Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow startup, laggy game [Solved]

Started by DSWolfe , Jan 16 2025 09:24 PM

  • This topic is locked This topic is locked

#1
DSWolfe
Posted 16 January 2025 - 09:24 PM

DSWolfe

    New Member

  • Member
  • Pip
  • 9 posts

Evening everyone, it has been a while since I've had to resort to deep cleaning my computer like this so I'm at a lost.  The computer is about a year old now and have been bogging down more and more.  A restart without any windows update can take upwards of 10 mins.  Normally I don't even attempt such a thing unless I'm going to bed, work or something of the sort.  Lately even my more resource demanding games have been having mini freezes for a moment or two even 5 to 10 mins. I'm sure  I have downloaded something I shouldn't have or it was attached to something I did actually want.

 

I have never used FRST before.  The last tool I used that was similar to this was HIjackthis so you know it has been awhile since I was doing something like that.  Anyways, as directed here are the logs.  I do see some fishy things in these but I'm no expert.  Lastly, if anyone has suggestions on getting rid of any bloatware I'm down to do that as well.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2025
Ran by Wolfe (administrator) on WOLFE-PC (ASUS System Product Name) (16-01-2025 19:12:20)
Running from C:\Users\Wolfe\Downloads\FRST64.exe
Loaded Profiles: Wolfe
Platform: Microsoft Windows 10 Home Version 22H2 19045.5247 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Discord Inc. -> Discord Inc.) C:\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe <6>
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <21>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2411.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <5>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Discord] => C:\Users\Wolfe\AppData\Local\Discord\Update.exe [1525016 2023-03-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-15] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.265\Installer\chrmstp.exe [2025-01-09] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FF3F855-D977-4263-B965-4010D2C215CF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [308584 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AF9ED637-492A-4127-951E-0B3B862CB112} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1860968 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {45A79F7B-EB90-4F55-AE49-6E004213F628} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d97349f784b2a9 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {A0DB1531-EE7D-40B1-902C-D2B8456DA60B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {1C1147E7-BA0D-4483-81A8-B37A2283E11C} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [46631024 2023-03-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {22D2A041-24D1-4947-9ECB-598713967BD6} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2023-03-18] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C34BF41C-D55C-468C-9B27-D2CA4301F5F6} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {BD762367-F8F9-4B10-9E4C-611266E98A38} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{C22F08B7-E9DD-4F63-83C5-479F5BB473B1} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32DEA084-B3A4-4CD2-AA96-A5E618EA07F8} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FDDC5C9-3518-454B-95BF-A38BE8C4179F} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C91E466-9496-468F-9FC6-F3671FFD1814} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1D5251E-1BB9-4F6E-90D1-DB61DDC854E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {256D53C9-4CB3-4879-B0E3-3411B5F09010} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD0E4C0C-D308-4C28-90C5-89A4DC7DFACE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBAB5D9D-8F79-4239-9A11-8BF97BDD2F67} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E560720E-FB4C-4B17-8D44-B85B433830E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC6DCF69-FBB5-4A3A-92B6-3D38B362ED34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57EA1879-CCFE-4CE3-B157-1EA5AD559952} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27A49626-9027-47FC-81D0-8998B75E6D6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69708F82-67BE-4E11-A483-9B4A1E8CC573} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {19E0FDDF-40FC-4860-9F25-D8495705F16A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-35897006-1549402385-1321927907-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {CAA69DE2-0590-481C-B051-343AAE89C33C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {22BA612D-4EE9-4F28-9515-C33E3126CDF5} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8D9D487-1CC5-4BD2-A8EC-B8174B078C25} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E262836-4C8A-4593-8BCE-BA297F7612B2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F42F4D-EE43-4030-B1C6-D6E3DB6E89F1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {E85D0753-7D78-42D2-9DD8-199FE04A4689} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\75F6C66656020586F6E656: [DhcpNameServer] 192.168.165.176
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpDomain] wk.shawcable.net
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,10.0.0.58,1]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-16]
Edge Extension: (Google Docs Offline) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: 4syrh9jm.default
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\4syrh9jm.default [2023-04-20]
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release [2025-01-17]
FF Session Restore: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> hxxps://www.facebook.com
FF Extension: (AdGuard AdBlocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2025-01-10]
FF Extension: (Enhancer for YouTube™) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2024-12-03]
FF Extension: (Capital One Shopping: Save Now) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2024-08-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-12-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default [2024-04-21]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-03-28] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1132000 2025-01-16] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-01-15] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617896 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [146984 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 CorsairLLAService; C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe [238632 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [715736 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe [3530280 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [310824 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\OneDriveUpdaterService.exe [3876392 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1878448 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [364800 2024-12-12] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538416 2024-11-20] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-06-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-16] (ASUSTeK COMPUTER INC. -> )
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [21752 2023-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2025-01-16] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44592 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_bf51b653ec31b8ab\e2f.sys [531568 2023-07-02] (Intel Corporation -> Intel Corporation)
R3 MpKsldaf77c69; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8408A2F-02EC-46C4-9B8E-93DBF71BC9AC}\MpKslDrv.sys [267552 2025-01-17] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [18496 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [361472 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1617920 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_02a1; C:\Windows\System32\drivers\RzDev_02a1.sys [64664 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
U4 AppMgmt; no ImagePath
S3 cpuz157; \??\C:\Windows\temp\cpuz157\cpuz157_x64.sys [X] <==== ATTENTION
U4 CscService; no ImagePath
U4 napagent; no ImagePath
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
U4 PeerDistSvc; no ImagePath
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-16 19:12 - 2025-01-16 19:15 - 000031747 _____ C:\Users\Wolfe\Downloads\FRST.txt
2025-01-16 19:08 - 2025-01-16 19:08 - 002403328 _____ (Farbar) C:\Users\Wolfe\Downloads\FRST64.exe
2025-01-16 19:08 - 2025-01-16 19:08 - 000000000 ____D C:\Users\Wolfe\Downloads\FRST-OlderVersion
2025-01-16 19:06 - 2025-01-16 19:14 - 000000000 ____D C:\FRST
2025-01-16 19:02 - 2025-01-16 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Wolfe\Downloads\HijackThis.exe
2025-01-16 06:05 - 2025-01-16 06:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-15 01:23 - 2025-01-15 01:23 - 000000000 ___HD C:\$WinREAgent
2025-01-14 22:17 - 2025-01-14 22:17 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-01-14 22:17 - 2025-01-14 22:17 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-14 10:43 - 2025-01-16 05:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-11 19:49 - 2025-01-11 19:49 - 003161705 _____ C:\Users\Wolfe\Downloads\elvui-13.81(2).zip
2025-01-07 20:15 - 2025-01-07 20:15 - 000180264 _____ C:\Users\Wolfe\Downloads\Statement_122024_5998.pdf
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2024-12-28 18:06 - 2024-12-04 10:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-12-28 18:06 - 2024-12-04 10:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-12-28 18:06 - 2024-12-04 09:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-12-28 18:06 - 2024-12-04 09:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-12-28 18:06 - 2024-12-04 09:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-12-28 18:06 - 2024-12-03 17:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2024-12-28 18:06 - 2024-12-03 17:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-12-28 18:02 - 2024-12-28 18:02 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-12-28 18:02 - 2024-12-28 18:02 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-12-28 18:02 - 2024-12-28 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-12-28 18:01 - 2024-12-18 04:26 - 003074088 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-12-28 18:01 - 2024-12-18 04:26 - 002369064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000180760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000159768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2024-12-28 13:51 - 2024-12-28 19:18 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Path of Exile 2
2024-12-28 13:18 - 2024-12-28 13:18 - 000000223 _____ C:\Users\Wolfe\Desktop\Path of Exile 2.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-16 19:02 - 2023-04-19 21:18 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-16 19:02 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\VirtualStore
2025-01-16 18:58 - 2024-10-22 18:00 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Discord
2025-01-16 18:52 - 2023-04-19 20:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-16 18:17 - 2023-04-19 20:34 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 18:17 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-16 18:17 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-16 18:14 - 2023-04-19 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-16 17:51 - 2023-04-19 20:34 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-16 17:38 - 2023-04-19 21:35 - 000000000 ____D C:\Program Files\ASUS
2025-01-16 15:55 - 2023-04-19 21:43 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\discord
2025-01-16 06:07 - 2023-04-28 21:51 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-16 06:07 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-16 05:59 - 2022-09-07 19:13 - 000000000 ____D C:\Windows\SystemTemp
2025-01-16 05:54 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Packages
2025-01-16 05:53 - 2024-10-22 18:01 - 000002243 _____ C:\Users\Wolfe\Desktop\Discord.lnk
2025-01-16 05:48 - 2023-04-19 04:47 - 000000000 ___RD C:\Users\Wolfe\OneDrive
2025-01-16 05:48 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-16 05:43 - 2023-04-19 04:46 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-16 05:43 - 2019-12-07 01:13 - 000000000 ____D C:\Windows\INF
2025-01-16 05:36 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-16 05:35 - 2024-09-29 17:02 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-16 05:35 - 2023-04-29 23:26 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-01-16 05:35 - 2023-04-19 20:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-16 05:35 - 2023-04-19 04:36 - 001180016 _____ () C:\Windows\system32\wpbbin.exe
2025-01-16 05:35 - 2023-04-19 04:36 - 001132000 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-01-16 05:35 - 2023-04-19 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-16 05:34 - 2019-12-07 01:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-01-16 05:28 - 2023-04-28 22:00 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Excel
2025-01-16 05:25 - 2023-04-19 21:27 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Battle.net
2025-01-15 19:27 - 2023-04-19 20:32 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000001053 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-01-15 18:49 - 2023-04-19 20:42 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-15 01:39 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-14 22:17 - 2023-04-19 21:15 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001
2025-01-12 02:39 - 2023-04-19 04:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-12 02:39 - 2023-04-19 04:37 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-10 17:01 - 2023-04-19 21:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-01-10 16:47 - 2023-04-19 04:45 - 000000000 ____D C:\ProgramData\Packages
2025-01-10 16:43 - 2023-04-21 18:11 - 000000000 ____D C:\Users\Wolfe\AppData\Local\CrashDumps
2025-01-10 04:30 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Overwolf
2025-01-09 13:39 - 2023-04-22 20:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-09 13:39 - 2023-04-22 20:27 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-01-07 00:01 - 2023-04-19 21:37 - 000002325 _____ C:\Users\Wolfe\Desktop\CurseForge.lnk
2025-01-06 20:59 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-06 05:53 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\D3DSCache
2025-01-06 05:51 - 2023-04-19 21:31 - 000003964 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean
2025-01-06 05:50 - 2023-04-19 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2025-01-03 18:09 - 2023-08-06 16:56 - 000002325 _____ C:\Users\Wolfe\Desktop\Warcraft Logs Companion.lnk
2024-12-30 02:25 - 2023-04-19 20:37 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA
2024-12-30 02:07 - 2023-04-19 04:44 - 000000000 ____D C:\Users\Wolfe
2024-12-29 01:32 - 2023-04-19 21:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Steam
2024-12-28 18:07 - 2023-04-22 20:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-21 19:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-19 20:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-12-28 13:51 - 2023-04-21 19:06 - 000000000 ____D C:\Users\Wolfe\Documents\My Games
2024-12-28 13:18 - 2023-05-05 17:56 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-26 14:59 - 2023-04-19 21:37 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-12-21 15:33 - 2023-04-19 04:37 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 15:33 - 2023-04-19 04:37 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-18 04:26 - 2023-05-13 15:57 - 000270888 _____ C:\Windows\system32\FvSDK_x64.dll
2024-12-18 04:26 - 2023-05-13 15:57 - 000245288 _____ C:\Windows\SysWOW64\FvSDK_x86.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2025
Ran by Wolfe (16-01-2025 19:15:52)
Running from C:\Users\Wolfe\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5247 (X64) (2023-04-19 12:41:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-35897006-1549402385-1321927907-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-35897006-1549402385-1321927907-503 - Limited - Disabled)
Guest (S-1-5-21-35897006-1549402385-1321927907-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-35897006-1549402385-1321927907-504 - Limited - Disabled)
Wolfe (S-1-5-21-35897006-1549402385-1321927907-1001 - Administrator - Enabled) => C:\Users\Wolfe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.119 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.89 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{2b787d65-59ec-46d5-9e6b-8b4761e7903c}) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.3 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.2.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{45ece30d-a966-424e-9bce-f740797c5348}) (Version: 1.2.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.4 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{39cdaa93-c446-4421-a337-1e52705dd2f8}) (Version: 1.3.9.4 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.2.1.2 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.00.01 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.29 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.29 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version:  - Blizzard Entertainment)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Cataclysm Classic (HKLM-x32\...\Cataclysm Classic) (Version:  - Blizzard Entertainment)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.0.146 - Corsair)
CurseForge (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.269.1.2113 - Overwolf app)
Diablo IV (HKLM-x32\...\Diablo IV) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Discord) (Version: 1.0.9012 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.265 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel® Network Connections 28.0.0.2 (HKLM\...\{2D8EB790-843E-4825-ABE7-CB1A52F1C5B3}) (Version: 28.0.0.2 - Intel) Hidden
Intel® Network Connections 28.0.0.2 (HKLM\...\PROSetDX) (Version: 28.0.0.2 - Intel)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18429.20044 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.146 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.146 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.244.1204.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-CA) (HKLM\...\Mozilla Firefox 134.0.1 (x64 en-CA)) (Version: 134.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
NVIDIA app 11.0.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.189 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation)
NVIDIA Graphics Driver 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.266.1.26 - Overwolf Ltd.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{31850f16-ce9f-4dec-81ca-222c617a9115}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.2 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{959e5696-0edd-4896-b1d8-54aaa725f770}) (Version: 1.1.0.2 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 11.0.46.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1008.100321 - Razer Inc.)
Reverse1999 (HKLM-x32\...\Reverse1999) (Version: 1.0.1.0 - BLUEPOCH GAMES CO., LIMITED)
Roblox Player for Wolfe (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\roblox-player) (Version:  - Roblox Corporation)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 147.0.10965 - Ubisoft)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.4 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{c8b4688a-f5d4-4236-aec4-df260a88ccc4}) (Version: 1.0.0.4 - PD) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.15 - Voxengo)
Warcraft Logs Companion (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 8.15.14 - Overwolf app)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version:  - Blizzard Entertainment)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.13.0_x64__qmba6cd70vzyy [2024-12-18] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.9.3.0_x64__qmba6cd70vzyy [2024-06-30] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-03-27] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-14] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12001.0_x64__8wekyb3d8bbwe [2025-01-01] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
Spotify - Music and Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0 [2025-01-16] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-35897006-1549402385-1321927907-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Wolfe\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-04-19 21:38 - 2023-02-03 16:10 - 000525312 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000520192 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000483328 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\node-system-fonts\build\Release\system-fonts.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000510464 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-27 13:56 - 000319488 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\sharp\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000786432 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-06-08 09:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2024-06-25 17:43 - 2011-01-15 15:45 - 000319488 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2024-06-25 17:41 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2024-12-05 16:37 - 2024-12-03 12:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2023-04-20 16:48 - 2023-04-20 16:48 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files\Corsair\Corsair iCUE5 Software\clink\SiUSBXp.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 01:14 - 2019-12-07 01:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wolfe\Pictures\Saved Pictures\1132784.png
DNS Servers: 64.59.168.15 - 64.59.150.132
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel® Ethernet Controller I225-V -> e2f.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: RZ608 Wi-Fi 6E 80MHz -> mtkwl6ex.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\StartupApproved\Run: => "Synapse3"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA883DF2-91D9-4561-AA1C-FE7B1B6164F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D653137D-8CAC-4219-B1CF-A0D04582F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1D226292-A15A-41C5-B406-61391860FAAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1931B891-1E76-47D1-9B54-8AE08D81F017}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5C81B250-01C7-405C-BF3C-15CC9D27BA56}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1CFE5603-69BD-4453-8E39-AF0CB7364795}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DF1F6C59-6D9E-4ADE-80F6-9D615258598B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{209E6CDC-7269-44B8-9A0F-0FAA75EA6528}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{5A92544A-63B8-45C0-BC68-FAC4203C6ABA}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{E90BA36B-9269-4DB3-A7D5-1D32EE327AD4}] => (Allow) C:\Users\Wolfe\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{774D426C-26DA-41DE-96DD-D43CE54D81AE}E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [UDP Query User{A41965D4-FB0F-4623-AB06-A3DEE8417817}E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [TCP Query User{0CF257AD-3AC8-4308-A242-EBBC80946D06}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{FE76C8DB-EF0C-432F-8FA1-C933BDC451A2}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{7882F540-0EA1-4145-AFDB-271C17B91054}] => (Allow) C:\Users\Wolfe\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{EB3BFBEC-407B-462F-827B-BBE1559A3062}] => (Allow) C:\Users\Wolfe\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{4AF4067D-59D3-4203-87BF-14B2E1DC218F}] => (Allow) C:\Users\Wolfe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{0C259C52-29B2-447B-8F3E-D802B6225F98}] => (Allow) C:\Users\Wolfe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{8AC34B37-FAEF-4025-A43D-5635AB2DE31F}C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{6D73BE5C-CDE7-43AF-82E8-E95442356227}C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{CDC41BD3-7DB2-4C24-BA5E-4BBED0F66AF7}] => (Allow) D:\SteamLibrary\steamapps\common\The Past Within\The Past Within.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{6695E06B-62E5-41CF-BC95-B07695230B8F}] => (Allow) D:\SteamLibrary\steamapps\common\The Past Within\The Past Within.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{7B79F3BC-DAB1-40E5-B03A-3F812A2181CB}D:\diablo iv - server slam\diablo iv.exe] => (Allow) D:\diablo iv - server slam\diablo iv.exe => No File
FirewallRules: [UDP Query User{035AA948-5ABB-43FB-A02F-F8F60A11D86E}D:\diablo iv - server slam\diablo iv.exe] => (Allow) D:\diablo iv - server slam\diablo iv.exe => No File
FirewallRules: [TCP Query User{37998031-EDA9-4BE6-A363-F8AD712D7758}D:\diablo iv\diablo iv.exe] => (Allow) D:\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{07A2B34C-1689-447B-8098-E948440E9D39}D:\diablo iv\diablo iv.exe] => (Allow) D:\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{5221235E-D912-494D-96ED-F6E71CFD7E1D}] => (Allow) D:\SteamLibrary\steamapps\common\Quarters\fnaf9.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{271A24FB-0434-4777-A7CE-3AB752F1C3C9}] => (Allow) D:\SteamLibrary\steamapps\common\Quarters\fnaf9.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{09B1E3FF-C467-4F5B-82CC-B4391621AE78}] => (Allow) D:\SteamLibrary\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{BE2AA407-AF40-4821-8CF0-47BA5313FCE9}] => (Allow) D:\SteamLibrary\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{4F4A96FA-8B7A-4083-823A-7EC52E049D5F}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D5B941AE-579C-40B8-9CDD-333738F08426}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{E1B5C579-CEDF-40F1-AA09-E1BDB5E8B5EF}] => (Allow) D:\SteamLibrary\steamapps\common\Evil Genius 2\launcher\eg2.exe (Rebellion) [File not signed]
FirewallRules: [{A959EDD2-DF82-4C3E-8749-EE0D5F0C030E}] => (Allow) D:\SteamLibrary\steamapps\common\Evil Genius 2\launcher\eg2.exe (Rebellion) [File not signed]
FirewallRules: [{95335994-FDED-4A04-9B87-74735B73F529}] => (Allow) D:\SteamLibrary\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [File not signed]
FirewallRules: [{400FEDF5-DB94-412F-B715-C022490B4FCE}] => (Allow) D:\SteamLibrary\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [File not signed]
FirewallRules: [{A8998BFB-6B38-4F73-BCA6-0AD37B075B42}] => (Allow) D:\SteamLibrary\steamapps\common\Shadows of Doubt\Shadows of Doubt.exe () [File not signed]
FirewallRules: [{7E6B1ADF-F55B-4EE7-8B9E-E9DF57E7E774}] => (Allow) D:\SteamLibrary\steamapps\common\Shadows of Doubt\Shadows of Doubt.exe () [File not signed]
FirewallRules: [{16DB64DC-474D-4F64-959E-155CFECC01D2}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\I'm on Observation Duty 3.exe () [File not signed]
FirewallRules: [{5776C784-8AD7-44EC-B0CF-22A1FB7043F7}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\I'm on Observation Duty 3.exe () [File not signed]
FirewallRules: [{A05640C3-21F0-4001-A3EC-67B911B4E4C6}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\VR\I'm on Observation Duty 3 VR.exe () [File not signed]
FirewallRules: [{D680E87C-024B-49D0-A192-03FF109D53D2}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\VR\I'm on Observation Duty 3 VR.exe () [File not signed]
FirewallRules: [TCP Query User{407E08F6-05A3-44CD-88B2-1635EC7170AB}C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe] => (Allow) C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe (BLUEPOCH GAMES CO., LIMITED -> )
FirewallRules: [UDP Query User{6C68046C-E080-4DF4-B7D1-5621FE60DC6C}C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe] => (Allow) C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe (BLUEPOCH GAMES CO., LIMITED -> )
FirewallRules: [{F2905DDE-7C96-477B-805E-8A0EA7A08473}] => (Allow) D:\SteamLibrary\steamapps\common\Micro Civilization\Civ.exe () [File not signed]
FirewallRules: [{A25D1D08-2FF5-419C-B55B-B78AE25ADFB2}] => (Allow) D:\SteamLibrary\steamapps\common\Micro Civilization\Civ.exe () [File not signed]
FirewallRules: [{C6070451-CEA9-4490-890A-BD70055558AB}] => (Allow) D:\SteamLibrary\steamapps\common\Scott Pilgrim vs The World\Scott.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{3278A012-75DE-4FCB-B327-8E7EAF3BCC37}] => (Allow) D:\SteamLibrary\steamapps\common\Scott Pilgrim vs The World\Scott.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{08512535-7EBC-4491-B0BD-8D558FC072FD}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{0387D246-361A-454E-BB5F-84571BE7EEF6}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{1144C922-08F8-4220-9B69-304019C7BB07}] => (Allow) D:\SteamLibrary\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1294CD8A-3691-4D1E-B3E8-925827DAACDC}] => (Allow) D:\SteamLibrary\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{89402943-9DB3-4158-9A85-6E42B18804C7}D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{BE4E0628-F774-4F10-B290-36ABD34D3DB6}D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5D203C24-3076-42B5-A21A-3DFEBD75E828}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{8161BB70-8DB1-42C6-8A98-0F53CB226740}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{2E93B374-1519-4212-9C50-6631C6B34A28}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Forbidden West Complete Edition\HorizonForbiddenWest.exe (Sony Interactive Entertainment LLC -> Guerrilla B.V.)
FirewallRules: [{C3D1AB2D-3216-4A8D-9EA9-4406C9F114D0}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Forbidden West Complete Edition\HorizonForbiddenWest.exe (Sony Interactive Entertainment LLC -> Guerrilla B.V.)
FirewallRules: [{3E0E32E5-62B2-4E91-BEA3-20CF35879EC3}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B9EF66FA-80A3-448F-92E7-3E8991C94A0B}] => (Allow) D:\SteamLibrary\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{44FA06B8-1B39-40FD-A7C3-C14FDEEA63BF}] => (Allow) D:\SteamLibrary\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{41BFE508-EF34-4E99-B5BA-B118E09037A8}] => (Allow) D:\SteamLibrary\steamapps\common\The Hauntings Surveillance\Observation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DCEEF7D0-9F01-4DF3-AD04-FBBE84FBDC1B}] => (Allow) D:\SteamLibrary\steamapps\common\The Hauntings Surveillance\Observation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{62B19BB5-0098-45C7-9646-F43371655D83}] => (Allow) E:\SteamLibrary\steamapps\common\WinterBottom\Winterbottom.exe () [File not signed]
FirewallRules: [{5BAB0D5B-071F-45AF-9306-E8F97D93335A}] => (Allow) E:\SteamLibrary\steamapps\common\WinterBottom\Winterbottom.exe () [File not signed]
FirewallRules: [{3437CECE-706C-455B-8028-78FD64378853}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{FF1649F9-F4E1-4D8E-989F-FE8B7DCFEF03}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{95A37DA4-F9F5-4D57-AF1B-63123554517A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{1FDB8E8F-318D-4FFC-B285-63908E355703}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C98DCD3-972A-4CD3-826A-24298DBB7D63}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F567D521-3933-4B8C-A4F7-B8973DC3D358}] => (Allow) D:\SteamLibrary\steamapps\common\TCG Card Shop Simulator\Card Shop Simulator.exe () [File not signed]
FirewallRules: [{DA79E06B-B861-44E2-8C61-C3086A8DF968}] => (Allow) D:\SteamLibrary\steamapps\common\TCG Card Shop Simulator\Card Shop Simulator.exe () [File not signed]
FirewallRules: [{B66FBD8E-6566-46AF-A4AD-0C2B531B77CA}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 6\I'm on Observation Duty 6.exe () [File not signed]
FirewallRules: [{6CAC0AC3-76B1-45E0-8D45-8B1BE53F28D5}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 6\I'm on Observation Duty 6.exe () [File not signed]
FirewallRules: [{25F41A83-CAB1-4FC1-B649-B23F646B3788}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 7\I'm on Observation Duty 7.exe () [File not signed]
FirewallRules: [{E0BE84CD-CC31-4BBC-8C4D-D0BDC574D820}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 7\I'm on Observation Duty 7.exe () [File not signed]
FirewallRules: [{55F1CDF4-6F93-427B-8621-CDA0B39A79A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D549FC1-23E1-4608-AE4C-102F5091616F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7D94706-FEE3-4D91-A4D5-1F958FB227D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A0EBA4D-2A62-4CE9-885E-3388225885DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{003080B9-062C-4F88-AC6F-4513BC63E127}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{83236F6A-93D9-4CB4-9173-33A396554B29}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{ECE8C6A5-C7DF-46CD-8430-A4AEB65C3619}] => (Block) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{B4238B05-ADC9-449B-A993-EFB708BF16CB}] => (Block) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{0574C29F-2AB9-4A1C-8339-141CCA18792A}] => (Allow) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{DAC95FEE-E93B-4007-ACCD-98CD008D714C}] => (Allow) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{FC48F6C8-DA65-4650-B5C2-5DF98C85B0B8}] => (Block) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{9DC5B6D8-40EA-49FE-B808-F7684802147D}] => (Block) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{CEDC96D0-B645-4134-BE10-9017C6BDCA77}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3DF547D9-B6C1-4432-A6F1-0D10EC181DB9}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F80DA829-E540-476E-9FE8-3E5CA6A298EC}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile 2\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{3B980ADB-CF8B-4EA9-8B4B-AEBD151F4C1E}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile 2\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{D4E61573-DB04-493C-A548-BDB48659D34D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B17DD820-B507-4921-AB3E-3342A1FA5A4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9D1EE4FB-3B1B-476B-A088-23314B0A5496}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{75694F26-A20D-4DB7-86B4-D3A4ECA2049E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AC29A348-D3DD-473D-95E6-7435F1C48688}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8DFFCB98-C2C7-487B-B220-667075FD4AF0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7F00682-7CC7-404F-BB5F-FE0756F91FCC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9DBAFCE8-BAC1-4AC4-856C-88E2BDAC43C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6A00E994-7403-4B98-B1F2-2B78DC9C72BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1A7D2983-686D-4074-9876-D5FC5A4A4B09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FEEFACAA-F778-45FF-8C57-69A29E5C2B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BEA7B195-E9CB-42DA-B062-F590AD85B8F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

05-01-2025 05:00:13 Scheduled Checkpoint
14-01-2025 05:15:48 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/16/2025 05:33:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress..

Error: (01/16/2025 05:33:03 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]

Error: (01/15/2025 06:48:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid..

Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (01/15/2025 06:46:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid..

Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (01/10/2025 04:43:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.39.3323.1171, time stamp: 0x64e85748
Faulting module name: nvapi64.dll, version: 32.0.15.6636, time stamp: 0x674f5d87
Exception code: 0xc0000005
Fault offset: 0x000000000004e6b3
Faulting process id: 0xb6a0
Faulting application start time: 0x01db5f71f8b68d35
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: C:\Windows\SYSTEM32\nvapi64.dll
Report Id: 643ce7c8-5c68-4f4f-80c7-06a788fbd755
Faulting package full name:
Faulting package-relative application ID:

Error: (01/10/2025 05:41:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/06/2025 08:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcontainer.exe, version: 1.41.3380.9912, time stamp: 0x65b2727a
Faulting module name: nvapi64.dll, version: 32.0.15.6636, time stamp: 0x674f5d87
Exception code: 0xc0000005
Fault offset: 0x000000000004e6b3
Faulting process id: 0x2070
Faulting application start time: 0x01db5d39a307dca5
Faulting application path: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Faulting module path: C:\Windows\SYSTEM32\nvapi64.dll
Report Id: 6b2ffbc9-2428-410d-9c46-f32a0d77759c
Faulting package full name:
Faulting package-relative application ID:

Error: (01/06/2025 05:47:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Razer Synapse Service Process.exe, version: 1.0.0.0, time stamp: 0x66fe5ce6
Faulting module name: KERNELBASE.dll, version: 10.0.19041.5247, time stamp: 0xf6de4130
Exception code: 0xe0434352
Fault offset: 0x00140f62
Faulting process id: 0x3aa8
Faulting application start time: 0x01db5d3a061a5fe6
Faulting application path: C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: f751c8cf-663c-4a48-9647-eedfc6e8c755
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (01/16/2025 06:17:12 PM) (Source: DCOM) (EventID: 10010) (User: WOLFE-PC)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.

Error: (01/16/2025 06:13:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/16/2025 06:12:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.

Error: (01/16/2025 06:12:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/16/2025 06:12:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.

Error: (01/16/2025 06:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/16/2025 06:07:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.

Error: (01/16/2025 06:06:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.


Windows Defender:
================
Date: 2025-01-16 19:06:27
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\Wolfe\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1388.0, AS: 1.421.1388.0, NIS: 1.421.1388.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2025-01-16 19:06:22
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\Wolfe\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1388.0, AS: 1.421.1388.0, NIS: 1.421.1388.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2025-01-16 19:06:10
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\Wolfe\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1388.0, AS: 1.421.1388.0, NIS: 1.421.1388.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2025-01-16 19:05:34
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\Wolfe\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Mozilla Firefox\firefox.exe
Security intelligence Version: AV: 1.421.1388.0, AS: 1.421.1388.0, NIS: 1.421.1388.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2025-01-16 19:05:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...82&enterprise=0
Name: Ransom:MSIL/Gorf
Severity: Severe
Category: Ransomware
Path: file:_C:\Users\Wolfe\Downloads\FRST.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Mozilla Firefox\firefox.exe
Security intelligence Version: AV: 1.421.1388.0, AS: 1.421.1388.0, NIS: 1.421.1388.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Event[0]:

Date: 2024-10-08 17:59:02
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.419.396.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2024-10-08 17:59:02
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.419.396.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2024-10-08 17:38:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.419.412.0
Previous security intelligence Version: 1.419.396.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.24080.9
Previous Engine Version: 1.1.24080.9
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2024-10-08 17:38:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.419.412.0
Previous security intelligence Version: 1.419.396.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.24080.9
Previous Engine Version: 1.1.24080.9
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2024-10-03 18:34:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.419.338.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2025-01-16 05:58:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-16 05:58:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-16 05:58:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-02 09:19:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-02 09:19:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-02 09:19:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-12-18 17:19:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9174\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.263.0.11\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2024-12-18 17:19:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9174\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.263.0.11\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2024-12-18 17:19:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9174\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2604 02/25/2022
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING WIFI II
Processor: AMD Ryzen 7 5800X 8-Core Processor
Percentage of memory in use: 32%
Total physical RAM: 32654.41 MB
Available physical RAM: 22081.83 MB
Total Virtual: 57230.41 MB
Available Virtual: 44391.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:3725.39 GB) (Free:3522.28 GB) (Model: ST4000DM004-2U9104) NTFS
Drive d: (SSD) (Fixed) (Total:931.5 GB) (Free:61.64 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS
Drive e: (Elements SE) (Fixed) (Total:3725.99 GB) (Free:3331.19 GB) (Model: WD Elements SE 2623 USB Device) NTFS

\\?\Volume{e7e96fb9-6a4c-4786-8dad-db66cd25c636}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{ea32604d-50a1-4c09-af34-01b203a00ec2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================


Edited by DSWolfe, 16 January 2025 - 09:27 PM.

  • 0

Advertisements

#2
RKinner
Posted 17 January 2025 - 04:57 AM

RKinner

    Malware Expert

  • Expert
  • 24,731 posts
  • MVP

This may be the source of your delay:

 

The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

 

If it doesn't start in 30 seconds it will wait 2 minutes and try again 2 times before it gives up so I can see a delay of almost 5 minutes  from this service alone.

 

This is Windows system service  so let's run dism and sfc and see if that helps

 

Download the attached fixlist

 

Attached File  fixlist.txt   414bytes   32 downloads

 

to the same folder where FRST64 lives then bring up FRST (remember to right click and Run as Admin) then press Fix (not Scan(.

 

This normally takes about 35 minutes but may time out in an hour if something slows it down so be patient.  System will reboot when finished and you will get one file.  Please post.

 

Rerun a FRST scan and post both logs.  Does it boot any faster?

 

I also see a problem with the Nvidia driver but that may be because it needs the Windows service so let's wait until after the fix runs to worry about it.

 

Reply notifications are no longer working on this forum for me so I will try to remember to check back in every few hours but you can try sending me a message once you post.  Perhaps that still works.  Click on my name then Send me a message and tell me you have replied.

 


  • 0

#3
DSWolfe
Posted 17 January 2025 - 08:07 PM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Sorry this took so long. I tried to run the fix before work but it wasn't finished and it was a long day.  The fix finished and upon restart windows had to do a quick up.  I did a second reboot and it was faster but still clocked around 5 mins.I was guessing you might want to see a new scan so I went to try it out but FRST just closes as soon as I scan.  I was running it as admin so I'm not sure what is up now.


  • 0

#4
RKinner
Posted 19 January 2025 - 07:26 AM

RKinner

    Malware Expert

  • Expert
  • 24,731 posts
  • MVP

I think your antivirus is killing FRST.  Try turning it off.  Looks like you just have Windows Defender so Search for

App & browser control and hit Enter.  Turn all four options Off and then try FRST again.

 

Do you have the fixlog?  I want to make sure it didn't find any problems or if it did that it fixed them.

 

 

 


  • 0

#5
DSWolfe
Posted 19 January 2025 - 07:46 PM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Here is the fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-01-2025
Ran by Wolfe (17-01-2025 05:37:09) Run:1
Running from C:\FRST
Loaded Profiles: Wolfe
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.3636

Image Version: 10.0.19045.5247


[==                         3.8%                           ]

[==                         3.9%                           ]

[==                         4.1%                           ]

[==                         4.2%                           ]

[==                         4.4%                           ]

[==                         4.5%                           ]

[==                         4.7%                           ]

[==                         5.0%                           ]

[===                        5.4%                           ]

[===                        5.7%                           ]

[===                        6.3%                           ]

[===                        6.7%                           ]

[====                       7.0%                           ]

[====                       7.2%                           ]

[====                       7.5%                           ]

[====                       7.5%                           ]

[====                       7.6%                           ]

[====                       7.8%                           ]

[====                       8.1%                           ]

[====                       8.3%                           ]

[====                       8.6%                           ]

[=====                      9.1%                           ]

[=====                      9.4%                           ]

[=====                      9.7%                           ]

[=====                      10.0%                          ]

[=====                      10.2%                          ]

[======                     10.7%                          ]

[======                     11.1%                          ]

[======                     11.3%                          ]

[======                     11.9%                          ]

[=======                    12.4%                          ]

[=======                    12.4%                          ]

[=======                    12.7%                          ]

[=======                    12.8%                          ]

[=======                    13.1%                          ]

[=======                    13.4%                          ]

[=======                    13.7%                          ]

[========                   14.0%                          ]

[========                   14.3%                          ]

[========                   14.6%                          ]

[========                   15.0%                          ]

[=========                  15.6%                          ]

[=========                  16.1%                          ]

[=========                  16.3%                          ]

[=========                  16.8%                          ]

[=========                  17.0%                          ]

[==========                 17.4%                          ]

[==========                 17.6%                          ]

[==========                 17.7%                          ]

[==========                 18.0%                          ]

[==========                 18.1%                          ]

[==========                 18.6%                          ]

[===========                19.2%                          ]

[===========                19.5%                          ]

[===========                19.9%                          ]

[===========                20.3%                          ]

[===========                20.6%                          ]

[============               21.1%                          ]

[============               21.6%                          ]

[============               22.0%                          ]

[============               22.0%                          ]

[============               22.0%                          ]

[============               22.0%                          ]

[============               22.0%                          ]

[============               22.1%                          ]

[============               22.2%                          ]

[============               22.2%                          ]

[============               22.2%                          ]

[============               22.2%                          ]

[============               22.3%                          ]

[============               22.3%                          ]

[============               22.3%                          ]

[============               22.3%                          ]

[============               22.3%                          ]

[=============              22.5%                          ]

[=============              22.5%                          ]

[=============              22.6%                          ]

[=============              22.6%                          ]

[=============              22.7%                          ]

[=============              23.0%                          ]

[=============              23.2%                          ]

[=============              23.4%                          ]

[=============              23.8%                          ]

[==============             24.8%                          ]

[==============             25.8%                          ]

[===============            26.6%                          ]

[===============            27.0%                          ]

[===============            27.2%                          ]

[===============            27.5%                          ]

[================           28.0%                          ]

[================           28.6%                          ]

[=================          29.4%                          ]

[=================          30.2%                          ]

[=================          30.7%                          ]

[=================          31.0%                          ]

[==================         31.5%                          ]

[==================         31.6%                          ]

[==================         31.9%                          ]

[==================         32.2%                          ]

[==================         32.6%                          ]

[==================         32.8%                          ]

[===================        32.9%                          ]

[===================        32.9%                          ]

[===================        33.0%                          ]

[===================        33.1%                          ]

[===================        33.4%                          ]

[===================        33.8%                          ]

[===================        34.2%                          ]

[====================       34.6%                          ]

[====================       34.9%                          ]

[====================       35.2%                          ]

[====================       35.5%                          ]

[====================       35.8%                          ]

[====================       36.0%                          ]

[=====================      36.3%                          ]

[=====================      36.8%                          ]

[=====================      37.3%                          ]

[=====================      37.4%                          ]

[=====================      37.5%                          ]

[=====================      37.8%                          ]

[=====================      37.8%                          ]

[=====================      37.9%                          ]

[======================     38.0%                          ]

[======================     38.1%                          ]

[======================     38.3%                          ]

[======================     38.6%                          ]

[======================     39.0%                          ]

[======================     39.2%                          ]

[======================     39.5%                          ]

[=======================    40.0%                          ]

[=======================    40.2%                          ]

[=======================    40.5%                          ]

[=======================    40.6%                          ]

[=======================    40.8%                          ]

[=======================    40.8%                          ]

[=======================    41.0%                          ]

[=======================    41.4%                          ]

[========================   41.5%                          ]

[========================   41.8%                          ]

[========================   42.0%                          ]

[========================   42.1%                          ]

[========================   42.3%                          ]

[========================   42.3%                          ]

[========================   42.4%                          ]

[========================   42.6%                          ]

[========================   42.6%                          ]

[========================   43.1%                          ]

[=========================  43.5%                          ]

[=========================  43.6%                          ]

[=========================  43.6%                          ]

[=========================  43.8%                          ]

[=========================  43.8%                          ]

[=========================  44.0%                          ]

[=========================  44.3%                          ]

[=========================  44.3%                          ]

[=========================  44.6%                          ]

[=========================  44.7%                          ]

[=========================  44.8%                          ]

[=========================  44.8%                          ]

[========================== 44.8%                          ]

[========================== 45.2%                          ]

[========================== 45.4%                          ]

[========================== 45.4%                          ]

[========================== 45.5%                          ]

[========================== 45.7%                          ]

[========================== 45.8%                          ]

[========================== 46.0%                          ]

[========================== 46.1%                          ]

[========================== 46.3%                          ]

[========================== 46.3%                          ]

[========================== 46.3%                          ]

[========================== 46.5%                          ]

[===========================46.6%                          ]

[===========================46.6%                          ]

[===========================46.7%                          ]

[===========================46.8%                          ]

[===========================46.9%                          ]

[===========================47.0%                          ]

[===========================47.2%                          ]

[===========================47.3%                          ]

[===========================47.4%                          ]

[===========================47.5%                          ]

[===========================47.5%                          ]

[===========================47.5%                          ]

[===========================47.6%                          ]

[===========================47.7%                          ]

[===========================47.8%                          ]

[===========================47.9%                          ]

[===========================48.0%                          ]

[===========================48.0%                          ]

[===========================48.0%                          ]

[===========================48.2%                          ]

[===========================48.3%                          ]

[===========================48.4%                          ]

[===========================48.5%                          ]

[===========================48.8%                          ]

[===========================48.8%                          ]

[===========================48.9%                          ]

[===========================49.0%                          ]

[===========================49.0%                          ]

[===========================49.1%                          ]

[===========================49.1%                          ]

[===========================49.3%                          ]

[===========================49.4%                          ]

[===========================49.4%                          ]

[===========================49.4%                          ]

[===========================49.5%                          ]

[===========================49.5%                          ]

[===========================49.6%                          ]

[===========================49.6%                          ]

[===========================49.7%                          ]

[===========================49.7%                          ]

[===========================49.7%                          ]

[===========================49.8%                          ]

[===========================49.8%                          ]

[===========================49.9%                          ]

[===========================49.9%                          ]

[===========================50.0%                          ]

[===========================50.0%                          ]

[===========================50.3%                          ]

[===========================50.3%                          ]

[===========================50.3%                          ]

[===========================50.4%                          ]

[===========================50.4%                          ]

[===========================50.9%                          ]

[===========================51.3%                          ]

[===========================51.5%                          ]

[===========================51.6%                          ]

[===========================51.9%                          ]

[===========================52.2%                          ]

[===========================52.5%                          ]

[===========================53.1%                          ]

[===========================53.7%                          ]

[===========================54.7%                          ]

[===========================55.2%                          ]

[===========================55.5%                          ]

[===========================55.7%                          ]

[===========================55.8%                          ]

[===========================55.9%                          ]

[===========================56.1%                          ]

[===========================56.1%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.3%                          ]

[===========================56.3%                          ]

[===========================56.3%                          ]

[===========================56.3%                          ]

[===========================56.4%                          ]

[===========================56.4%                          ]

[===========================56.4%                          ]

[===========================56.4%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.6%                          ]

[===========================56.6%                          ]

[===========================56.6%                          ]

[===========================56.7%                          ]

[===========================56.7%                          ]

[===========================56.7%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.9%=                         ]

[===========================56.9%=                         ]

[===========================56.9%=                         ]

[===========================57.0%=                         ]

[===========================57.0%=                         ]

[===========================57.0%=                         ]

[===========================57.0%=                         ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.2%=                         ]

[===========================57.2%=                         ]

[===========================57.3%=                         ]

[===========================57.3%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.5%=                         ]

[===========================57.5%=                         ]

[===========================57.5%=                         ]

[===========================57.5%=                         ]

[===========================57.7%=                         ]

[===========================57.7%=                         ]

[===========================57.7%=                         ]

[===========================57.7%=                         ]

[===========================58.0%=                         ]

[===========================58.0%=                         ]

[===========================58.1%=                         ]

[===========================58.2%=                         ]

[===========================58.6%=                         ]

[===========================59.5%==                        ]

[===========================59.7%==                        ]

[===========================60.1%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[===========================92.5%=====================     ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.


========= End of CMD: =========


========= SFC /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.



========= End of CMD: =========


========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========

2025-01-17 06:03:52, Info                  CSI    0000002b [SR] Verifying 100 components
2025-01-17 06:03:52, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:52, Info                  CSI    0000002d [SR] Verify complete
2025-01-17 06:03:52, Info                  CSI    0000002e [SR] Verifying 100 components
2025-01-17 06:03:52, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:52, Info                  CSI    00000030 [SR] Verify complete
2025-01-17 06:03:52, Info                  CSI    00000031 [SR] Verifying 100 components
2025-01-17 06:03:52, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:52, Info                  CSI    00000033 [SR] Verify complete
2025-01-17 06:03:52, Info                  CSI    00000034 [SR] Verifying 100 components
2025-01-17 06:03:52, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:52, Info                  CSI    00000036 [SR] Verify complete
2025-01-17 06:03:52, Info                  CSI    00000037 [SR] Verifying 100 components
2025-01-17 06:03:52, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:52, Info                  CSI    00000039 [SR] Verify complete
2025-01-17 06:03:52, Info                  CSI    0000003a [SR] Verifying 100 components
2025-01-17 06:03:52, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:52, Info                  CSI    0000003c [SR] Verify complete
2025-01-17 06:03:53, Info                  CSI    0000003d [SR] Verifying 100 components
2025-01-17 06:03:53, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:53, Info                  CSI    0000003f [SR] Verify complete
2025-01-17 06:03:53, Info                  CSI    00000040 [SR] Verifying 100 components
2025-01-17 06:03:53, Info                  CSI    00000041 [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:53, Info                  CSI    00000042 [SR] Verify complete
2025-01-17 06:03:53, Info                  CSI    00000043 [SR] Verifying 100 components
2025-01-17 06:03:53, Info                  CSI    00000044 [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:53, Info                  CSI    00000045 [SR] Verify complete
2025-01-17 06:03:53, Info                  CSI    00000046 [SR] Verifying 100 components
2025-01-17 06:03:53, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:54, Info                  CSI    00000048 [SR] Verify complete
2025-01-17 06:03:54, Info                  CSI    00000049 [SR] Verifying 100 components
2025-01-17 06:03:54, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2025-01-17 06:03:57, Info                  CSI    0000004b [SR] Verify complete
2025-01-17 06:03:57, Info                  CSI    0000004c [SR] Verifying 100 components
2025-01-17 06:03:57, Info                  CSI    0000004d [SR] Beginning Verify and Repair transaction
2025-01-17 06:04:06, Info                  CSI    0000004e [SR] Verify complete
2025-01-17 06:04:06, Info                  CSI    0000004f [SR] Verifying 100 components
2025-01-17 06:04:06, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2025-01-17 06:04:12, Info                  CSI    00000051 [SR] Verify complete
2025-01-17 06:04:12, Info                  CSI    00000052 [SR] Verifying 100 components
2025-01-17 06:04:12, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2025-01-17 06:04:17, Info                  CSI    00000054 [SR] Verify complete
2025-01-17 06:04:17, Info                  CSI    00000055 [SR] Verifying 100 components
2025-01-17 06:04:17, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2025-01-17 06:04:57, Info                  CSI    00000057 [SR] Verify complete
2025-01-17 06:04:57, Info                  CSI    00000058 [SR] Verifying 100 components
2025-01-17 06:04:57, Info                  CSI    00000059 [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:20, Info                  CSI    0000005a [SR] Verify complete
2025-01-17 06:05:20, Info                  CSI    0000005b [SR] Verifying 100 components
2025-01-17 06:05:20, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:28, Info                  CSI    0000005d [SR] Verify complete
2025-01-17 06:05:28, Info                  CSI    0000005e [SR] Verifying 100 components
2025-01-17 06:05:28, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:30, Info                  CSI    00000060 [SR] Verify complete
2025-01-17 06:05:30, Info                  CSI    00000061 [SR] Verifying 100 components
2025-01-17 06:05:30, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:32, Info                  CSI    00000063 [SR] Verify complete
2025-01-17 06:05:32, Info                  CSI    00000064 [SR] Verifying 100 components
2025-01-17 06:05:32, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:36, Info                  CSI    00000066 [SR] Verify complete
2025-01-17 06:05:36, Info                  CSI    00000067 [SR] Verifying 100 components
2025-01-17 06:05:36, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:39, Info                  CSI    0000006a [SR] Verify complete
2025-01-17 06:05:39, Info                  CSI    0000006b [SR] Verifying 100 components
2025-01-17 06:05:39, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:43, Info                  CSI    0000006e [SR] Verify complete
2025-01-17 06:05:43, Info                  CSI    0000006f [SR] Verifying 100 components
2025-01-17 06:05:43, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:45, Info                  CSI    00000071 [SR] Verify complete
2025-01-17 06:05:45, Info                  CSI    00000072 [SR] Verifying 100 components
2025-01-17 06:05:45, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2025-01-17 06:05:53, Info                  CSI    00000074 [SR] Verify complete
2025-01-17 06:05:53, Info                  CSI    00000075 [SR] Verifying 100 components
2025-01-17 06:05:53, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:03, Info                  CSI    00000078 [SR] Verify complete
2025-01-17 06:06:03, Info                  CSI    00000079 [SR] Verifying 100 components
2025-01-17 06:06:03, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:11, Info                  CSI    0000007c [SR] Verify complete
2025-01-17 06:06:11, Info                  CSI    0000007d [SR] Verifying 100 components
2025-01-17 06:06:11, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:13, Info                  CSI    0000007f [SR] Verify complete
2025-01-17 06:06:13, Info                  CSI    00000080 [SR] Verifying 100 components
2025-01-17 06:06:13, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:18, Info                  CSI    00000082 [SR] Verify complete
2025-01-17 06:06:18, Info                  CSI    00000083 [SR] Verifying 100 components
2025-01-17 06:06:18, Info                  CSI    00000084 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:26, Info                  CSI    00000086 [SR] Verify complete
2025-01-17 06:06:26, Info                  CSI    00000087 [SR] Verifying 100 components
2025-01-17 06:06:26, Info                  CSI    00000088 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:27, Info                  CSI    00000089 [SR] Verify complete
2025-01-17 06:06:27, Info                  CSI    0000008a [SR] Verifying 100 components
2025-01-17 06:06:27, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:32, Info                  CSI    0000008d [SR] Verify complete
2025-01-17 06:06:32, Info                  CSI    0000008e [SR] Verifying 100 components
2025-01-17 06:06:32, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:34, Info                  CSI    00000090 [SR] Verify complete
2025-01-17 06:06:34, Info                  CSI    00000091 [SR] Verifying 100 components
2025-01-17 06:06:34, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:40, Info                  CSI    00000094 [SR] Verify complete
2025-01-17 06:06:40, Info                  CSI    00000095 [SR] Verifying 100 components
2025-01-17 06:06:40, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:42, Info                  CSI    00000097 [SR] Verify complete
2025-01-17 06:06:42, Info                  CSI    00000098 [SR] Verifying 100 components
2025-01-17 06:06:42, Info                  CSI    00000099 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:46, Info                  CSI    0000009b [SR] Verify complete
2025-01-17 06:06:46, Info                  CSI    0000009c [SR] Verifying 100 components
2025-01-17 06:06:46, Info                  CSI    0000009d [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:47, Info                  CSI    0000009e [SR] Verify complete
2025-01-17 06:06:47, Info                  CSI    0000009f [SR] Verifying 100 components
2025-01-17 06:06:47, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:48, Info                  CSI    000000a1 [SR] Verify complete
2025-01-17 06:06:48, Info                  CSI    000000a2 [SR] Verifying 100 components
2025-01-17 06:06:48, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:53, Info                  CSI    000000a4 [SR] Verify complete
2025-01-17 06:06:53, Info                  CSI    000000a5 [SR] Verifying 100 components
2025-01-17 06:06:53, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2025-01-17 06:06:54, Info                  CSI    000000a7 [SR] Verify complete
2025-01-17 06:06:54, Info                  CSI    000000a8 [SR] Verifying 100 components
2025-01-17 06:06:54, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:00, Info                  CSI    000000aa [SR] Verify complete
2025-01-17 06:07:00, Info                  CSI    000000ab [SR] Verifying 100 components
2025-01-17 06:07:00, Info                  CSI    000000ac [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:07, Info                  CSI    000000ad [SR] Verify complete
2025-01-17 06:07:07, Info                  CSI    000000ae [SR] Verifying 100 components
2025-01-17 06:07:07, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:16, Info                  CSI    000000b0 [SR] Verify complete
2025-01-17 06:07:16, Info                  CSI    000000b1 [SR] Verifying 100 components
2025-01-17 06:07:16, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:23, Info                  CSI    000000b3 [SR] Verify complete
2025-01-17 06:07:23, Info                  CSI    000000b4 [SR] Verifying 100 components
2025-01-17 06:07:23, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:30, Info                  CSI    000000b9 [SR] Verify complete
2025-01-17 06:07:30, Info                  CSI    000000ba [SR] Verifying 100 components
2025-01-17 06:07:30, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:35, Info                  CSI    000000bc [SR] Verify complete
2025-01-17 06:07:36, Info                  CSI    000000bd [SR] Verifying 100 components
2025-01-17 06:07:36, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:40, Info                  CSI    000000bf [SR] Verify complete
2025-01-17 06:07:40, Info                  CSI    000000c0 [SR] Verifying 100 components
2025-01-17 06:07:40, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:43, Info                  CSI    000000c2 [SR] Verify complete
2025-01-17 06:07:43, Info                  CSI    000000c3 [SR] Verifying 100 components
2025-01-17 06:07:43, Info                  CSI    000000c4 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:49, Info                  CSI    000000c5 [SR] Verify complete
2025-01-17 06:07:49, Info                  CSI    000000c6 [SR] Verifying 100 components
2025-01-17 06:07:49, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:52, Info                  CSI    000000c8 [SR] Verify complete
2025-01-17 06:07:52, Info                  CSI    000000c9 [SR] Verifying 100 components
2025-01-17 06:07:52, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:53, Info                  CSI    000000cb [SR] Verify complete
2025-01-17 06:07:54, Info                  CSI    000000cc [SR] Verifying 100 components
2025-01-17 06:07:54, Info                  CSI    000000cd [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:55, Info                  CSI    000000ce [SR] Verify complete
2025-01-17 06:07:55, Info                  CSI    000000cf [SR] Verifying 100 components
2025-01-17 06:07:55, Info                  CSI    000000d0 [SR] Beginning Verify and Repair transaction
2025-01-17 06:07:58, Info                  CSI    000000d1 [SR] Verify complete
2025-01-17 06:07:58, Info                  CSI    000000d2 [SR] Verifying 100 components
2025-01-17 06:07:58, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:01, Info                  CSI    000000d4 [SR] Verify complete
2025-01-17 06:08:01, Info                  CSI    000000d5 [SR] Verifying 100 components
2025-01-17 06:08:01, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:03, Info                  CSI    000000d7 [SR] Verify complete
2025-01-17 06:08:03, Info                  CSI    000000d8 [SR] Verifying 100 components
2025-01-17 06:08:03, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:05, Info                  CSI    000000da [SR] Verify complete
2025-01-17 06:08:05, Info                  CSI    000000db [SR] Verifying 100 components
2025-01-17 06:08:05, Info                  CSI    000000dc [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:07, Info                  CSI    000000dd [SR] Verify complete
2025-01-17 06:08:07, Info                  CSI    000000de [SR] Verifying 100 components
2025-01-17 06:08:07, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:09, Info                  CSI    000000e0 [SR] Verify complete
2025-01-17 06:08:09, Info                  CSI    000000e1 [SR] Verifying 100 components
2025-01-17 06:08:09, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:15, Info                  CSI    000000e4 [SR] Verify complete
2025-01-17 06:08:15, Info                  CSI    000000e5 [SR] Verifying 100 components
2025-01-17 06:08:15, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:17, Info                  CSI    000000e7 [SR] Verify complete
2025-01-17 06:08:17, Info                  CSI    000000e8 [SR] Verifying 100 components
2025-01-17 06:08:17, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:20, Info                  CSI    000000ea [SR] Verify complete
2025-01-17 06:08:20, Info                  CSI    000000eb [SR] Verifying 100 components
2025-01-17 06:08:20, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:22, Info                  CSI    000000ed [SR] Verify complete
2025-01-17 06:08:22, Info                  CSI    000000ee [SR] Verifying 100 components
2025-01-17 06:08:22, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:24, Info                  CSI    000000f0 [SR] Verify complete
2025-01-17 06:08:24, Info                  CSI    000000f1 [SR] Verifying 100 components
2025-01-17 06:08:24, Info                  CSI    000000f2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:26, Info                  CSI    000000f3 [SR] Verify complete
2025-01-17 06:08:26, Info                  CSI    000000f4 [SR] Verifying 100 components
2025-01-17 06:08:26, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:29, Info                  CSI    000000f6 [SR] Verify complete
2025-01-17 06:08:29, Info                  CSI    000000f7 [SR] Verifying 100 components
2025-01-17 06:08:29, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:32, Info                  CSI    000000f9 [SR] Verify complete
2025-01-17 06:08:32, Info                  CSI    000000fa [SR] Verifying 100 components
2025-01-17 06:08:32, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:34, Info                  CSI    000000fc [SR] Verify complete
2025-01-17 06:08:34, Info                  CSI    000000fd [SR] Verifying 100 components
2025-01-17 06:08:34, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:36, Info                  CSI    000000ff [SR] Verify complete
2025-01-17 06:08:36, Info                  CSI    00000100 [SR] Verifying 100 components
2025-01-17 06:08:36, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:38, Info                  CSI    00000102 [SR] Verify complete
2025-01-17 06:08:38, Info                  CSI    00000103 [SR] Verifying 100 components
2025-01-17 06:08:38, Info                  CSI    00000104 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:41, Info                  CSI    00000105 [SR] Verify complete
2025-01-17 06:08:41, Info                  CSI    00000106 [SR] Verifying 100 components
2025-01-17 06:08:41, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:44, Info                  CSI    00000108 [SR] Verify complete
2025-01-17 06:08:44, Info                  CSI    00000109 [SR] Verifying 100 components
2025-01-17 06:08:44, Info                  CSI    0000010a [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:46, Info                  CSI    0000010b [SR] Verify complete
2025-01-17 06:08:46, Info                  CSI    0000010c [SR] Verifying 100 components
2025-01-17 06:08:46, Info                  CSI    0000010d [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:48, Info                  CSI    0000010e [SR] Verify complete
2025-01-17 06:08:48, Info                  CSI    0000010f [SR] Verifying 100 components
2025-01-17 06:08:48, Info                  CSI    00000110 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:51, Info                  CSI    00000111 [SR] Verify complete
2025-01-17 06:08:51, Info                  CSI    00000112 [SR] Verifying 100 components
2025-01-17 06:08:51, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:53, Info                  CSI    00000114 [SR] Verify complete
2025-01-17 06:08:53, Info                  CSI    00000115 [SR] Verifying 100 components
2025-01-17 06:08:53, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:56, Info                  CSI    00000117 [SR] Verify complete
2025-01-17 06:08:56, Info                  CSI    00000118 [SR] Verifying 100 components
2025-01-17 06:08:56, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2025-01-17 06:08:59, Info                  CSI    0000011a [SR] Verify complete
2025-01-17 06:08:59, Info                  CSI    0000011b [SR] Verifying 100 components
2025-01-17 06:08:59, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:02, Info                  CSI    0000011d [SR] Verify complete
2025-01-17 06:09:02, Info                  CSI    0000011e [SR] Verifying 100 components
2025-01-17 06:09:02, Info                  CSI    0000011f [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:04, Info                  CSI    00000120 [SR] Verify complete
2025-01-17 06:09:04, Info                  CSI    00000121 [SR] Verifying 100 components
2025-01-17 06:09:04, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:07, Info                  CSI    00000123 [SR] Verify complete
2025-01-17 06:09:07, Info                  CSI    00000124 [SR] Verifying 100 components
2025-01-17 06:09:07, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:10, Info                  CSI    00000126 [SR] Verify complete
2025-01-17 06:09:10, Info                  CSI    00000127 [SR] Verifying 100 components
2025-01-17 06:09:10, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:14, Info                  CSI    00000129 [SR] Verify complete
2025-01-17 06:09:14, Info                  CSI    0000012a [SR] Verifying 100 components
2025-01-17 06:09:14, Info                  CSI    0000012b [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:18, Info                  CSI    0000012f [SR] Verify complete
2025-01-17 06:09:18, Info                  CSI    00000130 [SR] Verifying 100 components
2025-01-17 06:09:18, Info                  CSI    00000131 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:22, Info                  CSI    00000132 [SR] Verify complete
2025-01-17 06:09:22, Info                  CSI    00000133 [SR] Verifying 100 components
2025-01-17 06:09:22, Info                  CSI    00000134 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:24, Info                  CSI    00000135 [SR] Verify complete
2025-01-17 06:09:24, Info                  CSI    00000136 [SR] Verifying 100 components
2025-01-17 06:09:24, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:26, Info                  CSI    00000138 [SR] Verify complete
2025-01-17 06:09:27, Info                  CSI    00000139 [SR] Verifying 100 components
2025-01-17 06:09:27, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:31, Info                  CSI    0000013b [SR] Verify complete
2025-01-17 06:09:31, Info                  CSI    0000013c [SR] Verifying 100 components
2025-01-17 06:09:31, Info                  CSI    0000013d [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:34, Info                  CSI    0000013e [SR] Verify complete
2025-01-17 06:09:34, Info                  CSI    0000013f [SR] Verifying 100 components
2025-01-17 06:09:34, Info                  CSI    00000140 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:43, Info                  CSI    00000142 [SR] Verify complete
2025-01-17 06:09:43, Info                  CSI    00000143 [SR] Verifying 100 components
2025-01-17 06:09:43, Info                  CSI    00000144 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:47, Info                  CSI    00000145 [SR] Verify complete
2025-01-17 06:09:47, Info                  CSI    00000146 [SR] Verifying 100 components
2025-01-17 06:09:47, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:52, Info                  CSI    00000149 [SR] Verify complete
2025-01-17 06:09:52, Info                  CSI    0000014a [SR] Verifying 100 components
2025-01-17 06:09:52, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:54, Info                  CSI    0000014c [SR] Verify complete
2025-01-17 06:09:54, Info                  CSI    0000014d [SR] Verifying 100 components
2025-01-17 06:09:54, Info                  CSI    0000014e [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:56, Info                  CSI    0000014f [SR] Verify complete
2025-01-17 06:09:56, Info                  CSI    00000150 [SR] Verifying 100 components
2025-01-17 06:09:56, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2025-01-17 06:09:58, Info                  CSI    00000152 [SR] Verify complete
2025-01-17 06:09:58, Info                  CSI    00000153 [SR] Verifying 100 components
2025-01-17 06:09:58, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:00, Info                  CSI    00000155 [SR] Verify complete
2025-01-17 06:10:00, Info                  CSI    00000156 [SR] Verifying 100 components
2025-01-17 06:10:00, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:02, Info                  CSI    00000158 [SR] Verify complete
2025-01-17 06:10:02, Info                  CSI    00000159 [SR] Verifying 100 components
2025-01-17 06:10:02, Info                  CSI    0000015a [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:05, Info                  CSI    0000015b [SR] Verify complete
2025-01-17 06:10:06, Info                  CSI    0000015c [SR] Verifying 100 components
2025-01-17 06:10:06, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:09, Info                  CSI    0000015e [SR] Verify complete
2025-01-17 06:10:09, Info                  CSI    0000015f [SR] Verifying 100 components
2025-01-17 06:10:09, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:10, Info                  CSI    00000161 [SR] Verify complete
2025-01-17 06:10:10, Info                  CSI    00000162 [SR] Verifying 100 components
2025-01-17 06:10:10, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:12, Info                  CSI    00000164 [SR] Verify complete
2025-01-17 06:10:12, Info                  CSI    00000165 [SR] Verifying 100 components
2025-01-17 06:10:12, Info                  CSI    00000166 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:13, Info                  CSI    00000167 [SR] Verify complete
2025-01-17 06:10:13, Info                  CSI    00000168 [SR] Verifying 100 components
2025-01-17 06:10:13, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:16, Info                  CSI    0000016a [SR] Verify complete
2025-01-17 06:10:17, Info                  CSI    0000016b [SR] Verifying 100 components
2025-01-17 06:10:17, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:18, Info                  CSI    0000016d [SR] Verify complete
2025-01-17 06:10:19, Info                  CSI    0000016e [SR] Verifying 100 components
2025-01-17 06:10:19, Info                  CSI    0000016f [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:20, Info                  CSI    00000170 [SR] Verify complete
2025-01-17 06:10:20, Info                  CSI    00000171 [SR] Verifying 100 components
2025-01-17 06:10:20, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:21, Info                  CSI    00000173 [SR] Verify complete
2025-01-17 06:10:21, Info                  CSI    00000174 [SR] Verifying 100 components
2025-01-17 06:10:21, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:23, Info                  CSI    00000176 [SR] Verify complete
2025-01-17 06:10:23, Info                  CSI    00000177 [SR] Verifying 100 components
2025-01-17 06:10:23, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:24, Info                  CSI    00000179 [SR] Verify complete
2025-01-17 06:10:24, Info                  CSI    0000017a [SR] Verifying 100 components
2025-01-17 06:10:24, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:26, Info                  CSI    0000017c [SR] Verify complete
2025-01-17 06:10:26, Info                  CSI    0000017d [SR] Verifying 100 components
2025-01-17 06:10:26, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:27, Info                  CSI    0000017f [SR] Verify complete
2025-01-17 06:10:27, Info                  CSI    00000180 [SR] Verifying 100 components
2025-01-17 06:10:27, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:28, Info                  CSI    00000182 [SR] Verify complete
2025-01-17 06:10:28, Info                  CSI    00000183 [SR] Verifying 100 components
2025-01-17 06:10:28, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:29, Info                  CSI    00000185 [SR] Verify complete
2025-01-17 06:10:29, Info                  CSI    00000186 [SR] Verifying 100 components
2025-01-17 06:10:29, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:30, Info                  CSI    00000188 [SR] Verify complete
2025-01-17 06:10:30, Info                  CSI    00000189 [SR] Verifying 100 components
2025-01-17 06:10:30, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:31, Info                  CSI    0000018b [SR] Verify complete
2025-01-17 06:10:31, Info                  CSI    0000018c [SR] Verifying 100 components
2025-01-17 06:10:31, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:35, Info                  CSI    0000018e [SR] Verify complete
2025-01-17 06:10:35, Info                  CSI    0000018f [SR] Verifying 100 components
2025-01-17 06:10:35, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:37, Info                  CSI    00000191 [SR] Verify complete
2025-01-17 06:10:37, Info                  CSI    00000192 [SR] Verifying 100 components
2025-01-17 06:10:37, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:38, Info                  CSI    00000194 [SR] Verify complete
2025-01-17 06:10:38, Info                  CSI    00000195 [SR] Verifying 100 components
2025-01-17 06:10:38, Info                  CSI    00000196 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:39, Info                  CSI    00000197 [SR] Verify complete
2025-01-17 06:10:40, Info                  CSI    00000198 [SR] Verifying 100 components
2025-01-17 06:10:40, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:41, Info                  CSI    0000019a [SR] Verify complete
2025-01-17 06:10:41, Info                  CSI    0000019b [SR] Verifying 100 components
2025-01-17 06:10:41, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:42, Info                  CSI    0000019d [SR] Verify complete
2025-01-17 06:10:42, Info                  CSI    0000019e [SR] Verifying 100 components
2025-01-17 06:10:42, Info                  CSI    0000019f [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:44, Info                  CSI    000001a0 [SR] Verify complete
2025-01-17 06:10:44, Info                  CSI    000001a1 [SR] Verifying 100 components
2025-01-17 06:10:44, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:47, Info                  CSI    000001a3 [SR] Verify complete
2025-01-17 06:10:47, Info                  CSI    000001a4 [SR] Verifying 100 components
2025-01-17 06:10:47, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:49, Info                  CSI    000001a6 [SR] Verify complete
2025-01-17 06:10:49, Info                  CSI    000001a7 [SR] Verifying 100 components
2025-01-17 06:10:49, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:51, Info                  CSI    000001a9 [SR] Verify complete
2025-01-17 06:10:51, Info                  CSI    000001aa [SR] Verifying 100 components
2025-01-17 06:10:51, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:52, Info                  CSI    000001ac [SR] Verify complete
2025-01-17 06:10:52, Info                  CSI    000001ad [SR] Verifying 100 components
2025-01-17 06:10:52, Info                  CSI    000001ae [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:54, Info                  CSI    000001af [SR] Verify complete
2025-01-17 06:10:54, Info                  CSI    000001b0 [SR] Verifying 100 components
2025-01-17 06:10:54, Info                  CSI    000001b1 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:56, Info                  CSI    000001b2 [SR] Verify complete
2025-01-17 06:10:56, Info                  CSI    000001b3 [SR] Verifying 100 components
2025-01-17 06:10:56, Info                  CSI    000001b4 [SR] Beginning Verify and Repair transaction
2025-01-17 06:10:59, Info                  CSI    000001b5 [SR] Verify complete
2025-01-17 06:10:59, Info                  CSI    000001b6 [SR] Verifying 100 components
2025-01-17 06:10:59, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:01, Info                  CSI    000001bb [SR] Verify complete
2025-01-17 06:11:01, Info                  CSI    000001bc [SR] Verifying 100 components
2025-01-17 06:11:01, Info                  CSI    000001bd [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:02, Info                  CSI    000001be [SR] Verify complete
2025-01-17 06:11:02, Info                  CSI    000001bf [SR] Verifying 100 components
2025-01-17 06:11:02, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:03, Info                  CSI    000001c1 [SR] Verify complete
2025-01-17 06:11:03, Info                  CSI    000001c2 [SR] Verifying 100 components
2025-01-17 06:11:03, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:03, Info                  CSI    000001c4 [SR] Verify complete
2025-01-17 06:11:04, Info                  CSI    000001c5 [SR] Verifying 100 components
2025-01-17 06:11:04, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:05, Info                  CSI    000001c7 [SR] Verify complete
2025-01-17 06:11:05, Info                  CSI    000001c8 [SR] Verifying 100 components
2025-01-17 06:11:05, Info                  CSI    000001c9 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:08, Info                  CSI    000001ca [SR] Verify complete
2025-01-17 06:11:08, Info                  CSI    000001cb [SR] Verifying 100 components
2025-01-17 06:11:08, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:09, Info                  CSI    000001cd [SR] Verify complete
2025-01-17 06:11:09, Info                  CSI    000001ce [SR] Verifying 100 components
2025-01-17 06:11:09, Info                  CSI    000001cf [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:12, Info                  CSI    000001d0 [SR] Verify complete
2025-01-17 06:11:12, Info                  CSI    000001d1 [SR] Verifying 100 components
2025-01-17 06:11:12, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:15, Info                  CSI    000001d3 [SR] Verify complete
2025-01-17 06:11:15, Info                  CSI    000001d4 [SR] Verifying 100 components
2025-01-17 06:11:15, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:17, Info                  CSI    000001d6 [SR] Verify complete
2025-01-17 06:11:17, Info                  CSI    000001d7 [SR] Verifying 100 components
2025-01-17 06:11:17, Info                  CSI    000001d8 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:19, Info                  CSI    000001d9 [SR] Repairing file \??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\OneDrive.lnk from store
2025-01-17 06:11:20, Info                  CSI    000001da [SR] Verify complete
2025-01-17 06:11:20, Info                  CSI    000001db [SR] Verifying 100 components
2025-01-17 06:11:20, Info                  CSI    000001dc [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:21, Info                  CSI    000001dd [SR] Verify complete
2025-01-17 06:11:21, Info                  CSI    000001de [SR] Verifying 100 components
2025-01-17 06:11:21, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:24, Info                  CSI    000001e0 [SR] Verify complete
2025-01-17 06:11:24, Info                  CSI    000001e1 [SR] Verifying 100 components
2025-01-17 06:11:24, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:26, Info                  CSI    000001e3 [SR] Verify complete
2025-01-17 06:11:26, Info                  CSI    000001e4 [SR] Verifying 100 components
2025-01-17 06:11:26, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:28, Info                  CSI    000001e6 [SR] Verify complete
2025-01-17 06:11:28, Info                  CSI    000001e7 [SR] Verifying 100 components
2025-01-17 06:11:28, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:30, Info                  CSI    000001e9 [SR] Verify complete
2025-01-17 06:11:30, Info                  CSI    000001ea [SR] Verifying 100 components
2025-01-17 06:11:30, Info                  CSI    000001eb [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:32, Info                  CSI    000001f0 [SR] Verify complete
2025-01-17 06:11:32, Info                  CSI    000001f1 [SR] Verifying 100 components
2025-01-17 06:11:32, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:36, Info                  CSI    000001f3 [SR] Verify complete
2025-01-17 06:11:36, Info                  CSI    000001f4 [SR] Verifying 100 components
2025-01-17 06:11:36, Info                  CSI    000001f5 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:37, Info                  CSI    000001f6 [SR] Verify complete
2025-01-17 06:11:37, Info                  CSI    000001f7 [SR] Verifying 100 components
2025-01-17 06:11:37, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:40, Info                  CSI    000001f9 [SR] Verify complete
2025-01-17 06:11:40, Info                  CSI    000001fa [SR] Verifying 100 components
2025-01-17 06:11:40, Info                  CSI    000001fb [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:42, Info                  CSI    000001fc [SR] Verify complete
2025-01-17 06:11:42, Info                  CSI    000001fd [SR] Verifying 100 components
2025-01-17 06:11:42, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:44, Info                  CSI    000001ff [SR] Verify complete
2025-01-17 06:11:44, Info                  CSI    00000200 [SR] Verifying 100 components
2025-01-17 06:11:44, Info                  CSI    00000201 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:46, Info                  CSI    00000202 [SR] Verify complete
2025-01-17 06:11:46, Info                  CSI    00000203 [SR] Verifying 100 components
2025-01-17 06:11:46, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:49, Info                  CSI    00000205 [SR] Verify complete
2025-01-17 06:11:49, Info                  CSI    00000206 [SR] Verifying 100 components
2025-01-17 06:11:49, Info                  CSI    00000207 [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:52, Info                  CSI    00000208 [SR] Verify complete
2025-01-17 06:11:52, Info                  CSI    00000209 [SR] Verifying 100 components
2025-01-17 06:11:52, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:54, Info                  CSI    0000020b [SR] Verify complete
2025-01-17 06:11:54, Info                  CSI    0000020c [SR] Verifying 100 components
2025-01-17 06:11:54, Info                  CSI    0000020d [SR] Beginning Verify and Repair transaction
2025-01-17 06:11:56, Info                  CSI    0000020e [SR] Verify complete
2025-01-17 06:11:56, Info                  CSI    0000020f [SR] Verifying 100 components
2025-01-17 06:11:56, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:00, Info                  CSI    00000211 [SR] Verify complete
2025-01-17 06:12:00, Info                  CSI    00000212 [SR] Verifying 100 components
2025-01-17 06:12:00, Info                  CSI    00000213 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:03, Info                  CSI    00000214 [SR] Verify complete
2025-01-17 06:12:03, Info                  CSI    00000215 [SR] Verifying 100 components
2025-01-17 06:12:03, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:05, Info                  CSI    00000217 [SR] Verify complete
2025-01-17 06:12:05, Info                  CSI    00000218 [SR] Verifying 100 components
2025-01-17 06:12:05, Info                  CSI    00000219 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:07, Info                  CSI    0000021a [SR] Verify complete
2025-01-17 06:12:07, Info                  CSI    0000021b [SR] Verifying 100 components
2025-01-17 06:12:07, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:08, Info                  CSI    0000021d [SR] Verify complete
2025-01-17 06:12:08, Info                  CSI    0000021e [SR] Verifying 100 components
2025-01-17 06:12:08, Info                  CSI    0000021f [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:10, Info                  CSI    00000220 [SR] Verify complete
2025-01-17 06:12:10, Info                  CSI    00000221 [SR] Verifying 100 components
2025-01-17 06:12:10, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:12, Info                  CSI    00000223 [SR] Verify complete
2025-01-17 06:12:12, Info                  CSI    00000224 [SR] Verifying 100 components
2025-01-17 06:12:12, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:13, Info                  CSI    00000226 [SR] Verify complete
2025-01-17 06:12:13, Info                  CSI    00000227 [SR] Verifying 83 components
2025-01-17 06:12:13, Info                  CSI    00000228 [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:14, Info                  CSI    00000229 [SR] Verify complete
2025-01-17 06:12:14, Info                  CSI    0000022a [SR] Repairing 1 components
2025-01-17 06:12:14, Info                  CSI    0000022b [SR] Beginning Verify and Repair transaction
2025-01-17 06:12:14, Info                  CSI    0000022c [SR] Repairing file \??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\OneDrive.lnk from store
2025-01-17 06:12:14, Info                  CSI    0000022d [SR] Repair complete
2025-01-17 06:12:14, Info                  CSI    0000022e [SR] Committing transaction
2025-01-17 06:12:14, Info                  CSI    00000235 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired


========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


C:\FRST>wevtutil cl "AMSI/Debug"

C:\FRST>wevtutil cl "AirSpaceChannel"

C:\FRST>wevtutil cl "Analytic"

C:\FRST>wevtutil cl "Application"

C:\FRST>wevtutil cl "DirectShowFilterGraph"

C:\FRST>wevtutil cl "DirectShowPluginControl"

C:\FRST>wevtutil cl "Els_Hyphenation/Analytic"

C:\FRST>wevtutil cl "EndpointMapper"

C:\FRST>wevtutil cl "FirstUXPerf-Analytic"

C:\FRST>wevtutil cl "ForwardedEvents"

C:\FRST>wevtutil cl "General Logging"

C:\FRST>wevtutil cl "HardwareEvents"

C:\FRST>wevtutil cl "IHM_DebugChannel"

C:\FRST>wevtutil cl "Intel-iaLPSS-GPIO/Analytic"

C:\FRST>wevtutil cl "Intel-iaLPSS-I2C/Analytic"

C:\FRST>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug"

C:\FRST>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance"

C:\FRST>wevtutil cl "Intel-iaLPSS2-I2C/Debug"

C:\FRST>wevtutil cl "Intel-iaLPSS2-I2C/Performance"

C:\FRST>wevtutil cl "Internet Explorer"

C:\FRST>wevtutil cl "Key Management Service"

C:\FRST>wevtutil cl "MF_MediaFoundationDeviceMFT"

C:\FRST>wevtutil cl "MF_MediaFoundationDeviceProxy"

C:\FRST>wevtutil cl "MF_MediaFoundationFrameServer"

C:\FRST>wevtutil cl "MedaFoundationVideoProc"

C:\FRST>wevtutil cl "MedaFoundationVideoProcD3D"

C:\FRST>wevtutil cl "MediaFoundationAsyncWrapper"

C:\FRST>wevtutil cl "MediaFoundationContentProtection"

C:\FRST>wevtutil cl "MediaFoundationDS"

C:\FRST>wevtutil cl "MediaFoundationDeviceProxy"

C:\FRST>wevtutil cl "MediaFoundationMP4"

C:\FRST>wevtutil cl "MediaFoundationMediaEngine"

C:\FRST>wevtutil cl "MediaFoundationPerformance"

C:\FRST>wevtutil cl "MediaFoundationPerformanceCore"

C:\FRST>wevtutil cl "MediaFoundationPipeline"

C:\FRST>wevtutil cl "MediaFoundationPlatform"

C:\FRST>wevtutil cl "MediaFoundationSrcPrefetch"

C:\FRST>wevtutil cl "Microsoft-Client-License-ESU/Admin"

C:\FRST>wevtutil cl "Microsoft-Client-License-ESU/Debug"

C:\FRST>wevtutil cl "Microsoft-Client-License-ESU/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin"

C:\FRST>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug"

C:\FRST>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-IE/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-IEFRAME/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-OneCore-Setup/Analytic"

C:\FRST>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AAD/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-AAD/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ADSI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-ASN1/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ATAPort/General"

C:\FRST>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\FRST>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AllJoyn/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AllJoyn/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/Internal"

C:\FRST>wevtutil cl "Microsoft-Windows-AppID/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-State/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppReadiness/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AppReadiness/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppReadiness/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppSruProv"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeployment-Server/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\FRST>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\FRST>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager"

C:\FRST>wevtutil cl "Microsoft-Windows-Audit/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\FRST>wevtutil cl "Microsoft-Windows-AxInstallService/Log"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Backup"

C:\FRST>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Battery/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Biometrics/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Biometrics/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Bits-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CAPI2/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CDROM/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/Call"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/CreateInstance"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation"

C:\FRST>wevtutil cl "Microsoft-Windows-COMRuntime/Activations"

C:\FRST>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\FRST>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudRestoreLauncher/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudStore/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudStore/Initialization"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudStore/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\FRST>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ComDlg32/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreApplication/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreWindow/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Crashdump/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\FRST>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DCLocator/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DDisplay/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DDisplay/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DNS-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DXGI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DXGI/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-DXP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\FRST>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Deplorch/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSync/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceUx/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceUx/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Devices-Background/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiagCpl/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D11/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D12/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectSound/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Disk/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Documents/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Power"

C:\FRST>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-EFS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-ESE/IODiagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-ESE/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapHost/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EapHost/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-EapHost/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog"

C:\FRST>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EventCollector/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-EventCollector/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-EventLog/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EventLog/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FMS/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FMS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FMS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Forwarding/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Forwarding/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HAL/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-HealthCenter/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-HealthCenter/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Help/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\FRST>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HttpService/Log"

C:\FRST>wevtutil cl "Microsoft-Windows-HttpService/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IE-SmartScreen"

C:\FRST>wevtutil cl "Microsoft-Windows-IKE/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-IKEDBG/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IdCtrls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-KdsSvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kerberos/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Known Folders API Service"

C:\FRST>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LAPS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-LSA/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LSA/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LSA/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LiveId/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-LiveId/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MSPaint/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-MSPaint/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC"

C:\FRST>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR"

C:\FRST>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Minstore/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Minstore/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService"

C:\FRST>wevtutil cl "Microsoft-Windows-Mprddm/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NCSI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-NCSI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NDIS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NTLM/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Ncasvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetShell/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-Connection-Broker"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NlaSvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Ntfs/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Ntfs/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Ntfs/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-OLEACC/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OneBackup/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-OneX/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OneX/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PCI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ParentalControls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Partition/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Partition/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Policy/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Policy/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService"

C:\FRST>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RPC/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RPC/EEInfo"

C:\FRST>wevtutil cl "Microsoft-Windows-RRAS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RRAS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RadioManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ReFS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Regsvr32/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-RestartManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RetailDemo/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RetailDemo/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime/Error"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Audit"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Security"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-Sdbus/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Sdbus/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Sdstor/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SearchUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Vault/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Sens/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Sensors/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Sensors/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Services/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Servicing/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug"

C:\FRST>wevtutil cl "Microsoft-Windows-Setup/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupCl/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartScreen/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Audit"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Security"

C:\FRST>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SrumTelemetry"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Restricted"

C:\FRST>wevtutil cl "Microsoft-Windows-StorDiag/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StorPort/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Health"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageManagement/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageManagement/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Store/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Superfetch/Main"

C:\FRST>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog"

C:\FRST>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog"

C:\FRST>wevtutil cl "Microsoft-Windows-Sysprep/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TCPIP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TTS/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TWinUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TZSync/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TZSync/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TZUtil/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Time-Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TunnelDriver"

C:\FRST>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UAC/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USBVideo/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-User Device Registration/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-User Device Registration/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Profile Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-User-Loader/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-User-Loader/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\FRST>wevtutil cl "Microsoft-Windows-UserSettingsBackup-BackupUnitProcessor/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UserSettingsBackup-Orchestrator/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VAN/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VHDMP-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-VHDMP-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-VPN-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VPN/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Volume/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VolumeControl/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WFP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WFP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-API/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WUSA/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WebAuth/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WebAuthN/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server"

C:\FRST>wevtutil cl "Microsoft-Windows-WebServices/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Concurrency"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Contention"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Messages"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Power"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Render"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/UIPI"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHttp-Pca"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHttp/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/Pca"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/UsageLog"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/WebSocket"

C:\FRST>wevtutil cl "Microsoft-Windows-WinMDE/MDE"

C:\FRST>wevtutil cl "Microsoft-Windows-WinML/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinNat/Oper"

C:\FRST>wevtutil cl "Microsoft-Windows-WinNat/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-WinRM/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinRM/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WinRM/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Windeploy/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Defender/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Defender/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Winlogon/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsrv/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wordpad/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Wordpad/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-Workplace Join/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default"

C:\FRST>wevtutil cl "Microsoft-Windows-XAML/Default"

C:\FRST>wevtutil cl "Microsoft-Windows-XAudio2/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-XAudio2/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-glcnd/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-glcnd/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ntshrui"

C:\FRST>wevtutil cl "Microsoft-Windows-ntshrui-perf"

C:\FRST>wevtutil cl "Microsoft-Windows-osk/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-stobject/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-wmbclass/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-wmbclass/Trace"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug"

C:\FRST>wevtutil cl "NIS-Driver-WFP/Diagnostic"

C:\FRST>wevtutil cl "Navigator"

C:\FRST>wevtutil cl "Network Isolation Operational"

C:\FRST>wevtutil cl "OAlerts"

C:\FRST>wevtutil cl "OSK_SoftKeyboard_Channel"

C:\FRST>wevtutil cl "OfficeChannel"

C:\FRST>wevtutil cl "OfficeDebugChannel"

C:\FRST>wevtutil cl "OpenSSH/Admin"

C:\FRST>wevtutil cl "OpenSSH/Debug"

C:\FRST>wevtutil cl "OpenSSH/Operational"

C:\FRST>wevtutil cl "Physical_Keyboard_Manager_Channel"

C:\FRST>wevtutil cl "PlayReadyPerformanceChannel"

C:\FRST>wevtutil cl "RTWorkQueueExtended"

C:\FRST>wevtutil cl "RTWorkQueueTheading"

C:\FRST>wevtutil cl "SMSApi"

C:\FRST>wevtutil cl "Security"

C:\FRST>wevtutil cl "Setup"

C:\FRST>wevtutil cl "SmbWmiAnalytic"

C:\FRST>wevtutil cl "System"

C:\FRST>wevtutil cl "SystemEventsBroker"

C:\FRST>wevtutil cl "TabletPC_InputPanel_Channel"

C:\FRST>wevtutil cl "TabletPC_InputPanel_Channel/IHM"

C:\FRST>wevtutil cl "TimeBroker"

C:\FRST>wevtutil cl "UIManager_Channel"

C:\FRST>wevtutil cl "Uac/Debug"

C:\FRST>wevtutil cl "WINDOWS_KS_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_VC1ENC_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_wmvdecod_CHANNEL"

C:\FRST>wevtutil cl "WMPSetup"

C:\FRST>wevtutil cl "WMPSyncEngine"

C:\FRST>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational"

C:\FRST>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\FRST>wevtutil cl "Windows PowerShell"

C:\FRST>wevtutil cl "WordChannel"

C:\FRST>wevtutil cl "muxencode"


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 06:13:23 ====


  • 0

#6
DSWolfe
Posted 19 January 2025 - 08:07 PM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Secondly, I went the app & broswer control Rep-Base protection was already off and I turned Exploit protect off and still FRST doesn't run


  • 0

#7
RKinner
Posted 20 January 2025 - 10:34 PM

RKinner

    Malware Expert

  • Expert
  • 24,731 posts
  • MVP

I just had FRST update and it ran fine so not sure what is wrong with your version.  We mainly want it to show us the events so let's try Nirsoft's FullEventLogView 

 

https://www.nirsoft....logview-x64.zip

 

This is a zip file so you need to download, save and right click on the file and Extract All, Extract.  

 

Then right click on FullEventLogView.exe and run as Admin,

 

Then hit Stop.  Then Options, Advanced Options.  Uncheck Information, Verbose and Undefined.OK.

 

Hit Stop again and then select all events with Ctrl + a.  Then File, Save Selected Items.  Point it at your desktop and give it a name like logs.  Close the program and attach the logs.txt file.


  • 0

#8
DSWolfe
Posted 21 January 2025 - 11:12 PM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

I got FRST to work again.  For whatever reason when I downloaded it again and ran it from my download folder it works but when I move it to a new folder it does not so whatever.  Here is the FRST and Addition logs again.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by Wolfe (administrator) on WOLFE-PC (ASUS System Product Name) (21-01-2025 20:54:13)
Running from C:\Users\Wolfe\Downloads\FRST64.exe
Loaded Profiles: Wolfe
Platform: Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

========================================================

C:\FRST\FRST64.exe => process closed successfully
C:\FRST\FRST64.exe => process closed successfully
C:\FRST\FRST64.exe => moved successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8988\Agent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Discord Inc. -> Discord Inc.) C:\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe <6>
(explorer.exe ->) () [File not signed] C:\Users\Wolfe\Downloads\AutoClicker-3.0.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <8>
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <23>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2411.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <6>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Discord] => C:\Users\Wolfe\AppData\Local\Discord\Update.exe [1525016 2023-03-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-15] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.266\Installer\chrmstp.exe [2025-01-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FF3F855-D977-4263-B965-4010D2C215CF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [308584 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AF9ED637-492A-4127-951E-0B3B862CB112} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1860968 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {45A79F7B-EB90-4F55-AE49-6E004213F628} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d97349f784b2a9 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {A0DB1531-EE7D-40B1-902C-D2B8456DA60B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {1C1147E7-BA0D-4483-81A8-B37A2283E11C} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [46631024 2023-03-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {22D2A041-24D1-4947-9ECB-598713967BD6} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2023-03-18] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C34BF41C-D55C-468C-9B27-D2CA4301F5F6} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {BD762367-F8F9-4B10-9E4C-611266E98A38} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{C22F08B7-E9DD-4F63-83C5-479F5BB473B1} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32DEA084-B3A4-4CD2-AA96-A5E618EA07F8} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FDDC5C9-3518-454B-95BF-A38BE8C4179F} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C91E466-9496-468F-9FC6-F3671FFD1814} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1D5251E-1BB9-4F6E-90D1-DB61DDC854E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {256D53C9-4CB3-4879-B0E3-3411B5F09010} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD0E4C0C-D308-4C28-90C5-89A4DC7DFACE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBAB5D9D-8F79-4239-9A11-8BF97BDD2F67} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E560720E-FB4C-4B17-8D44-B85B433830E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC6DCF69-FBB5-4A3A-92B6-3D38B362ED34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57EA1879-CCFE-4CE3-B157-1EA5AD559952} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27A49626-9027-47FC-81D0-8998B75E6D6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69708F82-67BE-4E11-A483-9B4A1E8CC573} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {19E0FDDF-40FC-4860-9F25-D8495705F16A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-35897006-1549402385-1321927907-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {CAA69DE2-0590-481C-B051-343AAE89C33C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {22BA612D-4EE9-4F28-9515-C33E3126CDF5} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8D9D487-1CC5-4BD2-A8EC-B8174B078C25} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E262836-4C8A-4593-8BCE-BA297F7612B2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F42F4D-EE43-4030-B1C6-D6E3DB6E89F1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {E85D0753-7D78-42D2-9DD8-199FE04A4689} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\75F6C66656020586F6E656: [DhcpNameServer] 192.168.165.176
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpDomain] wk.shawcable.net
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,10.0.0.58,1]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-16]
Edge Extension: (Google Docs Offline) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: 4syrh9jm.default
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\4syrh9jm.default [2023-04-20]
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release [2025-01-22]
FF Session Restore: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> hxxps://www.facebook.com
FF Extension: (AdGuard AdBlocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2025-01-10]
FF Extension: (Enhancer for YouTube™) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2024-12-03]
FF Extension: (Capital One Shopping: Save Now) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2024-08-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default [2024-04-21]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-03-28] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1132000 2025-01-21] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-01-15] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617896 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [146984 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 CorsairLLAService; C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe [238632 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [715736 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe [3530280 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [310824 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\OneDriveUpdaterService.exe [3876392 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1878448 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [364800 2024-12-12] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538416 2024-11-20] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-06-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-16] (ASUSTeK COMPUTER INC. -> )
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [21752 2023-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2025-01-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44592 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_bf51b653ec31b8ab\e2f.sys [531568 2023-07-02] (Intel Corporation -> Intel Corporation)
R3 MpKsl552698b4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A39F8E38-328C-490F-BBB0-F6F5CE943542}\MpKslDrv.sys [267552 2025-01-22] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [18496 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [361472 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1617920 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_02a1; C:\Windows\System32\drivers\RzDev_02a1.sys [64664 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
U4 AppMgmt; no ImagePath
S3 cpuz157; \??\C:\Windows\temp\cpuz157\cpuz157_x64.sys [X] <==== ATTENTION
U4 CscService; no ImagePath
U4 napagent; no ImagePath
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
U4 PeerDistSvc; no ImagePath
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-21 20:54 - 2025-01-21 20:55 - 000032648 _____ C:\Users\Wolfe\Downloads\FRST.txt
2025-01-21 20:54 - 2025-01-21 20:54 - 002403328 _____ (Farbar) C:\Users\Wolfe\Downloads\FRST64.exe
2025-01-17 22:09 - 2025-01-17 22:09 - 005538981 _____ C:\Users\Wolfe\Downloads\UE4SS_v3.0.0.zip
2025-01-17 05:37 - 2025-01-17 05:37 - 000000000 ___HD C:\$WinREAgent
2025-01-16 20:08 - 2025-01-16 20:08 - 000182886 _____ C:\Users\Wolfe\Downloads\message(1).txt
2025-01-16 19:08 - 2025-01-16 19:08 - 000000000 ____D C:\Users\Wolfe\Downloads\FRST-OlderVersion
2025-01-16 19:06 - 2025-01-21 20:55 - 000000000 ____D C:\FRST
2025-01-16 19:02 - 2025-01-16 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Wolfe\Downloads\HijackThis.exe
2025-01-16 06:05 - 2025-01-16 06:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-14 22:17 - 2025-01-14 22:17 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-01-14 22:17 - 2025-01-14 22:17 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-14 10:43 - 2025-01-16 05:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-11 19:49 - 2025-01-11 19:49 - 003161705 _____ C:\Users\Wolfe\Downloads\elvui-13.81(2).zip
2025-01-07 20:15 - 2025-01-07 20:15 - 000180264 _____ C:\Users\Wolfe\Downloads\Statement_122024_5998.pdf
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2024-12-28 18:06 - 2024-12-04 10:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-12-28 18:06 - 2024-12-04 10:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-12-28 18:06 - 2024-12-04 09:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-12-28 18:06 - 2024-12-04 09:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-12-28 18:06 - 2024-12-04 09:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-12-28 18:06 - 2024-12-03 17:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2024-12-28 18:06 - 2024-12-03 17:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-12-28 18:02 - 2024-12-28 18:02 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-12-28 18:02 - 2024-12-28 18:02 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-12-28 18:02 - 2024-12-28 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-12-28 18:01 - 2024-12-18 04:26 - 003074088 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-12-28 18:01 - 2024-12-18 04:26 - 002369064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000180760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000159768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2024-12-28 13:51 - 2024-12-28 19:18 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Path of Exile 2
2024-12-28 13:18 - 2024-12-28 13:18 - 000000223 _____ C:\Users\Wolfe\Desktop\Path of Exile 2.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-21 20:53 - 2023-04-19 21:27 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Battle.net
2025-01-21 20:43 - 2024-10-22 18:00 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Discord
2025-01-21 20:41 - 2023-04-19 21:18 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-21 20:17 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-21 19:13 - 2023-04-19 21:35 - 000000000 ____D C:\Program Files\ASUS
2025-01-21 17:13 - 2023-04-19 21:43 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\discord
2025-01-21 17:07 - 2023-04-19 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-20 22:34 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-20 22:34 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-20 21:45 - 2023-04-19 20:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-20 21:43 - 2023-04-19 04:46 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-20 21:43 - 2019-12-07 01:13 - 000000000 ____D C:\Windows\INF
2025-01-20 21:42 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\D3DSCache
2025-01-20 21:40 - 2023-04-19 04:47 - 000000000 ___RD C:\Users\Wolfe\OneDrive
2025-01-20 21:37 - 2023-04-19 04:44 - 000000000 ____D C:\Users\Wolfe
2025-01-20 21:36 - 2024-09-29 17:02 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-20 21:36 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-20 21:36 - 2023-04-19 04:36 - 001180016 _____ () C:\Windows\system32\wpbbin.exe
2025-01-20 21:36 - 2023-04-19 04:36 - 001132000 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-01-20 21:36 - 2023-04-19 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-20 00:57 - 2023-08-06 16:56 - 000002325 _____ C:\Users\Wolfe\Desktop\Warcraft Logs Companion.lnk
2025-01-20 00:57 - 2023-04-19 21:37 - 000002325 _____ C:\Users\Wolfe\Desktop\CurseForge.lnk
2025-01-20 00:57 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Overwolf
2025-01-20 00:46 - 2023-04-19 21:31 - 000003962 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean
2025-01-19 17:54 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Packages
2025-01-19 17:47 - 2019-12-07 01:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-01-19 10:22 - 2023-04-28 22:00 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Excel
2025-01-18 13:40 - 2023-04-19 04:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-18 13:40 - 2023-04-19 04:37 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-17 17:26 - 2022-09-07 19:13 - 000000000 ____D C:\Windows\SystemTemp
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SystemResources
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\appraiser
2025-01-17 17:24 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\bcastdvr
2025-01-17 06:19 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-17 06:15 - 2023-04-19 04:38 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-01-16 22:40 - 2023-04-22 20:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-16 22:40 - 2023-04-22 20:27 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-01-16 19:02 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\VirtualStore
2025-01-16 18:17 - 2023-04-19 20:34 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 17:51 - 2023-04-19 20:34 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-16 06:07 - 2023-04-28 21:51 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-16 06:07 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-16 05:53 - 2024-10-22 18:01 - 000002243 _____ C:\Users\Wolfe\Desktop\Discord.lnk
2025-01-16 05:35 - 2023-04-29 23:26 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-01-16 05:35 - 2023-04-19 20:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-15 19:27 - 2023-04-19 20:32 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000001053 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-01-15 18:49 - 2023-04-19 20:42 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-14 22:17 - 2023-04-19 21:15 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001
2025-01-10 17:01 - 2023-04-19 21:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-01-10 16:47 - 2023-04-19 04:45 - 000000000 ____D C:\ProgramData\Packages
2025-01-10 16:43 - 2023-04-21 18:11 - 000000000 ____D C:\Users\Wolfe\AppData\Local\CrashDumps
2025-01-06 20:59 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-06 05:50 - 2023-04-19 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2024-12-30 02:25 - 2023-04-19 20:37 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA
2024-12-29 01:32 - 2023-04-19 21:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Steam
2024-12-28 18:07 - 2023-04-22 20:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-21 19:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-19 20:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-12-28 13:51 - 2023-04-21 19:06 - 000000000 ____D C:\Users\Wolfe\Documents\My Games
2024-12-28 13:18 - 2023-05-05 17:56 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-26 14:59 - 2023-04-19 21:37 - 000000000 ____D C:\Program Files (x86)\Overwolf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by Wolfe (21-01-2025 20:56:24)
Running from C:\Users\Wolfe\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) (2023-04-19 12:41:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-35897006-1549402385-1321927907-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-35897006-1549402385-1321927907-503 - Limited - Disabled)
Guest (S-1-5-21-35897006-1549402385-1321927907-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-35897006-1549402385-1321927907-504 - Limited - Disabled)
Wolfe (S-1-5-21-35897006-1549402385-1321927907-1001 - Administrator - Enabled) => C:\Users\Wolfe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.119 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.89 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{2b787d65-59ec-46d5-9e6b-8b4761e7903c}) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.3 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.2.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{45ece30d-a966-424e-9bce-f740797c5348}) (Version: 1.2.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.4 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{39cdaa93-c446-4421-a337-1e52705dd2f8}) (Version: 1.3.9.4 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.2.1.2 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.00.01 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.29 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.29 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version:  - Blizzard Entertainment)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Cataclysm Classic (HKLM-x32\...\Cataclysm Classic) (Version:  - Blizzard Entertainment)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.0.146 - Corsair)
CurseForge (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.270.1.2519 - Overwolf app)
Diablo IV (HKLM-x32\...\Diablo IV) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Discord) (Version: 1.0.9012 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.266 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel® Network Connections 28.0.0.2 (HKLM\...\{2D8EB790-843E-4825-ABE7-CB1A52F1C5B3}) (Version: 28.0.0.2 - Intel) Hidden
Intel® Network Connections 28.0.0.2 (HKLM\...\PROSetDX) (Version: 28.0.0.2 - Intel)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18429.20044 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.115 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.146 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.244.1204.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-CA) (HKLM\...\Mozilla Firefox 134.0.1 (x64 en-CA)) (Version: 134.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
NVIDIA app 11.0.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.189 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation)
NVIDIA Graphics Driver 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.266.1.26 - Overwolf Ltd.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{31850f16-ce9f-4dec-81ca-222c617a9115}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.2 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{959e5696-0edd-4896-b1d8-54aaa725f770}) (Version: 1.1.0.2 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 11.0.46.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1008.100321 - Razer Inc.)
Reverse1999 (HKLM-x32\...\Reverse1999) (Version: 1.0.1.0 - BLUEPOCH GAMES CO., LIMITED)
Roblox Player for Wolfe (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\roblox-player) (Version:  - Roblox Corporation)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 147.0.10965 - Ubisoft)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.4 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{c8b4688a-f5d4-4236-aec4-df260a88ccc4}) (Version: 1.0.0.4 - PD) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.15 - Voxengo)
Warcraft Logs Companion (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 8.15.14 - Overwolf app)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version:  - Blizzard Entertainment)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.13.0_x64__qmba6cd70vzyy [2024-12-18] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.9.3.0_x64__qmba6cd70vzyy [2024-06-30] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-03-27] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-14] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12001.0_x64__8wekyb3d8bbwe [2025-01-01] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
Spotify - Music and Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0 [2025-01-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-35897006-1549402385-1321927907-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Wolfe\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-04-19 21:38 - 2023-02-03 16:10 - 000525312 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000520192 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000483328 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\node-system-fonts\build\Release\system-fonts.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000510464 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-27 13:56 - 000319488 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\sharp\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000786432 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-06-08 09:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000379392 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\libegl.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 006679040 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\libglesv2.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 004325888 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\vk_swiftshader.dll
2024-06-25 17:43 - 2011-01-15 15:45 - 000319488 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2024-06-25 17:41 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2024-12-05 16:37 - 2024-12-03 12:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-12-05 16:37 - 2024-12-03 12:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2023-04-20 16:48 - 2023-04-20 16:48 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files\Corsair\Corsair iCUE5 Software\clink\SiUSBXp.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 001166336 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\chrome_elf.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000046080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\audio\qtaudio_windows.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000030720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\iconengines\qsvgicon.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\imageformats\qgif.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\imageformats\qico.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000353280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\imageformats\qjpeg.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\imageformats\qsvg.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000352256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\imageformats\qtiff.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000423424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\imageformats\qwebp.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 001239552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\platforms\qwindows.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000915456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\Qt5Network.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000362496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\Qt5QmlModels.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 004702208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\Qt5Widgets.dll
2025-01-10 08:23 - 2024-05-20 13:10 - 000165888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15212\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 01:14 - 2019-12-07 01:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wolfe\Pictures\Saved Pictures\1132784.png
DNS Servers: 64.59.168.15 - 64.59.150.132
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel® Ethernet Controller I225-V -> e2f.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: RZ608 Wi-Fi 6E 80MHz -> mtkwl6ex.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\StartupApproved\Run: => "Synapse3"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA883DF2-91D9-4561-AA1C-FE7B1B6164F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D653137D-8CAC-4219-B1CF-A0D04582F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1D226292-A15A-41C5-B406-61391860FAAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1931B891-1E76-47D1-9B54-8AE08D81F017}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5C81B250-01C7-405C-BF3C-15CC9D27BA56}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1CFE5603-69BD-4453-8E39-AF0CB7364795}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DF1F6C59-6D9E-4ADE-80F6-9D615258598B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{209E6CDC-7269-44B8-9A0F-0FAA75EA6528}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{5A92544A-63B8-45C0-BC68-FAC4203C6ABA}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{E90BA36B-9269-4DB3-A7D5-1D32EE327AD4}] => (Allow) C:\Users\Wolfe\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{774D426C-26DA-41DE-96DD-D43CE54D81AE}E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [UDP Query User{A41965D4-FB0F-4623-AB06-A3DEE8417817}E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [TCP Query User{0CF257AD-3AC8-4308-A242-EBBC80946D06}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{FE76C8DB-EF0C-432F-8FA1-C933BDC451A2}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{7882F540-0EA1-4145-AFDB-271C17B91054}] => (Allow) C:\Users\Wolfe\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{EB3BFBEC-407B-462F-827B-BBE1559A3062}] => (Allow) C:\Users\Wolfe\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{4AF4067D-59D3-4203-87BF-14B2E1DC218F}] => (Allow) C:\Users\Wolfe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{0C259C52-29B2-447B-8F3E-D802B6225F98}] => (Allow) C:\Users\Wolfe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{8AC34B37-FAEF-4025-A43D-5635AB2DE31F}C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{6D73BE5C-CDE7-43AF-82E8-E95442356227}C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{CDC41BD3-7DB2-4C24-BA5E-4BBED0F66AF7}] => (Allow) D:\SteamLibrary\steamapps\common\The Past Within\The Past Within.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{6695E06B-62E5-41CF-BC95-B07695230B8F}] => (Allow) D:\SteamLibrary\steamapps\common\The Past Within\The Past Within.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{7B79F3BC-DAB1-40E5-B03A-3F812A2181CB}D:\diablo iv - server slam\diablo iv.exe] => (Allow) D:\diablo iv - server slam\diablo iv.exe => No File
FirewallRules: [UDP Query User{035AA948-5ABB-43FB-A02F-F8F60A11D86E}D:\diablo iv - server slam\diablo iv.exe] => (Allow) D:\diablo iv - server slam\diablo iv.exe => No File
FirewallRules: [TCP Query User{37998031-EDA9-4BE6-A363-F8AD712D7758}D:\diablo iv\diablo iv.exe] => (Allow) D:\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{07A2B34C-1689-447B-8098-E948440E9D39}D:\diablo iv\diablo iv.exe] => (Allow) D:\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{5221235E-D912-494D-96ED-F6E71CFD7E1D}] => (Allow) D:\SteamLibrary\steamapps\common\Quarters\fnaf9.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{271A24FB-0434-4777-A7CE-3AB752F1C3C9}] => (Allow) D:\SteamLibrary\steamapps\common\Quarters\fnaf9.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{09B1E3FF-C467-4F5B-82CC-B4391621AE78}] => (Allow) D:\SteamLibrary\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{BE2AA407-AF40-4821-8CF0-47BA5313FCE9}] => (Allow) D:\SteamLibrary\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{4F4A96FA-8B7A-4083-823A-7EC52E049D5F}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D5B941AE-579C-40B8-9CDD-333738F08426}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{E1B5C579-CEDF-40F1-AA09-E1BDB5E8B5EF}] => (Allow) D:\SteamLibrary\steamapps\common\Evil Genius 2\launcher\eg2.exe (Rebellion) [File not signed]
FirewallRules: [{A959EDD2-DF82-4C3E-8749-EE0D5F0C030E}] => (Allow) D:\SteamLibrary\steamapps\common\Evil Genius 2\launcher\eg2.exe (Rebellion) [File not signed]
FirewallRules: [{95335994-FDED-4A04-9B87-74735B73F529}] => (Allow) D:\SteamLibrary\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [File not signed]
FirewallRules: [{400FEDF5-DB94-412F-B715-C022490B4FCE}] => (Allow) D:\SteamLibrary\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [File not signed]
FirewallRules: [{A8998BFB-6B38-4F73-BCA6-0AD37B075B42}] => (Allow) D:\SteamLibrary\steamapps\common\Shadows of Doubt\Shadows of Doubt.exe () [File not signed]
FirewallRules: [{7E6B1ADF-F55B-4EE7-8B9E-E9DF57E7E774}] => (Allow) D:\SteamLibrary\steamapps\common\Shadows of Doubt\Shadows of Doubt.exe () [File not signed]
FirewallRules: [{16DB64DC-474D-4F64-959E-155CFECC01D2}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\I'm on Observation Duty 3.exe () [File not signed]
FirewallRules: [{5776C784-8AD7-44EC-B0CF-22A1FB7043F7}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\I'm on Observation Duty 3.exe () [File not signed]
FirewallRules: [{A05640C3-21F0-4001-A3EC-67B911B4E4C6}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\VR\I'm on Observation Duty 3 VR.exe () [File not signed]
FirewallRules: [{D680E87C-024B-49D0-A192-03FF109D53D2}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\VR\I'm on Observation Duty 3 VR.exe () [File not signed]
FirewallRules: [TCP Query User{407E08F6-05A3-44CD-88B2-1635EC7170AB}C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe] => (Allow) C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe (BLUEPOCH GAMES CO., LIMITED -> )
FirewallRules: [UDP Query User{6C68046C-E080-4DF4-B7D1-5621FE60DC6C}C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe] => (Allow) C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe (BLUEPOCH GAMES CO., LIMITED -> )
FirewallRules: [{F2905DDE-7C96-477B-805E-8A0EA7A08473}] => (Allow) D:\SteamLibrary\steamapps\common\Micro Civilization\Civ.exe () [File not signed]
FirewallRules: [{A25D1D08-2FF5-419C-B55B-B78AE25ADFB2}] => (Allow) D:\SteamLibrary\steamapps\common\Micro Civilization\Civ.exe () [File not signed]
FirewallRules: [{C6070451-CEA9-4490-890A-BD70055558AB}] => (Allow) D:\SteamLibrary\steamapps\common\Scott Pilgrim vs The World\Scott.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{3278A012-75DE-4FCB-B327-8E7EAF3BCC37}] => (Allow) D:\SteamLibrary\steamapps\common\Scott Pilgrim vs The World\Scott.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{08512535-7EBC-4491-B0BD-8D558FC072FD}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{0387D246-361A-454E-BB5F-84571BE7EEF6}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{1144C922-08F8-4220-9B69-304019C7BB07}] => (Allow) D:\SteamLibrary\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1294CD8A-3691-4D1E-B3E8-925827DAACDC}] => (Allow) D:\SteamLibrary\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{89402943-9DB3-4158-9A85-6E42B18804C7}D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{BE4E0628-F774-4F10-B290-36ABD34D3DB6}D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5D203C24-3076-42B5-A21A-3DFEBD75E828}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{8161BB70-8DB1-42C6-8A98-0F53CB226740}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{2E93B374-1519-4212-9C50-6631C6B34A28}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Forbidden West Complete Edition\HorizonForbiddenWest.exe (Sony Interactive Entertainment LLC -> Guerrilla B.V.)
FirewallRules: [{C3D1AB2D-3216-4A8D-9EA9-4406C9F114D0}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Forbidden West Complete Edition\HorizonForbiddenWest.exe (Sony Interactive Entertainment LLC -> Guerrilla B.V.)
FirewallRules: [{3E0E32E5-62B2-4E91-BEA3-20CF35879EC3}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B9EF66FA-80A3-448F-92E7-3E8991C94A0B}] => (Allow) D:\SteamLibrary\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{44FA06B8-1B39-40FD-A7C3-C14FDEEA63BF}] => (Allow) D:\SteamLibrary\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{41BFE508-EF34-4E99-B5BA-B118E09037A8}] => (Allow) D:\SteamLibrary\steamapps\common\The Hauntings Surveillance\Observation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DCEEF7D0-9F01-4DF3-AD04-FBBE84FBDC1B}] => (Allow) D:\SteamLibrary\steamapps\common\The Hauntings Surveillance\Observation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{62B19BB5-0098-45C7-9646-F43371655D83}] => (Allow) E:\SteamLibrary\steamapps\common\WinterBottom\Winterbottom.exe () [File not signed]
FirewallRules: [{5BAB0D5B-071F-45AF-9306-E8F97D93335A}] => (Allow) E:\SteamLibrary\steamapps\common\WinterBottom\Winterbottom.exe () [File not signed]
FirewallRules: [{3437CECE-706C-455B-8028-78FD64378853}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{FF1649F9-F4E1-4D8E-989F-FE8B7DCFEF03}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{95A37DA4-F9F5-4D57-AF1B-63123554517A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{1FDB8E8F-318D-4FFC-B285-63908E355703}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C98DCD3-972A-4CD3-826A-24298DBB7D63}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F567D521-3933-4B8C-A4F7-B8973DC3D358}] => (Allow) D:\SteamLibrary\steamapps\common\TCG Card Shop Simulator\Card Shop Simulator.exe () [File not signed]
FirewallRules: [{DA79E06B-B861-44E2-8C61-C3086A8DF968}] => (Allow) D:\SteamLibrary\steamapps\common\TCG Card Shop Simulator\Card Shop Simulator.exe () [File not signed]
FirewallRules: [{B66FBD8E-6566-46AF-A4AD-0C2B531B77CA}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 6\I'm on Observation Duty 6.exe () [File not signed]
FirewallRules: [{6CAC0AC3-76B1-45E0-8D45-8B1BE53F28D5}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 6\I'm on Observation Duty 6.exe () [File not signed]
FirewallRules: [{25F41A83-CAB1-4FC1-B649-B23F646B3788}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 7\I'm on Observation Duty 7.exe () [File not signed]
FirewallRules: [{E0BE84CD-CC31-4BBC-8C4D-D0BDC574D820}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 7\I'm on Observation Duty 7.exe () [File not signed]
FirewallRules: [{55F1CDF4-6F93-427B-8621-CDA0B39A79A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D549FC1-23E1-4608-AE4C-102F5091616F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7D94706-FEE3-4D91-A4D5-1F958FB227D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A0EBA4D-2A62-4CE9-885E-3388225885DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{003080B9-062C-4F88-AC6F-4513BC63E127}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{83236F6A-93D9-4CB4-9173-33A396554B29}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{ECE8C6A5-C7DF-46CD-8430-A4AEB65C3619}] => (Block) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{B4238B05-ADC9-449B-A993-EFB708BF16CB}] => (Block) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{0574C29F-2AB9-4A1C-8339-141CCA18792A}] => (Allow) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{DAC95FEE-E93B-4007-ACCD-98CD008D714C}] => (Allow) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{FC48F6C8-DA65-4650-B5C2-5DF98C85B0B8}] => (Block) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{9DC5B6D8-40EA-49FE-B808-F7684802147D}] => (Block) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{CEDC96D0-B645-4134-BE10-9017C6BDCA77}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3DF547D9-B6C1-4432-A6F1-0D10EC181DB9}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F80DA829-E540-476E-9FE8-3E5CA6A298EC}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile 2\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{3B980ADB-CF8B-4EA9-8B4B-AEBD151F4C1E}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile 2\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{BEA7B195-E9CB-42DA-B062-F590AD85B8F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04068632-225F-4226-B106-75927679B33B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6BF8329B-EFE6-4CDC-BA51-F4643940D16B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B85A746-D4C7-4B4A-B840-925C5F90444D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2959396C-6F9E-48B5-B1E8-D289E449EE09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{77EED540-5AB9-4FB2-9708-C3FDC1980373}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FDB6530-35CF-44DD-BD90-148593679714}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B84C520-3E6D-446E-9C23-CF5BFC28DD0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E12EE72-67DC-483D-AC09-B7AF4F9ED952}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C409F57C-2DF9-493C-AEDB-73BB458F70D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9D7413EC-0B9A-4118-A26A-F565CAF63FA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{59348F13-B1C5-4499-8626-45E7802C8357}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

05-01-2025 05:00:13 Scheduled Checkpoint
14-01-2025 05:15:48 Scheduled Checkpoint
17-01-2025 05:33:44 Windows Modules Installer

==================== Faulty Device Manager Devices ============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/20/2025 12:46:53 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: WOLFE-PC)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).

Error: (01/18/2025 06:51:12 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/17/2025 05:46:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]


System errors:
=============
Error: (01/21/2025 07:03:56 PM) (Source: DCOM) (EventID: 10010) (User: WOLFE-PC)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.

Error: (01/21/2025 06:00:00 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft...?linkid=2169931

Error: (01/21/2025 05:13:03 PM) (Source: DCOM) (EventID: 10010) (User: WOLFE-PC)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.

Error: (01/21/2025 05:10:13 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft...?linkid=2169931

Error: (01/20/2025 09:47:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Guard Runtime Monitor Broker service terminated with the following error:
%%3489660935

Error: (01/20/2025 09:45:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (01/20/2025 09:43:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (01/20/2025 09:40:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.


Windows Defender:
================
Date: 2025-01-21 18:40:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-20 05:54:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-19 06:02:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-17 06:30:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2025-01-20 21:43:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-20 21:43:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-20 21:43:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2604 02/25/2022
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING WIFI II
Processor: AMD Ryzen 7 5800X 8-Core Processor
Percentage of memory in use: 32%
Total physical RAM: 32654.41 MB
Available physical RAM: 21936.81 MB
Total Virtual: 57230.41 MB
Available Virtual: 40698.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:3725.39 GB) (Free:3514.21 GB) (Model: ST4000DM004-2U9104) NTFS
Drive d: (SSD) (Fixed) (Total:931.5 GB) (Free:59.89 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS
Drive e: (Elements SE) (Fixed) (Total:3725.99 GB) (Free:3331.19 GB) (Model: WD Elements SE 2623 USB Device) NTFS

\\?\Volume{e7e96fb9-6a4c-4786-8dad-db66cd25c636}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{ea32604d-50a1-4c09-af34-01b203a00ec2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

#9
RKinner
Posted 22 January 2025 - 08:03 AM

RKinner

    Malware Expert

  • Expert
  • 24,731 posts
  • MVP

Not sure what is keeping it from running when you move it.  Where exactly did you move it to?

 

Looking at the events I see:

 

Error: (01/20/2025 12:46:53 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: WOLFE-PC)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
 

 

 

Sysmain service is only used when you use a USB to increase your RAM.  If you are not doing that then I would just turn off the service.

 

Search for

services.msc

hit Enter

 

Scroll down to Sysmain and right click and select Properties.

 

Change the Startup Type to Disabled.  OK.

 

Also I see:

Error: (01/20/2025 09:45:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

 

 

 

so while you are in Services find

Downloaded Maps Manager

and change its Start Type to Disabled the same way.

(I don't know anyone that uses this service so it's not worth troubleshooting)

 

Close services

 

Error: (01/20/2025 09:40:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

 

 

You can try uninstalling  the Steam program and then downloading a new copy and reinstalling it and see if that gets rid of the error.  

 

You have a WD USB device plugged in but no drivers:

 

==================== Faulty Device Manager Devices ============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

 

 

Supposedly they should be available:

Settings > Windows Update > Advanced Options > Optional Updates > Select the Western Digital drivers.

 

I see some deadwood in your FRST log so let's run a new fix as before:

 

Attached File  fixlist.txt   1.49KB   24 downloads

 

This one should not have to reboot and should be quick but I would reboot afterward to make sure that we didn't break anything.

 

Rerun FRST scan when done and post both logs as well as the fixlog.

 


  • 0

#10
DSWolfe
Posted 22 January 2025 - 09:45 PM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

I have stopped both of the services, reinstalled steam and updated drivers for the HD.  After doing the fix I did a reboot and rescan so here are the results.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by Wolfe (22-01-2025 19:14:27) Run:1
Running from C:\FRST
Loaded Profiles: Wolfe
Boot Mode: Normal
==============================================

fixlist content:
*****************
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2025-01-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44592 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
U4 AppMgmt; no ImagePath
S3 cpuz157; \??\C:\Windows\temp\cpuz157\cpuz157_x64.sys [X] <==== ATTENTION
U4 CscService; no ImagePath
U4 napagent; no ImagePath
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
U4 PeerDistSvc; no ImagePath
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"


*****************

cpuz154 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz154 => removed successfully
cpuz154 => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully
AppMgmt => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz157 => removed successfully
cpuz157 => service removed successfully
HKLM\System\CurrentControlSet\Services\CscService => removed successfully
CscService => service removed successfully
"HKLM\System\CurrentControlSet\Services\napagent" => removed successfully
napagent => service removed successfully
HKLM\System\CurrentControlSet\Services\NvModuleTracker => removed successfully
NvModuleTracker => service removed successfully
HKLM\System\CurrentControlSet\Services\PeerDistSvc => removed successfully
PeerDistSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\SIUSBXP => removed successfully
SIUSBXP => service removed successfully

========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


C:\FRST>wevtutil cl "AMSI/Debug"

C:\FRST>wevtutil cl "AirSpaceChannel"

C:\FRST>wevtutil cl "Analytic"

C:\FRST>wevtutil cl "Application"

C:\FRST>wevtutil cl "DirectShowFilterGraph"

C:\FRST>wevtutil cl "DirectShowPluginControl"

C:\FRST>wevtutil cl "Els_Hyphenation/Analytic"

C:\FRST>wevtutil cl "EndpointMapper"

C:\FRST>wevtutil cl "FirstUXPerf-Analytic"

C:\FRST>wevtutil cl "ForwardedEvents"

C:\FRST>wevtutil cl "General Logging"

C:\FRST>wevtutil cl "HardwareEvents"

C:\FRST>wevtutil cl "IHM_DebugChannel"

C:\FRST>wevtutil cl "Intel-iaLPSS-GPIO/Analytic"

C:\FRST>wevtutil cl "Intel-iaLPSS-I2C/Analytic"

C:\FRST>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug"

C:\FRST>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance"

C:\FRST>wevtutil cl "Intel-iaLPSS2-I2C/Debug"

C:\FRST>wevtutil cl "Intel-iaLPSS2-I2C/Performance"

C:\FRST>wevtutil cl "Internet Explorer"

C:\FRST>wevtutil cl "Key Management Service"

C:\FRST>wevtutil cl "MF_MediaFoundationDeviceMFT"

C:\FRST>wevtutil cl "MF_MediaFoundationDeviceProxy"

C:\FRST>wevtutil cl "MF_MediaFoundationFrameServer"

C:\FRST>wevtutil cl "MedaFoundationVideoProc"

C:\FRST>wevtutil cl "MedaFoundationVideoProcD3D"

C:\FRST>wevtutil cl "MediaFoundationAsyncWrapper"

C:\FRST>wevtutil cl "MediaFoundationContentProtection"

C:\FRST>wevtutil cl "MediaFoundationDS"

C:\FRST>wevtutil cl "MediaFoundationDeviceProxy"

C:\FRST>wevtutil cl "MediaFoundationMP4"

C:\FRST>wevtutil cl "MediaFoundationMediaEngine"

C:\FRST>wevtutil cl "MediaFoundationPerformance"

C:\FRST>wevtutil cl "MediaFoundationPerformanceCore"

C:\FRST>wevtutil cl "MediaFoundationPipeline"

C:\FRST>wevtutil cl "MediaFoundationPlatform"

C:\FRST>wevtutil cl "MediaFoundationSrcPrefetch"

C:\FRST>wevtutil cl "Microsoft-Client-License-ESU/Admin"

C:\FRST>wevtutil cl "Microsoft-Client-License-ESU/Debug"

C:\FRST>wevtutil cl "Microsoft-Client-License-ESU/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin"

C:\FRST>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug"

C:\FRST>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-IE/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-IEFRAME/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-OneCore-Setup/Analytic"

C:\FRST>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AAD/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-AAD/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ADSI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-ASN1/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ATAPort/General"

C:\FRST>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\FRST>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AllJoyn/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AllJoyn/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppHost/Internal"

C:\FRST>wevtutil cl "Microsoft-Windows-AppID/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\FRST>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-State/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppReadiness/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-AppReadiness/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppReadiness/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppSruProv"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeployment-Server/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\FRST>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\FRST>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\FRST>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager"

C:\FRST>wevtutil cl "Microsoft-Windows-Audit/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\FRST>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\FRST>wevtutil cl "Microsoft-Windows-AxInstallService/Log"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Backup"

C:\FRST>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Battery/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Biometrics/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Biometrics/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-BitLocker/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Bits-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CAPI2/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CDROM/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/Call"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/CreateInstance"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\FRST>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation"

C:\FRST>wevtutil cl "Microsoft-Windows-COMRuntime/Activations"

C:\FRST>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\FRST>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudRestoreLauncher/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudStore/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudStore/Initialization"

C:\FRST>wevtutil cl "Microsoft-Windows-CloudStore/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\FRST>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ComDlg32/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreApplication/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-CoreWindow/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Crashdump/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\FRST>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DCLocator/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DDisplay/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DDisplay/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DNS-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DSC/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DXGI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DXGI/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-DXP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\FRST>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Deplorch/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceSync/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceUx/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-DeviceUx/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Devices-Background/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiagCpl/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\FRST>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D11/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D12/Logging"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-DirectSound/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Disk/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Documents/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-DxgKrnl/Power"

C:\FRST>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-EFS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-ESE/IODiagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-ESE/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapHost/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EapHost/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-EapHost/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog"

C:\FRST>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EventCollector/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-EventCollector/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-EventLog/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-EventLog/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FMS/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FMS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FMS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Forwarding/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Forwarding/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HAL/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-HealthCenter/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-HealthCenter/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Help/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\FRST>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-HttpService/Log"

C:\FRST>wevtutil cl "Microsoft-Windows-HttpService/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IE-SmartScreen"

C:\FRST>wevtutil cl "Microsoft-Windows-IKE/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-IKEDBG/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-IdCtrls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-KdsSvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kerberos/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Known Folders API Service"

C:\FRST>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LAPS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-LSA/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LSA/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LSA/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-LiveId/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-LiveId/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MSPaint/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-MSPaint/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-MUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC"

C:\FRST>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR"

C:\FRST>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\FRST>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Minstore/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Minstore/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics"

C:\FRST>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService"

C:\FRST>wevtutil cl "Microsoft-Windows-Mprddm/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NCSI/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-NCSI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NDIS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NTLM/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Ncasvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetShell/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-Connection-Broker"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-NlaSvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Ntfs/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Ntfs/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Ntfs/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-OLEACC/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OneBackup/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-OneX/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-OneX/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PCI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ParentalControls/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Partition/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Partition/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Policy/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Policy/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PowerShell/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PrintService/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService"

C:\FRST>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RPC/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RPC/EEInfo"

C:\FRST>wevtutil cl "Microsoft-Windows-RRAS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RRAS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RadioManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ReFS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Regsvr32/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-RestartManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-RetailDemo/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-RetailDemo/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance"

C:\FRST>wevtutil cl "Microsoft-Windows-Runtime/Error"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Audit"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBServer/Security"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational"

C:\FRST>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-Sdbus/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Sdbus/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Sdstor/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SearchUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-SPP/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\FRST>wevtutil cl "Microsoft-Windows-Security-Vault/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Sens/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Sensors/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Sensors/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Services/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Servicing/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug"

C:\FRST>wevtutil cl "Microsoft-Windows-Setup/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupCl/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Core/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc"

C:\FRST>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-SmartScreen/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Audit"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SmbClient/Security"

C:\FRST>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SrumTelemetry"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StateRepository/Restricted"

C:\FRST>wevtutil cl "Microsoft-Windows-StorDiag/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StorPort/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Health"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat"

C:\FRST>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageManagement/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageManagement/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Store/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Superfetch/Main"

C:\FRST>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog"

C:\FRST>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog"

C:\FRST>wevtutil cl "Microsoft-Windows-Sysprep/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TCPIP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TTS/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TWinUI/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TZSync/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TZSync/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TZUtil/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Time-Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-TunnelDriver"

C:\FRST>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UAC/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\FRST>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-USBVideo/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Control Panel/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-User Device Registration/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-User Device Registration/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-User Profile Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-User-Loader/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-User-Loader/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\FRST>wevtutil cl "Microsoft-Windows-UserSettingsBackup-BackupUnitProcessor/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UserSettingsBackup-Orchestrator/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VAN/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VHDMP-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-VHDMP-Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-VPN-Client/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VPN/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Volume/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-VolumeControl/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WFP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WFP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-API/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WUSA/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WebAuth/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WebAuthN/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server"

C:\FRST>wevtutil cl "Microsoft-Windows-WebServices/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Concurrency"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Contention"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Messages"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Power"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Render"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-Win32k/UIPI"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHttp-Pca"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinHttp/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/Pca"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/UsageLog"

C:\FRST>wevtutil cl "Microsoft-Windows-WinINet/WebSocket"

C:\FRST>wevtutil cl "Microsoft-Windows-WinMDE/MDE"

C:\FRST>wevtutil cl "Microsoft-Windows-WinML/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinNat/Oper"

C:\FRST>wevtutil cl "Microsoft-Windows-WinNat/Trace"

C:\FRST>wevtutil cl "Microsoft-Windows-WinRM/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WinRM/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WinRM/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Windeploy/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Defender/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Defender/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics"

C:\FRST>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Winlogon/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-Winsrv/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-Wordpad/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-Wordpad/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/Operational"

C:\FRST>wevtutil cl "Microsoft-Windows-WorkFolders/WHC"

C:\FRST>wevtutil cl "Microsoft-Windows-Workplace Join/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default"

C:\FRST>wevtutil cl "Microsoft-Windows-XAML/Default"

C:\FRST>wevtutil cl "Microsoft-Windows-XAudio2/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-XAudio2/Performance"

C:\FRST>wevtutil cl "Microsoft-Windows-glcnd/Admin"

C:\FRST>wevtutil cl "Microsoft-Windows-glcnd/Debug"

C:\FRST>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-ntshrui"

C:\FRST>wevtutil cl "Microsoft-Windows-ntshrui-perf"

C:\FRST>wevtutil cl "Microsoft-Windows-osk/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-stobject/Diagnostic"

C:\FRST>wevtutil cl "Microsoft-Windows-wmbclass/Analytic"

C:\FRST>wevtutil cl "Microsoft-Windows-wmbclass/Trace"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug"

C:\FRST>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug"

C:\FRST>wevtutil cl "NIS-Driver-WFP/Diagnostic"

C:\FRST>wevtutil cl "Navigator"

C:\FRST>wevtutil cl "Network Isolation Operational"

C:\FRST>wevtutil cl "OAlerts"

C:\FRST>wevtutil cl "OSK_SoftKeyboard_Channel"

C:\FRST>wevtutil cl "OfficeChannel"

C:\FRST>wevtutil cl "OfficeDebugChannel"

C:\FRST>wevtutil cl "OpenSSH/Admin"

C:\FRST>wevtutil cl "OpenSSH/Debug"

C:\FRST>wevtutil cl "OpenSSH/Operational"

C:\FRST>wevtutil cl "Physical_Keyboard_Manager_Channel"

C:\FRST>wevtutil cl "PlayReadyPerformanceChannel"

C:\FRST>wevtutil cl "RTWorkQueueExtended"

C:\FRST>wevtutil cl "RTWorkQueueTheading"

C:\FRST>wevtutil cl "SMSApi"

C:\FRST>wevtutil cl "Security"

C:\FRST>wevtutil cl "Setup"

C:\FRST>wevtutil cl "SmbWmiAnalytic"

C:\FRST>wevtutil cl "System"

C:\FRST>wevtutil cl "SystemEventsBroker"

C:\FRST>wevtutil cl "TabletPC_InputPanel_Channel"

C:\FRST>wevtutil cl "TabletPC_InputPanel_Channel/IHM"

C:\FRST>wevtutil cl "TimeBroker"

C:\FRST>wevtutil cl "UIManager_Channel"

C:\FRST>wevtutil cl "Uac/Debug"

C:\FRST>wevtutil cl "WINDOWS_KS_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_VC1ENC_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL"

C:\FRST>wevtutil cl "WINDOWS_wmvdecod_CHANNEL"

C:\FRST>wevtutil cl "WMPSetup"

C:\FRST>wevtutil cl "WMPSyncEngine"

C:\FRST>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational"

C:\FRST>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\FRST>wevtutil cl "Windows PowerShell"

C:\FRST>wevtutil cl "WordChannel"

C:\FRST>wevtutil cl "muxencode"


========= End of CMD: =========


==== End of Fixlog 19:15:15 ====

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by Wolfe (administrator) on WOLFE-PC (ASUS System Product Name) (22-01-2025 19:27:01)
Running from C:\Users\Wolfe\Downloads\FRST-OlderVersion\FRST64.exe
Loaded Profiles: Wolfe
Platform: Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

========================================================

C:\FRST\FRST64.exe => process closed successfully
C:\FRST\FRST64.exe => process closed successfully
C:\FRST\FRST64.exe => moved successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.AppServiceBridge.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Mozilla Firefox\default-browser-agent.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Discord Inc. -> Discord Inc.) C:\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe <6>
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22115.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\default-browser-agent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Discord] => C:\Users\Wolfe\AppData\Local\Discord\Update.exe [1525016 2023-03-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-15] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.267\Installer\chrmstp.exe [2025-01-23] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FF3F855-D977-4263-B965-4010D2C215CF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [308584 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AF9ED637-492A-4127-951E-0B3B862CB112} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1860968 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {45A79F7B-EB90-4F55-AE49-6E004213F628} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d97349f784b2a9 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {A0DB1531-EE7D-40B1-902C-D2B8456DA60B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {1C1147E7-BA0D-4483-81A8-B37A2283E11C} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [46631024 2023-03-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {22D2A041-24D1-4947-9ECB-598713967BD6} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2023-03-18] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C34BF41C-D55C-468C-9B27-D2CA4301F5F6} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {BD762367-F8F9-4B10-9E4C-611266E98A38} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{C22F08B7-E9DD-4F63-83C5-479F5BB473B1} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32DEA084-B3A4-4CD2-AA96-A5E618EA07F8} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FDDC5C9-3518-454B-95BF-A38BE8C4179F} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C91E466-9496-468F-9FC6-F3671FFD1814} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1D5251E-1BB9-4F6E-90D1-DB61DDC854E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {256D53C9-4CB3-4879-B0E3-3411B5F09010} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD0E4C0C-D308-4C28-90C5-89A4DC7DFACE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBAB5D9D-8F79-4239-9A11-8BF97BDD2F67} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E560720E-FB4C-4B17-8D44-B85B433830E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC6DCF69-FBB5-4A3A-92B6-3D38B362ED34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57EA1879-CCFE-4CE3-B157-1EA5AD559952} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27A49626-9027-47FC-81D0-8998B75E6D6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69708F82-67BE-4E11-A483-9B4A1E8CC573} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {19E0FDDF-40FC-4860-9F25-D8495705F16A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-35897006-1549402385-1321927907-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {CAA69DE2-0590-481C-B051-343AAE89C33C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {22BA612D-4EE9-4F28-9515-C33E3126CDF5} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8D9D487-1CC5-4BD2-A8EC-B8174B078C25} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E262836-4C8A-4593-8BCE-BA297F7612B2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F42F4D-EE43-4030-B1C6-D6E3DB6E89F1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {E85D0753-7D78-42D2-9DD8-199FE04A4689} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.97.14
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}: [DhcpNameServer] 192.168.97.14
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D25374: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D25374: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpDomain] wk.shawcable.net
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,10.0.0.58,1]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-16]
Edge Extension: (Google Docs Offline) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: 4syrh9jm.default
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\4syrh9jm.default [2023-04-20]
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release [2025-01-23]
FF Session Restore: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> hxxps://www.facebook.com
FF Extension: (AdGuard AdBlocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2025-01-10]
FF Extension: (Enhancer for YouTube™) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2024-12-03]
FF Extension: (Capital One Shopping: Save Now) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2024-08-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default [2024-04-21]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-03-28] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1132000 2025-01-23] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-01-15] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617896 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [146984 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 CorsairLLAService; C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe [238632 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [715736 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe [3530280 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [310824 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\OneDriveUpdaterService.exe [3876392 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1878448 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [364800 2024-12-12] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538416 2024-11-20] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-06-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-16] (ASUSTeK COMPUTER INC. -> )
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [21752 2023-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2025-01-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_bf51b653ec31b8ab\e2f.sys [531568 2023-07-02] (Intel Corporation -> Intel Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [18496 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [361472 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1617920 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_02a1; C:\Windows\System32\drivers\RzDev_02a1.sys [64664 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2020-09-10] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-22 19:11 - 2025-01-22 19:30 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-22 19:11 - 2025-01-22 19:11 - 002380800 _____ C:\Users\Wolfe\Downloads\SteamSetup(1).exe
2025-01-22 19:11 - 2025-01-22 19:11 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2025-01-22 19:11 - 2025-01-22 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-01-22 19:08 - 2020-09-10 11:15 - 000025704 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys
2025-01-17 22:09 - 2025-01-17 22:09 - 005538981 _____ C:\Users\Wolfe\Downloads\UE4SS_v3.0.0.zip
2025-01-17 05:37 - 2025-01-17 05:37 - 000000000 ___HD C:\$WinREAgent
2025-01-16 20:08 - 2025-01-16 20:08 - 000182886 _____ C:\Users\Wolfe\Downloads\message(1).txt
2025-01-16 19:08 - 2025-01-22 19:27 - 000000000 ____D C:\Users\Wolfe\Downloads\FRST-OlderVersion
2025-01-16 19:06 - 2025-01-22 19:32 - 000000000 ____D C:\FRST
2025-01-16 19:02 - 2025-01-16 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Wolfe\Downloads\HijackThis.exe
2025-01-16 06:05 - 2025-01-16 06:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-14 22:17 - 2025-01-14 22:17 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-01-14 22:17 - 2025-01-14 22:17 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-14 10:43 - 2025-01-22 19:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-11 19:49 - 2025-01-11 19:49 - 003161705 _____ C:\Users\Wolfe\Downloads\elvui-13.81(2).zip
2025-01-07 20:15 - 2025-01-07 20:15 - 000180264 _____ C:\Users\Wolfe\Downloads\Statement_122024_5998.pdf
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2024-12-28 18:06 - 2024-12-04 10:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-12-28 18:06 - 2024-12-04 10:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-12-28 18:06 - 2024-12-04 09:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-12-28 18:06 - 2024-12-04 09:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-12-28 18:06 - 2024-12-04 09:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-12-28 18:06 - 2024-12-03 17:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2024-12-28 18:06 - 2024-12-03 17:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-12-28 18:02 - 2024-12-28 18:02 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-12-28 18:02 - 2024-12-28 18:02 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-12-28 18:02 - 2024-12-28 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-12-28 18:01 - 2024-12-18 04:26 - 003074088 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-12-28 18:01 - 2024-12-18 04:26 - 002369064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000180760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000159768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2024-12-28 13:51 - 2024-12-28 19:18 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Path of Exile 2

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-22 19:30 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-22 19:26 - 2023-04-19 04:46 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-22 19:26 - 2019-12-07 01:13 - 000000000 ____D C:\Windows\INF
2025-01-22 19:25 - 2024-10-22 18:00 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Discord
2025-01-22 19:25 - 2023-04-19 21:43 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\discord
2025-01-22 19:23 - 2023-04-19 04:47 - 000000000 ___RD C:\Users\Wolfe\OneDrive
2025-01-22 19:22 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Packages
2025-01-22 19:22 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-22 19:22 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-22 19:19 - 2024-09-29 17:02 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-22 19:19 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-22 19:19 - 2023-04-19 04:36 - 001180016 _____ () C:\Windows\system32\wpbbin.exe
2025-01-22 19:19 - 2023-04-19 04:36 - 001132000 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-01-22 19:19 - 2023-04-19 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-22 19:18 - 2019-12-07 01:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-01-22 19:17 - 2023-04-19 04:44 - 000000000 ____D C:\Users\Wolfe
2025-01-22 19:14 - 2023-04-19 21:35 - 000000000 ____D C:\Program Files\ASUS
2025-01-22 19:14 - 2023-04-19 21:27 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Battle.net
2025-01-22 19:13 - 2023-04-19 21:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Steam
2025-01-22 19:02 - 2023-04-19 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-22 17:10 - 2023-04-22 20:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-22 17:10 - 2023-04-22 20:27 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-01-22 17:10 - 2022-09-07 19:13 - 000000000 ____D C:\Windows\SystemTemp
2025-01-22 16:34 - 2023-04-19 21:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-01-22 05:36 - 2023-04-21 18:11 - 000000000 ____D C:\Users\Wolfe\AppData\Local\CrashDumps
2025-01-20 21:45 - 2023-04-19 20:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-20 21:42 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\D3DSCache
2025-01-20 00:57 - 2023-08-06 16:56 - 000002325 _____ C:\Users\Wolfe\Desktop\Warcraft Logs Companion.lnk
2025-01-20 00:57 - 2023-04-19 21:37 - 000002325 _____ C:\Users\Wolfe\Desktop\CurseForge.lnk
2025-01-20 00:57 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Overwolf
2025-01-20 00:46 - 2023-04-19 21:31 - 000003962 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean
2025-01-19 10:22 - 2023-04-28 22:00 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Excel
2025-01-18 13:40 - 2023-04-19 04:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-18 13:40 - 2023-04-19 04:37 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SystemResources
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\appraiser
2025-01-17 17:24 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\bcastdvr
2025-01-17 06:19 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-17 06:15 - 2023-04-19 04:38 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-01-16 19:02 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\VirtualStore
2025-01-16 18:17 - 2023-04-19 20:34 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 17:51 - 2023-04-19 20:34 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-16 06:07 - 2023-04-28 21:51 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-16 06:07 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-16 05:53 - 2024-10-22 18:01 - 000002243 _____ C:\Users\Wolfe\Desktop\Discord.lnk
2025-01-16 05:35 - 2023-04-29 23:26 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-01-16 05:35 - 2023-04-19 20:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-15 19:27 - 2023-04-19 20:32 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000001053 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-01-15 18:49 - 2023-04-19 20:42 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-14 22:17 - 2023-04-19 21:15 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001
2025-01-10 16:47 - 2023-04-19 04:45 - 000000000 ____D C:\ProgramData\Packages
2025-01-06 20:59 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-06 05:50 - 2023-04-19 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2024-12-30 02:25 - 2023-04-19 20:37 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA
2024-12-28 18:07 - 2023-04-22 20:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-21 19:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-19 20:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-12-28 13:51 - 2023-04-21 19:06 - 000000000 ____D C:\Users\Wolfe\Documents\My Games
2024-12-28 13:18 - 2023-05-05 17:56 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-26 14:59 - 2023-04-19 21:37 - 000000000 ____D C:\Program Files (x86)\Overwolf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by Wolfe (administrator) on WOLFE-PC (ASUS System Product Name) (22-01-2025 19:27:01)
Running from C:\Users\Wolfe\Downloads\FRST-OlderVersion\FRST64.exe
Loaded Profiles: Wolfe
Platform: Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

========================================================

C:\FRST\FRST64.exe => process closed successfully
C:\FRST\FRST64.exe => process closed successfully
C:\FRST\FRST64.exe => moved successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.AppServiceBridge.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Mozilla Firefox\default-browser-agent.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Discord Inc. -> Discord Inc.) C:\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe <6>
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22115.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\default-browser-agent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Discord] => C:\Users\Wolfe\AppData\Local\Discord\Update.exe [1525016 2023-03-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-15] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.267\Installer\chrmstp.exe [2025-01-23] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FF3F855-D977-4263-B965-4010D2C215CF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [308584 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AF9ED637-492A-4127-951E-0B3B862CB112} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1860968 2023-02-02] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {45A79F7B-EB90-4F55-AE49-6E004213F628} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d97349f784b2a9 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {A0DB1531-EE7D-40B1-902C-D2B8456DA60B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {1C1147E7-BA0D-4483-81A8-B37A2283E11C} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [46631024 2023-03-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {22D2A041-24D1-4947-9ECB-598713967BD6} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2023-03-18] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C34BF41C-D55C-468C-9B27-D2CA4301F5F6} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {BD762367-F8F9-4B10-9E4C-611266E98A38} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{C22F08B7-E9DD-4F63-83C5-479F5BB473B1} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32DEA084-B3A4-4CD2-AA96-A5E618EA07F8} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FDDC5C9-3518-454B-95BF-A38BE8C4179F} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C91E466-9496-468F-9FC6-F3671FFD1814} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1D5251E-1BB9-4F6E-90D1-DB61DDC854E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {256D53C9-4CB3-4879-B0E3-3411B5F09010} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD0E4C0C-D308-4C28-90C5-89A4DC7DFACE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBAB5D9D-8F79-4239-9A11-8BF97BDD2F67} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E560720E-FB4C-4B17-8D44-B85B433830E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC6DCF69-FBB5-4A3A-92B6-3D38B362ED34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57EA1879-CCFE-4CE3-B157-1EA5AD559952} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27A49626-9027-47FC-81D0-8998B75E6D6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69708F82-67BE-4E11-A483-9B4A1E8CC573} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {19E0FDDF-40FC-4860-9F25-D8495705F16A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-35897006-1549402385-1321927907-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {CAA69DE2-0590-481C-B051-343AAE89C33C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {22BA612D-4EE9-4F28-9515-C33E3126CDF5} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8D9D487-1CC5-4BD2-A8EC-B8174B078C25} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E262836-4C8A-4593-8BCE-BA297F7612B2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F42F4D-EE43-4030-B1C6-D6E3DB6E89F1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {E85D0753-7D78-42D2-9DD8-199FE04A4689} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [546840 2024-12-31] (Razer USA Ltd. -> Razer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.97.14
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}: [DhcpNameServer] 192.168.97.14
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\35841475D263037343: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D223E243: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D25374: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{320e9fdb-11a2-4c7f-8dcb-d67e964be400}\45F656370277966696D25374: [DhcpDomain] wk.shawcable.net
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpNameServer] 64.59.168.15 64.59.150.132
Tcpip\..\Interfaces\{e7b5bf8c-4967-4258-828c-e09f60cf482e}: [DhcpDomain] wk.shawcable.net
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,10.0.0.58,1]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-16]
Edge Extension: (Google Docs Offline) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Wolfe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: 4syrh9jm.default
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\4syrh9jm.default [2023-04-20]
FF ProfilePath: C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release [2025-01-23]
FF Session Restore: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\dhg2sufo.default-release -> hxxps://www.facebook.com
FF Extension: (AdGuard AdBlocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2025-01-10]
FF Extension: (Enhancer for YouTube™) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\[email protected] [2024-12-03]
FF Extension: (Capital One Shopping: Save Now) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2024-08-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\dhg2sufo.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default [2024-04-21]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-03-28] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-05-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-04-20] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1132000 2025-01-23] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-01-15] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617896 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [146984 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 CorsairLLAService; C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe [238632 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-04-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [715736 2024-12-31] (Razer USA Ltd. -> Razer Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe [3530280 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [310824 2023-04-21] (Corsair Memory, Inc. -> Corsair)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\OneDriveUpdaterService.exe [3876392 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1878448 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [364800 2024-12-12] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-10-03] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538416 2024-11-20] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-06-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-16] (ASUSTeK COMPUTER INC. -> )
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [21752 2023-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2025-01-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_bf51b653ec31b8ab\e2f.sys [531568 2023-07-02] (Intel Corporation -> Intel Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [18496 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [361472 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1617920 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_02a1; C:\Windows\System32\drivers\RzDev_02a1.sys [64664 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2020-09-10] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-22 19:11 - 2025-01-22 19:30 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-22 19:11 - 2025-01-22 19:11 - 002380800 _____ C:\Users\Wolfe\Downloads\SteamSetup(1).exe
2025-01-22 19:11 - 2025-01-22 19:11 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2025-01-22 19:11 - 2025-01-22 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-01-22 19:08 - 2020-09-10 11:15 - 000025704 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys
2025-01-17 22:09 - 2025-01-17 22:09 - 005538981 _____ C:\Users\Wolfe\Downloads\UE4SS_v3.0.0.zip
2025-01-17 05:37 - 2025-01-17 05:37 - 000000000 ___HD C:\$WinREAgent
2025-01-16 20:08 - 2025-01-16 20:08 - 000182886 _____ C:\Users\Wolfe\Downloads\message(1).txt
2025-01-16 19:08 - 2025-01-22 19:27 - 000000000 ____D C:\Users\Wolfe\Downloads\FRST-OlderVersion
2025-01-16 19:06 - 2025-01-22 19:32 - 000000000 ____D C:\FRST
2025-01-16 19:02 - 2025-01-16 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Wolfe\Downloads\HijackThis.exe
2025-01-16 06:05 - 2025-01-16 06:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-14 22:17 - 2025-01-14 22:17 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-01-14 22:17 - 2025-01-14 22:17 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-14 10:43 - 2025-01-22 19:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-11 19:49 - 2025-01-11 19:49 - 003161705 _____ C:\Users\Wolfe\Downloads\elvui-13.81(2).zip
2025-01-07 20:15 - 2025-01-07 20:15 - 000180264 _____ C:\Users\Wolfe\Downloads\Statement_122024_5998.pdf
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-12-28 18:06 - 2024-12-04 10:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2024-12-28 18:06 - 2024-12-04 10:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-12-28 18:06 - 2024-12-04 10:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-12-28 18:06 - 2024-12-04 10:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-12-28 18:06 - 2024-12-04 10:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-12-28 18:06 - 2024-12-04 09:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-12-28 18:06 - 2024-12-04 09:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-12-28 18:06 - 2024-12-04 09:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-12-28 18:06 - 2024-12-04 09:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-12-28 18:06 - 2024-12-03 17:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2024-12-28 18:06 - 2024-12-03 17:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-12-28 18:02 - 2024-12-28 18:02 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-12-28 18:02 - 2024-12-28 18:02 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-12-28 18:02 - 2024-12-28 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-12-28 18:01 - 2024-12-18 04:26 - 003074088 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-12-28 18:01 - 2024-12-18 04:26 - 002369064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000180760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2024-12-28 18:01 - 2024-12-18 04:07 - 000159768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2024-12-28 13:51 - 2024-12-28 19:18 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Path of Exile 2

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-22 19:30 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-22 19:26 - 2023-04-19 04:46 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-22 19:26 - 2019-12-07 01:13 - 000000000 ____D C:\Windows\INF
2025-01-22 19:25 - 2024-10-22 18:00 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Discord
2025-01-22 19:25 - 2023-04-19 21:43 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\discord
2025-01-22 19:23 - 2023-04-19 04:47 - 000000000 ___RD C:\Users\Wolfe\OneDrive
2025-01-22 19:22 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Packages
2025-01-22 19:22 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-22 19:22 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-22 19:19 - 2024-09-29 17:02 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-22 19:19 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-22 19:19 - 2023-04-19 04:36 - 001180016 _____ () C:\Windows\system32\wpbbin.exe
2025-01-22 19:19 - 2023-04-19 04:36 - 001132000 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-01-22 19:19 - 2023-04-19 04:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-22 19:18 - 2019-12-07 01:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-01-22 19:17 - 2023-04-19 04:44 - 000000000 ____D C:\Users\Wolfe
2025-01-22 19:14 - 2023-04-19 21:35 - 000000000 ____D C:\Program Files\ASUS
2025-01-22 19:14 - 2023-04-19 21:27 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Battle.net
2025-01-22 19:13 - 2023-04-19 21:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Steam
2025-01-22 19:02 - 2023-04-19 04:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-22 17:10 - 2023-04-22 20:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-22 17:10 - 2023-04-22 20:27 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-01-22 17:10 - 2022-09-07 19:13 - 000000000 ____D C:\Windows\SystemTemp
2025-01-22 16:34 - 2023-04-19 21:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-01-22 05:36 - 2023-04-21 18:11 - 000000000 ____D C:\Users\Wolfe\AppData\Local\CrashDumps
2025-01-20 21:45 - 2023-04-19 20:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-20 21:42 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\D3DSCache
2025-01-20 00:57 - 2023-08-06 16:56 - 000002325 _____ C:\Users\Wolfe\Desktop\Warcraft Logs Companion.lnk
2025-01-20 00:57 - 2023-04-19 21:37 - 000002325 _____ C:\Users\Wolfe\Desktop\CurseForge.lnk
2025-01-20 00:57 - 2023-04-19 21:36 - 000000000 ____D C:\Users\Wolfe\AppData\Local\Overwolf
2025-01-20 00:46 - 2023-04-19 21:31 - 000003962 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean
2025-01-19 10:22 - 2023-04-28 22:00 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Excel
2025-01-18 13:40 - 2023-04-19 04:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-18 13:40 - 2023-04-19 04:37 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SystemResources
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-01-17 17:25 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\appraiser
2025-01-17 17:24 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\bcastdvr
2025-01-17 06:19 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-17 06:15 - 2023-04-19 04:38 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-01-16 19:02 - 2023-04-19 04:45 - 000000000 ____D C:\Users\Wolfe\AppData\Local\VirtualStore
2025-01-16 18:17 - 2023-04-19 20:34 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 17:51 - 2023-04-19 20:34 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-16 06:07 - 2023-04-28 21:51 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-16 06:07 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-16 05:53 - 2024-10-22 18:01 - 000002243 _____ C:\Users\Wolfe\Desktop\Discord.lnk
2025-01-16 05:35 - 2023-04-29 23:26 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-01-16 05:35 - 2023-04-19 20:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-15 19:27 - 2023-04-19 20:32 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000001053 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-01-15 19:27 - 2023-04-19 20:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-01-15 18:49 - 2023-04-19 20:42 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-14 22:17 - 2023-04-19 21:15 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-35897006-1549402385-1321927907-1001
2025-01-10 16:47 - 2023-04-19 04:45 - 000000000 ____D C:\ProgramData\Packages
2025-01-06 20:59 - 2023-04-19 20:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-06 05:50 - 2023-04-19 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2024-12-30 02:25 - 2023-04-19 20:37 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA
2024-12-28 18:07 - 2023-04-22 20:26 - 000000000 ____D C:\Users\Wolfe\AppData\Local\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-21 19:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-12-28 18:07 - 2023-04-19 20:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-12-28 13:51 - 2023-04-21 19:06 - 000000000 ____D C:\Users\Wolfe\Documents\My Games
2024-12-28 13:18 - 2023-05-05 17:56 - 000000000 ____D C:\Users\Wolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-26 14:59 - 2023-04-19 21:37 - 000000000 ____D C:\Program Files (x86)\Overwolf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

Advertisements

#11
DSWolfe
Posted 22 January 2025 - 09:49 PM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Also that last reboot was pretty quick, minus the fact that steam had to do an update since it was just reinstalled


  • 0

#12
RKinner
Posted 23 January 2025 - 06:07 AM

RKinner

    Malware Expert

  • Expert
  • 24,731 posts
  • MVP

You posted the FRST log twice.  Do you have the Addition.txt?

 

Do you use Microsoft OneDrive ?  If not you can uninstall it.  Search for Control Panel, then select Programs & Features and click on Microsoft OneDrive and Uninstall.

 

Search for

 
task scheduler
 
When it finds it, right click and Run As Administrator
 
Click on the arrow in front of Task Scheduler Library then
 
Click on the arrow in front of Microsoft
 
Click on the arrow in front of Windows
 
Click on Application Experience.  In the next pane to the right, right click on each Task and Delete.  Should be three or four (later versions) tasks.
 
Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Delete.  Should be two tasks.
 
Close Task Scheduler.
 
 
Download OOSU10.exe:
 
 
Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then go to the Download folder and Right click on the downloaded file and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.
 
Close the program and reboot.
 
This removes some Microsoft bloatware and can speed up your PC a bit.  
 
Is the reboot still relatively quick?  How is the lag?
 
I see I missed a piece of deadwood.  It's not a factor since it's an R3 and not an R2 or R1 so it doesn't try to start at boot but might as well be thorough.  One more fixlist.  No need to post the fixlog or rerun FRST.
 
Attached File  fixlist.txt   5.4KB   21 downloads
 
Let's check your Internet connection:
 
Go to 
 
 
and click on GO
 
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
 
Is that about what you paid for?
 
(test isn't very accurate on fiber connections so don't panic if you have fiber and it reads low)

  • 0

#13
DSWolfe
Posted 23 January 2025 - 08:12 AM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Sorry must have not copied properly.

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by Wolfe (22-01-2025 19:34:36)
Running from C:\Users\Wolfe\Downloads\FRST-OlderVersion
Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) (2023-04-19 12:41:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-35897006-1549402385-1321927907-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-35897006-1549402385-1321927907-503 - Limited - Disabled)
Guest (S-1-5-21-35897006-1549402385-1321927907-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-35897006-1549402385-1321927907-504 - Limited - Disabled)
Wolfe (S-1-5-21-35897006-1549402385-1321927907-1001 - Administrator - Enabled) => C:\Users\Wolfe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.119 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.89 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{2b787d65-59ec-46d5-9e6b-8b4761e7903c}) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.3 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.2.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{45ece30d-a966-424e-9bce-f740797c5348}) (Version: 1.2.0.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.4 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{39cdaa93-c446-4421-a337-1e52705dd2f8}) (Version: 1.3.9.4 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 3.2.1.2 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.00.01 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.29 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.29 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version:  - Blizzard Entertainment)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Cataclysm Classic (HKLM-x32\...\Cataclysm Classic) (Version:  - Blizzard Entertainment)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.0.146 - Corsair)
CurseForge (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.270.1.2519 - Overwolf app)
Diablo IV (HKLM-x32\...\Diablo IV) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Discord) (Version: 1.0.9012 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.267 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel® Network Connections 28.0.0.2 (HKLM\...\{2D8EB790-843E-4825-ABE7-CB1A52F1C5B3}) (Version: 28.0.0.2 - Intel) Hidden
Intel® Network Connections 28.0.0.2 (HKLM\...\PROSetDX) (Version: 28.0.0.2 - Intel)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18429.20044 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.115 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.146 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.244.1204.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-CA) (HKLM\...\Mozilla Firefox 134.0.1 (x64 en-CA)) (Version: 134.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
NVIDIA app 11.0.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.189 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation)
NVIDIA Graphics Driver 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.266.1.26 - Overwolf Ltd.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{31850f16-ce9f-4dec-81ca-222c617a9115}) (Version: 1.0.9.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.2 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{959e5696-0edd-4896-b1d8-54aaa725f770}) (Version: 1.1.0.2 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 11.0.46.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1008.100321 - Razer Inc.)
Reverse1999 (HKLM-x32\...\Reverse1999) (Version: 1.0.1.0 - BLUEPOCH GAMES CO., LIMITED)
Roblox Player for Wolfe (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\roblox-player) (Version:  - Roblox Corporation)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 147.0.10965 - Ubisoft)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.4 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{c8b4688a-f5d4-4236-aec4-df260a88ccc4}) (Version: 1.0.0.4 - PD) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.15 - Voxengo)
Warcraft Logs Companion (HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 8.15.14 - Overwolf app)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version:  - Blizzard Entertainment)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.13.0_x64__qmba6cd70vzyy [2024-12-18] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.9.3.0_x64__qmba6cd70vzyy [2024-06-30] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-03-27] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-14] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12001.0_x64__8wekyb3d8bbwe [2025-01-01] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
Spotify - Music and Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0 [2025-01-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-35897006-1549402385-1321927907-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Wolfe\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-04-19 21:38 - 2023-02-03 16:10 - 000525312 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000520192 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000483328 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\node-system-fonts\build\Release\system-fonts.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000510464 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-27 13:56 - 000319488 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\sharp\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-09-01 08:47 - 000786432 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2023-04-19 21:38 - 2022-06-08 09:33 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2024-06-25 17:43 - 2011-01-15 15:45 - 000319488 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2024-06-25 17:41 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2025-01-22 19:11 - 2024-12-03 12:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2025-01-22 19:11 - 2024-12-03 12:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2025-01-22 19:11 - 2024-12-03 12:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2025-01-22 19:11 - 2024-12-03 12:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2025-01-22 19:11 - 2024-12-03 12:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2025-01-22 19:11 - 2024-12-03 12:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2023-04-20 16:48 - 2023-04-20 16:48 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files\Corsair\Corsair iCUE5 Software\clink\SiUSBXp.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 01:14 - 2019-12-07 01:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wolfe\Pictures\Saved Pictures\1132784.png
DNS Servers: 192.168.97.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel® Ethernet Controller I225-V -> e2f.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: RZ608 Wi-Fi 6E 80MHz -> mtkwl6ex.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-35897006-1549402385-1321927907-1001\...\StartupApproved\Run: => "Synapse3"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA883DF2-91D9-4561-AA1C-FE7B1B6164F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D653137D-8CAC-4219-B1CF-A0D04582F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1D226292-A15A-41C5-B406-61391860FAAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1931B891-1E76-47D1-9B54-8AE08D81F017}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5C81B250-01C7-405C-BF3C-15CC9D27BA56}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1CFE5603-69BD-4453-8E39-AF0CB7364795}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DF1F6C59-6D9E-4ADE-80F6-9D615258598B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{209E6CDC-7269-44B8-9A0F-0FAA75EA6528}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{5A92544A-63B8-45C0-BC68-FAC4203C6ABA}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{E90BA36B-9269-4DB3-A7D5-1D32EE327AD4}] => (Allow) C:\Users\Wolfe\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{774D426C-26DA-41DE-96DD-D43CE54D81AE}E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [UDP Query User{A41965D4-FB0F-4623-AB06-A3DEE8417817}E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) E:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [TCP Query User{0CF257AD-3AC8-4308-A242-EBBC80946D06}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{FE76C8DB-EF0C-432F-8FA1-C933BDC451A2}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{7882F540-0EA1-4145-AFDB-271C17B91054}] => (Allow) C:\Users\Wolfe\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{EB3BFBEC-407B-462F-827B-BBE1559A3062}] => (Allow) C:\Users\Wolfe\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{4AF4067D-59D3-4203-87BF-14B2E1DC218F}] => (Allow) C:\Users\Wolfe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{0C259C52-29B2-447B-8F3E-D802B6225F98}] => (Allow) C:\Users\Wolfe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{8AC34B37-FAEF-4025-A43D-5635AB2DE31F}C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{6D73BE5C-CDE7-43AF-82E8-E95442356227}C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wolfe\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{CDC41BD3-7DB2-4C24-BA5E-4BBED0F66AF7}] => (Allow) D:\SteamLibrary\steamapps\common\The Past Within\The Past Within.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{6695E06B-62E5-41CF-BC95-B07695230B8F}] => (Allow) D:\SteamLibrary\steamapps\common\The Past Within\The Past Within.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{7B79F3BC-DAB1-40E5-B03A-3F812A2181CB}D:\diablo iv - server slam\diablo iv.exe] => (Allow) D:\diablo iv - server slam\diablo iv.exe => No File
FirewallRules: [UDP Query User{035AA948-5ABB-43FB-A02F-F8F60A11D86E}D:\diablo iv - server slam\diablo iv.exe] => (Allow) D:\diablo iv - server slam\diablo iv.exe => No File
FirewallRules: [TCP Query User{37998031-EDA9-4BE6-A363-F8AD712D7758}D:\diablo iv\diablo iv.exe] => (Allow) D:\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{07A2B34C-1689-447B-8098-E948440E9D39}D:\diablo iv\diablo iv.exe] => (Allow) D:\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{5221235E-D912-494D-96ED-F6E71CFD7E1D}] => (Allow) D:\SteamLibrary\steamapps\common\Quarters\fnaf9.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{271A24FB-0434-4777-A7CE-3AB752F1C3C9}] => (Allow) D:\SteamLibrary\steamapps\common\Quarters\fnaf9.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{09B1E3FF-C467-4F5B-82CC-B4391621AE78}] => (Allow) D:\SteamLibrary\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{BE2AA407-AF40-4821-8CF0-47BA5313FCE9}] => (Allow) D:\SteamLibrary\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{4F4A96FA-8B7A-4083-823A-7EC52E049D5F}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D5B941AE-579C-40B8-9CDD-333738F08426}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{E1B5C579-CEDF-40F1-AA09-E1BDB5E8B5EF}] => (Allow) D:\SteamLibrary\steamapps\common\Evil Genius 2\launcher\eg2.exe (Rebellion) [File not signed]
FirewallRules: [{A959EDD2-DF82-4C3E-8749-EE0D5F0C030E}] => (Allow) D:\SteamLibrary\steamapps\common\Evil Genius 2\launcher\eg2.exe (Rebellion) [File not signed]
FirewallRules: [{95335994-FDED-4A04-9B87-74735B73F529}] => (Allow) D:\SteamLibrary\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [File not signed]
FirewallRules: [{400FEDF5-DB94-412F-B715-C022490B4FCE}] => (Allow) D:\SteamLibrary\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [File not signed]
FirewallRules: [{A8998BFB-6B38-4F73-BCA6-0AD37B075B42}] => (Allow) D:\SteamLibrary\steamapps\common\Shadows of Doubt\Shadows of Doubt.exe () [File not signed]
FirewallRules: [{7E6B1ADF-F55B-4EE7-8B9E-E9DF57E7E774}] => (Allow) D:\SteamLibrary\steamapps\common\Shadows of Doubt\Shadows of Doubt.exe () [File not signed]
FirewallRules: [{16DB64DC-474D-4F64-959E-155CFECC01D2}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\I'm on Observation Duty 3.exe () [File not signed]
FirewallRules: [{5776C784-8AD7-44EC-B0CF-22A1FB7043F7}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\I'm on Observation Duty 3.exe () [File not signed]
FirewallRules: [{A05640C3-21F0-4001-A3EC-67B911B4E4C6}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\VR\I'm on Observation Duty 3 VR.exe () [File not signed]
FirewallRules: [{D680E87C-024B-49D0-A192-03FF109D53D2}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 3\VR\I'm on Observation Duty 3 VR.exe () [File not signed]
FirewallRules: [TCP Query User{407E08F6-05A3-44CD-88B2-1635EC7170AB}C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe] => (Allow) C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe (BLUEPOCH GAMES CO., LIMITED -> )
FirewallRules: [UDP Query User{6C68046C-E080-4DF4-B7D1-5621FE60DC6C}C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe] => (Allow) C:\program files (x86)\reverse1999_global\reverse1999en\reverse1999.exe (BLUEPOCH GAMES CO., LIMITED -> )
FirewallRules: [{F2905DDE-7C96-477B-805E-8A0EA7A08473}] => (Allow) D:\SteamLibrary\steamapps\common\Micro Civilization\Civ.exe () [File not signed]
FirewallRules: [{A25D1D08-2FF5-419C-B55B-B78AE25ADFB2}] => (Allow) D:\SteamLibrary\steamapps\common\Micro Civilization\Civ.exe () [File not signed]
FirewallRules: [{C6070451-CEA9-4490-890A-BD70055558AB}] => (Allow) D:\SteamLibrary\steamapps\common\Scott Pilgrim vs The World\Scott.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{3278A012-75DE-4FCB-B327-8E7EAF3BCC37}] => (Allow) D:\SteamLibrary\steamapps\common\Scott Pilgrim vs The World\Scott.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{08512535-7EBC-4491-B0BD-8D558FC072FD}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{0387D246-361A-454E-BB5F-84571BE7EEF6}D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\steamlibrary\steamapps\common\tiny tina's wonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{1144C922-08F8-4220-9B69-304019C7BB07}] => (Allow) D:\SteamLibrary\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1294CD8A-3691-4D1E-B3E8-925827DAACDC}] => (Allow) D:\SteamLibrary\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{89402943-9DB3-4158-9A85-6E42B18804C7}D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{BE4E0628-F774-4F10-B290-36ABD34D3DB6}D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5D203C24-3076-42B5-A21A-3DFEBD75E828}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{8161BB70-8DB1-42C6-8A98-0F53CB226740}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{2E93B374-1519-4212-9C50-6631C6B34A28}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Forbidden West Complete Edition\HorizonForbiddenWest.exe (Sony Interactive Entertainment LLC -> Guerrilla B.V.)
FirewallRules: [{C3D1AB2D-3216-4A8D-9EA9-4406C9F114D0}] => (Allow) D:\SteamLibrary\steamapps\common\Horizon Forbidden West Complete Edition\HorizonForbiddenWest.exe (Sony Interactive Entertainment LLC -> Guerrilla B.V.)
FirewallRules: [{3E0E32E5-62B2-4E91-BEA3-20CF35879EC3}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B9EF66FA-80A3-448F-92E7-3E8991C94A0B}] => (Allow) D:\SteamLibrary\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{44FA06B8-1B39-40FD-A7C3-C14FDEEA63BF}] => (Allow) D:\SteamLibrary\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{41BFE508-EF34-4E99-B5BA-B118E09037A8}] => (Allow) D:\SteamLibrary\steamapps\common\The Hauntings Surveillance\Observation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DCEEF7D0-9F01-4DF3-AD04-FBBE84FBDC1B}] => (Allow) D:\SteamLibrary\steamapps\common\The Hauntings Surveillance\Observation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{62B19BB5-0098-45C7-9646-F43371655D83}] => (Allow) E:\SteamLibrary\steamapps\common\WinterBottom\Winterbottom.exe () [File not signed]
FirewallRules: [{5BAB0D5B-071F-45AF-9306-E8F97D93335A}] => (Allow) E:\SteamLibrary\steamapps\common\WinterBottom\Winterbottom.exe () [File not signed]
FirewallRules: [{3437CECE-706C-455B-8028-78FD64378853}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{FF1649F9-F4E1-4D8E-989F-FE8B7DCFEF03}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{95A37DA4-F9F5-4D57-AF1B-63123554517A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{1FDB8E8F-318D-4FFC-B285-63908E355703}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C98DCD3-972A-4CD3-826A-24298DBB7D63}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F567D521-3933-4B8C-A4F7-B8973DC3D358}] => (Allow) D:\SteamLibrary\steamapps\common\TCG Card Shop Simulator\Card Shop Simulator.exe () [File not signed]
FirewallRules: [{DA79E06B-B861-44E2-8C61-C3086A8DF968}] => (Allow) D:\SteamLibrary\steamapps\common\TCG Card Shop Simulator\Card Shop Simulator.exe () [File not signed]
FirewallRules: [{B66FBD8E-6566-46AF-A4AD-0C2B531B77CA}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 6\I'm on Observation Duty 6.exe () [File not signed]
FirewallRules: [{6CAC0AC3-76B1-45E0-8D45-8B1BE53F28D5}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 6\I'm on Observation Duty 6.exe () [File not signed]
FirewallRules: [{25F41A83-CAB1-4FC1-B649-B23F646B3788}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 7\I'm on Observation Duty 7.exe () [File not signed]
FirewallRules: [{E0BE84CD-CC31-4BBC-8C4D-D0BDC574D820}] => (Allow) D:\SteamLibrary\steamapps\common\I'm on Observation Duty 7\I'm on Observation Duty 7.exe () [File not signed]
FirewallRules: [{55F1CDF4-6F93-427B-8621-CDA0B39A79A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D549FC1-23E1-4608-AE4C-102F5091616F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7D94706-FEE3-4D91-A4D5-1F958FB227D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A0EBA4D-2A62-4CE9-885E-3388225885DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{003080B9-062C-4F88-AC6F-4513BC63E127}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{83236F6A-93D9-4CB4-9173-33A396554B29}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{ECE8C6A5-C7DF-46CD-8430-A4AEB65C3619}] => (Block) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{B4238B05-ADC9-449B-A993-EFB708BF16CB}] => (Block) C:\Program Files (x86)\Overwolf\0.266.1.25\OverwolfBrowser.exe => No File
FirewallRules: [{0574C29F-2AB9-4A1C-8339-141CCA18792A}] => (Allow) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{DAC95FEE-E93B-4007-ACCD-98CD008D714C}] => (Allow) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{FC48F6C8-DA65-4650-B5C2-5DF98C85B0B8}] => (Block) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{9DC5B6D8-40EA-49FE-B808-F7684802147D}] => (Block) C:\Program Files (x86)\Overwolf\0.263.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{CEDC96D0-B645-4134-BE10-9017C6BDCA77}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3DF547D9-B6C1-4432-A6F1-0D10EC181DB9}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.1.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F80DA829-E540-476E-9FE8-3E5CA6A298EC}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile 2\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{3B980ADB-CF8B-4EA9-8B4B-AEBD151F4C1E}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile 2\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{BEA7B195-E9CB-42DA-B062-F590AD85B8F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BF8329B-EFE6-4CDC-BA51-F4643940D16B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B85A746-D4C7-4B4A-B840-925C5F90444D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2959396C-6F9E-48B5-B1E8-D289E449EE09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{77EED540-5AB9-4FB2-9708-C3FDC1980373}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FDB6530-35CF-44DD-BD90-148593679714}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B84C520-3E6D-446E-9C23-CF5BFC28DD0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E12EE72-67DC-483D-AC09-B7AF4F9ED952}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C409F57C-2DF9-493C-AEDB-73BB458F70D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9D7413EC-0B9A-4118-A26A-F565CAF63FA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{59348F13-B1C5-4499-8626-45E7802C8357}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC02EA71-A3B3-488A-A74E-45CEB08225C1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-01-2025 05:15:48 Scheduled Checkpoint
17-01-2025 05:33:44 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================

System errors:
=============
Error: (01/22/2025 07:32:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.

Error: (01/22/2025 07:32:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.

Error: (01/22/2025 07:26:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Guard Runtime Monitor Broker service terminated with the following error:
%%3489660935

Error: (01/22/2025 07:24:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (01/22/2025 07:22:51 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft...?linkid=2169931

Error: (01/22/2025 07:21:52 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft...?linkid=2169931

Error: (01/22/2025 07:18:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.


CodeIntegrity:
===============
Date: 2025-01-22 19:25:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-22 19:25:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.26\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2025-01-22 19:25:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Wolfe\AppData\Local\Discord\app-1.0.9177\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2604 02/25/2022
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING WIFI II
Processor: AMD Ryzen 7 5800X 8-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 32654.41 MB
Available physical RAM: 23495.16 MB
Total Virtual: 56206.41 MB
Available Virtual: 45446.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:3725.39 GB) (Free:3516.2 GB) (Model: ST4000DM004-2U9104) NTFS
Drive d: (SSD) (Fixed) (Total:931.5 GB) (Free:59.77 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS
Drive e: (Elements SE) (Fixed) (Total:3725.99 GB) (Free:3331.19 GB) (Model: WD Elements SE 2623 USB Device) NTFS

\\?\Volume{e7e96fb9-6a4c-4786-8dad-db66cd25c636}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{ea32604d-50a1-4c09-af34-01b203a00ec2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

#14
DSWolfe
Posted 24 January 2025 - 01:58 AM

DSWolfe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Everything seems a lot better now.  Not waiting 20 mins to reboot,  The lag issue I was having I think was unrelated as it turned out to be just one game which I just did a fresh install and fixed it.  Thank you for all your help.  The speed test shows what it should be showing for dl and ul speed.

17290755799.png

Thanks again.


  • 0

#15
RKinner
Posted 24 January 2025 - 05:54 AM

RKinner

    Malware Expert

  • Expert
  • 24,731 posts
  • MVP

Looking at events that may slow down the boot or cause problems:

 

Error: (01/22/2025 07:32:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.

 

 

You have a very old version: 

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)

 

 

 

There is a Mozilla bug repiort from 2 years ago about this exact  error so I expect it's been fixed in the newer versions.  Oddly enough the program updates Firefox just fine but never updates itself.  You have to do it manually.

 

Open File Explorer.  Click on C:.  Click on Program Files.  Click on Mozilla Firefox.  Click on maintenanceservice_installer(.exe).  Right click and Run As Admin.  Yes.

 

Only takes a minute or so for it to update. You won't see anything happening but if you search for Control Panel, (View Large Icons), Programs & Features and then click on 

Mozilla Maintenance Service it should show Version 134.02 in the box that appears below it.

 

Error: (01/22/2025 07:18:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service

 

 
The click to run service is installed on all pcs by default.  This runs Office in the cloud instead of installing it on your PC.  Since you have 
 
Microsoft 365 I don't think you really need it but it's hidden so you can't uninstall it.  However I think you can disable the associated Tasks that try to start it.  Looking in the Task section of FRST I see:
 
Task: {32DEA084-B3A4-4CD2-AA96-A5E618EA07F8} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {8FDDC5C9-3518-454B-95BF-A38BE8C4179F} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C91E466-9496-468F-9FC6-F3671FFD1814} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1D5251E-1BB9-4F6E-90D1-DB61DDC854E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {256D53C9-4CB3-4879-B0E3-3411B5F09010} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD0E4C0C-D308-4C28-90C5-89A4DC7DFACE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBAB5D9D-8F79-4239-9A11-8BF97BDD2F67} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-01-14] (Microsoft Corporation -> Microsoft Corporation)


 

These all seem to be related to Office 16 or Click to run so I think you can safely disable them.

 

Search for
 
task scheduler
 
When it finds it, right click and Run As Administrator
 
Click on the arrow in front of Task Scheduler Library then
 
Click on the arrow in front of Microsoft
 
Click on the arrow in front of Office
 
I don't have Office on this PC so I don't have a good reference but 
 
It looks like there are several subfolders  You should be able to find each of the tasks listed above and right click on them and Disable.
 
Close Task Scheduler.
 
If that breaks Office 365  you can always go back in and Enable each task.
 
I see from your final post that things are back to normal so you probably want to uninstall Latency Monito and FRST.
 
To uninstall FRST64 
right click on FRST64.exe
and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.
 
Glad it's working again.  Sorry for the delays in responding but notifications for the responders are broken and I have to remember to check your thread manually.
 

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP