Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Likely infection - google search redirects

Started by koupernikus , Oct 20 2022 09:01 AM

  • Please log in to reply

#16
RKinner
Posted 29 October 2022 - 06:37 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
It says the adware was created at:
 
2022-10-27 22:43
 
Do you remember what software you were running about that time?  Maybe a game?  Often adware is included with other programs and gets installed when you use the software.  
 
This should get rid of the current infection and prevent a reinstall of the same named adware.
 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   642bytes   104 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 

  • 0

Advertisements

#17
koupernikus
Posted 29 October 2022 - 12:13 PM

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

That adware recreates itself and its folder every time I delete it/remove it. Properties check for it shows modified 6 hours later. 
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2022
Ran by olyti (administrator) on MSI (Micro-Star International Co., Ltd. GS66 Stealth 10SF) (29-10-2022 12:07:16)
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Platform: Microsoft Windows 11 Home Version 22H2 22621.674 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8022\Agent.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\AudioVisualizer\ChromaVisualizer.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe ->) (Electronic Arts, Inc. -> The Qt Company Ltd.) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngineProcess.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
(C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.60.0_x64__8wekyb3d8bbwe\XboxAppServices.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe <13>
(C:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Users\olyti\Documents\Battle.net\Battle.net.exe <3>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22AD.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Rivet Networks LLC) C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\KillerIntelligenceCenter.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_af5df92252aaf9f0\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2>
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.60.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.60.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.715.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5987456 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12849016 2022-10-14] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0527Helper] => C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631088 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631088 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631088 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Steam] => C:\Steam\steam.exe [4234088 2022-10-18] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-10-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [streamlink-twitch-gui] => C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui\streamlink-twitch-gui.exe [2081280 2022-03-13] (The NW.js Community) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [MicrosoftEdgeAutoLaunch_D30A67E0D8865ABC16D6E6E5594A3C48] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Run: [Battle.net] => C:\Users\olyti\Documents\Battle.net\Battle.net.exe [1090168 2022-10-27] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {020C20C7-2254-47D5-A072-F8FE77A24974} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0331ADF2-A32D-42BC-9229-E65763942693} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-06] (Microsoft Windows -> )
Task: {0E9D6F75-D3E3-4A66-8FEB-59EA5D8325E2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1253720C-DF1D-432E-ABD5-CFE8542EAA00} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {13874124-0973-4636-B069-E2BAA300845A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {35FA916E-7995-450D-B2C8-090E02EECB1C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {430E7B8B-5FCB-4C60-9789-B53FEA9C9A8C} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4A8F1B73-807F-45ED-BF66-8E221CA739ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6167BAC4-E8B3-4DA1-A97F-6629760B8002} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6492DE10-4013-4F02-8761-90E2A67A04BB} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {666CBBC0-DB4C-4B55-8F77-FD1413619CD1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {69831915-6808-4DA2-B48E-CF5230B79EDB} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {6A8390B8-0C1B-4D4E-91D2-80AF5891C6C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6B7A010A-D145-45AC-A1B5-34E8A388CB0B} - System32\Tasks\Opera scheduled Autoupdate 1665787781 => C:\Users\olyti\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-09-27] (Opera Norway AS -> Opera Software)
Task: {7914F9BC-5FEF-4C7D-BCAB-55116D9B913A} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [544680 2021-10-14] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7E1654C6-EA21-4EC5-954D-35CD36E14424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {886ADADB-53C3-44CA-8895-76EDA48A3425} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {9A6C2161-FEE5-4926-B363-24A961D4F0E9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4166064 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D567404-1F70-450D-9AB8-0B250A8C8570} - System32\Tasks\OneDC_Updater => C:\Users\olyti\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5311400 2021-04-16] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {A2A3E9E2-B68B-46CA-8BCF-1CEEE54FDD49} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4166064 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE122147-85C1-492C-8636-25F9346B1F98} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {C5BB144B-621E-4315-A555-72D2E9F83CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C6E5754F-B8F7-4339-B814-476AAB1080B0} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)
Task: {C8549770-3EA9-4ACE-90B5-9E317EE82781} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC102570-8047-4AC3-A02D-996FAD6CF3D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EDE4AD87-F00E-48EB-A867-31D2962F6879} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FFF8C01D-6F55-4323-A7AE-A11329AB4585} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-11] (Nvidia Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72c79358-0494-433e-98e3-d5ca75fe66db}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf5b0e02-27bd-40f0-99ea-fad733c4282f}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-29]
Edge Notifications: Default -> hxxps://app.slack.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=NMTE
Edge Session Restore: Default -> is enabled.
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-10-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-09-29]
Edge Extension: (uBlock Origin) - C:\Users\olyti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-09-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Opera: 
=======
OPR Profile: C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable [2022-10-29]
OPR Notifications: Opera Stable -> hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-27]
OPR Extension: (Opera Wallet) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\olyti\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-14]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9831016 2022-10-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610472 2022-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [588264 2021-11-11] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncHelper.exe [3475888 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [74048 2022-03-30] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2432832 2022-03-30] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2893136 2022-03-30] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73528 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [74064 2022-03-30] (Intel Corporation -> Intel® Corporation)
S4 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-27] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [168056 2019-05-07] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [87976 2021-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [207488 2020-04-17] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.207.1002.0003\OneDriveUpdaterService.exe [3840944 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-26] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-18] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-10-14] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 THXService; C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [234792 2022-01-19] (Tobii AB -> Tobii AB)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2021-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [185536 2022-03-30] (Intel Corporation -> Rivet Networks, LLC.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-11] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193992 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-29] (Malwarebytes Inc. -> Malwarebytes)
R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43936 2022-07-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-06] (Microsoft Windows -> Realtek Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_008f; C:\WINDOWS\System32\drivers\RzDev_008f.sys [63216 2022-06-10] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0241; C:\WINDOWS\System32\drivers\RzDev_0241.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0290; C:\WINDOWS\System32\drivers\RzDev_0290.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0292; C:\WINDOWS\System32\drivers\RzDev_0292.sys [62152 2022-03-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0527; C:\WINDOWS\System32\drivers\RzDev_0527.sys [54088 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2021-04-14] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [37280 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_5f23057de8eba7db\SteelSeries-Sonar-VAD.sys [92856 2022-09-21] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R3 sTHXVAD; C:\WINDOWS\System32\drivers\THXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-29 12:04 - 2022-10-29 12:04 - 000193992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-10-29 12:04 - 2022-10-29 12:04 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-10-29 12:04 - 2022-10-29 12:04 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-10-29 12:04 - 2022-10-29 12:04 - 000000000 ____D C:\Pro
2022-10-29 12:03 - 2022-10-29 12:03 - 000018913 _____ C:\Users\olyti\AppData\Local\data.zip
2022-10-29 12:03 - 2022-10-29 12:03 - 000000000 ____D C:\Users\olyti\AppData\Local\chrome_customize
2022-10-28 14:31 - 2022-10-28 14:31 - 000449918 _____ C:\Users\olyti\Downloads\search.htm
2022-10-27 17:31 - 2022-10-27 17:31 - 000445033 _____ C:\Users\olyti\Downloads\download (1).htm
2022-10-27 16:48 - 2022-10-27 16:48 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-27 16:22 - 2022-10-27 16:22 - 000115282 _____ C:\Users\olyti\Downloads\missginadarling.htm
2022-10-27 12:12 - 2022-10-27 12:12 - 000000920 _____ C:\Users\Public\Desktop\Overwatch.lnk
2022-10-27 12:12 - 2022-10-27 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2022-10-27 11:58 - 2022-10-27 12:12 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-10-27 11:58 - 2022-10-27 11:58 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2022-10-27 11:56 - 2022-10-29 12:07 - 000000000 ____D C:\Users\olyti\AppData\Local\Battle.net
2022-10-27 11:56 - 2022-10-27 11:58 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Battle.net
2022-10-27 11:56 - 2022-10-27 11:56 - 000001052 _____ C:\Users\Public\Desktop\Battle.net.lnk
2022-10-27 11:56 - 2022-10-27 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-10-27 11:55 - 2022-10-27 11:58 - 000000000 ____D C:\Users\olyti\Documents\Battle.net
2022-10-27 11:55 - 2022-10-27 11:58 - 000000000 ____D C:\Users\olyti\AppData\Local\Blizzard Entertainment
2022-10-27 11:55 - 2022-10-27 11:55 - 000000000 ____D C:\ProgramData\Battle.net
2022-10-27 11:15 - 2022-10-27 11:15 - 004838352 _____ (Blizzard Entertainment) C:\Users\olyti\Downloads\Battle.net-Setup.exe
2022-10-27 09:41 - 2022-10-27 09:41 - 000061857 _____ C:\Users\olyti\Downloads\download.htm
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-20 17:16 - 2022-10-20 17:16 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-20 08:49 - 2022-10-29 12:07 - 000000000 ____D C:\FRST
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-20 00:23 - 2022-10-20 00:23 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Faerin Games
2022-10-18 21:38 - 2022-10-18 21:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Soda Pop Minatures and Underbite Games
2022-10-18 15:34 - 2022-10-18 15:35 - 000000000 ____D C:\ProgramData\HP
2022-10-15 23:13 - 2022-10-15 23:14 - 000000000 ____D C:\Users\olyti\AppData\Local\ASTLIBRA
2022-10-15 22:49 - 2022-10-15 22:49 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Ozaak
2022-10-15 22:04 - 2022-10-15 22:04 - 000000000 ____D C:\Users\olyti\AppData\Local\Ronin
2022-10-15 00:06 - 2022-10-15 00:06 - 000000000 ____D C:\Users\olyti\AppData\Local\ProjectCoral
2022-10-14 16:49 - 2022-10-14 16:49 - 000004134 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1665787781
2022-10-14 16:49 - 2022-10-14 16:49 - 000001402 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Opera Software
2022-10-14 16:49 - 2022-10-14 16:49 - 000000000 ____D C:\Users\olyti\AppData\Local\Opera Software
2022-10-13 23:12 - 2022-10-29 12:03 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vortex
2022-10-13 23:12 - 2022-10-16 09:44 - 000000000 ____D C:\Program Files\dotnet
2022-10-13 23:12 - 2022-10-13 23:12 - 000002063 _____ C:\Users\Public\Desktop\Vortex.lnk
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Users\olyti\AppData\Local\vortex-updater
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2022-10-13 23:12 - 2022-10-13 23:12 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2022-10-13 21:58 - 2022-10-13 22:00 - 000000000 ____D C:\Users\olyti\Documents\Dyson Sphere Program
2022-10-13 21:58 - 2022-10-13 21:58 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Youthcat Studio
2022-10-13 21:22 - 2022-10-13 21:22 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-13 21:22 - 2022-10-13 21:22 - 000000000 ___HD C:\$WinREAgent
2022-10-11 23:25 - 2022-10-11 23:25 - 000000000 ____D C:\Users\olyti\AppData\Roaming\streamlink-twitch-gui
2022-10-11 23:16 - 2022-10-11 23:16 - 000000000 ____D C:\Users\olyti\AppData\Local\streamlink-twitch-gui
2022-10-09 10:56 - 2019-03-15 02:36 - 003753088 _____ (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPScanTRDrv_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 002952200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkinsE311.exe
2022-10-09 10:56 - 2019-03-15 02:36 - 000592000 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia2_DJ3630.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000392200 _____ (HP Inc.) C:\WINDOWS\system32\hpinkstsE311LM.dll
2022-10-09 10:56 - 2019-03-15 02:36 - 000327688 _____ (HP Inc.) C:\WINDOWS\system32\hpinkcoiE311.dll
2022-10-07 15:14 - 2022-10-07 15:14 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\SuperMegaTeam
2022-10-07 08:12 - 2022-10-07 08:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Hide Games
2022-10-06 21:14 - 2022-10-06 21:14 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-06 21:14 - 2022-10-06 21:14 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-06 21:14 - 2022-10-06 21:14 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-06 21:10 - 2022-10-06 21:10 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-06 20:12 - 2022-10-06 20:12 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\QHS
2022-10-06 20:09 - 2022-10-06 20:09 - 000000000 ____D C:\Users\olyti\AppData\Local\rmmz-game
2022-10-06 19:56 - 2022-10-06 19:56 - 000000000 ____D C:\Users\olyti\AppData\Local\Potionomics
2022-10-06 19:39 - 2022-10-06 19:39 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\RebornEntertainment
2022-10-06 19:38 - 2022-10-06 19:38 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\DefaultCompany
2022-10-04 23:13 - 2022-10-04 23:13 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Dark Light Studio
2022-10-04 22:30 - 2022-10-04 22:30 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Trigon fan
2022-10-01 18:30 - 2022-10-01 18:30 - 000001143 _____ C:\Users\Public\Desktop\GShade Control Panel.lnk
2022-10-01 18:30 - 2022-10-01 18:30 - 000000091 _____ C:\Users\Public\Desktop\GShade Visual Guide.url
2022-10-01 18:30 - 2022-10-01 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GShade
2022-10-01 18:29 - 2022-10-01 18:29 - 000000000 ____D C:\Users\Public\GShade Custom Shaders
2022-09-30 16:28 - 2022-09-30 16:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-09-30 16:27 - 2022-10-27 18:04 - 000807834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-30 16:26 - 2022-10-29 12:05 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-09-30 16:26 - 2022-10-29 12:05 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-09-30 16:26 - 2022-10-29 12:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-30 16:26 - 2022-10-29 00:50 - 000004138 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2865D8D3-0E3F-42D6-9DB0-FBC78E111295}
2022-09-30 16:26 - 2022-10-25 20:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3139933802-399766682-36797096-1001
2022-09-30 16:26 - 2022-10-25 20:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-30 16:26 - 2022-10-14 23:55 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-30 16:26 - 2022-10-14 23:55 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-30 16:26 - 2022-09-30 16:26 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-09-30 16:26 - 2022-09-30 16:26 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2022-09-30 16:26 - 2022-09-30 16:26 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002826 _____ C:\WINDOWS\system32\Tasks\OneDC_Updater
2022-09-30 16:26 - 2022-09-30 16:26 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2022-09-30 16:26 - 2022-09-30 16:26 - 000002280 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000002184 _____ C:\WINDOWS\system32\Tasks\OmApSvcBroker
2022-09-30 16:26 - 2022-09-30 16:26 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2022-09-30 16:26 - 2022-09-30 16:26 - 000000020 ___SH C:\Users\olyti\ntuser.ini
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\Tobii
2022-09-30 16:26 - 2022-09-30 16:26 - 000000000 ____D C:\Users\olyti\AppData\Local\IsolatedStorage
2022-09-30 16:26 - 2020-05-30 11:23 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3202656799-1986057151-242305456-500
2022-09-30 16:26 - 2019-11-13 11:43 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3246922579-2884849309-941848276-500
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-09-30 16:25 - 2022-09-30 16:26 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-09-30 16:24 - 2022-09-30 16:24 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-09-30 16:23 - 2022-10-29 11:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-30 16:23 - 2022-10-13 21:43 - 000607720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-30 16:00 - 2022-09-30 16:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-09-30 15:59 - 2022-10-21 00:23 - 000000000 ____D C:\Users\olyti
2022-09-30 15:59 - 2022-05-06 23:19 - 000001281 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-09-30 15:59 - 2022-05-06 23:19 - 000000407 _____ C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-09-30 15:58 - 2022-09-30 16:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2022-09-30 15:58 - 2022-09-30 15:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2022-09-30 15:55 - 2022-09-30 15:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-09-30 15:55 - 2022-09-30 15:55 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-09-30 15:54 - 2022-09-30 15:54 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-30 15:53 - 2022-09-30 15:53 - 000000000 ____D C:\WINDOWS\addins
2022-09-30 15:46 - 2022-09-30 15:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-09-30 15:24 - 2022-10-13 00:02 - 000000000 ___DC C:\WINDOWS\Panther
2022-09-29 22:27 - 2022-09-29 22:27 - 000000000 ____D C:\Users\olyti\AppData\LocalLow\Unknown Worlds
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-29 17:56 - 2022-09-23 19:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-29 17:56 - 2022-09-23 19:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-29 17:56 - 2022-09-23 19:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-29 17:56 - 2022-09-23 19:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-29 17:56 - 2022-09-23 19:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-29 17:56 - 2022-09-23 19:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-29 17:56 - 2022-09-23 19:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-29 17:56 - 2022-09-23 19:27 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-29 17:56 - 2022-09-23 19:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-29 17:56 - 2022-09-23 16:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-29 17:56 - 2022-09-23 16:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-09-29 17:56 - 2022-09-21 18:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-29 17:56 - 2022-07-15 10:59 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-09-29 17:56 - 2021-06-02 08:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-09-29 17:49 - 2022-09-07 08:56 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-09-29 17:49 - 2022-09-07 08:56 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ C:\Users\olyti\AppData\Local\2450563487
2022-09-29 17:48 - 2022-09-29 17:48 - 000000000 ____D C:\Users\olyti\AppData\Local\Arkane Studios
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-29 12:06 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-29 12:06 - 2022-03-05 21:51 - 000000000 ____D C:\Users\olyti\.tobii
2022-10-29 12:06 - 2021-04-17 18:04 - 000000000 ____D C:\Steam
2022-10-29 12:05 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-29 12:05 - 2021-04-17 23:41 - 000000000 ____D C:\Users\olyti\AppData\Local\D3DSCache
2022-10-29 12:05 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-29 12:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-29 12:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-29 12:04 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-29 12:04 - 2021-04-22 13:18 - 000012288 ___SH C:\DumpStack.log.tmp
2022-10-29 12:03 - 2022-05-06 23:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-29 11:58 - 2021-05-31 10:54 - 000000000 ____D C:\Users\olyti\AppData\Roaming\rsilauncher
2022-10-29 11:58 - 2021-04-18 00:43 - 000000000 ____D C:\Users\olyti\AppData\Local\CrashDumps
2022-10-29 11:58 - 2021-04-17 17:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-29 00:06 - 2021-12-17 01:26 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2022-10-28 00:15 - 2022-09-24 23:39 - 000000000 ____D C:\Users\olyti\AppData\Local\REDEngine
2022-10-27 22:38 - 2021-04-27 23:07 - 000000000 ____D C:\Users\olyti\AppData\Local\Google
2022-10-27 22:38 - 2021-04-27 23:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-27 18:04 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-10-26 22:07 - 2022-05-21 17:08 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Vampire_Survivors
2022-10-26 21:34 - 2022-03-11 18:26 - 000000000 ____D C:\XboxGames
2022-10-26 21:34 - 2021-04-17 17:05 - 000000000 ____D C:\Users\olyti\AppData\Local\Packages
2022-10-26 21:34 - 2019-11-13 11:43 - 000000000 ____D C:\ProgramData\Packages
2022-10-25 23:45 - 2021-09-09 17:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-25 23:29 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-25 20:12 - 2021-04-25 09:39 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-21 00:34 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\SteelSeries
2022-10-21 00:24 - 2020-05-30 10:43 - 000000000 ____D C:\ProgramData\A-Volute
2022-10-20 17:16 - 2021-11-19 23:04 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-20 17:16 - 2021-06-18 10:29 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-18 19:34 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\PlaceholderTileLogoFolder
2022-10-16 09:45 - 2020-05-30 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-14 04:58 - 2019-11-13 13:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 22:24 - 2021-04-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 22:23 - 2021-04-17 23:53 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-13 21:54 - 2019-11-13 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-13 21:52 - 2021-11-10 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-10-13 21:51 - 2021-11-10 18:44 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-13 21:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 04:39 - 2022-06-09 23:20 - 000316920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-10-12 02:55 - 2022-06-09 23:20 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-10-11 08:22 - 2021-08-26 22:29 - 000000000 ____D C:\Users\olyti\AppData\Roaming\projectascension
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascension Launcher
2022-10-11 08:22 - 2021-08-26 22:25 - 000000000 ____D C:\Program Files\Ascension Launcher
2022-10-09 11:09 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-06 21:32 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-06 21:17 - 2022-05-06 23:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-06 21:17 - 2022-05-06 23:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-06 19:56 - 2021-05-08 00:40 - 000000000 ____D C:\Users\olyti\AppData\Local\UnrealEngine
2022-10-03 20:04 - 2021-04-17 17:05 - 000000000 __SHD C:\Users\olyti\IntelGraphicsProfiles
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\ProgramData\Razer
2022-10-03 20:00 - 2021-04-17 17:03 - 000000000 ____D C:\Program Files (x86)\Razer
2022-10-02 16:48 - 2022-04-04 21:43 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-01 18:30 - 2021-10-23 17:19 - 000000000 ____D C:\Program Files\GShade
2022-10-01 18:29 - 2021-10-23 17:19 - 000000000 ____D C:\Users\Public\GShade Backups
2022-10-01 18:08 - 2022-03-05 21:51 - 000000000 ____D C:\ProgramData\Tobii
2022-09-30 16:48 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-09-30 16:26 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-09-30 16:26 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-09-30 16:26 - 2019-11-13 11:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-30 16:24 - 2020-05-30 10:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-09-30 16:23 - 2022-08-11 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tower of Fantasy
2022-09-30 16:23 - 2022-05-14 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline
2022-09-30 16:23 - 2022-05-06 23:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-09-30 16:23 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-30 16:23 - 2022-03-05 19:39 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2022-03-04 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RazerCentral
2022-09-30 16:23 - 2022-02-10 00:22 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games
2022-09-30 16:23 - 2021-09-05 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
2022-09-30 16:23 - 2021-06-18 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-09-30 16:23 - 2021-06-05 06:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-09-30 16:23 - 2021-04-30 18:26 - 000000000 ____D C:\Users\olyti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-09-30 16:23 - 2021-04-17 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-30 16:23 - 2021-04-17 23:04 - 000000000 ____D C:\Program Files\UNP
2022-09-30 16:23 - 2021-04-17 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-30 16:23 - 2021-04-17 17:07 - 000000000 ___RD C:\Users\olyti\OneDrive
2022-09-30 16:23 - 2020-05-30 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI True Color
2022-09-30 16:23 - 2020-05-30 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-09-30 16:23 - 2020-05-30 10:34 - 000000000 ____D C:\Program Files\Intel
2022-09-30 16:23 - 2019-11-13 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 16:23 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-09-30 16:06 - 2022-05-06 23:28 - 000000000 ____D C:\WINDOWS\Setup
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-09-30 16:03 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-09-30 16:00 - 2021-04-17 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2022-09-30 16:00 - 2020-05-30 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2022-09-30 15:57 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-09-29 17:59 - 2021-10-30 22:36 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA
2022-09-29 17:58 - 2021-04-17 17:06 - 000000000 ____D C:\Users\olyti\AppData\Local\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-29 17:58 - 2020-05-30 10:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
 
==================== Files in the root of some directories ========
 
2022-09-29 17:48 - 2022-09-29 17:48 - 000006822 _____ () C:\Users\olyti\AppData\Local\2450563487
2022-10-29 12:03 - 2022-10-29 12:03 - 000018913 _____ () C:\Users\olyti\AppData\Local\data.zip
2021-11-06 22:23 - 2021-11-06 22:23 - 000007598 _____ () C:\Users\olyti\AppData\Local\Resmon.ResmonCfg
 
==================== FLock ==============================
 
2022-10-29 12:03 C:\Users\olyti\AppData\Local\chrome_customize
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2022
Ran by olyti (29-10-2022 12:08:35)
Running from C:\Users\olyti\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.674 (X64) (2022-09-30 22:26:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3139933802-399766682-36797096-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3139933802-399766682-36797096-503 - Limited - Disabled)
Guest (S-1-5-21-3139933802-399766682-36797096-501 - Limited - Disabled)
olyti (S-1-5-21-3139933802-399766682-36797096-1001 - Administrator - Enabled) => C:\Users\olyti
WDAGUtilityAccount (S-1-5-21-3139933802-399766682-36797096-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Disabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Games (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.2.8063.2 - Amazon.com Services, Inc.)
Ascension Launcher 1.92 (HKLM\...\{58D22CF7-EECE-433A-B4B3-A268FF8487B1}_is1) (Version: 1.92 - Project Ascension)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Command & Conquer™ Remastered Collection (HKLM-x32\...\{CB92A22C-0421-4513-9EE4-00519B4A12CC}) (Version: 1.153.11.25007 - Electronic Arts Inc. (en_US))
Crowfall_Live (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Crowfall_Live) (Version: 1.0.0.0 - ACE)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.33.0.5290 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{1ea29ff4-ac27-4775-b029-95e63cac9adb}) (Version: 12.33.0.5290 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Fdrawcmd.sys 1.0.1.11 (HKLM-x32\...\fdrawcmd) (Version: 1.0.1.11 - Simon Owen)
FINAL FANTASY XI (HKLM-x32\...\{07EB4C8B-3869-49B4-8CF8-D6D9FB8C8026}) (Version: 1.2.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GShade 3.5.2 (HKLM\...\GShade) (Version:  - GPOSERS)
Intel® Chipset Device Software (HKLM\...\{B4BF76D4-C8E0-4341-A8C5-A33D1C506DED}) (Version: 10.1.18263.8193 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel® Corporation)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{F9B9A5A4-D66B-411A-B28F-D7A8863B432E}) (Version: 2.2.1457 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{B10DC0D5-964E-45F2-8068-67B8FCD393F8}) (Version: 2.2.1446 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.16.217 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.16.217 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{B71DA3AB-24EC-9E95-A79B-7B5F92B0CEDD}) (Version: 10.1.22621.1846 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 3.0.58.0 - Portrait Displays, Inc.)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 91.0.4516.30 (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\Opera 91.0.4516.30) (Version: 91.0.4516.30 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PlayOnline Viewer (HKLM-x32\...\{81784E3A-1BDA-4743-B5F8-04E59DC7E031}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1015.100615 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RSI Launcher 1.5.5 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.5.5 - Cloud Imperium Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 26.0.0 (HKLM\...\SteelSeries GG) (Version: 26.0.0 - SteelSeries ApS)
Tobii Experience Software For Windows (HKLM\...\{68DDA3A1-29A0-4FB1-8EBF-F25EF0A0EF58}) (Version: 4.59.0.18364 - Tobii AB)
Tower of Fantasy (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\tof_launcher) (Version:  - Hotta Studio)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
 
Packages:
=========
An Elder Scrolls Legend: Battlespire -> C:\Program Files\WindowsApps\BethesdaSoftworks.AnElderScrollsLegendBattlespire_1.3.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-12] (Microsoft Corp.)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-04-17] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1122.329.0_x64__rh07ty8m5nkag [2022-06-21] (Rivet Networks LLC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-05-30] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-09-30] (Microsoft Corp.)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corp.)
ms-resource:Appname -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52074.0_x64__8wekyb3d8bbwe [2022-10-18] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-09-30] (Microsoft Corporation)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-30] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-10] (INTEL CORP) [Startup Task]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-04-17] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm [2022-10-21] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
Offworld Trading Company -> C:\Program Files\WindowsApps\StardockEntertainment.OffworldTradingCompany_1.0.82.0_x64__w7tm8b8tp1rkt [2022-08-16] (Stardock Entertainment)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2020-05-30] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-09-08] (Realtek Semiconductor Corp)
Slay The Spire -> C:\Program Files\WindowsApps\HumbleBundle.SlayTheSpire_2.4.0.0_x86__q2mcdwmzx4qja [2022-07-05] (Humble Bundle)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2022-10-28] (Spotify AB) [Startup Task]
The Elder Scrolls Adventures: Redguard -> C:\Program Files\WindowsApps\BethesdaSoftworks.TheElderScrollsAdventuresRedguar_1.4.0.0_x86__3275kfvn8vcwc [2022-10-08] (Bethesda Softworks)
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.60.17163.0_x64__j9ea20k37yd2w [2022-03-05] (Tobii AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-10-02] (Microsoft Corporation)
Vampire Survivors -> C:\Program Files\WindowsApps\poncle.VampireSurvivors_1.0.109.0_x64__9pv5cyp4vwdsr [2022-10-22] (poncle)
Warhammer 40,000™: Battlesector™ -> C:\Program Files\WindowsApps\SlitherineSoftwareUKLtd.Warhammer40000Battlesector_1.1.33.0_x64__e7kchnf2m4530 [2022-07-28] (Slitherine Software UK Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-13] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3139933802-399766682-36797096-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\olyti\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_0ff7df34bc985e0d\nvshext.dll [2022-09-23] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-06] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-08-12 02:14 - 2022-08-08 20:52 - 001427968 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000017920 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2022-10-27 11:15 - 2022-10-27 11:15 - 003567616 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2022-10-18 20:55 - 2022-10-18 20:55 - 020899328 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.14.0_x64__w2gh52qy24etm\Nahimic3.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 104871424 _____ () [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\libcef.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000112128 _____ () [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\libegl.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 006227456 _____ () [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\libglesv2.dll
2021-10-30 22:27 - 2021-10-30 22:27 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll
2021-04-14 09:37 - 2022-07-19 10:23 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll
2019-07-02 16:07 - 2019-07-02 16:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\chrome_elf.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000327168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Positioning.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000319488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5PrintSupport.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000075264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickWidgets.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000396288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngine.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 103583232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineCore.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000250880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineWidgets.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebChannel\declarative_webchannel.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000093696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngine\qtwebengineplugin.dll
2022-10-27 11:15 - 2022-10-27 11:15 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\audio\qtaudio_windows.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qgif.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qico.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qjpeg.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qmng.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qsvg.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\imageformats\qtiff.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\platforms\qwindows.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Core.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Gui.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Multimedia.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Network.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Qml.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Quick.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Svg.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Widgets.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5WinExtras.dll
2022-10-27 11:56 - 2022-10-27 11:56 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Users\olyti\Documents\Battle.net\Battle.net.13801\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> DefaultScope {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
SearchScopes: HKU\S-1-5-21-3139933802-399766682-36797096-1001 -> {4D414D16-4D5D-4E32-B1DD-AE54E590EFC8} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\olyti\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3139933802-399766682-36797096-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\olyti\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ffxiv_12122021_131827_888.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "Norton Download Manager{NS-22211151-SHPD-FSD5250006}"
HKU\S-1-5-21-3139933802-399766682-36797096-1001\...\StartupApproved\Run: => "streamlink-twitch-gui"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{57F5CA79-AD82-4F75-81D5-59B87C0DA1E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{06D35A3B-CA79-4F6A-8143-686F164C937F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E1225DDF-11E8-4449-9B27-29C804804791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CDB1B76-5307-4647-A529-1D51436978B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F47C274A-1CA7-4306-834A-0CA0E4521805}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [{9F62DBA0-F911-451F-9A74-D63B4F9F9407}] => (Allow) C:\Steam\steamapps\common\Moonbreaker\Moonbreaker.exe () [File not signed]
FirewallRules: [UDP Query User{2AE7CDB6-7707-4CB6-B8D7-D12D5D5BE8EA}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{5082E1F3-9419-415F-8E84-9B298D08EDBC}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{F6954A2B-AF48-4F0B-B97D-724C81193708}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{389A9C3D-DFCD-44FD-ACA5-434680FCBCB7}] => (Allow) C:\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{59B1A946-6E24-434C-A9EC-37B841863465}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{E20CAA85-A347-4C47-96A7-8CC33E376374}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{0EFCFA03-D09E-4860-B85E-6861B289AB2B}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{5C6F48D9-A3D4-4BFE-B41C-0A6437C03FCA}] => (Allow) C:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{9FB95E41-688C-46D1-9E73-0B012762E64B}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{75621C35-0CDE-4A43-A65A-82F73027DDAB}] => (Allow) C:\Steam\steamapps\common\Prime of Flames Demo\Ancient Fire.exe () [File not signed]
FirewallRules: [{EF55A5E0-8D64-4A77-BB95-B8E245B79047}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3AB61B73-9263-44E3-BF77-92F8E3BE8B68}] => (Allow) C:\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3DC8D835-8BA8-448A-B6BE-25AD4B392F8B}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{8DFB67B6-0C13-40EE-B6F2-58B2E7DBC9CA}] => (Allow) C:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe (Valve Corp. -> Sega Corporation) [File not signed]
FirewallRules: [{1522EED5-5522-4C63-B9B3-E717D8E9EF5E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [File not signed]
FirewallRules: [{1AD494B4-DD9F-402F-A15A-8C06104F463B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{4EC0CBF8-2056-4E2E-BA51-00D3EE50009B}] => (Allow) C:\Users\olyti\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [UDP Query User{E523A3A1-C957-4E1F-BD1E-9A55D7FCCB99}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [TCP Query User{1BBBBF13-F560-4D3A-8E0A-42B9AD3E6F76}C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{0BC2DD59-92BD-4291-AB7C-605F7CEC58C6}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{7FAD18D6-87A1-4690-8A4A-2B6B28E0EC4E}] => (Allow) C:\Steam\steamapps\common\Master of Magic\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{4A31B107-955F-4643-9121-76B2289A1017}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{C9FCAD55-582C-43ED-9BE4-7ED57802AE0B}] => (Allow) C:\Steam\steamapps\common\Eastward\Eastward.exe () [File not signed]
FirewallRules: [{87ED5109-6433-48EB-905C-83A6C6F6763A}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{7AE9E5C6-30BF-4E94-9ABE-501DF8DFDFAC}] => (Allow) C:\Steam\steamapps\common\SWORD ART ONLINE FATAL BULLET\SAOFB_Launcher.exe () [File not signed]
FirewallRules: [{BBDE1370-A1AF-4B6D-BF4D-6ACF00BABF37}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [{C77CE587-39C2-4811-9874-9E919D058989}] => (Allow) C:\Steam\steamapps\common\Super Dungeon Tactics\SDT.exe () [File not signed]
FirewallRules: [UDP Query User{B295D693-5A48-42C8-908A-640EB57C32F3}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{2DE238EE-8758-407B-9EC6-27E028D3A49D}C:\playonline\squareenix\playonlineviewer\pol.exe] => (Allow) C:\playonline\squareenix\playonlineviewer\pol.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{B947DE67-224A-41E5-9F10-F3DB9BB5E1D6}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{EA80B650-7BB3-445C-8248-15394BBCFC3C}] => (Allow) C:\Steam\steamapps\common\The Elder Scrolls Arena\DOSBox-0.74\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{A135AEB3-1545-4A9A-84D6-B3CC258DE947}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{A212D0C9-8653-45DC-8C5B-CCA1EBA829FA}] => (Allow) C:\Steam\steamapps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
FirewallRules: [{5EDBC7B7-E8F2-4834-9DE3-7A6347D0B378}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{4B2C02B6-E383-47A4-AC82-0075E96D51BA}] => (Allow) C:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{EDEF3CB9-E796-4ECB-B71E-643CC28B3CCC}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{FF3F3F11-FDF4-4F32-8179-F6B2FDA6FE78}] => (Allow) C:\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe () [File not signed]
FirewallRules: [{6BDEC23A-E2C8-435B-91BA-ED8A8ED7BC8D}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{60F73CAB-E0B7-48DA-AE07-297CBFC6A51C}] => (Allow) C:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [UDP Query User{F70E9553-D698-4381-92A3-838E9AB08FA4}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [TCP Query User{20D31CE8-E4B9-4D3F-96E0-3908F68E0E12}C:\steam\steamapps\common\the survivalists\the survivalists.exe] => (Allow) C:\steam\steamapps\common\the survivalists\the survivalists.exe () [File not signed]
FirewallRules: [{DE750991-1B01-4BB5-A16A-0CE00325C68B}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{F3854973-6B81-4836-8E47-5BA2A1E4708D}] => (Allow) C:\Steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{D00DCF5F-AEA8-4776-9F2F-8BF98845E4D8}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{43278E45-26DD-40ED-A623-A055BD552DFD}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe () [File not signed]
FirewallRules: [{E7242E90-F583-448E-8CA7-F6C6108AE32E}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2DCB557D-1B63-4040-A947-B453EFC04BD7}] => (Allow) C:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{726EBFD4-D8A5-475D-B7A0-0B160755E3C3}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{478C939E-E594-44D1-AE20-071F2BB56449}] => (Allow) C:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{0C618E4B-6A1D-403D-9603-E4D79B3798E6}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{522D38E7-E40C-4407-982A-6F9DF16D44A3}] => (Allow) C:\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{63FA1E32-6998-4BE6-927E-6B8B01DC7A5D}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{333EB221-0413-4816-B800-9C7EB8E49C17}] => (Allow) C:\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{2AF06201-7AF3-45E1-9024-74102713FA20}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8A680465-B8D9-46D2-A5B0-A186635C2FD3}] => (Allow) C:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B2C2CCA4-0B84-449F-9EFE-0F35A0AC61EC}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{DFEEB1C7-34A2-45D9-B77E-4531D498FF04}] => (Allow) C:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe => No File
FirewallRules: [{E1580716-6F77-4BC6-88A2-E53DB31C05E1}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{D24C171C-9AC2-4E66-B8E5-1FE11A1778F4}] => (Allow) C:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{72A15286-E488-42CD-B687-97386209D5E6}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{8963092A-82D3-4E01-BC74-FB8AA5DC866B}] => (Allow) C:\Steam\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{17B0662F-A78E-4B48-877B-F9EE455EF07C}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{EABE7D84-ABC0-43AC-8185-34D27FDAA1E3}] => (Allow) C:\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{57362E65-43AC-424A-944B-36BE16D35D7D}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0058F547-8A38-450A-8B90-DA021B251B25}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3C05002-D9E0-44E0-9461-AC4710F94127}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02325BC3-B7A1-4F4B-9936-592536AC5D00}] => (Allow) C:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68538345-9987-4FC9-89E9-1C63BAF4D58D}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{11E91444-35E0-4F2B-B893-E565490F78C6}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{EB8D79D8-795B-4C3D-A4A0-EE95E7F53DBA}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{9F059180-29BA-42F0-BBE2-C07C6EE65450}] => (Allow) C:\FFXIV\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{DCD5F566-DFE5-468A-A7F7-C7D40BCCFDA4}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{C8D8A701-541D-486B-945D-FD7E78A295EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{11EA62F8-C6C7-4B5A-813F-16DA4FD5E135}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6DA1FDA5-DB9D-4610-804D-8EA49CF61619}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{9D5F8B2A-E9FD-4631-992A-9B0278B1D9A2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{62DE4036-B7B8-4FD5-B137-C3CA20CF1CB2}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{39F4B399-12B8-4F8E-BC1D-46B2EEFDEA2B}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B4F89464-FDF5-4405-9D44-3B7F82FB187C}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{8BD1B7C6-E217-40FE-88D1-D580A8A68EB1}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3F8C9BC2-2A8F-4994-8EF1-B249AC259429}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B5A107BA-BC36-41CA-AA90-68AEF973C290}] => (Allow) C:\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{2930AD3B-0906-467F-8E57-2D82CEB8CE6B}] => (Allow) C:\Users\olyti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1CE78791-24E4-4478-A1FC-D9A4CAEB3E71}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{07CBC086-7222-4F48-BBE1-2E92DF1AECD6}] => (Allow) C:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{55C8A6FE-4378-4411-8B26-1FE0D796A976}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{42C6F4B4-905E-43B1-9899-204E3FFC3D88}] => (Allow) C:\Steam\steamapps\common\Wildfire\wildfire.exe (Sneaky Bastards) [File not signed]
FirewallRules: [{7001B18F-521B-457F-A8FF-FD1C2EFD2786}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{78B4F9BF-FB9A-49FC-8B1B-0F81E9180F79}] => (Allow) C:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{1E084E40-9CD4-4609-A882-004CA966B88B}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{B84688B3-8466-48B3-9ADC-00B64DF6BCE8}] => (Allow) C:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [TCP Query User{9859FF70-CC36-4CED-A580-546B0F0D5B88}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [UDP Query User{44CD8378-7BD6-49D1-92B5-3E0BFC5C73E4}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe (Project Ascension) [File not signed]
FirewallRules: [TCP Query User{657EEE1B-C880-496C-8F0C-AAF85BF2935A}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{13668A7D-9C20-457E-82B7-193ED3DEE9C8}C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{03468686-AF5B-46C9-B126-874FC312475F}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6B51F98E-EBB3-4169-8AA4-610403EA735E}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\Iragon.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{1C3C024C-F4C0-4005-801C-83C8AA93551A}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{6A82F5FF-2085-49B2-992A-C2FD9021CC99}] => (Allow) C:\Steam\steamapps\common\Iragon Prologue\IragonVR.exe (Repulse, EOOD -> IragonLaunchHelper)
FirewallRules: [{B07A290C-0B41-44F2-8017-EFACDE75F2B1}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{97B81EC1-F667-4B2A-AD25-B790568A75A7}] => (Allow) C:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{827BD318-4373-48D9-A018-59F9C17EFEA2}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{26395699-8EF1-410B-A413-DC271DA8F1A5}C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\iragon prologue\iragonproject\binaries\win64\vrexppluginexample-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2FFCA926-F8F8-465C-83BD-E685C46F6681}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{FB209C8F-DE2E-4190-83F6-B260F3DA065F}] => (Allow) C:\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe () [File not signed]
FirewallRules: [{3BFE6C29-B013-4606-8D18-7EB874FF777E}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7463DC97-B1BF-4454-ABB5-F0688AAAEE1C}] => (Allow) C:\Steam\steamapps\common\Bloodstained Ritual of the Night\BloodstainedRotN.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{77DE23E8-61A4-4CA3-A5D3-A590AFB9243F}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{5F26DEE2-35F7-4F47-B982-1310C2174F40}C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) C:\program files\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [{B418CB8C-5280-4826-9525-39DD4BA054C6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{E989079C-4488-4291-A2D3-A0B1B2882BA6}] => (Allow) C:\Steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{BA8C81C2-AF8F-4DB9-BF13-E78C97D50637}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B6B4F4B0-C39C-4534-A328-B1AD38957059}] => (Allow) C:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{3449C722-8273-4931-8148-BE167F04A8AB}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{3644136A-488E-4B39-A71A-5701F9210CFF}] => (Allow) C:\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [TCP Query User{7C49AFAA-E8D0-4391-90E2-BAC62D289185}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [UDP Query User{D511C8FC-DF44-4A09-A942-E80C2C3FC642}C:\program files\modifiablewindowsapps\starbound\win\starbound.exe] => (Block) C:\program files\modifiablewindowsapps\starbound\win\starbound.exe => No File
FirewallRules: [{26248D88-12CD-4F65-BCDB-8E9C617615B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE9072EA-873B-4DE5-A124-CC908A93452E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [{53D7019F-158F-48C9-8CD2-5AF2C271331E}] => (Allow) C:\Steam\steamapps\common\CardHunter\CardHunter.exe () [File not signed]
FirewallRules: [TCP Query User{8E84898E-2FBB-486A-B258-77C4FD5EE413}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1170733F-8D30-464E-A89B-3F4B3D86FC23}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8077C9F8-0B7E-4206-985B-FD7741A08985}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{B6357431-E771-49A7-A279-46510BB6AD8C}] => (Allow) C:\Steam\steamapps\common\Lacuna\Lacuna.exe () [File not signed]
FirewallRules: [{A6E2336F-B76A-43E2-BC5D-87CB2EF54F94}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{138D5959-0B49-419B-AC5F-707ACF366141}] => (Allow) C:\Steam\steamapps\common\HenryStickmin\HenryStickmin.exe () [File not signed]
FirewallRules: [{E632C5AA-9611-49CE-AAE1-53BB6E9A13CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6B5A34-7118-4DCA-BE9D-F1C38A5D1287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC4F6EF5-5582-4705-BFD6-3BB689A157AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B6D7B28-EBE3-4D00-A4C0-FCD08513CE2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CDC4F736-2EF9-4A73-A2B5-512B27FD7651}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{40CF5F55-E4EC-4B41-8B14-70E581250729}C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe] => (Allow) C:\xboxgames\coral island\content\projectcoral\binaries\wingdk\projectcoral-wingdk-shipping.exe => No File
FirewallRules: [{1A20A225-A2B4-429D-9D77-EE80C779D08C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1EA87F4-BD38-4753-A14B-421A32ACDB75}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D7DB026-1C11-409B-8E2D-0DF5E1644BA9}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe => No File
FirewallRules: [UDP Query User{D2D1D5A3-0C14-43AF-A6EC-9BBE687C142B}C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe] => (Allow) C:\users\olyti\onedrive\pictures\mystwood.manor\mystwood manor\mystwood manor.exe => No File
FirewallRules: [TCP Query User{73D8059E-B9A6-4D34-A0B4-AD8A845A5173}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{93ACD40F-9757-4615-B19B-C90F15B8CE23}C:\users\olyti\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\olyti\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{4B125F82-5810-4FC0-A184-F8FFDB54B036}C:\users\olyti\appdata\roaming\entertainment\entertainment.exe] => (Block) C:\users\olyti\appdata\roaming\entertainment\entertainment.exe => No File
FirewallRules: [UDP Query User{117505C0-EDE6-410F-9014-1C02774653E5}C:\users\olyti\appdata\roaming\entertainment\entertainment.exe] => (Block) C:\users\olyti\appdata\roaming\entertainment\entertainment.exe => No File
FirewallRules: [{866F8D1B-455B-46F8-81AE-8DA00C08351F}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{F3A08D63-199B-42E6-ABCA-6B90E7D1DF67}] => (Allow) C:\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{4F63CD6A-2BFF-4A13-982A-F0C94A786AC0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4FFAE9A8-61FF-43CB-A6AC-3274108BBBEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5268A5D2-C35B-485D-A11C-505121DE1672}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43A0888A-5F74-4709-A621-D51E70574349}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B2C9009-B010-4E01-8ED2-D542655153B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8371656-8898-4594-AA80-772CC82DCAE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C351DBB-55C6-4DD5-B2A5-4283D1184057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1775B1FC-16A6-42AA-BB76-C5960C8EF96A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63A618FF-2E33-47C0-914B-A5DE44CCAA1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C24648D4-AEBA-4726-BD96-2C57D8744AB8}] => (Allow) LPort=32682
 
==================== Restore Points =========================
 
25-10-2022 23:29:10 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/29/2022 12:05:25 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
 
 
System errors:
=============
Error: (10/29/2022 12:04:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The RstMwService service terminated with the following error: 
%%2684420176
 
Error: (10/29/2022 12:03:27 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (10/29/2022 12:03:26 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
 
Error: (10/29/2022 12:03:26 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===============
Date: 2022-10-29 12:04:01
Description: 
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
 
Date: 2022-10-29 12:04:01
Description: 
The driver \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys is blocked from loading as the driver has been revoked by Microsoft.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. E16V1IMS.112 11/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-16V1
Processor: Intel® Core™ i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 16271.16 MB
Available physical RAM: 8235.5 MB
Total Virtual: 28559.16 MB
Available Virtual: 17734.63 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:931.07 GB) (Free:236.63 GB) (Model: WDC PC SN730 SDBPNTY-1T00-1032) NTFS
 
\\?\Volume{36435878-acf8-4bb2-9fd1-d15095c2f0d5}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.29 GB) NTFS
\\?\Volume{4f3a491b-a684-4533-917a-2d3361a4b85a}\ (BIOS_RVY) (Fixed) (Total:21.5 GB) (Free:0.69 GB) NTFS
\\?\Volume{cbfef310-9523-4385-ab65-ebb45e3a3813}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: AE696746)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#18
RKinner
Posted 29 October 2022 - 02:00 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Can I see the fixlog?


  • 0

#19
koupernikus
Posted 29 October 2022 - 04:59 PM

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Sorryt about that. Here it is. 

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2022
Ran by olyti (29-10-2022 12:03:10) Run:5
Running from C:\Users\olyti\OneDrive\Desktop
Loaded Profiles: olyti
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Unlock: C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize
C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize
CreateDummy: C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize
C:\USERS\OLYTI\APPDATA\ROAMING\Microsoft\Windows\Recent\properties.lnk
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize" => was unlocked
C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize => moved successfully
C:\USERS\OLYTI\APPDATA\LOCAL\chrome_customize => Dummy created successfully
"C:\USERS\OLYTI\APPDATA\ROAMING\Microsoft\Windows\Recent\properties.lnk" => not found
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "AMSI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "AirSpaceChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Application" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "DirectShowFilterGraph" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "DirectShowPluginControl" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Els_Hyphenation/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "EndpointMapper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "FirstUXPerf-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "ForwardedEvents" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "General Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "HardwareEvents" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "IHM_DebugChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/Application" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/System" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-UART2/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Internet Explorer" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Key Management Service" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationFrameServer" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProcD3D" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationAsyncWrapper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationContentProtection" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationDS" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationDeviceProxy" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationMP4" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationMediaEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformanceCore" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPipeline" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationPlatform" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "MediaFoundationSrcPrefetch" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-IE/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-System-Diagnostics-DiagnosticInvoker/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Backup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Call" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/CertInUse" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Autopilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Query/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Compositor/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-SysMm/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-SysMm/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorClass/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Feedback-Service-TriggerProvider" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-KMCL-Child/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-CPU-Starvation/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Cache/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Dump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PRM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Management" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MosHost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MosHost/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-ExecutionContext/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Perflib/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing-PermissiveLearningMode/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Isolation-BrokeringFileSystem/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-NvmeDisk/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement-PartUtil/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Api/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Parser/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Parser/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-Diag/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Watchdog-Events/WdLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WerKernel/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp-Pca" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Pca" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ZTraceMaps/Function" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ZTraceMaps/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-hidcfu/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Navigator" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Network Isolation Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OAlerts" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OfficeChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OfficeDebugChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Admin" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "OpenSSH/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "PlayReadyPerformanceChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "RTWorkQueueExtended" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "RTWorkQueueTheading" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SMSApi" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Security" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Setup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SmbWmiAnalytic" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "System" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "SystemEventsBroker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "TimeBroker" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "UIManager_Channel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Uac/Debug" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WMPSetup" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WMPSyncEngine" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "Windows PowerShell" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "WordChannel" 
 
C:\Users\olyti\OneDrive\Desktop>wevtutil cl "muxencode" 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 12:03:23 ====

  • 0

#20
RKinner
Posted 29 October 2022 - 05:20 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Has the redirect come back since we ran the fix?


  • 0

#21
koupernikus
Posted 29 October 2022 - 05:36 PM

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

It has not. I'm waiting a little bit, every hour so one of my browsers would open up a new browser to get me to install it TenBrowser for crypto mining or some BS. But that hasn't come on yet. 

Latest Malwarebytes scan is clean. 


  • 0

#22
RKinner
Posted 30 October 2022 - 08:27 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Maybe the fix worked then.  The fix removed the folder that MalwareBytes reported and then put a locked dummy folder in its place.  The idea is to prevent the malware from being reinstalled in the same folder as you can't have two folders of the same name and the locked folder can not be accessed by any process.


  • 0

#23
koupernikus
Posted 02 November 2022 - 04:44 PM

koupernikus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

That seems to be working. I'm going to keep an eye on it but I haven't seen anything else acting weird yet. So maybe I'm in the clear this time. 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP