Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Laptop Getting more Sluggish

Started by Beatriceswiss , Jul 31 2023 10:39 AM

Please log in to reply

#31
Beatriceswiss

Posted 07 August 2023 - 07:26 PM

Member

Topic Starter
Member
80 posts

Fixlist log below, FRST and Addition logs in next post (due to total size of logs.)

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023

Ran by Beatrice (07-08-2023 20:59:55) Run:4

Running from C:\Users\Beatrice\Desktop

Loaded Profiles: Beatrice

Boot Mode: Normal

==============================================

fixlist content:

*****************

Unlock: HKLM\SYSTEM\CurrentControlSet\Services\WinDefend

DisableService: WinDefend

CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

REG: req Query HKLM\SYSTEM\CurrentControlSet\Services\WinDefend /s

Reboot:

*****************

"HKLM\SYSTEM\CurrentControlSet\Services\WinDefend" => was unlocked

WinDefend => service was disabled

========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

C:\Users\Beatrice\Desktop>wevtutil cl "ACEEventLog"

C:\Users\Beatrice\Desktop>wevtutil cl "Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Application"

C:\Users\Beatrice\Desktop>wevtutil cl "DirectShowFilterGraph"

C:\Users\Beatrice\Desktop>wevtutil cl "DirectShowPluginControl"

C:\Users\Beatrice\Desktop>wevtutil cl "Els_Hyphenation/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "EndpointMapper"

C:\Users\Beatrice\Desktop>wevtutil cl "FirstUXPerf-Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "ForwardedEvents"

C:\Users\Beatrice\Desktop>wevtutil cl "HP 3D DriveGuard"

C:\Users\Beatrice\Desktop>wevtutil cl "HP CASL Framework"

C:\Users\Beatrice\Desktop>wevtutil cl "HP Diagnostics"

C:\Users\Beatrice\Desktop>wevtutil cl "HP Software Framework"

C:\Users\Beatrice\Desktop>wevtutil cl "HardwareEvents"

C:\Users\Beatrice\Desktop>wevtutil cl "IHM_DebugChannel"

C:\Users\Beatrice\Desktop>wevtutil cl "InstallUXPerformance-Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Internet Explorer"

C:\Users\Beatrice\Desktop>wevtutil cl "Key Management Service"

C:\Users\Beatrice\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy"

C:\Users\Beatrice\Desktop>wevtutil cl "MedaFoundationMSVideoDSP"

C:\Users\Beatrice\Desktop>wevtutil cl "MedaFoundationVideoProc"

C:\Users\Beatrice\Desktop>wevtutil cl "MedaFoundationVideoProcD3D"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationAsyncWrapper"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationContentProtection"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationDeviceProxy"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationMediaEngine"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationPerformance"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationPerformanceCore"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationPipeline"

C:\Users\Beatrice\Desktop>wevtutil cl "MediaFoundationPlatform"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IE/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IEDVTOOL/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IIS-Configuration/Administrative"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IIS-Configuration/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IIS-Configuration/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IIS-Configuration/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-IIS-Logging/Logs"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-WS-Licensing/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-WS-Licensing/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-WS-Licensing/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AltTab/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Anytime-Upgrade-Events/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Anytime-Upgrade/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ApplicationResourceManagementSystem/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Backup"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEEnum/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-HidBthLE/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/Call"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Calculator/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Calculator/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CloudStorageWizard/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Connected-Search/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Devices-Location/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DhcpNap/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DhcpNap/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite-FontCache/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DirectWrite/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Feedback-Service-TriggerProvider"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileManagerApp/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FileManagerDataModel/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-FontGroups/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-International/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnPConfig/Configuration"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LanguageProfile/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-LocationService/Automation"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Migration-Engine/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkAccessProtection/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkAccessProtection/WHC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls-Telemetry/Auditing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls-Telemetry/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PrintDialogs/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RasClusterResource/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ReliabilityAnalysisComponent/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-User-Mode-Transport/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Resource-Leak-Diagnostic/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SkyDrive-SyncEngine/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SkyDrive-SyncEngine/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StickyNotes/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Heat"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/AgmcLog"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/AgmcOperation"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemHealthAgent/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemSettings/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemSettings/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemSettings/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsV2/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsV2/Informational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsV2/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VHDMP/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WER-Diag/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ntshrui"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic"

C:\Users\Beatrice\Desktop>wevtutil cl "Network Isolation Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "ODiag"

C:\Users\Beatrice\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel"

C:\Users\Beatrice\Desktop>wevtutil cl "OSession"

C:\Users\Beatrice\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel"

C:\Users\Beatrice\Desktop>wevtutil cl "RTWorkQueueExtended"

C:\Users\Beatrice\Desktop>wevtutil cl "RTWorkQueueTheading"

C:\Users\Beatrice\Desktop>wevtutil cl "SMSApi"

C:\Users\Beatrice\Desktop>wevtutil cl "Security"

C:\Users\Beatrice\Desktop>wevtutil cl "Setup"

C:\Users\Beatrice\Desktop>wevtutil cl "SmbWmiAnalytic"

C:\Users\Beatrice\Desktop>wevtutil cl "System"

C:\Users\Beatrice\Desktop>wevtutil cl "SystemEventsBroker"

C:\Users\Beatrice\Desktop>wevtutil cl "TabletPC_InputPanel_Channel"

C:\Users\Beatrice\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM"

C:\Users\Beatrice\Desktop>wevtutil cl "TimeBroker"

C:\Users\Beatrice\Desktop>wevtutil cl "UIManager_Channel"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL"

C:\Users\Beatrice\Desktop>wevtutil cl "WMPSetup"

C:\Users\Beatrice\Desktop>wevtutil cl "WMPSyncEngine"

C:\Users\Beatrice\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational"

C:\Users\Beatrice\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\Users\Beatrice\Desktop>wevtutil cl "Windows PowerShell"

C:\Users\Beatrice\Desktop>wevtutil cl "Windows.Globalization/Analytic"

C:\Users\Beatrice\Desktop>wevtutil cl "WitnessClientAdmin"

C:\Users\Beatrice\Desktop>wevtutil cl "muxencode"

========= End of CMD: =========

========= req Query HKLM\SYSTEM\CurrentControlSet\Services\WinDefend /s =========

'req' is not recognized as an internal or external command,

operable program or batch file.

========= End of Reg: =========

The system needed a reboot.

==== End of Fixlog 21:00:55 ====

#32
Beatriceswiss

Posted 07 August 2023 - 07:28 PM

Member

Topic Starter
Member
80 posts

FRST and Addition logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2023

Ran by Beatrice (administrator) on BEATRICE (Hewlett-Packard HP Pavilion 17 Notebook PC) (07-08-2023 21:13:13)

Running from C:\Users\Beatrice\Desktop\FRST64.exe

Loaded Profiles: Beatrice

Platform: Microsoft Windows 8.1 (Update) (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

(Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe

(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe

(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>

(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>

(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe

(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe

(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe

(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe

(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe

(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe

(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (No File)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [293304 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company -> Hewlett-Packard Company)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare Software Co., Ltd. -> Wondershare)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262344 2023-06-15] (Skype Software Sarl -> Skype Technologies S.A.)

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-06-14] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)

HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-06-14] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)

HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Windows x64\Print Processors\hpfpp083: C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll [254464 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)

HKLM\...\Windows x64\Print Processors\LMACGL4C: C:\Windows\System32\spool\prtprocs\x64\LMACGL4C.DLL [81920 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)

HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)

HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\HP 6412 Status Monitor: C:\Windows\system32\hpinksts6412LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)

HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 4620 series): C:\Windows\system32\HPDiscoPM6412.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)

HKLM\...\Print\Monitors\hpf3l083.dll: C:\Windows\system32\hpf3l083.dll [134144 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.149\Installer\chrmstp.exe [2023-06-14] (Google LLC -> Google LLC)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-08]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A3BE46D2-2373-42DC-891B-9F3E315317EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)

Task: {D92EB06B-BB0D-4EBE-8664-BEF6F97CB9A3} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4981688 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Task: {1B19C810-13C3-4EF7-823B-BD17E1F76D93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)

Task: {30DAE366-7B0A-46D7-B841-DED6EDB41F60} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies)

Task: {41D3515E-BCA9-4F9F-825D-D32EE3EA102C} - System32\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002 => C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-24] (LogMeIn, Inc. -> LogMeIn, Inc.)

Task: {58B040EB-6780-459B-82DE-8AE267E10B50} - System32\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002 => C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-24] (LogMeIn, Inc. -> LogMeIn, Inc.)

Task: {E6972DA0-CA78-44C2-BD44-BD114237CD28} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-06-14] (Garmin International, Inc. -> )

Task: {AEE99C6E-BE10-4C77-9879-423F5B78679C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)

Task: {3A918669-731A-4E2F-9697-B7F16E6AC905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)

Task: {BBF4AC2F-7854-45DB-85D7-B7A22AA481D8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

Task: {52402E40-0599-4C9A-A41E-199DC7B9F7E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {5DA8520C-8C9E-4F90-BAC2-03C92A80859C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)

Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193

Tcpip\..\Interfaces\{486B1D7C-1E02-42D5-B6AA-A45F73E675F1}: [DhcpNameServer] 192.168.2.1 207.164.234.193

Tcpip\..\Interfaces\{7C57A303-A069-4AAA-A050-8A4F276FEC6D}: [DhcpNameServer] 192.168.3.5 192.168.3.1

Edge:

=======

Edge Profile: C:\Users\Beatrice\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-05]

FireFox:

========

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default [2023-08-07]

CHR Notifications: Default -> hxxps://app.gotowebinar.com; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://hmsd.edsby.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://newtonsgrove.edsby.com; hxxps://nowtoronto.com; hxxps://web.skype.com; hxxps://www.680news.com; hxxps://www.explore-mag.com; hxxps://www.facebook.com; hxxps://www.horizonwebref.com; hxxps://www.messenger.com; hxxps://www.myswitzerland.com; hxxps://www.pinterest.ca; hxxps://www.point2homes.com; hxxps://www.reddit.com; hxxps://www.shutterflycanada.ca; hxxps://www.thestar.com; hxxps://www0.123movieshub.sc

CHR Extension: (uBlock Origin) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-29]

CHR Extension: (Google Docs Offline) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-24]

CHR Extension: (Skype) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-12]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]

CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-20]

CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-21]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [File not signed]

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)

R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [623032 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [624056 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8925624 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-10-14] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-02-26] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)

R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)

R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [31408 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [237968 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [392872 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [297872 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [96456 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [39640 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [272560 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [105280 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [80456 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [946096 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [705416 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [212712 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [319600 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)

S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)

S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)

S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)

S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)

R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. -> Ralink Technology, Corp.)

S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)

R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-07 21:13 - 2023-08-07 21:14 - 000024695 _____ C:\Users\Beatrice\Desktop\FRST.txt

2023-08-07 20:59 - 2023-08-07 21:00 - 000085249 _____ C:\Users\Beatrice\Desktop\Fixlog.txt

2023-08-07 20:58 - 2023-08-07 20:58 - 000000478 _____ C:\Users\Beatrice\Downloads\fixlist.txt

2023-08-07 17:23 - 2023-08-07 17:23 - 000125121 _____ C:\Users\Beatrice\Downloads\2023 Mosquito Playoff Schedule (1).pdf

2023-08-07 17:22 - 2023-08-07 17:22 - 000066108 _____ C:\Users\Beatrice\Downloads\Proposed Peewee Playoffs (2).pdf

2023-08-07 17:21 - 2023-08-07 17:21 - 000125121 _____ C:\Users\Beatrice\Downloads\2023 Mosquito Playoff Schedule.pdf

2023-08-07 17:20 - 2023-08-07 17:20 - 000066108 _____ C:\Users\Beatrice\Downloads\Proposed Peewee Playoffs (1).pdf

2023-08-07 17:14 - 2023-08-07 17:14 - 000336960 _____ C:\Users\Beatrice\Downloads\Beatrice Chachel - 2023 - Revised August 04.pdf

2023-08-07 17:05 - 2023-08-07 17:05 - 000147456 _____ C:\Users\Beatrice\Downloads\Optional Sales Terms Conditions -2023 (1).xls

2023-08-07 17:03 - 2023-08-07 17:03 - 000096264 _____ C:\Users\Beatrice\Downloads\BJC-48-Hour-Cancellation-Policy---Adjustment-for-2023.pdf

2023-08-07 16:05 - 2023-08-07 16:05 - 000012264 _____ C:\Users\Beatrice\Downloads\August Games.xlsx

2023-08-07 14:04 - 2023-08-07 14:04 - 000009518 _____ C:\Users\Beatrice\Downloads\fixlist (5).txt

2023-08-05 17:48 - 2023-08-07 14:11 - 002384896 _____ (Farbar) C:\Users\Beatrice\Desktop\FRST64.exe

2023-08-05 17:16 - 2023-08-05 17:19 - 000000000 ____D C:\Users\Beatrice\Downloads\FRST-OlderVersion

2023-08-05 17:01 - 2023-08-05 17:01 - 000000414 _____ C:\Users\Beatrice\Downloads\fixlist (6).txt

2023-08-04 15:38 - 2023-08-05 14:19 - 000004240 _____ C:\VEW.txt

2023-08-04 15:35 - 2023-08-04 15:11 - 000061440 _____ ( ) C:\Users\Beatrice\Desktop\VEW.exe

2023-08-04 08:13 - 2023-08-04 08:13 - 000317429 _____ C:\Users\Beatrice\Downloads\Printing New Device Application Forms.pdf

2023-08-04 08:10 - 2023-08-04 08:10 - 000131692 _____ C:\Users\Beatrice\Downloads\EFAP Plan Details.pdf

2023-08-02 17:23 - 2023-08-02 17:23 - 000001256 _____ C:\Users\Beatrice\Desktop\ESET Online Scanner.lnk

2023-08-02 17:22 - 2023-08-02 17:22 - 000000000 ____D C:\Users\Beatrice\AppData\Local\ESET

2023-08-02 17:22 - 2023-08-02 17:21 - 015274968 _____ (ESET) C:\Users\Beatrice\Desktop\esetonlinescanner.exe

2023-08-02 17:21 - 2023-08-02 17:21 - 015274968 _____ (ESET) C:\Users\Beatrice\Downloads\esetonlinescanner.exe

2023-08-02 12:59 - 2023-08-02 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon

2023-08-02 12:59 - 2023-08-02 12:59 - 000000000 ____D C:\Program Files\LatencyMon

2023-08-02 12:59 - 2021-03-09 15:07 - 000027744 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys

2023-08-02 12:58 - 2023-08-02 12:57 - 003478312 _____ (Resplendence Software Projects Sp. ) C:\Users\Beatrice\Desktop\LatencyMon (1).exe

2023-08-02 12:57 - 2023-08-02 12:57 - 003478312 _____ (Resplendence Software Projects Sp. ) C:\Users\Beatrice\Downloads\LatencyMon (1).exe

2023-08-02 11:03 - 2023-08-02 11:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo

2023-08-02 11:03 - 2023-08-02 11:03 - 000001806 _____ C:\Users\Beatrice\Desktop\CrystalDiskInfo.lnk

2023-08-02 11:03 - 2023-08-02 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo

2023-08-02 11:00 - 2023-08-02 11:00 - 005793080 _____ (Crystal Dew World ) C:\Users\Beatrice\Downloads\CrystalDiskInfo9_1_1.exe

2023-08-02 10:49 - 2023-08-02 10:48 - 000313272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe

2023-08-02 10:14 - 2023-08-02 10:14 - 000003215 _____ C:\Users\Beatrice\Desktop\Virus, Spyware, Malware Removal - Geeks to Go Community.lnk

2023-07-31 12:09 - 2023-08-07 14:11 - 000000000 ____D C:\Users\Beatrice\Desktop\FRST-OlderVersion

2023-07-31 12:08 - 2023-08-07 21:14 - 000000000 ____D C:\FRST

2023-07-30 21:39 - 2023-07-30 21:39 - 000066108 _____ C:\Users\Beatrice\Downloads\Proposed Peewee Playoffs.pdf

2023-07-29 13:52 - 2023-07-29 13:52 - 000849011 _____ C:\Users\Beatrice\Downloads\PDF_104742096_2023-07-26_232.pdf

2023-07-29 13:10 - 2023-07-29 13:10 - 000778020 _____ C:\Users\Beatrice\Downloads\statement (39).pdf

2023-07-25 16:14 - 2023-07-25 16:14 - 001670043 _____ C:\Users\Beatrice\Downloads\407ETRStatement (4).pdf

2023-07-25 15:47 - 2023-07-25 15:47 - 000012891 _____ C:\Users\Beatrice\Desktop\Scottish Country Dance books.xlsx

2023-07-24 16:01 - 2023-07-24 16:01 - 000185469 _____ C:\Users\Beatrice\Downloads\20867597.pdf

2023-07-23 07:58 - 2023-07-23 07:58 - 000743717 _____ C:\Users\Beatrice\Downloads\Alpine European Imports Meat Orderlow (3).pdf

2023-07-23 07:57 - 2023-07-23 07:57 - 000625254 _____ C:\Users\Beatrice\Downloads\alpinecheeselow (3).pdf

2023-07-23 07:57 - 2023-07-23 07:57 - 000076750 _____ C:\Users\Beatrice\Downloads\alpinewinter2023otherpricelist (3).pdf

2023-07-21 13:32 - 2023-07-21 13:33 - 000585817 _____ C:\Users\Beatrice\Downloads\Beatrice C. - M&G - Schedule -July 2023 (2).xlsx

2023-07-21 13:32 - 2023-07-21 13:32 - 000194454 _____ C:\Users\Beatrice\Downloads\J-23LO02A - July 23_Le Meraviglie Del San Lorenzo - Italian (1).pdf

2023-07-21 08:06 - 2023-07-21 08:06 - 000020959 _____ C:\Users\Beatrice\Downloads\Beatrice HorizonWebRef RB 2023 (2).xlsx

2023-07-21 07:44 - 2023-07-21 07:44 - 001325456 _____ C:\Users\Beatrice\Downloads\Database - Test 1.xlsx

2023-07-21 07:25 - 2023-07-21 07:25 - 000044032 _____ C:\Users\Beatrice\Downloads\Template Receipts (1).xls

2023-07-21 07:24 - 2023-07-21 07:24 - 000414915 _____ C:\Users\Beatrice\Downloads\Aerofleet - Example (1).pdf

2023-07-21 07:22 - 2023-07-21 07:22 - 000587546 _____ C:\Users\Beatrice\Downloads\EXAMPLE - M&G TD Schedule_Completed 2023 (1).xlsx

2023-07-21 07:20 - 2023-07-21 07:20 - 000056320 _____ C:\Users\Beatrice\Downloads\EXPENSE REPORT 2023 NEW (4).xls

2023-07-21 07:07 - 2023-07-21 07:07 - 002787615 _____ C:\Users\Beatrice\Downloads\TH_5941780000_2023_07_19.pdf

2023-07-20 15:40 - 2023-07-20 15:40 - 000585817 _____ C:\Users\Beatrice\Downloads\Beatrice C. - M&G - Schedule -July 2023 (1).xlsx

2023-07-20 07:23 - 2023-07-20 07:23 - 000587546 _____ C:\Users\Beatrice\Downloads\EXAMPLE - M&G TD Schedule_Completed 2023.xlsx

2023-07-20 07:23 - 2023-07-20 07:23 - 000056320 _____ C:\Users\Beatrice\Downloads\EXPENSE REPORT 2023 NEW (3).xls

2023-07-20 07:22 - 2023-07-20 07:22 - 000414915 _____ C:\Users\Beatrice\Downloads\Aerofleet - Example.pdf

2023-07-20 07:21 - 2023-07-20 07:21 - 000044032 _____ C:\Users\Beatrice\Downloads\Template Receipts.xls

2023-07-20 07:00 - 2023-07-20 07:00 - 000585817 _____ C:\Users\Beatrice\Downloads\Beatrice C. - M&G - Schedule -July 2023.xlsx

2023-07-20 06:25 - 2023-07-20 06:25 - 000194454 _____ C:\Users\Beatrice\Downloads\J-23LO02A - July 23_Le Meraviglie Del San Lorenzo - Italian.pdf

2023-07-19 08:13 - 2023-07-19 08:13 - 000020959 _____ C:\Users\Beatrice\Downloads\Beatrice HorizonWebRef RB 2023 (1).xlsx

2023-07-19 08:11 - 2023-07-19 08:11 - 000020959 _____ C:\Users\Beatrice\Downloads\Beatrice HorizonWebRef RB 2023.xlsx

2023-07-17 22:01 - 2023-07-17 22:01 - 000097703 _____ C:\Users\Beatrice\Downloads\EBill_230717.pdf

2023-07-16 21:25 - 2023-07-16 21:25 - 000759632 _____ C:\Users\Beatrice\Downloads\2017 Rider brochure.pdf

2023-07-16 20:08 - 2023-07-16 20:08 - 004123253 _____ C:\Users\Beatrice\Downloads\DeBTO 2023 Volunteer Info Session (1).pdf

2023-07-15 07:55 - 2023-07-15 07:55 - 000141530 _____ C:\Users\Beatrice\Downloads\Chachel - Deposit Receipt.pdf

2023-07-12 20:38 - 2023-07-12 20:38 - 000117790 _____ C:\Users\Beatrice\Downloads\CostanzoReg.PDF

2023-07-12 10:48 - 2023-07-12 10:48 - 000712833 _____ C:\Users\Beatrice\Downloads\Air_Canada_Booking_Confirmation_3Y9Y4V (1).pdf

2023-07-12 10:07 - 2023-07-12 10:07 - 000076000 _____ C:\Users\Beatrice\Downloads\2023 Schedule- Varsity revised July 11th.xlsx

2023-07-11 21:37 - 2023-07-11 21:37 - 000021910 _____ C:\Users\Beatrice\Downloads\invoice-43124 (2).pdf

2023-07-11 21:37 - 2023-07-11 21:37 - 000021910 _____ C:\Users\Beatrice\Downloads\invoice-43124 (1).pdf

2023-07-11 21:35 - 2023-07-11 21:35 - 000045831 _____ C:\Users\Beatrice\Downloads\terms-and-conditions-en.pdf

2023-07-11 21:34 - 2023-07-11 21:34 - 000021910 _____ C:\Users\Beatrice\Downloads\invoice-43124.pdf

2023-07-09 10:30 - 2023-07-09 10:30 - 002390748 _____ C:\Users\Beatrice\Downloads\reg form page 1.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-07 21:07 - 2014-02-24 23:10 - 000000000 ____D C:\Program Files (x86)\Google

2023-08-07 21:04 - 2015-10-24 19:58 - 000000000 ____D C:\ProgramData\Avg

2023-08-07 21:02 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2023-08-07 20:58 - 2014-02-24 22:57 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\ClassicShell

2023-08-07 18:15 - 2013-10-07 03:40 - 000065536 _____ C:\Windows\system32\spu_storage.bin

2023-08-07 14:44 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF

2023-08-07 14:07 - 2014-02-24 22:43 - 000003938 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{E86B3FDE-7E6F-4AC9-87C7-512C4E67B12B}

2023-08-07 13:58 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf

2023-08-05 21:49 - 2022-01-18 19:07 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask

2023-08-05 21:49 - 2021-10-14 13:03 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update

2023-08-05 21:49 - 2021-05-04 14:01 - 000003676 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002

2023-08-05 21:49 - 2021-05-04 14:01 - 000003580 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002

2023-08-05 21:49 - 2019-03-28 22:30 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task

2023-08-05 21:49 - 2018-10-15 22:50 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software

2023-08-05 21:49 - 2018-03-23 10:24 - 000003628 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA

2023-08-05 21:49 - 2018-03-23 10:24 - 000003500 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

2023-08-05 21:49 - 2017-02-23 21:49 - 000003938 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A8BB549A-4BE4-455E-9E7D-0D0CF353FA4E}

2023-08-05 21:49 - 2013-10-07 03:42 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements

2023-08-05 18:45 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp

2023-08-05 17:48 - 2013-08-26 02:09 - 000958016 _____ C:\Windows\system32\PerfStringBackup.INI

2023-08-05 13:52 - 2014-02-24 22:49 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3281177217-869368764-2006139627-1002

2023-08-05 13:31 - 2013-09-07 13:24 - 000000000 ____D C:\ProgramData\Hewlett-Packard

2023-08-05 13:30 - 2013-09-07 13:21 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard

2023-08-05 13:29 - 2013-09-07 13:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2023-08-05 13:14 - 2013-08-22 10:44 - 000495224 _____ C:\Windows\system32\FNTCACHE.DAT

2023-08-05 13:11 - 2014-03-01 21:48 - 000000000 ____D C:\ProgramData\HP

2023-08-05 13:10 - 2014-03-01 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2023-08-04 13:24 - 2018-01-25 23:20 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Skype for Desktop

2023-08-02 15:39 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI

2023-08-02 10:48 - 2021-10-14 13:03 - 000946096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000705416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000392872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000319600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000297872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000272560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000237968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000105280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000096456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000080456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000039640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys

2023-08-02 10:48 - 2021-10-14 13:03 - 000031408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys

2023-08-02 10:14 - 2021-10-12 17:21 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

2023-07-26 21:59 - 2015-03-30 20:34 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2023-07-25 16:29 - 2014-02-26 18:08 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Word

2023-07-25 15:52 - 2014-02-26 18:10 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Excel

2023-07-18 08:28 - 2023-01-10 10:33 - 000000000 ____D C:\Users\Beatrice\Desktop\Jonview

2023-07-15 19:47 - 2014-07-05 11:17 - 000000000 ____D C:\Users\Beatrice\Documents\ladies trips

2023-07-15 19:47 - 2014-02-26 18:21 - 000000000 ____D C:\Windows\system32\MRT

2023-07-15 19:28 - 2014-02-26 18:20 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2023-07-12 20:33 - 2014-07-01 15:43 - 004024320 ___SH C:\Users\Beatrice\Desktop\Thumbs.db

2023-07-12 10:05 - 2021-01-08 09:09 - 000000000 ____D C:\Users\Beatrice\Desktop\Steven and Amanda's payments

2023-07-11 22:21 - 2022-10-12 23:51 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk

2023-07-09 10:33 - 2018-11-24 08:31 - 000000000 ____D C:\Users\Beatrice\Desktop\Baseball registrations 2013-2018

==================== Files in the root of some directories ========

2014-04-06 09:24 - 2014-04-06 09:24 - 000000000 _____ () C:\Users\Beatrice\AppData\Roaming\bitlord_log.txt

2014-09-29 23:04 - 2019-07-17 11:20 - 000000539 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.Exception.log

2014-09-29 23:03 - 2019-07-17 11:22 - 000003874 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

2014-09-29 23:04 - 2019-07-17 11:20 - 000000539 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.DesktopHelper.Exception.log

2015-01-25 19:37 - 2015-01-25 19:37 - 000003584 _____ () C:\Users\Beatrice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2021-10-14 13:58 - 2021-10-14 13:58 - 000000017 _____ () C:\Users\Beatrice\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2023-08-02 11:09

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023

Ran by Beatrice (07-08-2023 21:16:44)

Running from C:\Users\Beatrice\Desktop

Microsoft Windows 8.1 (Update) (X64) (2014-02-25 02:41:28)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3281177217-869368764-2006139627-500 - Administrator - Disabled)

Beatrice (S-1-5-21-3281177217-869368764-2006139627-1002 - Administrator - Enabled) => C:\Users\Beatrice

Guest (S-1-5-21-3281177217-869368764-2006139627-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3281177217-869368764-2006139627-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG Antivirus (Disabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

AS: AVG Antivirus (Disabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden

7-Zip 23.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2300-000001000000}) (Version: 23.00.00.0 - Igor Pavlov)

Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)

Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)

Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 23.003.20244 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.89 - Adobe Systems Incorporated) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)

Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)

Amazon Kindle (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Amazon Kindle) (Version: 1.28.0.57030 - Amazon)

AMD Accelerated Video Transcoding (HKLM\...\{4A6E8B9D-68EB-08B6-F7F0-0D036A883744}) (Version: 13.15.100.30819 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{E825A27F-01E0-1BB8-6A7D-DD769D57E4B0}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

ANT Drivers Installer x64 (HKLM\...\{024A2B3C-8BF6-4B42-A59D-5EC1D1777449}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden

Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)

AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 23.7.3294 - AVG Technologies)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Catalyst Control Center - Branding (HKLM-x32\...\{118DD9F0-49FE-498E-A2EE-F33423C1394C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)

CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Elevated Installer (HKLM-x32\...\{D44250C2-29CB-4BE4-9DA4-3E6F9AB6A5D4}) (Version: 7.17.3.0 - Garmin Ltd or its subsidiaries) Hidden

Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)

File Viewer Plus 4 (HKLM-x32\...\{5C61A881-C34E-405E-8C33-800821A618CF}_is1) (Version: 4.0.1 - Sharpened Productions)

Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Garmin Express (HKLM-x32\...\{93d474a6-3469-4be9-aba9-1eea99932d12}) (Version: 7.17.3.0 - Garmin Ltd or its subsidiaries)

Garmin Express (HKLM-x32\...\{C3E57AA3-A88B-4C20-91C8-1386C4993A1A}) (Version: 7.17.3.0 - Garmin Ltd or its subsidiaries) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.149 - Google LLC)

GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)

GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)

GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)

HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)

HP Battery Recall Utility (HKLM-x32\...\{26ACF49F-254F-491C-B08E-AAA0D5C982CF}) (Version: 1.3.0.5 - Hewlett-Packard) Hidden

HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)

HP CASL Framework (HKLM-x32\...\{5094249B-9542-4536-AE76-B769EE085C99}) (Version: 7.0.5.1 - HP)

HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{FF5C86D0-09EA-43B8-A11C-7B8F7DA7FC51}) (Version: 14.0 - HP)

HP Postscript Converter (HKLM\...\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}) (Version: 4.5.12202 - Hewlett-Packard) Hidden

HP Recovery Manager (HKLM-x32\...\{E849965E-4771-440C-936F-AF5BFD144416}) (Version: 11.00 - Hewlett-Packard) Hidden

HP System Event Utility (HKLM-x32\...\{23EF407B-E7D0-4CB6-8916-43E5B9EEFDED}) (Version: 1.0.9 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)

HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)

iTunes (HKLM\...\{E6FF3475-A35E-481F-8A8E-3D73CF3A30A1}) (Version: 12.10.11.2 - Apple Inc.)

K-Lite Mega Codec Pack 10.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )

LatencyMon 7.31 (HKLM\...\LatencyMon_is1) (Version: 7.31 - Resplendence Software Projects Sp.)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PRJPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden

Microsoft Office Access MUI (English) 2007 (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Excel MUI (English) 2007 (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Groove MUI (English) 2007 (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)

Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}) (Version: - Microsoft) Hidden

Microsoft Office Project MUI (English) 2007 (HKLM-x32\...\{90120000-00B4-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Project Professional 2007 (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (HKLM-x32\...\{90120000-002C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (HKLM\...\{90120000-002A-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (HKLM\...\{90120000-0116-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)

Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}) (Version: - Microsoft) Hidden

Microsoft Office Visio MUI (English) 2007 (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Visio Professional 2007 (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Word MUI (English) 2007 (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)

Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden

Nero 7 Ultra Edition (HKLM-x32\...\{43FFE159-3199-4188-A1CD-629166AD1033}) (Version: 7.02.6445 - Nero AG)

neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden

OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)

Photo Common (HKLM-x32\...\{A52DB080-D445-49EB-90D2-03B9CD794511}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Photo Common (HKLM-x32\...\{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Photo Gallery (HKLM-x32\...\{0F929651-F516-4956-90F2-FFBD2CD5D30E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Photo Gallery (HKLM-x32\...\{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek)

Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

Skype version 8.99 (HKLM-x32\...\Skype_is1) (Version: 8.99 - Skype Technologies S.A.)

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Virus, Spyware, Malware Removal - Geeks to Go Community (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\ece9c02db3ce777dec82a450b2bb70c3) (Version: 1.0 - Google\Chrome)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Windows Live (HKLM-x32\...\{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Communications Platform (HKLM-x32\...\{03D562B5-C4E2-4846-A920-33178788BE00}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\{5E094C92-6288-4F43-AA9A-D452D0218F3F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Installer (HKLM-x32\...\{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (HKLM-x32\...\{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (HKLM-x32\...\{E3445598-4424-4EE2-B71C-C23325F7FB71}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (HKLM-x32\...\{6B6923B9-8719-425B-916C-CD2908F31AAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (HKLM-x32\...\{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (HKLM-x32\...\{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (HKLM-x32\...\{119A44B5-6237-4D56-8424-5DAE70ED3F4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (HKLM-x32\...\{2AC01935-3774-4981-98C8-14E93C14372C}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )

Zoom (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\ZoomUMX) (Version: 5.14.11 (17466) - Zoom Video Communications, Inc.)

Zoom Outlook Plugin (HKLM-x32\...\{1BD8B0E0-0FBF-4F56-8F11-CE09B34EAD2F}) (Version: 5.0.24936 - Zoom)

Packages:

=========

Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2015-11-13] (Box, Inc.)

Browser Choice -> C:\Windows\BrowserChoice [2014-03-13] (Microsoft Corporation)

eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-03-30] (eBay, Inc)

Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation) [MS Ad]

Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-30] (Hewlett-Packard Company)

HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-03-30] (Hewlett-Packard Company)

Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-24] (AMZN Mobile LLC)

McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-04] (.-McAfee Inc-.)

Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Studios) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-26] (Microsoft Studios) [MS Ad]

MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-26] (Microsoft Corporation) [MS Ad]

MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-26] (Microsoft Corporation) [MS Ad]

MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]

MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]

MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad]

Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation) [MS Ad]

Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-10-28] (Netflix, Inc.)

Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-24] (Skype) [MS Ad]

Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-05-08] (HP Inc.)

Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation) [MS Ad]

YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-03-30] (CYBERLINKCOM CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3281177217-869368764-2006139627-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)

CustomCLSID: HKU\S-1-5-21-3281177217-869368764-2006139627-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 0

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]

ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]

ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]

HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]

HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]

HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-06] () [File not signed]

HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Beatrice\Desktop\Virus, Spyware, Malware Removal - Geeks to Go Community.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=clicijoeihfblcfgcgiohemgofiknkng

ShortcutWithArgument: C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Virus, Spyware, Malware Removal - Geeks to Go Community.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=clicijoeihfblcfgcgiohemgofiknkng

ShortcutWithArgument: C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Virus, Spyware, Malware Removal - Geeks to Go Forum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jcfpchlolkpkfbmmkepnghpcfkfpccnc

==================== Loaded Modules (Whitelisted) =============

2013-08-19 16:48 - 2013-08-19 16:48 - 000016896 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll

2013-08-19 16:47 - 2013-08-19 16:47 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2013-08-19 16:47 - 2013-08-19 16:47 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\62c8d4d8e4afaabf1919f9430fbf6b8a\A4.Foundation.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\29a1aed4d2280db33e56f4b688604384\AEM.Actions.CCAA.Shared.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\14105dff33849aa4a2d76e51a6e75715\AEM.Plugin.EEU.Shared.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\4f7f44015eeb9072ad85e5aa5336551a\AEM.Plugin.Hotkeys.Shared.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\5956990156f067882e280676df6d0f95\AEM.Plugin.Audio.Shared.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\10318a25cde13510d0626f5a030732ff\AEM.Plugin.DPPE.Shared.ni.dll

2022-12-18 10:55 - 2022-12-18 10:55 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\facc0e83a0613dff84940efe4e4cce23\AEM.Plugin.Source.Kit.Server.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\175a0c759bd6b345492bf6bd46734c22\AEM.Plugin.WinMessages.Shared.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\ed87ff12f2f09038d750f72ffaa99139\AEM.Plugin.REG.Shared.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\e96e58945896dd8a779e452635576d5a\AEM.Plugin.GD.Shared.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\356788f4a9310d61a854d4310ea87a5b\AEM.Server.Shared.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\71724dfc4b520e5a8b968890768a718c\AEM.Server.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\70f7dded96984fbed59a0f6c81ea10c7\APM.Foundation.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\6fe8bd18bedf333ecb9bffd0fb627178\ATICCCom.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\f77ee4629143e53a22e4bfbb07266b98\CCC.Implementation.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\bddacae3b4e78402980fb5bc37931e6a\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll

2022-12-18 10:58 - 2022-12-18 10:58 - 000153088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\acd7543ffc050e41e7d3af844970d473\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\6af109c7f39d24bb623130ed0f29521e\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll

2022-09-25 18:23 - 2022-09-25 18:23 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\8b15ce616a3c58f9c6e1fef69ed49b12\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\c3ffe1d1d555a1c8166a056b02c524c9\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000072192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.398e7f7a#\0cca46169ee38c08aeca78afc89593af\CLI.Aspect.A4.A4.Shared.ni.dll

2022-09-25 18:25 - 2022-09-25 18:25 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\e053ec35f4a81c7fb06b5afc5bfb06cc\CLI.Aspect.TransCode.Graphics.Shared.ni.dll

2022-09-25 18:23 - 2022-09-25 18:23 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\787ecf8565aa1f8080ca1d58f850464c\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\df9ab216f98ae6cd5b8016a326bd8645\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll

2022-12-18 10:58 - 2022-12-18 10:58 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\bb482c51669d13a38d9215dcc1037189\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\8fa828637890a1deed2f16f505dd7f13\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000074240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\0f6ea1d0c7b7990e050d9f60d3108dee\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\b0ead6a690ab79d950179a5ea75fafe8\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll

2022-12-18 10:58 - 2022-12-18 10:58 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\c765e9c5ffce9b40b8c9d995501614b6\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\28c18c03e4a12ae1512cbc5f20893d55\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\b592bd8718e328369e32b4965bfcc689\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll

2022-12-18 10:58 - 2022-12-18 10:58 - 000616960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\dceaec2553f66211a104cb504b17d2f1\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll

2022-09-25 18:25 - 2022-09-25 18:25 - 000741376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\8bc79f38e03e594b895bcbccf1317232\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000452608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\302445170ce16194b2de52d2cb457475\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll

2022-09-25 18:23 - 2022-09-25 18:23 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\0ec1c76bf2549b90983c94a218503c49\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\9706b2dd5ec809a39076d535c1ff3f9c\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\ecb6cb64d7089011ead7f9c6a2270985\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\e18d0b8dfc7c4b3b8f69bce4f8fafd54\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll

2022-09-25 18:26 - 2022-09-25 18:26 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\41d4231ba78f87c65af5dd55e3f4e7b2\CLI.Aspect.WiFi.Fuel.Shared.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000313344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\653e0605189420589ae3290d45ab037b\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll

2022-06-20 23:59 - 2022-06-20 23:59 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\005c141b7e017ea1168c2a14c99bda70\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\9b6ca5a0c021d7addf0a2d566fa17829\CLI.Aspect.Fets.Fuel.Shared.ni.dll

2022-12-18 10:58 - 2022-12-18 10:58 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\fc82f0f2c724236aa4308e08e9fbab5b\CLI.Aspect.User.Fuel.Dashboard.ni.dll

2022-12-18 10:56 - 2022-12-18 10:56 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e76f4137#\46b113e7a458a17fab56b6daa3f90347\CLI.Aspect.A4.A4.Dashboard.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000273408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\f7bd2a46a0fd6a6401b808b441b6765b\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll

2022-12-18 10:58 - 2022-12-18 10:58 - 003358720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\febf897d698115e8dcd0defc466527ab\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000240128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\1362348e15858d3705b43fcf39ae0379\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll

2022-09-25 18:25 - 2022-09-25 18:25 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\17472af431bbb7fb640565b59ffaa8ae\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll

2022-09-25 18:23 - 2022-09-25 18:23 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\8ac164b5670501aeebcdaf274e5f376c\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f38af62f#\fb9f0d776e6fa4ef0752a6012c96f4d2\CLI.Aspect.A4.A4.Runtime.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\86a1b53c32583df232de1c2bf2aa7f17\CLI.Aspect.DPPE.Fuel.Shared.ni.dll

2022-09-25 18:29 - 2022-09-25 18:29 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\9f8e02711dd838686b926909182fd2df\CLI.Caste.A4.Runtime.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\7e9d312d672b5cb859f3e48b3269e886\CLI.Caste.A4.Shared.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\3f390896132d58a6ba5a9d0442dbd869\CLI.Caste.A4.Dashboard.ni.dll

2022-09-25 18:23 - 2022-09-25 18:23 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\5c2a5e74da0f4928dd70db459d86a30a\CLI.Caste.Fuel.Shared.ni.dll

2022-09-25 18:29 - 2022-09-25 18:29 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\f1a0a28f1fa22cad5c867fc2c2743c3d\CLI.Caste.Fuel.Runtime.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\98c55a15b717ba95b1292b2091966ad2\CLI.Caste.Fuel.Dashboard.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\82e85cdef48c466d641b5d0c98f5e84e\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 001548800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\acd9ff8dd0381b95c6f97ba3f9cc9e1c\CLI.Caste.Graphics.Dashboard.Shared.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000472576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\42caa77b9372e5cd50fcb4c010b50f45\CLI.Caste.Graphics.Dashboard.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\1d15cee787dc1e546bc019dbb2543d85\CLI.Caste.HydraVision.Runtime.ni.dll

2022-09-25 18:29 - 2022-09-25 18:29 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\5ff00af6ac49b0d6d7980f771cf87b38\CLI.Caste.HydraVision.Shared.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\24e1519e8ea19719be2929ac9522973f\CLI.Caste.HydraVision.Dashboard.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\361489a75293c3b954b1027252af04a7\CLI.Caste.Platform.Shared.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\9b1071a2e455619be82f8c3a9be8a4a8\CLI.Caste.Platform.Runtime.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\cd8b23f2c12c587c09d9da62ab5601f8\CLI.Caste.Platform.Dashboard.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\2b5a1f2978bf0b8bb165f256d9a71e2b\CLI.Combined.Fusion.Aspects.Runtime.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\bbd0e9753c3e02ed55269a62041b5637\CLI.Component.Runtime.Shared.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\1701521d831a3a64b25ce10f2e604013\CLI.Component.Dashboard.ProfileManager2.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000150528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\55639e9dfe36775aeea16f674e2a29a7\CLI.Component.Runtime.Shared.Private.ni.dll

2022-06-21 00:03 - 2022-06-21 00:03 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\3bf95f59b9c4fa5a5a05009a0afa03d7\CLI.Component.Runtime.Extension.EEU.ni.dll

2022-12-18 10:56 - 2022-12-18 10:56 - 001603584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\7bb28ff8d751600ee3a6b082fe509a05\CLI.Component.Dashboard.Shared.Private.ni.dll

2022-12-18 10:56 - 2022-12-18 10:56 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\a25229a214b7d64bf195d30c2620e337\CLI.Component.Client.Shared.ni.dll

2022-09-25 18:22 - 2022-09-25 18:22 - 000084480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\8461635a62d4bc44abb0c8fbfb4dc906\CLI.Component.Dashboard.Shared.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\4e248765231973f8997a159d267207ed\CLI.Foundation.Private.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\dc2b828bcaec25ced111adbe1d53ff0e\CLI.Foundation.XManifest.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\c029263646673592df8681dccd1a7d54\CLI.Foundation.CoreAudioAPI.ni.dll

2022-12-18 10:56 - 2022-12-18 10:56 - 000934400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\07678e41c77f7238078829d8fcca5a81\CLI.Foundation.Client.ni.dll

2022-12-18 10:55 - 2022-12-18 10:55 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\afef149278dcb553e2e37565b08138d4\CLI.Foundation.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\47398db92a4f31a2b5ad19bd9533df82\DEM.Graphics.ni.dll

2022-09-25 18:29 - 2022-09-25 18:29 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\1b1b9619817c01822c5fb2cffb04b3f0\Fuel.Foundation.ni.dll

2022-12-18 11:00 - 2022-12-18 11:00 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\6194e953b2635d719f3738445c28859b\LOG.Foundation.Implementation.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\ffaf28785234fa12465305925b5e5fb1\LOG.Foundation.Private.ni.dll

2022-08-19 20:20 - 2022-08-19 20:20 - 000087040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\56032dac22fc3f33995e79ca61c15e08\LOG.Foundation.Implementation.Private.ni.dll

2022-12-18 10:54 - 2022-12-18 10:54 - 000123392 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\839ebf45448210d2dd20c99bd49f70fa\LOG.Foundation.ni.dll

2022-06-20 23:57 - 2022-06-20 23:57 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\8c5b0278f4656bf01c98ee5993bcc411\MOM.Foundation.ni.dll

2022-09-25 18:32 - 2022-09-25 18:32 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b6f4a83b055ee46d59dbd5bef40e1ab5\MOM.Implementation.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\2f282be24fb85db44399fea46ce0aff1\NEWAEM.Foundation.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000774656 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\2df18e500bbcafb876de8a1086fb4b48\ADL.Foundation.ni.dll

2022-09-25 18:21 - 2022-09-25 18:21 - 000250880 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\6ea1503c826c078efd571faace078035\APM.Server.ni.dll

2022-09-25 18:24 - 2022-09-25 18:24 - 000297984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\0e44ac5900e70c78ca3039d3bdb85f6e\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 001652736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\dfb119048e63c2f171878302b0ad924f\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000740864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\19bc1a3352609efcfbd978a5b3227fa2\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 002559488 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\2ab22375378b19adcdb121590368e028\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000989696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\300728ace308be496d591239676cc9e9\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll

2022-12-18 10:56 - 2022-12-18 10:56 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\66ef4b8870a60ef5c1676d88499abbf6\CLI.Component.Client.Shared.Private.ni.dll

2022-09-25 18:30 - 2022-09-25 18:30 - 000233472 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\85dbd951e308570ff9994eea0d24b21b\CLI.Component.Runtime.ni.dll

2022-12-18 10:59 - 2022-12-18 10:59 - 000914944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\e2bda54c5f0f265bf000ce4f60a3e2f7\CLI.Component.Dashboard.ni.dll

2022-06-21 00:00 - 2022-06-21 00:00 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\856d238b6b0bec4af466f401cf37c1ca\DEM.Graphics.I0706.ni.dll

2022-06-21 00:00 - 2022-06-21 00:00 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\53e6f63e24cc454e048c210bb52a43ad\DEM.Graphics.I0709.ni.dll

2022-06-21 00:00 - 2022-06-21 00:00 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\41901b2bb4be0433b2a2cbe7c6d27fb3\DEM.Graphics.I0712.ni.dll

2022-06-21 00:00 - 2022-06-21 00:00 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\fc03ddab1b5dea4214265421db9decc7\DEM.Graphics.I0804.ni.dll

2022-06-21 00:04 - 2022-06-21 00:04 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\ff42e597e1de8e4a1b1ef2ba1e8e99ae\DEM.Graphics.I0805.ni.dll

2022-06-21 00:04 - 2022-06-21 00:04 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\a3b31d6551fb1cc8fef01cadcfe21f7a\DEM.Graphics.I0812.ni.dll

2022-06-21 00:02 - 2022-06-21 00:02 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\7ceb7230cf67dfe268326e288c6a3b1e\DEM.Graphics.I0906.ni.dll

2022-06-21 00:00 - 2022-06-21 00:00 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\07c0a2836df04abb4a34903af8f74ef5\DEM.Graphics.I0912.ni.dll

2022-06-21 00:02 - 2022-06-21 00:02 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\64883b5bf68387379a4bf1456f2f8d21\DEM.Graphics.I1010.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 001005568 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\ec126293d3e9e7bcbf621a12f41be136\Localization.Foundation.Private.ni.dll

2022-12-18 15:03 - 2022-12-18 15:03 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\37713049b76ac523ff1be41df017c0d5\ResourceManagement.Foundation.Implementation.ni.dll

2022-12-18 10:56 - 2022-12-18 10:56 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\43c05433fe7c87b4b13639ad91ba2caa\ResourceManagement.Foundation.Private.ni.dll

2022-12-18 10:57 - 2022-12-18 10:57 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\14d3d6b6e446af5704abf4f1b1d7f2f6\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll

2022-12-18 10:55 - 2022-12-18 10:55 - 002286592 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\7f228f83b5a6321fd3ccdd0dbd5ed17c\CLI.Caste.Graphics.Shared.ni.dll

2022-09-25 18:29 - 2022-09-25 18:29 - 002788864 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\aa6c1b937e7f6e37f3f2ce0f90772e50\CLI.Caste.Graphics.Runtime.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000025600 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\16abffe036331c3e314c2f2efe5ee5a5\DEM.Foundation.ni.dll

2022-06-20 23:16 - 2022-06-20 23:16 - 000115200 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\94e5fa1131e56cc76b4cc15a1319fe98\DEM.Graphics.I0601.ni.dll

2011-04-29 12:34 - 2011-04-29 12:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc

2011-04-29 12:34 - 2011-04-29 12:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc

2011-04-29 20:08 - 2011-04-29 20:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc

2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll

2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\Windows\SYSTEM32\hpzipr12.dll

2014-01-18 18:12 - 2014-01-18 18:12 - 002271424 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/4

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-03-30 21:28 - 2018-12-03 12:24 - 000000041 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg

DNS Servers: 192.168.2.1 - 207.164.234.193

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "uTorrent"

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "BlackBerryLink.exe"

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "Skype for Desktop"

HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C38017F8-E0E8-4B42-89D2-849D1FB92D12}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{5114AAF1-933F-48E2-B065-8FD049CD208B}] => (Allow) LPort=2869

FirewallRules: [{8A63499F-BA73-4586-9EFD-A4E8BE6C67DA}] => (Allow) LPort=1900

FirewallRules: [{06F2CB04-A283-4B52-B8AA-229C717AFC13}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{9BE17BA2-312C-4A9E-8EAD-5EEF4C17223A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{1EFE606F-A8FC-4435-8FD8-765B3E043242}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{842CDB17-A5DE-4194-BA3F-443B0EE2AEE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{7CADD1D8-196B-4BFA-8606-09D4A1D2DC3B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe => No File

FirewallRules: [{3CB5F53A-8944-4F29-8D84-80BDE5F50762}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{B0D5AAE4-97F0-4FE8-982D-5A99C8DB57A7}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{142E4A0A-587A-4D65-BC6B-BD25D7B42F84}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{DCE51DE1-18DC-40E0-A2BB-2EC4E1264899}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{4830FFDE-4BDC-49C9-B241-280544DA7EC3}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{C9B42E5F-A389-4CAE-B246-9BD01E019D3C}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [TCP Query User{7AE58E2A-6850-48BE-A271-D3CC2B44C5CB}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)

FirewallRules: [UDP Query User{D740E82B-1F84-4ADD-9F7E-EFB526EDDD03}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)

FirewallRules: [TCP Query User{B1DA0F5A-40E9-403E-8D94-4B0F9FA3996B}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)

FirewallRules: [UDP Query User{F56BEE0E-1B0F-4925-914C-727FF4C8E757}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)

FirewallRules: [{0E6742E6-D825-48A0-9E15-9578D030152E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{64DB1C5C-FA5D-4632-972C-AFF6BDCD0DA4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{E3C51DF4-EA9A-4381-9B60-732C750E9261}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{39C5FD0D-9617-4811-96B7-6F4584EE9163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{A3904ACB-D723-40B0-84FC-82CD131424AC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{96F34E72-338C-43F4-A665-A3D6DA664BE4}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{FFEA73B4-26C7-4B76-B566-16B7EC746F1B}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{ED614057-4496-4D36-A24E-5BBF11F5473B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{9C7642F9-4C29-4714-9D3F-A67324DC94C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{311DF5C6-0821-4189-9756-DEFB77C9F34B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{C863362F-668C-42B9-B273-881A20C7AF5A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{09C6ABE0-D192-4E3E-884C-CB4878B1A6BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{CE833B81-9D44-448B-96C2-F97E034B6190}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{B635B7F1-B07B-4141-B333-3E7E282E9795}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{4F9307C3-1BB3-4471-9D2F-5AE3BA04A065}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)

FirewallRules: [{7DBD61DD-7C62-487B-9D44-68010C8E115B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{B8D094DD-B959-4F0A-83A6-3FB354E5FFBF}] => (Allow) C:\Users\Beatrice\AppData\Roaming\TelusMeetings\bin\TelusBusinessConnectMeetings.exe => No File

FirewallRules: [{833353E2-2974-474B-9926-827351C5AAB9}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{26E2ED77-3683-4126-A9DD-4D70DA1466C5}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{8DD35913-4D13-4302-91A7-8F4D8EF1ACD6}] => (Allow) C:\Users\Beatrice\AppData\Local\Temp\7zS5E07\HP.EasyStart.exe (HP Inc. -> HP)

FirewallRules: [TCP Query User{CAA6E10B-1C7D-4B71-AA60-D43DDFF2DAD2}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [UDP Query User{56A1B475-7699-4161-98A3-F17A50E02D53}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{DD542D21-4F5D-4BD6-9366-2F7C5FB1D9AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{F704C7B7-79E9-4BA8-813E-AB985DE251D8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{70B0C92D-6D79-4B5C-9297-F6215E86A51B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

25-07-2023 11:55:23 Scheduled Checkpoint

02-08-2023 10:17:58 Removed HP PC Hardware Diagnostics Windows

05-08-2023 13:25:08 Removed HP Support Assistant.

05-08-2023 13:31:42 Removed HP Support Solutions Framework

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

System errors:

=============

Error: (08/07/2023 09:23:41 PM) (Source: DCOM) (EventID: 10010) (User: Beatrice)

Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (08/07/2023 09:21:41 PM) (Source: DCOM) (EventID: 10010) (User: Beatrice)

Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register with DCOM within the required timeout.

Error: (08/07/2023 09:07:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The File History Service service hung on starting.

Error: (08/07/2023 09:01:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

==================== Memory info ===========================

BIOS: Insyde F.22 09/27/2013

Motherboard: Hewlett-Packard 213B

Processor: AMD A6-5200 APU with Radeon™ HD Graphics

Percentage of memory in use: 30%

Total physical RAM: 7643.95 MB

Available physical RAM: 5298.58 MB

Total Virtual: 8859.95 MB

Available Virtual: 6162.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:677.33 GB) (Free:512.69 GB) (Model: WDC WD7500BPVX-60JC3 SATA Disk Device) NTFS

Drive d: (RECOVERY) (Fixed) (Total:20.54 GB) (Free:2.03 GB) (Model: WDC WD7500BPVX-60JC3 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{ef62169f-32b1-4fb5-ac9c-72b6ac8ca640}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 3A472083)

Partition: GPT.

==================== End of Addition.txt =======================

#33
RKinner

Posted 07 August 2023 - 09:50 PM

Malware Expert

Expert
24,731 posts

We got rid of the Windows Defender errors but picked up:

Error: (08/07/2023 09:07:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The File History Service service hung on starting.

Not sure what caused the error. It's the first time we've seen it. Let's see if it is started or will start.

Search for:

services.msc

hit Enter.

Scroll down to File History Service and select it. If it is not running, try to Start it. Does it start? Normally it will start and run for a few minutes then stop. If it won't start or starts and quickly stops then we may need to reset the File History.

How is it running now? Still slow?

#34
Beatriceswiss

Posted 08 August 2023 - 08:25 AM

Member

Topic Starter
Member
80 posts

When I found File History, it was not running. The start type was set to Automatic. I selected Start. The status said Running. After 5 minutes, it is still Running.

The laptop is considerably faster now!

I noticed three items in the last FRST log that had the word Attention beside them. Does that need any action for a fix?

#35
RKinner

Posted 08 August 2023 - 10:34 AM

Malware Expert

Expert
24,731 posts

I think the Google & Firefox policies are set by AVG and the Update policy isn't important since Win 8 doesn't get updates any more but I think we can use a fixlist to look at exactly what they are doing. This one should be very fast and not require an update. Please post the fixlog.

fixlist.txt 364bytes 103 downloads

I'm going on a trip tomorrow. Not sure if I will have Internet at the motel so expect delays.

#36
Beatriceswiss

Posted 08 August 2023 - 10:50 AM

Member

Topic Starter
Member
80 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023

Ran by Beatrice (08-08-2023 12:49:24) Run:5

Running from C:\Users\Beatrice\Desktop

Loaded Profiles: Beatrice

Boot Mode: Normal

==============================================

fixlist content:

*****************

REG: req Query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s

REG: req Query HKLM\SOFTWARE\Policies\Mozilla\Firefox /s

REG: req Query HKLM\SOFTWARE\Policies\Google /s

*****************

========= req Query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s =========

'req' is not recognized as an internal or external command,

operable program or batch file.

========= End of Reg: =========

========= req Query HKLM\SOFTWARE\Policies\Mozilla\Firefox /s =========

'req' is not recognized as an internal or external command,

operable program or batch file.

========= End of Reg: =========

========= req Query HKLM\SOFTWARE\Policies\Google /s =========

'req' is not recognized as an internal or external command,

operable program or batch file.

========= End of Reg: =========

==== End of Fixlog 12:49:24 ====

#37
RKinner

Posted 08 August 2023 - 11:52 AM

Malware Expert

Expert
24,731 posts

OOPS. Used a Q instead of a G. Let's try again:

fixlist.txt 364bytes 105 downloads

#38
Beatriceswiss

Posted 08 August 2023 - 12:03 PM

Member

Topic Starter
Member
80 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023

Ran by Beatrice (08-08-2023 14:03:15) Run:6

Running from C:\Users\Beatrice\Desktop

Loaded Profiles: Beatrice

Boot Mode: Normal

==============================================

fixlist content:

*****************

REG: reg Query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s

REG: reg Query HKLM\SOFTWARE\Policies\Mozilla\Firefox /s

REG: reg Query HKLM\SOFTWARE\Policies\Google /s

*****************

========= reg Query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s =========

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

DisableOSUpgrade REG_DWORD 0x1

========= End of Reg: =========

========= reg Query HKLM\SOFTWARE\Policies\Mozilla\Firefox /s =========

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\Certificates

ImportEnterpriseRoots REG_DWORD 0x1

========= End of Reg: =========

========= reg Query HKLM\SOFTWARE\Policies\Google /s =========

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome

========= End of Reg: =========

==== End of Fixlog 14:03:15 ====

#39
RKinner

Posted 08 August 2023 - 01:15 PM

Malware Expert

Expert
24,731 posts

The first policy says not to upgrade from 8.1 to 10 Probably back when MS was offering to upgrade 8.1 to 10 someone told it no so it won't automatically try to do that.

Second was added by AVG so it can monitor your network traffic.

Third doesn't seem to do anything but was probably put in by AVG.

Do you want to remove the first policy? I know you can still upgrade Windows 7 to 10 for free because I've often done it but haven't tried it recently with 8.1 tho I think it is supposed to work.

#40
Beatriceswiss

Posted 08 August 2023 - 01:28 PM

Member

Topic Starter
Member
80 posts

No thanks about removing the first policy. This laptop will eventually be replaced by a new one with either Windows 10 or 11 on it.

The laptop is working quite well. I do have a question about the three Attention items from the FRST log. Is there something that needs to be done with that?

#41
RKinner

Posted 08 August 2023 - 01:33 PM

Malware Expert

Expert
24,731 posts

The three ATTENTION flags were just about the three policies which we have just looked at. Can be ignored.

IF we are done then it's time to clean up.

Time to clean up:

If we used FRST to clean your PC:

right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe. Then right click on uninstall.exe and Run as Admin.

If we installed Speccy it needs to be uninstalled. Process Explorer, VEW, AdwCleaner, JRT and their logs and Speccy's log can just be deleted.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Flash is now the most malware targeted program so it must be kept up to date. Be careful with Adobe. They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan. Go slow and uncheck the optional stuff.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

If you use Chrome/Firefox/Edge then get the Ublock Origin extension. For IE go to adblockplus.org and get the program.

If Chrome/Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.

http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize. You can run it any time that Chrome/Firefox seems slow starting..

(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:

chrome://settings/

Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.

Change

Continue running background apps when Google Chrome is closed

to Off (slide the blue thing to the left and it turns brown)

Close Chrome.

If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser. If that helps then one or more of your extensions is at fault. Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.

If you are a Facebook user get the FB Purity extension for your browser:

http://www.fbpurity.com/

This will stop all of the suggested pages and ads so that Facebook loads much quicker.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.combefore you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.

If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.