPSyncEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows PowerShell" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WordChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "muxencode" 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 17:22:16 ====

  • 0

#7
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by olyti (administrator) on MSI (Micro-Star International Co., Ltd. GS66 Stealth 10SF) (21-10-2022 17:25:38)
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Platform: Microsoft Windows 11 Home Version 22H2 22621.674 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe
(C:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <4>
(C:\Users\olyti\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\olyti\AppData\Local\Programs\Opera\91.0.4516.30\opera_crashreporter.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22AD.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe <7>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.52\identity_helper.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Users\olyti\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Opera Norway AS -> Opera Software) C:\Users\olyti\AppData\Local\Programs\Opera\91.0.4516.30\opera_autoupdate.exe <2>
(Opera Norway AS -> Opera Software) C:\Users\olyti\AppData\Local\Programs\Opera\launcher.exe
(Opera Norway AS -> Opera Software) C:\Users\olyti\AppData\Local\Programs\Opera\opera.exe <29>
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_af5df92252aaf9f0\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2>
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5987456 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12849016 2022-10-14] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0527Helper] => C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Steam] => C:\Steam\steam.exe [4234088 2022-10-18] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [streamlink-twitch-gui] => C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe [2081280 2022-03-13] (The NW.js Community) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [MicrosoftEdgeAutoLaunch_D30A67E0D8865ABC16D6E6E5594A3C48] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {020C20C7-2254-47D5-A072-F8FE77A24974} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-06] (Microsoft Windows -> )
Task: {0E9D6F75-D3E3-4A66-8FEB-59EA5D8325E2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0EEC08EA-88A4-40D2-8E51-AC372FF12112} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1253720C-DF1D-432E-ABD5-CFE8542EAA00} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {13874124-0973-4636-B069-E2BAA300845A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {35FA916E-7995-450D-B2C8-090E02EECB1C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {430E7B8B-5FCB-4C60-9789-B53FEA9C9A8C} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4A8F1B73-807F-45ED-BF66-8E221CA739ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6167BAC4-E8B3-4DA1-A97F-6629760B8002} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {62FCAF49-C77D-4591-A757-7FBFB6587B3D} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {6302DFFD-9EE6-4930-9056-A1600F5206C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6492DE10-4013-4F02-8761-90E2A67A04BB} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {666CBBC0-DB4C-4B55-8F77-FD1413619CD1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {69831915-6808-4DA2-B48E-CF5230B79EDB} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {6A8390B8-0C1B-4D4E-91D2-80AF5891C6C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6B7A010A-D145-45AC-A1B5-34E8A388CB0B} - System32\Tasks\Opera scheduled Autoupdate 1665787781 => C:\Users\olyti\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-09-27] (Opera Norway AS -> Opera Software)
Task: {7914F9BC-5FEF-4C7D-BCAB-55116D9B913A} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [544680 2021-10-14] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7E1654C6-EA21-4EC5-954D-35CD36E14424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {85CF76D8-EB28-443F-A805-99ADFBEC3DD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {886ADADB-53C3-44CA-8895-76EDA48A3425} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {8CE8641B-BB5E-4A32-BF59-23B6AF8D0DFA} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {90982FFD-B73C-49D1-88A2-722F5046B968} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {975E17ED-32FC-48CB-94F8-D40BBC515AE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {9A6C2161-FEE5-4926-B363-24A961D4F0E9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCCF0B3-E1BB-49C3-BF78-E6F7FCA4CC8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9D567404-1F70-450D-9AB8-0B250A8C8570} - System32\Tasks\OneDC_Updater => C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5311400 2021-04-16] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {BE122147-85C1-492C-8636-25F9346B1F98} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C5BB144B-621E-4315-A555-72D2E9F83CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C8549770-3EA9-4ACE-90B5-9E317EE82781} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC102570-8047-4AC3-A02D-996FAD6CF3D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EC6B4537-41C9-4C5F-858D-7B8E808E47C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EDE4AD87-F00E-48EB-A867-31D2962F6879} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [217088 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {FFF8C01D-6F55-4323-A7AE-A11329AB4585} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72c79358-0494-433e-98e3-d5ca75fe66db}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf5b0e02-27bd-40f0-99ea-fad733c4282f}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-21]
Edge Notifications: Default -> hxxps://app.slack.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=NMTE
Edge Session Restore: Default -> is enabled.
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-10-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-09-29]
Edge Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-09-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-21]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-21]
CHR HomePage: Profile 1 -> hxxps://www.reddit.com/
CHR Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-21]
CHR Extension: (Cisco Webex Extension) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-10-21]
CHR Extension: (Grammarly for Chrome) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-09-02]
CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2022-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\olyti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-02]
CHR Profile: C:\Users\olyti\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-21]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Opera: 
=======
OPR Profile: C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable [2022-10-21]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-14]
OPR Extension: (Opera Wallet) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-14]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9854568 2022-10-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610472 2022-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [588264 2021-11-11] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncHelper.exe [3383704 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [74048 2022-03-30] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2432832 2022-03-30] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2893136 2022-03-30] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73528 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [74064 2022-03-30] (Intel Corporation -> Intel® Corporation)
S4 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [168056 2019-05-07] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [87976 2021-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [207488 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\OneDriveUpdaterService.exe [3804040 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-26] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-18] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-10-14] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 THXService; C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [234792 2022-01-19] (Tobii AB -> Tobii AB)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2021-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [185536 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-11] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsld0645cf6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{50AB2429-D89F-4C29-B6C6-23DF16711069}\MpKslDrv.sys [228632 2022-10-21] (Microsoft Windows -> Microsoft Corporation)
R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43936 2022-07-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-06] (Microsoft Windows -> Realtek Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008f; C:\WINDOWS\System32\drivers\RzDev_008f.sys [63216 2022-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0241; C:\WINDOWS\System32\drivers\RzDev_0241.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0290; C:\WINDOWS\System32\drivers\RzDev_0290.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0292; C:\WINDOWS\System32\drivers\RzDev_0292.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0527; C:\WINDOWS\System32\drivers\RzDev_0527.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2021-04-14] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [37280 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_5f23057de8eba7db\SteelSeries-Sonar-VAD.sys [92856 2022-09-21] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R3 sTHXVAD; C:\WINDOWS\System32\drivers\THXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-21 17:24 - 2022-10-21 17:24 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-20 08:49 - 2022-10-21 17:26 - 000000000 ____D C:\FRST
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Faerin Games
2022-10-18 21:38 - 2022-10-18 21:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Soda Pop Minatures and Underbite Games
2022-10-18 15:34 - 2022-10-18 15:35 - 000000000 ____D C:\ProgramData\HP
2022-10-16 13:52 - 2022-10-16 13:52 - 000000000 ____D C:\Users\olyti\AppData\Local\devil bartender
2022-10-15 23:13 - 2022-10-15 23:14 - 000000000 ____D C:\Users\olyti\AppData\Local\ASTLIBRA
2022-10-15 22:49 - 2022-10-15 22:49 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Ozaak
2022-10-15 22:04 - 2022-10-15 22:04 - 000000000 ____D C:\Users\olyti\AppData\Local\Ronin
2022-10-15 00:06 - 2022-10-15 00:06 - 000000000 ____D C:\Users\olyti\AppData\Local\ProjectCoral
2022-10-14 16:49 - 2022-10-14 16:49 - 000004134 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1665787781
2022-10-14 16:49 - 2022-10-14 16:49 - 000001402 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Opera Software
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Local\Opera Software
2022-10-13 23:12 - 2022-10-16 09:44 - 000000000 ____D C:\Program Files\dotnet
2022-10-13 23:12 - 2022-10-14 08:28 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vortex
2022-10-13 23:12 - 2022-10-13 23:12 - 000002063 _____ C:\Users\Public\Desktop\Vortex.lnk
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Users\olyti\AppData\Local\vortex-updater
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2022-10-13 21:58 - 2022-10-13 22:00 - 000000000 ____D C:\Users\olyti\Documents\Dyson Sphere Program
2022-10-13 21:58 - 2022-10-13 21:58 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Youthcat Studio
2022-10-13 21:22 - 2022-10-13 21:22 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-13 21:22 - 2022-10-13 21:22 - 000000000 ___HD C:\$WinREAgent
2022-10-11 23:25 - 2022-10-11 23:25 - 000000000 ____D C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui
2022-10-11 23:16 - 2022-10-11 23:16 - 000000000 ____D C:\Users\olyti\AppData\Local\streamlink-twitch-gui
2022-10-09 10:56 - 2019-03-15 02:36 - 003753088 _____ (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPScanTRDrv_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 002952200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkinsE311.exe
2022-10-09 10:56 - 2019-03-15 02:36 - 000592000 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia2_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000392200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkstsE311LM.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000327688 _____ (HP Inc.) C:\WINDOWS\system32\hpinkcoiE311.dll
2022-10-07 15:14 - 2022-10-07 15:14 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\SuperMegaTeam
2022-10-07 08:12 - 2022-10-07 08:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Hide Games
2022-10-06 21:14 - 2022-10-06 21:14 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-06 21:14 - 2022-10-06 21:14 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-06 21:10 - 2022-10-06 21:10 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-06 20:12 - 2022-10-06 20:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\QHS
2022-10-06 20:09 - 2022-10-06 20:09 - 000000000 ____D C:\Users\olyti\AppData\Local\rmmz-game
2022-10-06 19:56 - 2022-10-06 19:56 - 000000000 ____D C:\Users\olyti\AppData\Local\Potionomics
2022-10-06 19:39 - 2022-10-06 19:39 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\RebornEntertainment
2022-10-06 19:38 - 2022-10-06 19:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\DefaultCompany
2022-10-04 23:13 - 2022-10-04 23:13 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Dark Light Studio
2022-10-04 22:30 - 2022-10-04 22:30 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Trigon fan
2022-10-01 18:30 - 2022-10-01 18:30 - 000001143 _____ C:\Users\Public\Desktop\GShade Control Panel.lnk
2022-10-01 18:30 - 2022-10-01 18:30 - 000000091 _____ C:\Users\Public\Desktop\GShade Visual Guide.url
2022-10-01 18:30 - 2022-10-01 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GShade
2022-10-01 18:29 - 2022-10-01 18:29 - 000000000 ____D C:\Users\Public\GShade Custom Shaders
2022-09-30 16:28 - 2022-09-30 16:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-30 16:27 - 2022-10-21 08:35 - 000807834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-30 16:26 - 2022-10-21 17:25 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-09-30 16:26 - 2022-10-21 17:25 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-09-30 16:26 - 2022-10-21 17:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-30 16:26 - 2022-10-21 17:21 - 000004138 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2865D8D3-0E3F-42D6-9DB0-FBC78E111295}
2022-09-30 16:26 - 2022-10-14 23:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-30 16:26 - 2022-10-14 23:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-30 16:26 - 2022-10-10 18:58 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001
2022-09-30 16:26 - 2022-10-10 18:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-30 16:26 - 2022-09-30 16:26 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-09-30 16:26 - 2022-09-30 16:26 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-09-30 16:26 - 2022-09-30 16:26 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2022-09-30 16:26 - 2022-09-30 16:26 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-09-30 16:26 - 2022-09-30 16:26 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002826 _____ C:\WINDOWS\system32\Tasks\OneDC_Updater
2022-09-30 16:26 - 2022-09-30 16:26 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002280 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000002184 _____ C:\WINDOWS\system32\Tasks\OmApSvcBroker
2022-09-30 16:26 - 2022-09-30 16:26 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000000020 ___SH C:\Users\olyti\ntuser.ini
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\IsolatedStorage
2022-09-30 16:26 - 2020-05-30 11:23 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3202656799-1986057151-242305456-500
2022-09-30 16:26 - 2019-11-13 11:43 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3246922579-2884849309-941848276-500
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-09-30 16:24 - 2022-09-30 16:24 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-09-30 16:23 - 2022-10-21 11:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-30 16:23 - 2022-10-13 21:43 - 000607720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-30 16:00 - 2022-09-30 16:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-30 15:59 - 2022-10-21 00:23 - 000000000 ____D C:\Users\olyti
2022-09-30 15:59 - 2022-05-06 23:19 - 000001281 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-09-30 15:59 - 2022-05-06 23:19 - 000000407 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-09-30 15:58 - 2022-09-30 16:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2022-09-30 15:55 - 2022-09-30 15:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-09-30 15:54 - 2022-09-30 15:54 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\addins
2022-09-30 15:46 - 2022-09-30 15:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-30 15:24 - 2022-10-13 00:02 - 000000000 ___DC C:\WINDOWS\Panther
2022-09-29 22:27 - 2022-09-29 22:27 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Unknown Worlds
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-29 17:56 - 2022-09-23 19:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-29 17:56 - 2022-09-23 19:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-29 17:56 - 2022-09-23 19:27 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-29 17:56 - 2022-09-23 19:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-29 17:56 - 2022-09-23 16:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-29 17:56 - 2022-09-23 16:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-09-29 17:56 - 2022-09-21 18:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-29 17:56 - 2022-07-15 10:59 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-09-29 17:56 - 2021-06-02 08:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-09-29 17:49 - 2022-09-07 08:56 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-09-29 17:49 - 2022-09-07 08:56 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ C:\Users\olyti\AppData\Local\2450563487
2022-09-29 17:48 - 2022-09-29 17:48 - 000000000 ____D C:\Users\olyti\AppData\Local\Arkane Studios
2022-09-24 23:41 - 2022-09-24 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\CD Projekt Red
2022-09-24 23:39 - 2022-09-24 23:39 - 000000000 ____D C:\Users\olyti\AppData\Local\REDEngine
2022-09-24 22:25 - 2022-09-24 22:25 - 000000000 ____D C:\Users\olyti\AppData\Local\Prometheus
2022-09-24 12:26 - 2022-09-24 12:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Cuphead
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-21 17:26 - 2022-03-05 21:51 - 000000000 ____D C:\Users\olyti\.tobii
2022-10-21 17:26 - 2021-04-27 23:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-21 17:25 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-21 17:25 - 2021-04-17 18:04 - 000000000 ____D C:\Steam
2022-10-21 17:25 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-21 17:24 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-21 17:24 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-21 17:24 - 2021-04-22 13:18 - 000012288 ___SH C:\DumpStack.log.tmp
2022-10-21 17:23 - 2022-05-06 23:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-21 17:20 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-21 16:27 - 2021-04-17 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\D3DSCache
2022-10-21 11:52 - 2021-04-27 23:07 - 000000000 ____D C:\Users\olyti\AppData\Local\Google
2022-10-21 10:39 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-21 10:39 - 2022-03-11 18:26 - 000000000 ____D C:\XboxGames
2022-10-21 10:39 - 2021-04-17 17:05 - 000000000 ____D C:\Users\olyti\AppData\Local\Packages
2022-10-21 10:39 - 2019-11-13 11:43 - 000000000 ____D C:\ProgramData\Packages
2022-10-21 08:35 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-10-21 08:22 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-21 08:01 - 2021-04-18 00:43 - 000000000 ____D C:\Users\olyti\AppData\Local\CrashDumps
2022-10-21 00:34 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\SteelSeries
2022-10-21 00:24 - 2021-12-17 01:26 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2022-10-21 00:24 - 2020-05-30 10:43 - 000000000 ____D C:\ProgramData\A-Volute
2022-10-20 22:47 - 2021-04-17 17:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-20 17:16 - 2021-11-19 23:04 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-18 19:34 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\PlaceholderTileLogoFolder
2022-10-16 09:45 - 2020-05-30 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-14 04:58 - 2019-11-13 13:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 22:24 - 2021-04-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 22:23 - 2021-04-17 23:53 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-13 21:54 - 2019-11-13 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-13 21:52 - 2021-11-10 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-10-13 21:51 - 2021-11-10 18:44 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-13 21:42 - 2021-09-09 17:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-12 04:39 - 2022-06-09 23:20 - 000316920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-10-12 02:55 - 2022-06-09 23:20 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-10-11 18:23 - 2021-04-27 23:07 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 08:22 - 2021-08-26 22:29 - 000000000 ____D C:\Users\olyti\AppData\Roaming\projectascension
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascension Launcher
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\Program Files\Ascension Launcher
2022-10-10 18:58 - 2021-04-25 09:39 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-09 11:09 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-06 21:17 - 2022-05-06 23:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-06 21:17 - 2022-05-06 23:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-06 20:52 - 2021-05-31 10:54 - 000000000 ____D C:\Users\olyti\AppData\Roaming\rsilauncher
2022-10-06 19:56 - 2021-05-08 00:40 - 000000000 ____D C:\Users\olyti\AppData\Local\UnrealEngine
2022-10-03 20:04 - 2021-04-17 17:05 - 000000000 __SHD C:\Users\olyti\IntelGraphicsProfiles
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\ProgramData\Razer
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\Program Files (x86)\Razer
2022-10-02 16:48 - 2022-04-04 21:43 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-01 18:30 - 2021-10-23 17:19 - 000000000 ____D C:\Program Files\GShade
2022-10-01 18:29 - 2021-10-23 17:19 - 000000000 ____D C:\Users\Public\GShade Backups
2022-10-01 18:08 - 2022-03-05 21:51 - 000000000 ____D C:\ProgramData\Tobii
2022-09-30 16:48 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-30 16:26 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-30 16:26 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-30 16:26 - 2019-11-13 11:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-30 16:24 - 2020-05-30 10:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-30 16:23 - 2022-08-11 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tower of Fantasy
2022-09-30 16:23 - 2022-05-14 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline
2022-09-30 16:23 - 2022-05-06 23:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-30 16:23 - 2022-03-05 19:39 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2022-03-04 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RazerCentral
2022-09-30 16:23 - 2022-02-10 00:22 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games
2022-09-30 16:23 - 2021-09-05 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
2022-09-30 16:23 - 2021-06-18 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-09-30 16:23 - 2021-06-05 06:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-30 16:23 - 2021-04-30 18:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-09-30 16:23 - 2021-04-17 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-30 16:23 - 2021-04-17 23:04 - 000000000 ____D C:\Program Files\UNP
2022-09-30 16:23 - 2021-04-17 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2021-04-17 17:07 - 000000000 ___RD C:\Users\olyti\OneDrive
2022-09-30 16:23 - 2020-05-30 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI True Color
2022-09-30 16:23 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-30 16:23 - 2020-05-30 10:34 - 000000000 ____D C:\Program Files\Intel
2022-09-30 16:23 - 2019-11-13 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 16:23 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-30 16:06 - 2022-05-06 23:28 - 000000000 ____D C:\WINDOWS\Setup
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-30 16:00 - 2021-04-17 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2022-09-30 16:00 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2022-09-30 15:57 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-29 17:59 - 2021-10-30 22:36 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA
2022-09-29 17:58 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-24 23:38 - 2021-06-18 10:44 - 000000000 ____D C:\Users\olyti\AppData\Local\cache
 
==================== Files in the root of some directories ========
 
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ () C:\Users\olyti\AppData\Local\2450563487
2021-11-06 22:23 - 2021-11-06 22:23 - 000007598 _____ () C:\Users\olyti\AppData\Local\Resmon.ResmonCfg
 
==================== FLock ==============================
 
2022-05-06 23:24 C:\WINDOWS\system32\WebThreatDefSvc
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by olyti (21-10-2022 17:27:28)
Running from C:\Users\olyti\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.674 (X64) (2022-09-30 22:26:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3139933802-399766682-36797096-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3139933802-399766682-36797096-503 - Limited - Disabled)
Guest (S-1-5-21-3139933802-399766682-36797096-501 - Limited - Disabled)
olyti (S-1-5-21-3139933802-399766682-36797096-1001 - Administrator - Enabled) => C:\Users\olyti
WDAGUtilityAccount (S-1-5-21-3139933802-399766682-36797096-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Disabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Games (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.2.8063.2 - Amazon.com Services, Inc.)
Ascension Launcher 1.92 (HKLM\...\{58D22CF7-EECE-433A-B4B3-A268FF8487B1}_is1) (Version: 1.92 - Project Ascension)
Command & Conquer™ Remastered Collection (HKLM-x32\...\{CB92A22C-0421-4513-9EE4-00519B4A12CC}) (Version: 1.153.11.25007 - Electronic Arts Inc. (en_US))
Crowfall_Live (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Crowfall_Live) (Version: 1.0.0.0 - ACE)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.26.0.5283 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{1ea29ff4-ac27-4775-b029-95e63cac9adb}) (Version: 12.26.0.5283 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Fdrawcmd.sys 1.0.1.11 (HKLM-x32\...\fdrawcmd) (Version: 1.0.1.11 - Simon Owen)
FINAL FANTASY XI (HKLM-x32\...\{07EB4C8B-3869-49B4-8CF8-D6D9FB8C8026}) (Version: 1.2.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
GShade 3.5.2 (HKLM\...\GShade) (Version:  - GPOSERS)
Intel® Chipset Device Software (HKLM\...\{B4BF76D4-C8E0-4341-A8C5-A33D1C506DED}) (Version: 10.1.18263.8193 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel® Corporation)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{F9B9A5A4-D66B-411A-B28F-D7A8863B432E}) (Version: 2.2.1457 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{B10DC0D5-964E-45F2-8068-67B8FCD393F8}) (Version: 2.2.1446 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{B71DA3AB-24EC-9E95-A79B-7B5F92B0CEDD}) (Version: 10.1.22621.1846 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 3.0.58.0 - Portrait Displays, Inc.)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 91.0.4516.30 (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Opera 91.0.4516.30) (Version: 91.0.4516.30 - Opera Software)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PlayOnline Viewer (HKLM-x32\...\{81784E3A-1BDA-4743-B5F8-04E59DC7E031}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1015.100615 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RSI Launcher 1.5.5 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.5.5 - Cloud Imperium Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 26.0.0 (HKLM\...\SteelSeries GG) (Version: 26.0.0 - SteelSeries ApS)
Tobii Experience Software For Windows (HKLM\...\{68DDA3A1-29A0-4FB1-8EBF-F25EF0A0EF58}) (Version: 4.59.0.18364 - Tobii AB)
Tower of Fantasy (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\tof_launcher) (Version:  - Hotta Studio)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
 
Packages:
=========
An Elder Scrolls Legend: Battlespire -> C:\Program Files\WindowsApps\BethesdaSoftworks.AnElderScrollsLegendBattlespire_1.3.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-12] (Microsoft Corp.)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Coral Island -> C:\Program Files\WindowsApps\HumbleBundle.CoralIsland_0.1.49295.0_x64__q2mcdwmzx4qja [2022-10-19] (Humble Bundle)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-04-17] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag [2022-06-21] (Rivet Networks LLC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-05-30] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-09-30] (Microsoft Corp.)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corp.)
ms-resource:Appname -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52074.0_x64__8wekyb3d8bbwe [2022-10-18] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-09-30] (Microsoft Corporation)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-30] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-10] (INTEL CORP) [Startup Task]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-04-17] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm [2022-10-21] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
Offworld Trading Company -> C:\Program Files\WindowsApps\StardockEntertainment.OffworldTradingCompany_1.0.82.0_x64__w7tm8b8tp1rkt [2022-08-16] (Stardock Entertainment)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-09-08] (Realtek Semiconductor Corp)
Slay The Spire -> C:\Program Files\WindowsApps\HumbleBundle.SlayTheSpire_2.4.0.0_x86__q2mcdwmzx4qja [2022-07-05] (Humble Bundle)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-15] (Spotify AB) [Startup Task]
The Elder Scrolls Adventures: Redguard -> C:\Program Files\WindowsApps\BethesdaSoftworks.TheElderScrollsAdventuresRedguar_1.4.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.60.17163.0_x64__j9ea20k37yd2w [2022-03-05] (Tobii AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
Vampire Survivors (Game Preview) -> C:\Program Files\WindowsApps\poncle.VampireSurvivors_1.0.101.0_x64__9pv5cyp4vwdsr [2022-10-20] (poncle)
Warhammer 40,000™: Battlesector™ -> C:\Program Files\WindowsApps\SlitherineSoftwareUKLtd.Warhammer40000Battlesector_1.1.33.0_x64__e7kchnf2m4530 [2022-07-28] (Slitherine Software UK Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-13] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3139933802-399766682-36797096-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\nvshext.dll [2022-09-23] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-08-12 02:14 - 2022-08-08 20:52 - 001427968 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000017920 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2022-10-20 11:59 - 2022-10-20 11:59 - 003567616 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2022-10-18 20:55 - 2022-10-18 20:55 - 020899328 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm\Nahimic3.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000420352 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libegl.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 006374400 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libglesv2.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 004030976 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\vk_swiftshader.dll
2021-10-30 22:27 - 2021-10-30 22:27 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll
2019-07-02 16:07 - 2019-07-02 16:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 001844736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\ffmpeg.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 015924736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\node.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 174965248 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000980992 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw_elf.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000327168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Positioning.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000319488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5PrintSupport.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000075264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickWidgets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000396288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngine.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 103583232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineCore.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000250880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineWidgets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebChannel\declarative_webchannel.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000093696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngine\qtwebengineplugin.dll
2022-10-20 11:59 - 2022-10-20 11:59 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> DefaultScope {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\olyti\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3139933802-399766682-36797096-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\olyti\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ffxiv_12122021_131827_888.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "Norton Download Manager{NS-22211151-SHPD-FSD5250006}"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{57F5CA79-AD82-4F75-81D5-59B87C0DA1E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{06D35A3B-CA79-4F6A-8143-686F164C937F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E1225DDF-11E8-4449-9B27-29C804804791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CDB1B76-5307-4647-A529-1D51436978B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F47C274A-1CA7-4306-834A-0CA0E4521805}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [{9F62DBA0-F911-451F-9A74-D63B4F9F9407}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [UDP Query User{2AE7CDB6-7707-4CB6-B8D7-D12D5D5BE8EA}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{5082E1F3-9419-415F-8E84-9B298D08EDBC}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{F6954A2B-AF48-4F0B-B97D-724C81193708}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{389A9C3D-DFCD-44FD-ACA5-434680FCBCB7}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{59B1A946-6E24-434C-A9EC-37B841863465}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{E20CAA85-A347-4C47-96A7-8CC33E376374}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{0EFCFA03-D09E-4860-B85E-6861B289AB2B}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{5C6F48D9-A3D4-4BFE-B41C-0A6437C03FCA}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{9FB95E41-688C-46D1-9E73-0B012762E64B}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{75621C35-0CDE-4A43-A65A-82F73027DDAB}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{EF55A5E0-8D64-4A77-BB95-B8E245B79047}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3AB61B73-9263-44E3-BF77-92F8E3BE8B68}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3DC8D835-8BA8-448A-B6BE-25AD4B392F8B}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{8DFB67B6-0C13-40EE-B6F2-58B2E7DBC9CA}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{1522EED5-5522-4C63-B9B3-E717D8E9EF5E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [File not signed]
FirewallRules: [{1AD494B4-DD9F-402F-A15A-8C06104F463B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{4EC0CBF8-2056-4E2E-BA51-00D3EE50009B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [UDP Query User{E523A3A1-C957-4E1F-BD1E-9A55D7FCCB99}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{1BBBBF13-F560-4D3A-8E0A-42B9AD3E6F76}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{0BC2DD59-92BD-4291-AB7C-605F7CEC58C6}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{7FAD18D6-87A1-4690-8A4A-2B6B28E0EC4E}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{4A31B107-955F-4643-9121-76B2289A1017}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{C9FCAD55-582C-43ED-9BE4-7ED57802AE0B}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{87ED5109-6433-48EB-905C-83A6C6F6763A}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{7AE9E5C6-30BF-4E94-9ABE-501DF8DFDFAC}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{BBDE1370-A1AF-4B6D-BF4D-6ACF00BABF37}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [{C77CE587-39C2-4811-9874-9E919D058989}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [UDP Query User{B295D693-5A48-42C8-908A-640EB57C32F3}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{2DE238EE-8758-407B-9EC6-27E028D3A49D}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{B947DE67-224A-41E5-9F10-F3DB9BB5E1D6}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{EA80B650-7BB3-445C-8248-15394BBCFC3C}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{A135AEB3-1545-4A9A-84D6-B3CC258DE947}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{A212D0C9-8653-45DC-8C5B-CCA1EBA829FA}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{5EDBC7B7-E8F2-4834-9DE3-7A6347D0B378}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{4B2C02B6-E383-47A4-AC82-0075E96D51BA}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{EDEF3CB9-E796-4ECB-B71E-643CC28B3CCC}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{FF3F3F11-FDF4-4F32-8179-F6B2FDA6FE78}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{6BDEC23A-E2C8-435B-91BA-ED8A8ED7BC8D}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{60F73CAB-E0B7-48DA-AE07-297CBFC6A51C}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{F70E9553-D698-4381-92A3-838E9AB08FA4}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [TCP Query User{20D31CE8-E4B9-4D3F-96E0-3908F68E0E12}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [{DE750991-1B01-4BB5-A16A-0CE00325C68B}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{F3854973-6B81-4836-8E47-5BA2A1E4708D}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{D00DCF5F-AEA8-4776-9F2F-8BF98845E4D8}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{43278E45-26DD-40ED-A623-A055BD552DFD}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{E7242E90-F583-448E-8CA7-F6C6108AE32E}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2DCB557D-1B63-4040-A947-B453EFC04BD7}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{726EBFD4-D8A5-475D-B7A0-0B160755E3C3}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{478C939E-E594-44D1-AE20-071F2BB56449}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{0C618E4B-6A1D-403D-9603-E4D79B3798E6}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{522D38E7-E40C-4407-982A-6F9DF16D44A3}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{63FA1E32-6998-4BE6-927E-6B8B01DC7A5D}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{333EB221-0413-4816-B800-9C7EB8E49C17}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{2AF06201-7AF3-45E1-9024-74102713FA20}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8A680465-B8D9-46D2-A5B0-A186635C2FD3}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B2C2CCA4-0B84-449F-9EFE-0F35A0AC61EC}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{DFEEB1C7-34A2-45D9-B77E-4531D498FF04}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{E1580716-6F77-4BC6-88A2-E53DB31C05E1}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{D24C171C-9AC2-4E66-B8E5-1FE11A1778F4}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{72A15286-E488-42CD-B687-97386209D5E6}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{8963092A-82D3-4E01-BC74-FB8AA5DC866B}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{17B0662F-A78E-4B48-877B-F9EE455EF07C}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{EABE7D84-ABC0-43AC-8185-34D27FDAA1E3}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{57362E65-43AC-424A-944B-36BE16D35D7D}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0058F547-8A38-450A-8B90-DA021B251B25}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3C05002-D9E0-44E0-9461-AC4710F94127}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02325BC3-B7A1-4F4B-9936-592536AC5D00}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68538345-9987-4FC9-89E9-1C63BAF4D58D}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{11E91444-35E0-4F2B-B893-E565490F78C6}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{EB8D79D8-795B-4C3D-A4A0-EE95E7F53DBA}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{9F059180-29BA-42F0-BBE2-C07C6EE65450}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{DCD5F566-DFE5-468A-A7F7-C7D40BCCFDA4}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{C8D8A701-541D-486B-945D-FD7E78A295EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{11EA62F8-C6C7-4B5A-813F-16DA4FD5E135}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6DA1FDA5-DB9D-4610-804D-8EA49CF61619}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{9D5F8B2A-E9FD-4631-992A-9B0278B1D9A2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{62DE4036-B7B8-4FD5-B137-C3CA20CF1CB2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{39F4B399-12B8-4F8E-BC1D-46B2EEFDEA2B}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B4F89464-FDF5-4405-9D44-3B7F82FB187C}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{8BD1B7C6-E217-40FE-88D1-D580A8A68EB1}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3F8C9BC2-2A8F-4994-8EF1-B249AC259429}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B5A107BA-BC36-41CA-AA90-68AEF973C290}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{2930AD3B-0906-467F-8E57-2D82CEB8CE6B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1CE78791-24E4-4478-A1FC-D9A4CAEB3E71}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{07CBC086-7222-4F48-BBE1-2E92DF1AECD6}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{55C8A6FE-4378-4411-8B26-1FE0D796A976}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{42C6F4B4-905E-43B1-9899-204E3FFC3D88}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{7001B18F-521B-457F-A8FF-FD1C2EFD2786}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{78B4F9BF-FB9A-49FC-8B1B-0F81E9180F79}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{1E084E40-9CD4-4609-A882-004CA966B88B}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{B84688B3-8466-48B3-9ADC-00B64DF6BCE8}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [TCP Query User{9859FF70-CC36-4CED-A580-546B0F0D5B88}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [UDP Query User{44CD8378-7BD6-49D1-92B5-3E0BFC5C73E4}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [TCP Query User{657EEE1B-C880-496C-8F0C-AAF85BF2935A}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{13668A7D-9C20-457E-82B7-193ED3DEE9C8}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{03468686-AF5B-46C9-B126-874FC312475F}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6B51F98E-EBB3-4169-8AA4-610403EA735E}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{1C3C024C-F4C0-4005-801C-83C8AA93551A}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6A82F5FF-2085-49B2-992A-C2FD9021CC99}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{B07A290C-0B41-44F2-8017-EFACDE75F2B1}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{97B81EC1-F667-4B2A-AD25-B790568A75A7}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{827BD318-4373-48D9-A018-59F9C17EFEA2}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{26395699-8EF1-410B-A413-DC271DA8F1A5}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2FFCA926-F8F8-465C-83BD-E685C46F6681}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{FB209C8F-DE2E-4190-83F6-B260F3DA065F}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{3BFE6C29-B013-4606-8D18-7EB874FF777E}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7463DC97-B1BF-4454-ABB5-F0688AAAEE1C}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{77DE23E8-61A4-4CA3-A5D3-A590AFB9243F}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{5F26DEE2-35F7-4F47-B982-1310C2174F40}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [{B418CB8C-5280-4826-9525-39DD4BA054C6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{E989079C-4488-4291-A2D3-A0B1B2882BA6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{BA8C81C2-AF8F-4DB9-BF13-E78C97D50637}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B6B4F4B0-C39C-4534-A328-B1AD38957059}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{3449C722-8273-4931-8148-BE167F04A8AB}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{3644136A-488E-4B39-A71A-5701F9210CFF}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [TCP Query User{7C49AFAA-E8D0-4391-90E2-BAC62D289185}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [UDP Query User{D511C8FC-DF44-4A09-A942-E80C2C3FC642}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [{26248D88-12CD-4F65-BCDB-8E9C617615B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE9072EA-873B-4DE5-A124-CC908A93452E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [{53D7019F-158F-48C9-8CD2-5AF2C271331E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [TCP Query User{8E84898E-2FBB-486A-B258-77C4FD5EE413}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1170733F-8D30-464E-A89B-3F4B3D86FC23}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8077C9F8-0B7E-4206-985B-FD7741A08985}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{B6357431-E771-49A7-A279-46510BB6AD8C}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{A6E2336F-B76A-43E2-BC5D-87CB2EF54F94}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{138D5959-0B49-419B-AC5F-707ACF366141}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{51607EE3-9B20-4A13-8605-30EFEEFF0991}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{1CC54A21-4E14-4BDC-AD46-312CA8A6F50E}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{453AA7A4-3C4D-4AEB-9804-E49B45327346}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E632C5AA-9611-49CE-AAE1-53BB6E9A13CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6B5A34-7118-4DCA-BE9D-F1C38A5D1287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC4F6EF5-5582-4705-BFD6-3BB689A157AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B6D7B28-EBE3-4D00-A4C0-FCD08513CE2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CDC4F736-2EF9-4A73-A2B5-512B27FD7651}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe (Access Denied)  [File not signed]
FirewallRules: [UDP Query User{40CF5F55-E4EC-4B41-8B14-70E581250729}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe (Access Denied)  [File not signed]
FirewallRules: [{09F7AC35-6867-43DE-B656-8AB1F1C424D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5E2350C-0C6C-4467-B457-F9CF6B10F8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D8BE34C-AA62-4694-9C6D-37BBAB8B1D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89180A0E-7EC1-4EDC-9AFB-E06622A0831A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D69E67D-D1F0-4B92-BABE-229416EC1D0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1F8857D-B060-46AA-BF04-32F97E9410FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF6B875-B37F-4D94-A51B-9B186FED8011}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21E4844F-6BBD-4E63-B056-4CC4AD625F2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D258C20E-6423-4B41-8438-BB66B751198A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A20A225-A2B4-429D-9D77-EE80C779D08C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1EA87F4-BD38-4753-A14B-421A32ACDB75}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D7DB026-1C11-409B-8E2D-0DF5E1644BA9}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe => No File
FirewallRules: [UDP Query User{D2D1D5A3-0C14-43AF-A6EC-9BBE687C142B}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe => No File
FirewallRules: [TCP Query User{73D8059E-B9A6-4D34-A0B4-AD8A845A5173}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{93ACD40F-9757-4615-B19B-C90F15B8CE23}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{4B125F82-5810-4FC0-A184-F8FFDB54B036}C:\users\olyti\appdata\roaming\entertainment\entertainment.exe] => (Block) C:\users\olyti\appdata\roaming\entertainment\entertainment.exe => No File
FirewallRules: [UDP Query User{117505C0-EDE6-410F-9014-1C02774653E5}C:\users\olyti\appdata\roaming\entertainment\entertainment.exe] => (Block) C:\users\olyti\appdata\roaming\entertainment\entertainment.exe => No File
FirewallRules: [{B0EE7F51-3353-4083-BA46-EC05CC87F4D4}] => (Allow) LPort=32682
 
==================== Restore Points =========================
 
13-10-2022 21:22:41 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/21/2022 05:23:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
 
System errors:
=============
Error: (10/21/2022 05:24:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The RstMwService service terminated with the following error: 
%%2684420176
 
Error: (10/21/2022 05:23:26 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (10/21/2022 05:23:26 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===============
Date: 2022-10-21 17:23:54
Description: 
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
 
Date: 2022-10-21 17:23:54
Description: 
The driver \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys is blocked from loading as the driver has been revoked by Microsoft.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. E16V1IMS.112 11/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-16V1
Processor: Intel® Core™ i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 59%
Total physical RAM: 16271.16 MB
Available physical RAM: 6549.59 MB
Total Virtual: 28047.16 MB
Available Virtual: 15386.46 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:931.07 GB) (Free:239.52 GB) (Model: WDC PC SN730 SDBPNTY-1T00-1032) NTFS
 
\\?\Volume{36435878-acf8-4bb2-9fd1-d15095c2f0d5}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.29 GB) NTFS
\\?\Volume{4f3a491b-a684-4533-917a-2d3361a4b85a}\ (BIOS_RVY) (Fixed) (Total:21.5 GB) (Free:0.69 GB) NTFS
\\?\Volume{cbfef310-9523-4385-ab65-ebb45e3a3813}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: AE696746)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#8
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

I am assuming that last round resolved it. Redirects no longer happening, sudden CPU/GPU use spikes are gone, and entertainment and other processes aren't popping up either. Thank you a ton! Y'all are the best for helping people. 


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

The fixlist doesn't seem to have done anything but clear the alarms.  Fixlog says it couldn't find any of the files, tasks or registry entries I told it to remove.  Did you perhaps run it twice?

 

If the problem is gone it's probably time to clean up:

 

Time to clean up:
If we used FRST to clean your PC:
 
Right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.
 
If we installed Speccy it needs to be uninstalled.  Same for Latency Monitor.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Flash is now officially obsolete and should be removed from all PCs.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan (now renamed to Intel Security Scan).  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.
 
 
If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE (which you should no longer be using since it is no longer supported by Microsoft) go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:
 
chrome://settings/
 
Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.
 
Change
Continue running background apps when Google Chrome is closed
to Off (slide the blue thing to the left and it turns brown)
Close Chrome.
 
 
If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser.  If that helps then one or more of your extensions is at fault.  Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.
 
If you are a Facebook user get the FB Purity extension for your browser:
This will stop all of the suggested pages and ads so that Facebook loads much quicker.
 
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combefore you open them or at least make sure your anti-virus scans them.
 
Due to a recent rise in the number of Cryptolocker infections I am now recommending you install:
 
It's currently a free version (and included in MBAM).
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.
 If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not the latest.  If in doubt uninstall all.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that Java not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.
 
If you are running Win 10 you probably want OpenShell:
 
 
  This program will make Win 10 act like Win 7 with the same controls you are used to.
Download Link:
 
Recommended free software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Media Player it never seems to need extra files to work.
Office like free program:  Open Office: https://www.openoffice.org/download/
or
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo...download_speccy(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.
Download YouTube Videos:  4K Video Downloader (Separate Program) https://www.4kdownlo...videodownloader
You have to copy the URL then hit the + button on the program.  Then select quality. There is a license activate window but you just close it.
With Win 10 only there is a new Game recorder program.  It's supposed to only work for games but it works nicely to record any video you watch.  Hit the Win key + Alt + r to start the recorder.  The first time it asks you if it is looking at a game.  Just tell it yes.  After that it starts recording whenever you bring it up.  Videos are saved to the Captures folder under Videos.  You can only record what you watch so limited to only one video at a time.  Best to go to full screen before starting the recorder.
 
Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.

  • 0

#10
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

I ran FRST twice. The first time it ran in about 10 seconds, and for whatever reason I couldn't find the fixlog So that's probably it. 


  • 0

Advertisements


#11
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

And here we are a few days later and the redirects are back, now affecting both Edge and Opera. Running malwarebytes brings up 9 objects to quarentine. But as soon as I do, google chrome opens up and they are back. 


  • 0

#12
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2022
Ran by olyti (administrator) on MSI (Micro-Star International Co., Ltd. GS66 Stealth 10SF) (27-10-2022 22:44:35)
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Platform: Microsoft Windows 11 Home Version 22H2 22621.674 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(A-Volute SAS -> A-Volute) C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Users\olyti\Documents\Battle.net\Battle.net.exe <6>
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8022\Agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe <13>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe
(C:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Users\olyti\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\olyti\AppData\Local\Programs\Opera\91.0.4516.30\opera_crashreporter.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Black Tree Gaming Limited -> Black Tree Gaming Ltd.) C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe <4>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22AD.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe <7>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\olyti\AppData\Local\Programs\Opera\opera.exe <19>
(Rivet Networks LLC) C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\KillerIntelligenceCenter.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_af5df92252aaf9f0\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2>
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.60.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.60.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.715.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5987456 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12849016 2022-10-14] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0527Helper] => C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631088 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631088 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631088 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Steam] => C:\Steam\steam.exe [4234088 2022-10-18] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-10-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [streamlink-twitch-gui] => C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe [2081280 2022-03-13] (The NW.js Community) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [MicrosoftEdgeAutoLaunch_D30A67E0D8865ABC16D6E6E5594A3C48] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Battle.net] => C:\Users\olyti\Documents\Battle.net\Battle.net.exe [1090168 2022-10-27] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {020C20C7-2254-47D5-A072-F8FE77A24974} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-06] (Microsoft Windows -> )
Task: {0E9D6F75-D3E3-4A66-8FEB-59EA5D8325E2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0EEC08EA-88A4-40D2-8E51-AC372FF12112} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1253720C-DF1D-432E-ABD5-CFE8542EAA00} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {13874124-0973-4636-B069-E2BAA300845A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {35FA916E-7995-450D-B2C8-090E02EECB1C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {430E7B8B-5FCB-4C60-9789-B53FEA9C9A8C} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4A8F1B73-807F-45ED-BF66-8E221CA739ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6167BAC4-E8B3-4DA1-A97F-6629760B8002} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6302DFFD-9EE6-4930-9056-A1600F5206C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6492DE10-4013-4F02-8761-90E2A67A04BB} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {666CBBC0-DB4C-4B55-8F77-FD1413619CD1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {69831915-6808-4DA2-B48E-CF5230B79EDB} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {6A8390B8-0C1B-4D4E-91D2-80AF5891C6C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6B7A010A-D145-45AC-A1B5-34E8A388CB0B} - System32\Tasks\Opera scheduled Autoupdate 1665787781 => C:\Users\olyti\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-09-27] (Opera Norway AS -> Opera Software)
Task: {7914F9BC-5FEF-4C7D-BCAB-55116D9B913A} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [544680 2021-10-14] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7E1654C6-EA21-4EC5-954D-35CD36E14424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {886ADADB-53C3-44CA-8895-76EDA48A3425} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {9A6C2161-FEE5-4926-B363-24A961D4F0E9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4166064 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCCF0B3-E1BB-49C3-BF78-E6F7FCA4CC8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9D567404-1F70-450D-9AB8-0B250A8C8570} - System32\Tasks\OneDC_Updater => C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5311400 2021-04-16] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {A2A3E9E2-B68B-46CA-8BCF-1CEEE54FDD49} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4166064 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFAB2E6B-E1CE-4BAE-91AA-20018A4EC589} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {BE122147-85C1-492C-8636-25F9346B1F98} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C5BB144B-621E-4315-A555-72D2E9F83CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C8549770-3EA9-4ACE-90B5-9E317EE82781} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56A4303-1A39-4DA8-89FB-6D4CA8E73BDB} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {EC102570-8047-4AC3-A02D-996FAD6CF3D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EC6B4537-41C9-4C5F-858D-7B8E808E47C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EDE4AD87-F00E-48EB-A867-31D2962F6879} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FFF8C01D-6F55-4323-A7AE-A11329AB4585} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72c79358-0494-433e-98e3-d5ca75fe66db}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf5b0e02-27bd-40f0-99ea-fad733c4282f}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-27]
Edge Notifications: Default -> hxxps://app.slack.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=NMTE
Edge Session Restore: Default -> is enabled.
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-10-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-09-29]
Edge Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-09-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Opera: 
=======
OPR Profile: C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable [2022-10-27]
OPR Notifications: Opera Stable -> hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-27]
OPR Extension: (Opera Wallet) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-14]
OPR Extension: (Drop) - C:\Users\olyti\AppData\Local\chrome_customize [2022-10-27]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9831016 2022-10-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610472 2022-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [588264 2021-11-11] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncHelper.exe [3475888 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [74048 2022-03-30] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2432832 2022-03-30] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2893136 2022-03-30] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73528 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [74064 2022-03-30] (Intel Corporation -> Intel® Corporation)
S4 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-27] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [168056 2019-05-07] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [87976 2021-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [207488 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.207.1002.0003\OneDriveUpdaterService.exe [3840944 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-26] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-18] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-10-14] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 THXService; C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [234792 2022-01-19] (Tobii AB -> Tobii AB)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2021-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [185536 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-11] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsle0428603; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FDD6A874-6DC6-49E0-AE83-29E13F75E2CE}\MpKslDrv.sys [228632 2022-10-27] (Microsoft Windows -> Microsoft Corporation)
R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43936 2022-07-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-06] (Microsoft Windows -> Realtek Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008f; C:\WINDOWS\System32\drivers\RzDev_008f.sys [63216 2022-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0241; C:\WINDOWS\System32\drivers\RzDev_0241.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0290; C:\WINDOWS\System32\drivers\RzDev_0290.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0292; C:\WINDOWS\System32\drivers\RzDev_0292.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0527; C:\WINDOWS\System32\drivers\RzDev_0527.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2021-04-14] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [37280 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_5f23057de8eba7db\SteelSeries-Sonar-VAD.sys [92856 2022-09-21] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R3 sTHXVAD; C:\WINDOWS\System32\drivers\THXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-27 22:43 - 2022-10-27 22:43 - 000000000 ____D C:\Users\olyti\AppData\Local\chrome_customize
2022-10-27 17:31 - 2022-10-27 17:31 - 000445033 _____ C:\Users\olyti\Downloads\download (1).htm
2022-10-27 16:48 - 2022-10-27 16:48 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-27 16:22 - 2022-10-27 16:22 - 000115282 _____ C:\Users\olyti\Downloads\missginadarling.htm
2022-10-27 12:12 - 2022-10-27 12:12 - 000000920 _____ C:\Users\Public\Desktop\Overwatch.lnk
2022-10-27 12:12 - 2022-10-27 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2022-10-27 11:58 - 2022-10-27 12:12 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-10-27 11:58 - 2022-10-27 11:58 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2022-10-27 11:56 - 2022-10-27 22:44 - 000000000 ____D C:\Users\olyti\AppData\Local\Battle.net
2022-10-27 11:56 - 2022-10-27 11:58 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Battle.net
2022-10-27 11:56 - 2022-10-27 11:56 - 000001052 _____ C:\Users\Public\Desktop\Battle.net.lnk
2022-10-27 11:56 - 2022-10-27 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-10-27 11:55 - 2022-10-27 11:58 - 000000000 ____D C:\Users\olyti\Documents\Battle.net
2022-10-27 11:55 - 2022-10-27 11:58 - 000000000 ____D C:\Users\olyti\AppData\Local\Blizzard Entertainment
2022-10-27 11:55 - 2022-10-27 11:55 - 000000000 ____D C:\ProgramData\Battle.net
2022-10-27 11:15 - 2022-10-27 11:15 - 004838352 _____ (Blizzard Entertainment) C:\Users\olyti\Downloads\Battle.net-Setup.exe
2022-10-27 09:41 - 2022-10-27 09:41 - 000061857 _____ C:\Users\olyti\Downloads\download.htm
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-20 08:49 - 2022-10-27 22:44 - 000000000 ____D C:\FRST
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Faerin Games
2022-10-18 21:38 - 2022-10-18 21:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Soda Pop Minatures and Underbite Games
2022-10-18 15:34 - 2022-10-18 15:35 - 000000000 ____D C:\ProgramData\HP
2022-10-15 23:13 - 2022-10-15 23:14 - 000000000 ____D C:\Users\olyti\AppData\Local\ASTLIBRA
2022-10-15 22:49 - 2022-10-15 22:49 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Ozaak
2022-10-15 22:04 - 2022-10-15 22:04 - 000000000 ____D C:\Users\olyti\AppData\Local\Ronin
2022-10-15 00:06 - 2022-10-15 00:06 - 000000000 ____D C:\Users\olyti\AppData\Local\ProjectCoral
2022-10-14 16:49 - 2022-10-14 16:49 - 000004134 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1665787781
2022-10-14 16:49 - 2022-10-14 16:49 - 000001402 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Opera Software
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Local\Opera Software
2022-10-13 23:12 - 2022-10-26 22:29 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vortex
2022-10-13 23:12 - 2022-10-16 09:44 - 000000000 ____D C:\Program Files\dotnet
2022-10-13 23:12 - 2022-10-13 23:12 - 000002063 _____ C:\Users\Public\Desktop\Vortex.lnk
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Users\olyti\AppData\Local\vortex-updater
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2022-10-13 21:58 - 2022-10-13 22:00 - 000000000 ____D C:\Users\olyti\Documents\Dyson Sphere Program
2022-10-13 21:58 - 2022-10-13 21:58 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Youthcat Studio
2022-10-13 21:22 - 2022-10-13 21:22 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-13 21:22 - 2022-10-13 21:22 - 000000000 ___HD C:\$WinREAgent
2022-10-11 23:25 - 2022-10-11 23:25 - 000000000 ____D C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui
2022-10-11 23:16 - 2022-10-11 23:16 - 000000000 ____D C:\Users\olyti\AppData\Local\streamlink-twitch-gui
2022-10-09 10:56 - 2019-03-15 02:36 - 003753088 _____ (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPScanTRDrv_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 002952200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkinsE311.exe
2022-10-09 10:56 - 2019-03-15 02:36 - 000592000 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia2_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000392200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkstsE311LM.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000327688 _____ (HP Inc.) C:\WINDOWS\system32\hpinkcoiE311.dll
2022-10-07 15:14 - 2022-10-07 15:14 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\SuperMegaTeam
2022-10-07 08:12 - 2022-10-07 08:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Hide Games
2022-10-06 21:14 - 2022-10-06 21:14 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-06 21:14 - 2022-10-06 21:14 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-06 21:10 - 2022-10-06 21:10 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-06 20:12 - 2022-10-06 20:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\QHS
2022-10-06 20:09 - 2022-10-06 20:09 - 000000000 ____D C:\Users\olyti\AppData\Local\rmmz-game
2022-10-06 19:56 - 2022-10-06 19:56 - 000000000 ____D C:\Users\olyti\AppData\Local\Potionomics
2022-10-06 19:39 - 2022-10-06 19:39 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\RebornEntertainment
2022-10-06 19:38 - 2022-10-06 19:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\DefaultCompany
2022-10-04 23:13 - 2022-10-04 23:13 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Dark Light Studio
2022-10-04 22:30 - 2022-10-04 22:30 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Trigon fan
2022-10-01 18:30 - 2022-10-01 18:30 - 000001143 _____ C:\Users\Public\Desktop\GShade Control Panel.lnk
2022-10-01 18:30 - 2022-10-01 18:30 - 000000091 _____ C:\Users\Public\Desktop\GShade Visual Guide.url
2022-10-01 18:30 - 2022-10-01 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GShade
2022-10-01 18:29 - 2022-10-01 18:29 - 000000000 ____D C:\Users\Public\GShade Custom Shaders
2022-09-30 16:28 - 2022-09-30 16:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-30 16:27 - 2022-10-27 18:04 - 000807834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-30 16:26 - 2022-10-27 22:41 - 000004138 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2865D8D3-0E3F-42D6-9DB0-FBC78E111295}
2022-09-30 16:26 - 2022-10-25 23:45 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-09-30 16:26 - 2022-10-25 23:45 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-09-30 16:26 - 2022-10-25 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-30 16:26 - 2022-10-25 20:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001
2022-09-30 16:26 - 2022-10-25 20:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-30 16:26 - 2022-10-14 23:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-30 16:26 - 2022-10-14 23:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-30 16:26 - 2022-09-30 16:26 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-09-30 16:26 - 2022-09-30 16:26 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2022-09-30 16:26 - 2022-09-30 16:26 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002826 _____ C:\WINDOWS\system32\Tasks\OneDC_Updater
2022-09-30 16:26 - 2022-09-30 16:26 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002280 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000002184 _____ C:\WINDOWS\system32\Tasks\OmApSvcBroker
2022-09-30 16:26 - 2022-09-30 16:26 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000000020 ___SH C:\Users\olyti\ntuser.ini
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\IsolatedStorage
2022-09-30 16:26 - 2020-05-30 11:23 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3202656799-1986057151-242305456-500
2022-09-30 16:26 - 2019-11-13 11:43 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3246922579-2884849309-941848276-500
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-09-30 16:24 - 2022-09-30 16:24 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-09-30 16:23 - 2022-10-27 22:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-30 16:23 - 2022-10-13 21:43 - 000607720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-30 16:00 - 2022-09-30 16:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-30 15:59 - 2022-10-21 00:23 - 000000000 ____D C:\Users\olyti
2022-09-30 15:59 - 2022-05-06 23:19 - 000001281 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-09-30 15:59 - 2022-05-06 23:19 - 000000407 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-09-30 15:58 - 2022-09-30 16:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2022-09-30 15:55 - 2022-09-30 15:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-09-30 15:54 - 2022-09-30 15:54 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\addins
2022-09-30 15:46 - 2022-09-30 15:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-30 15:24 - 2022-10-13 00:02 - 000000000 ___DC C:\WINDOWS\Panther
2022-09-29 22:27 - 2022-09-29 22:27 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Unknown Worlds
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-29 17:56 - 2022-09-23 19:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-29 17:56 - 2022-09-23 19:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-29 17:56 - 2022-09-23 19:27 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-29 17:56 - 2022-09-23 19:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-29 17:56 - 2022-09-23 16:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-29 17:56 - 2022-09-23 16:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-09-29 17:56 - 2022-09-21 18:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-29 17:56 - 2022-07-15 10:59 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-09-29 17:56 - 2021-06-02 08:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-09-29 17:49 - 2022-09-07 08:56 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-09-29 17:49 - 2022-09-07 08:56 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ C:\Users\olyti\AppData\Local\2450563487
2022-09-29 17:48 - 2022-09-29 17:48 - 000000000 ____D C:\Users\olyti\AppData\Local\Arkane Studios
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-27 22:45 - 2021-04-17 18:04 - 000000000 ____D C:\Steam
2022-10-27 22:38 - 2021-04-27 23:07 - 000000000 ____D C:\Users\olyti\AppData\Local\Google
2022-10-27 22:38 - 2021-04-27 23:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-27 22:16 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-27 21:44 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-27 20:05 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-27 19:00 - 2021-04-17 17:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-27 18:20 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-27 18:04 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-10-27 18:00 - 2022-03-05 21:51 - 000000000 ____D C:\Users\olyti\.tobii
2022-10-27 09:06 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-27 09:00 - 2021-04-18 00:43 - 000000000 ____D C:\Users\olyti\AppData\Local\CrashDumps
2022-10-27 00:21 - 2021-12-17 01:26 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2022-10-26 22:07 - 2022-05-21 17:08 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vampire_Survivors
2022-10-26 21:34 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-26 21:34 - 2022-03-11 18:26 - 000000000 ____D C:\XboxGames
2022-10-26 21:34 - 2021-04-17 17:05 - 000000000 ____D C:\Users\olyti\AppData\Local\Packages
2022-10-26 21:34 - 2019-11-13 11:43 - 000000000 ____D C:\ProgramData\Packages
2022-10-25 23:45 - 2021-09-09 17:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-25 23:45 - 2021-04-22 13:18 - 000012288 ___SH C:\DumpStack.log.tmp
2022-10-25 23:44 - 2022-05-06 23:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-25 23:29 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-25 20:12 - 2021-04-25 09:39 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-25 20:12 - 2021-04-17 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\D3DSCache
2022-10-21 00:34 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\SteelSeries
2022-10-21 00:24 - 2020-05-30 10:43 - 000000000 ____D C:\ProgramData\A-Volute
2022-10-20 17:16 - 2021-11-19 23:04 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-18 19:34 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\PlaceholderTileLogoFolder
2022-10-16 09:45 - 2020-05-30 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-14 04:58 - 2019-11-13 13:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 22:24 - 2021-04-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 22:23 - 2021-04-17 23:53 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-13 21:54 - 2019-11-13 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-13 21:52 - 2021-11-10 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-10-13 21:51 - 2021-11-10 18:44 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 04:39 - 2022-06-09 23:20 - 000316920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-10-12 02:55 - 2022-06-09 23:20 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-10-11 08:22 - 2021-08-26 22:29 - 000000000 ____D C:\Users\olyti\AppData\Roaming\projectascension
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascension Launcher
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\Program Files\Ascension Launcher
2022-10-09 11:09 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-06 21:17 - 2022-05-06 23:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-06 21:17 - 2022-05-06 23:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-06 20:52 - 2021-05-31 10:54 - 000000000 ____D C:\Users\olyti\AppData\Roaming\rsilauncher
2022-10-06 19:56 - 2021-05-08 00:40 - 000000000 ____D C:\Users\olyti\AppData\Local\UnrealEngine
2022-10-03 20:04 - 2021-04-17 17:05 - 000000000 __SHD C:\Users\olyti\IntelGraphicsProfiles
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\ProgramData\Razer
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\Program Files (x86)\Razer
2022-10-02 16:48 - 2022-04-04 21:43 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-01 18:30 - 2021-10-23 17:19 - 000000000 ____D C:\Program Files\GShade
2022-10-01 18:29 - 2021-10-23 17:19 - 000000000 ____D C:\Users\Public\GShade Backups
2022-10-01 18:08 - 2022-03-05 21:51 - 000000000 ____D C:\ProgramData\Tobii
2022-09-30 16:48 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-30 16:26 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-30 16:26 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-30 16:26 - 2019-11-13 11:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-30 16:24 - 2020-05-30 10:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-30 16:23 - 2022-08-11 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tower of Fantasy
2022-09-30 16:23 - 2022-05-14 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline
2022-09-30 16:23 - 2022-05-06 23:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-30 16:23 - 2022-03-05 19:39 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2022-03-04 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RazerCentral
2022-09-30 16:23 - 2022-02-10 00:22 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games
2022-09-30 16:23 - 2021-09-05 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
2022-09-30 16:23 - 2021-06-18 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-09-30 16:23 - 2021-06-05 06:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-30 16:23 - 2021-04-30 18:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-09-30 16:23 - 2021-04-17 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-30 16:23 - 2021-04-17 23:04 - 000000000 ____D C:\Program Files\UNP
2022-09-30 16:23 - 2021-04-17 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2021-04-17 17:07 - 000000000 ___RD C:\Users\olyti\OneDrive
2022-09-30 16:23 - 2020-05-30 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI True Color
2022-09-30 16:23 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-30 16:23 - 2020-05-30 10:34 - 000000000 ____D C:\Program Files\Intel
2022-09-30 16:23 - 2019-11-13 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 16:23 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-30 16:06 - 2022-05-06 23:28 - 000000000 ____D C:\WINDOWS\Setup
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-30 16:00 - 2021-04-17 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2022-09-30 16:00 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2022-09-30 15:57 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-29 17:59 - 2021-10-30 22:36 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA
2022-09-29 17:58 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
 
==================== Files in the root of some directories ========
 
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ () C:\Users\olyti\AppData\Local\2450563487
2021-11-06 22:23 - 2021-11-06 22:23 - 000007598 _____ () C:\Users\olyti\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2022
Ran by olyti (27-10-2022 22:46:15)
Running from C:\Users\olyti\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.674 (X64) (2022-09-30 22:26:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3139933802-399766682-36797096-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3139933802-399766682-36797096-503 - Limited - Disabled)
Guest (S-1-5-21-3139933802-399766682-36797096-501 - Limited - Disabled)
olyti (S-1-5-21-3139933802-399766682-36797096-1001 - Administrator - Enabled) => C:\Users\olyti
WDAGUtilityAccount (S-1-5-21-3139933802-399766682-36797096-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Disabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Games (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.2.8063.2 - Amazon.com Services, Inc.)
Ascension Launcher 1.92 (HKLM\...\{58D22CF7-EECE-433A-B4B3-A268FF8487B1}_is1) (Version: 1.92 - Project Ascension)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Command & Conquer™ Remastered Collection (HKLM-x32\...\{CB92A22C-0421-4513-9EE4-00519B4A12CC}) (Version: 1.153.11.25007 - Electronic Arts Inc. (en_US))
Crowfall_Live (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Crowfall_Live) (Version: 1.0.0.0 - ACE)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.33.0.5290 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{1ea29ff4-ac27-4775-b029-95e63cac9adb}) (Version: 12.33.0.5290 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Fdrawcmd.sys 1.0.1.11 (HKLM-x32\...\fdrawcmd) (Version: 1.0.1.11 - Simon Owen)
FINAL FANTASY XI (HKLM-x32\...\{07EB4C8B-3869-49B4-8CF8-D6D9FB8C8026}) (Version: 1.2.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GShade 3.5.2 (HKLM\...\GShade) (Version:  - GPOSERS)
Intel® Chipset Device Software (HKLM\...\{B4BF76D4-C8E0-4341-A8C5-A33D1C506DED}) (Version: 10.1.18263.8193 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel® Corporation)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{F9B9A5A4-D66B-411A-B28F-D7A8863B432E}) (Version: 2.2.1457 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{B10DC0D5-964E-45F2-8068-67B8FCD393F8}) (Version: 2.2.1446 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.16.217 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.16.217 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.24 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{B71DA3AB-24EC-9E95-A79B-7B5F92B0CEDD}) (Version: 10.1.22621.1846 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 3.0.58.0 - Portrait Displays, Inc.)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 91.0.4516.30 (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Opera 91.0.4516.30) (Version: 91.0.4516.30 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PlayOnline Viewer (HKLM-x32\...\{81784E3A-1BDA-4743-B5F8-04E59DC7E031}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1015.100615 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RSI Launcher 1.5.5 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.5.5 - Cloud Imperium Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 26.0.0 (HKLM\...\SteelSeries GG) (Version: 26.0.0 - SteelSeries ApS)
Tobii Experience Software For Windows (HKLM\...\{68DDA3A1-29A0-4FB1-8EBF-F25EF0A0EF58}) (Version: 4.59.0.18364 - Tobii AB)
Tower of Fantasy (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\tof_launcher) (Version:  - Hotta Studio)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
 
Packages:
=========
An Elder Scrolls Legend: Battlespire -> C:\Program Files\WindowsApps\BethesdaSoftworks.AnElderScrollsLegendBattlespire_1.3.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-12] (Microsoft Corp.)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-04-17] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag [2022-06-21] (Rivet Networks LLC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-05-30] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-09-30] (Microsoft Corp.)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corp.)
ms-resource:Appname -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52074.0_x64__8wekyb3d8bbwe [2022-10-18] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-09-30] (Microsoft Corporation)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-30] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-10] (INTEL CORP) [Startup Task]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-04-17] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm [2022-10-21] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
Offworld Trading Company -> C:\Program Files\WindowsApps\StardockEntertainment.OffworldTradingCompany_1.0.82.0_x64__w7tm8b8tp1rkt [2022-08-16] (Stardock Entertainment)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-09-08] (Realtek Semiconductor Corp)
Slay The Spire -> C:\Program Files\WindowsApps\HumbleBundle.SlayTheSpire_2.4.0.0_x86__q2mcdwmzx4qja [2022-07-05] (Humble Bundle)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-15] (Spotify AB) [Startup Task]
The Elder Scrolls Adventures: Redguard -> C:\Program Files\WindowsApps\BethesdaSoftworks.TheElderScrollsAdventuresRedguar_1.4.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.60.17163.0_x64__j9ea20k37yd2w [2022-03-05] (Tobii AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
Vampire Survivors -> C:\Program Files\WindowsApps\poncle.VampireSurvivors_1.0.109.0_x64__9pv5cyp4vwdsr [2022-10-22] (poncle)
Warhammer 40,000™: Battlesector™ -> C:\Program Files\WindowsApps\SlitherineSoftwareUKLtd.Warhammer40000Battlesector_1.1.33.0_x64__e7kchnf2m4530 [2022-07-28] (Slitherine Software UK Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-13] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3139933802-399766682-36797096-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\nvshext.dll [2022-09-23] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-10-13 23:12 - 2022-10-06 05:21 - 001368576 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-bsa-support\bsatk.node
2022-10-13 23:12 - 2022-10-06 05:21 - 008495104 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-plugin-management\loot.dll
2022-10-13 23:12 - 2022-10-06 05:21 - 000845952 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-savegame-management\liblz4.dll
2022-10-13 23:12 - 2022-10-06 05:21 - 000600576 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\diskusage\build\Release\diskusage.node
2022-10-13 23:12 - 2022-10-06 05:21 - 000498176 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-x64\node.napi.node
2022-10-13 23:12 - 2022-10-06 05:21 - 001891328 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\libxmljs\build\Release\xmljs.node
2022-10-13 23:12 - 2022-10-06 05:21 - 001150976 _____ () [File not signed] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\xxhash-addon\build\Release\addon.node
2022-10-13 23:12 - 2022-10-06 05:21 - 002789376 _____ () [File not signed] C:\Program Files\Black Tree Gaming Ltd\Vortex\ffmpeg.dll
2022-10-13 23:12 - 2022-10-06 05:21 - 000471040 _____ () [File not signed] C:\Program Files\Black Tree Gaming Ltd\Vortex\libegl.dll
2022-10-13 23:12 - 2022-10-06 05:21 - 007179264 _____ () [File not signed] C:\Program Files\Black Tree Gaming Ltd\Vortex\libglesv2.dll
2022-10-13 23:12 - 2022-10-06 05:21 - 004759552 _____ () [File not signed] C:\Program Files\Black Tree Gaming Ltd\Vortex\vk_swiftshader.dll
2022-10-18 20:55 - 2022-10-18 20:55 - 020899328 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm\Nahimic3.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000420352 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libegl.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 006374400 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\libglesv2.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 004030976 _____ () [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\vk_swiftshader.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 104871424 _____ () [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\libcef.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000112128 _____ () [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\libegl.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 006227456 _____ () [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\libglesv2.dll
2021-10-30 22:27 - 2021-10-30 22:27 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll
2019-07-02 16:07 - 2019-07-02 16:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\chrome_elf.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 001844736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\ffmpeg.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 015924736 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\node.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 174965248 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw.dll
2022-10-11 23:17 - 2022-03-13 07:10 - 000980992 _____ (The NW.js Community) [File not signed] C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\nw_elf.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\audio\qtaudio_windows.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qgif.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qico.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qjpeg.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qmng.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qsvg.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qtiff.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\platforms\qwindows.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Core.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Gui.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Multimedia.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Network.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Qml.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Quick.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Svg.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Widgets.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5WinExtras.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> DefaultScope {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\olyti\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3139933802-399766682-36797096-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\olyti\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ffxiv_12122021_131827_888.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "Norton Download Manager{NS-22211151-SHPD-FSD5250006}"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{57F5CA79-AD82-4F75-81D5-59B87C0DA1E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{06D35A3B-CA79-4F6A-8143-686F164C937F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E1225DDF-11E8-4449-9B27-29C804804791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CDB1B76-5307-4647-A529-1D51436978B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F47C274A-1CA7-4306-834A-0CA0E4521805}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [{9F62DBA0-F911-451F-9A74-D63B4F9F9407}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [UDP Query User{2AE7CDB6-7707-4CB6-B8D7-D12D5D5BE8EA}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{5082E1F3-9419-415F-8E84-9B298D08EDBC}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{F6954A2B-AF48-4F0B-B97D-724C81193708}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{389A9C3D-DFCD-44FD-ACA5-434680FCBCB7}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{59B1A946-6E24-434C-A9EC-37B841863465}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{E20CAA85-A347-4C47-96A7-8CC33E376374}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{0EFCFA03-D09E-4860-B85E-6861B289AB2B}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{5C6F48D9-A3D4-4BFE-B41C-0A6437C03FCA}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{9FB95E41-688C-46D1-9E73-0B012762E64B}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{75621C35-0CDE-4A43-A65A-82F73027DDAB}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{EF55A5E0-8D64-4A77-BB95-B8E245B79047}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3AB61B73-9263-44E3-BF77-92F8E3BE8B68}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3DC8D835-8BA8-448A-B6BE-25AD4B392F8B}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{8DFB67B6-0C13-40EE-B6F2-58B2E7DBC9CA}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{1522EED5-5522-4C63-B9B3-E717D8E9EF5E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [File not signed]
FirewallRules: [{1AD494B4-DD9F-402F-A15A-8C06104F463B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{4EC0CBF8-2056-4E2E-BA51-00D3EE50009B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [UDP Query User{E523A3A1-C957-4E1F-BD1E-9A55D7FCCB99}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{1BBBBF13-F560-4D3A-8E0A-42B9AD3E6F76}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{0BC2DD59-92BD-4291-AB7C-605F7CEC58C6}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{7FAD18D6-87A1-4690-8A4A-2B6B28E0EC4E}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{4A31B107-955F-4643-9121-76B2289A1017}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{C9FCAD55-582C-43ED-9BE4-7ED57802AE0B}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{87ED5109-6433-48EB-905C-83A6C6F6763A}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{7AE9E5C6-30BF-4E94-9ABE-501DF8DFDFAC}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{BBDE1370-A1AF-4B6D-BF4D-6ACF00BABF37}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [{C77CE587-39C2-4811-9874-9E919D058989}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [UDP Query User{B295D693-5A48-42C8-908A-640EB57C32F3}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{2DE238EE-8758-407B-9EC6-27E028D3A49D}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{B947DE67-224A-41E5-9F10-F3DB9BB5E1D6}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{EA80B650-7BB3-445C-8248-15394BBCFC3C}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{A135AEB3-1545-4A9A-84D6-B3CC258DE947}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{A212D0C9-8653-45DC-8C5B-CCA1EBA829FA}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{5EDBC7B7-E8F2-4834-9DE3-7A6347D0B378}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{4B2C02B6-E383-47A4-AC82-0075E96D51BA}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{EDEF3CB9-E796-4ECB-B71E-643CC28B3CCC}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{FF3F3F11-FDF4-4F32-8179-F6B2FDA6FE78}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{6BDEC23A-E2C8-435B-91BA-ED8A8ED7BC8D}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{60F73CAB-E0B7-48DA-AE07-297CBFC6A51C}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{F70E9553-D698-4381-92A3-838E9AB08FA4}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [TCP Query User{20D31CE8-E4B9-4D3F-96E0-3908F68E0E12}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [{DE750991-1B01-4BB5-A16A-0CE00325C68B}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{F3854973-6B81-4836-8E47-5BA2A1E4708D}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{D00DCF5F-AEA8-4776-9F2F-8BF98845E4D8}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{43278E45-26DD-40ED-A623-A055BD552DFD}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{E7242E90-F583-448E-8CA7-F6C6108AE32E}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2DCB557D-1B63-4040-A947-B453EFC04BD7}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{726EBFD4-D8A5-475D-B7A0-0B160755E3C3}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{478C939E-E594-44D1-AE20-071F2BB56449}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{0C618E4B-6A1D-403D-9603-E4D79B3798E6}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{522D38E7-E40C-4407-982A-6F9DF16D44A3}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{63FA1E32-6998-4BE6-927E-6B8B01DC7A5D}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{333EB221-0413-4816-B800-9C7EB8E49C17}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{2AF06201-7AF3-45E1-9024-74102713FA20}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8A680465-B8D9-46D2-A5B0-A186635C2FD3}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B2C2CCA4-0B84-449F-9EFE-0F35A0AC61EC}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{DFEEB1C7-34A2-45D9-B77E-4531D498FF04}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{E1580716-6F77-4BC6-88A2-E53DB31C05E1}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{D24C171C-9AC2-4E66-B8E5-1FE11A1778F4}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{72A15286-E488-42CD-B687-97386209D5E6}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{8963092A-82D3-4E01-BC74-FB8AA5DC866B}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{17B0662F-A78E-4B48-877B-F9EE455EF07C}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{EABE7D84-ABC0-43AC-8185-34D27FDAA1E3}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{57362E65-43AC-424A-944B-36BE16D35D7D}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0058F547-8A38-450A-8B90-DA021B251B25}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3C05002-D9E0-44E0-9461-AC4710F94127}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02325BC3-B7A1-4F4B-9936-592536AC5D00}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68538345-9987-4FC9-89E9-1C63BAF4D58D}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{11E91444-35E0-4F2B-B893-E565490F78C6}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{EB8D79D8-795B-4C3D-A4A0-EE95E7F53DBA}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{9F059180-29BA-42F0-BBE2-C07C6EE65450}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{DCD5F566-DFE5-468A-A7F7-C7D40BCCFDA4}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{C8D8A701-541D-486B-945D-FD7E78A295EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{11EA62F8-C6C7-4B5A-813F-16DA4FD5E135}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6DA1FDA5-DB9D-4610-804D-8EA49CF61619}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{9D5F8B2A-E9FD-4631-992A-9B0278B1D9A2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{62DE4036-B7B8-4FD5-B137-C3CA20CF1CB2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{39F4B399-12B8-4F8E-BC1D-46B2EEFDEA2B}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B4F89464-FDF5-4405-9D44-3B7F82FB187C}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{8BD1B7C6-E217-40FE-88D1-D580A8A68EB1}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3F8C9BC2-2A8F-4994-8EF1-B249AC259429}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B5A107BA-BC36-41CA-AA90-68AEF973C290}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{2930AD3B-0906-467F-8E57-2D82CEB8CE6B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1CE78791-24E4-4478-A1FC-D9A4CAEB3E71}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{07CBC086-7222-4F48-BBE1-2E92DF1AECD6}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{55C8A6FE-4378-4411-8B26-1FE0D796A976}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{42C6F4B4-905E-43B1-9899-204E3FFC3D88}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{7001B18F-521B-457F-A8FF-FD1C2EFD2786}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{78B4F9BF-FB9A-49FC-8B1B-0F81E9180F79}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{1E084E40-9CD4-4609-A882-004CA966B88B}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{B84688B3-8466-48B3-9ADC-00B64DF6BCE8}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [TCP Query User{9859FF70-CC36-4CED-A580-546B0F0D5B88}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [UDP Query User{44CD8378-7BD6-49D1-92B5-3E0BFC5C73E4}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [TCP Query User{657EEE1B-C880-496C-8F0C-AAF85BF2935A}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{13668A7D-9C20-457E-82B7-193ED3DEE9C8}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{03468686-AF5B-46C9-B126-874FC312475F}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6B51F98E-EBB3-4169-8AA4-610403EA735E}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{1C3C024C-F4C0-4005-801C-83C8AA93551A}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6A82F5FF-2085-49B2-992A-C2FD9021CC99}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{B07A290C-0B41-44F2-8017-EFACDE75F2B1}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{97B81EC1-F667-4B2A-AD25-B790568A75A7}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{827BD318-4373-48D9-A018-59F9C17EFEA2}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{26395699-8EF1-410B-A413-DC271DA8F1A5}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2FFCA926-F8F8-465C-83BD-E685C46F6681}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{FB209C8F-DE2E-4190-83F6-B260F3DA065F}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{3BFE6C29-B013-4606-8D18-7EB874FF777E}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7463DC97-B1BF-4454-ABB5-F0688AAAEE1C}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{77DE23E8-61A4-4CA3-A5D3-A590AFB9243F}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{5F26DEE2-35F7-4F47-B982-1310C2174F40}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [{B418CB8C-5280-4826-9525-39DD4BA054C6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{E989079C-4488-4291-A2D3-A0B1B2882BA6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{BA8C81C2-AF8F-4DB9-BF13-E78C97D50637}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B6B4F4B0-C39C-4534-A328-B1AD38957059}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{3449C722-8273-4931-8148-BE167F04A8AB}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{3644136A-488E-4B39-A71A-5701F9210CFF}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [TCP Query User{7C49AFAA-E8D0-4391-90E2-BAC62D289185}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [UDP Query User{D511C8FC-DF44-4A09-A942-E80C2C3FC642}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [{26248D88-12CD-4F65-BCDB-8E9C617615B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE9072EA-873B-4DE5-A124-CC908A93452E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [{53D7019F-158F-48C9-8CD2-5AF2C271331E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [TCP Query User{8E84898E-2FBB-486A-B258-77C4FD5EE413}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1170733F-8D30-464E-A89B-3F4B3D86FC23}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8077C9F8-0B7E-4206-985B-FD7741A08985}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{B6357431-E771-49A7-A279-46510BB6AD8C}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{A6E2336F-B76A-43E2-BC5D-87CB2EF54F94}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{138D5959-0B49-419B-AC5F-707ACF366141}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{E632C5AA-9611-49CE-AAE1-53BB6E9A13CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6B5A34-7118-4DCA-BE9D-F1C38A5D1287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC4F6EF5-5582-4705-BFD6-3BB689A157AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B6D7B28-EBE3-4D00-A4C0-FCD08513CE2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CDC4F736-2EF9-4A73-A2B5-512B27FD7651}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{40CF5F55-E4EC-4B41-8B14-70E581250729}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe => No File
FirewallRules: [{09F7AC35-6867-43DE-B656-8AB1F1C424D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5E2350C-0C6C-4467-B457-F9CF6B10F8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D8BE34C-AA62-4694-9C6D-37BBAB8B1D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89180A0E-7EC1-4EDC-9AFB-E06622A0831A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D69E67D-D1F0-4B92-BABE-229416EC1D0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1F8857D-B060-46AA-BF04-32F97E9410FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF6B875-B37F-4D94-A51B-9B186FED8011}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21E4844F-6BBD-4E63-B056-4CC4AD625F2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1A20A225-A2B4-429D-9D77-EE80C779D08C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1EA87F4-BD38-4753-A14B-421A32ACDB75}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D7DB026-1C11-409B-8E2D-0DF5E1644BA9}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe => No File
FirewallRules: [UDP Query User{D2D1D5A3-0C14-43AF-A6EC-9BBE687C142B}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe => No File
FirewallRules: [TCP Query User{73D8059E-B9A6-4D34-A0B4-AD8A845A5173}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{93ACD40F-9757-4615-B19B-C90F15B8CE23}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{4B125F82-5810-4FC0-A184-F8FFDB54B036}C:\users\olyti\appdata\roaming\entertainment\entertainment.exe] => (Block) C:\users\olyti\appdata\roaming\entertainment\entertainment.exe => No File
FirewallRules: [UDP Query User{117505C0-EDE6-410F-9014-1C02774653E5}C:\users\olyti\appdata\roaming\entertainment\entertainment.exe] => (Block) C:\users\olyti\appdata\roaming\entertainment\entertainment.exe => No File
FirewallRules: [{866F8D1B-455B-46F8-81AE-8DA00C08351F}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{F3A08D63-199B-42E6-ABCA-6B90E7D1DF67}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{4F63CD6A-2BFF-4A13-982A-F0C94A786AC0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C84BE957-70C8-4C32-8EDE-A93843F5E99B}] => (Allow) LPort=32682
 
==================== Restore Points =========================
 
25-10-2022 23:29:10 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/27/2022 09:00:26 AM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0x241c
Faulting application start time: 0x0x1d8e9d0ed078ede
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: b008562c-406c-42ea-97ad-b041a47e5cc7
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/27/2022 09:00:23 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: LEDKeeper2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at MSI_LED.App.WriteInfoLog()
   at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at System.Windows.Application.Run()
   at MSI_LED.App.Main()
 
Error: (10/25/2022 11:45:45 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
 
Error: (10/25/2022 11:44:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/25/2022 11:44:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/25/2022 08:06:30 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0x5f5c
Faulting application start time: 0x0x1d8e80fa2967ceb
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 41603a3d-ebb1-4c16-b173-c4fc0ec850b6
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/25/2022 08:06:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: LEDKeeper2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at MSI_LED.App.WriteInfoLog()
   at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at System.Windows.Application.Run()
   at MSI_LED.App.Main()
 
Error: (10/24/2022 04:10:11 PM) (Source: Application Error) (EventID: 1000) (User: MSI)
Description: Faulting application name: LEDKeeper2.exe, version: 1.0.1.27, time stamp: 0x618a3fbd
Faulting module name: KERNELBASE.dll, version: 10.0.22621.674, time stamp: 0x160a2aa8
Exception code: 0xe0434352
Fault offset: 0x00147152
Faulting process id: 0x0x2844
Faulting application start time: 0x0x1d8e7dac770e1c8
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5c396e47-0922-4cd1-ae52-7bc265062428
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/27/2022 11:27:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
 
Error: (10/26/2022 09:38:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Synapse Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Run the configured recovery program.
 
Error: (10/26/2022 09:37:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Game Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/25/2022 11:45:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The RstMwService service terminated with the following error: 
%%2684420176
 
Error: (10/25/2022 11:44:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
 
Error: (10/25/2022 11:30:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
 
Error: (10/25/2022 11:29:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
Error: (10/25/2022 11:29:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.
 
 
Windows Defender:
================
Date: 2022-10-25 23:29:12
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-24 11:04:55
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-22 23:49:58
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-21 22:44:49
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-10-27 22:45:27
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. E16V1IMS.112 11/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-16V1
Processor: Intel® Core™ i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 64%
Total physical RAM: 16271.16 MB
Available physical RAM: 5840.79 MB
Total Virtual: 28047.16 MB
Available Virtual: 10138.54 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:931.07 GB) (Free:239.02 GB) (Model: WDC PC SN730 SDBPNTY-1T00-1032) NTFS
 
\\?\Volume{36435878-acf8-4bb2-9fd1-d15095c2f0d5}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.29 GB) NTFS
\\?\Volume{4f3a491b-a684-4533-917a-2d3361a4b85a}\ (BIOS_RVY) (Fixed) (Total:21.5 GB) (Free:0.69 GB) NTFS
\\?\Volume{cbfef310-9523-4385-ab65-ebb45e3a3813}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: AE696746)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#13
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Opera now shuts down and reopens on its own whenever I try and use it. So that's nice. 


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Can you give me a log or a screenshot of the things that MalwareBytes removed?


  • 0

#15
koupernikus

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 10/28/22
Scan Time: 3:43 PM
Log File: 9492787a-5709-11ed-976b-00d861e6b15b.json
 
-Software Information-
Version: 4.5.16.217
Components Version: 1.0.1792
Update Package Version: 1.0.61659
License: Trial
 
-System Information-
OS: Windows 11 (Build 22621.674)
CPU: x64
File System: NTFS
User: MSI\olyti
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 383591
Threats Detected: 6
Threats Quarantined: 0
Time Elapsed: 1 min, 16 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 1
Adware.ChromeLoader.Generic, C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize, No Action By User, 4514, 1072383, 1.0.61659, , ame, , , 
 
File: 5
Adware.ChromeLoader.Generic, C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize\background.js, No Action By User, 4514, 1072383, 1.0.61659, , ame, , 5D73AC945E55F3AAC5B4D6D594881A0D, 66F34FCF8CEF8D3E3748E748AE02E5C5C8105F966E9FFE19493910BFE9D6A0EE
Adware.ChromeLoader.Generic, C:\Users\olyti\AppData\Local\chrome_customize\content.js, No Action By User, 4514, 1072383, , , , , AA5427F510F91523A5F622CE3D0F9C96, 3B016E5870C52D9A1CBC213201BC16D6ABE7687DBD1807E7322FBCF7DB3E0FB5
Adware.ChromeLoader.Generic, C:\Users\olyti\AppData\Local\chrome_customize\manifest.json, No Action By User, 4514, 1072383, , , , , A62D48A37CA9BE93262A0B436D33E284, 32FCCE471B5D31705201E7FD9ED615DD70B49D3F111F6C481BAE499FE0C8329B
Adware.ChromeLoader.Generic, C:\Users\olyti\AppData\Local\chrome_customize\properties.png, No Action By User, 4514, 1072383, , , , , 4E46AD8737DD28215F3C478EE8B01DC0, 5899F805CBB22F72960B222A7A19AE94AAEC61DE8F638D003FBD54F62E87C5ED
Adware.ChromeLoader.Generic, C:\USERS\OLYTI\APPDATA\ROAMING\Microsoft\Windows\Recent\properties.lnk, No Action By User, 4514, 1072383, , , , , 1427FCE4B4C099D1064B5638981F6C29, 0AB6D8BA58AF755BC1D84F3C1B08BA8A02D7E6D4EDC63AB92B4E8F40C623B6B8
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP