high memory usage, suspect i have malware

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Rum_Ham
    PCHF Member
    • Oct 2022
    • 8

    #1

    high memory usage, suspect i have malware

    First off I kept getting notification about virus protection being off, I have paid for Total AV and every time I clicked it was on. But the notification keeps coming. But I never knew what to do, scans find nothing, nor does MalwareBytes

    Obvious red flag and stupid on my part but not knowing what to do I ignored that constant annoyance notification. Now today I’ve noticed all my games that previously ran smooth as butter are unplayable with stuttering and freezing, that’s when I saw task manager shows my memory usage at 97-99%. It shows that with even with no game at all running.

    With just this Google Chrome opened on PC HelpForum and a few icons in the tray, I’ve attached a picture of my task manager what it shows. I mean what do I know, but right away it shows Google Chrome (7) and this is all I have opened at the moment. There is obviously plenty more processes to see if I scrolled down.
  • Malnutrition
    PCHF Moderator
    • Jul 2016
    • 7045

    #2
    Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
    If you are unsure if your operating system is 32 or 64 Bit please go HERE.
    Once downloaded right click the FRST desktop icon and select “Run as administrator” from the menu"
    [IMG alt=“icon2.jpg”]https://pchelpforum.net/attachments/icon2-jpg.794/
    If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
    FRST will open with two dialogue boxes, accept the disclaimer.
    [IMG alt=“frst disclaimer.jpg”]https://pchelpforum.net/attachments/...aimer-jpg.795/

    [ol]
    [li]Accept the default whitelist options,[/li][li]If the additions.txt options box is not checked please select it.[/li][li]Then select Scan[/li][/ol]
    [IMG alt=“frst.jpg”]https://pchelpforum.net/attachments/frst-jpg.796/
    Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.
    [IMG alt=“2016-08-12_152002.jpg”]https://pchelpforum.net/attachments/...52002-jpg.797/

    Please Copy and Paste the contents of these logs in your next post for review by our Security Team[/IMG]

    Comment

    • Rum_Ham
      PCHF Member
      • Oct 2022
      • 8

      #3
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022 (ATTENTION: ====> FRST version is 35 days old and could be outdated)

      Code:
      Ran by satch (administrator) on DESKTOP-Q1JOHSV (Micro-Star International Co., Ltd. MS-7B98) (04-10-2022 23:12:34)
      Running from C:\Users\satch\Downloads
      Loaded Profiles: satch
      Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: English (United States)
      Default browser: Chrome
      Boot Mode: Normal
      
      ==================== Processes (Whitelisted) =================
      
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      
      (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. → Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
      (C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited → TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
      (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe
      (explorer.exe ->) (Google LLC → Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
      (explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
      (explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
      (explorer.exe ->) (Valve Corp. → Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
      (Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
      (Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
      (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
      (Nvidia Corporation → Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Oracle America, Inc. → Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (services.exe ->) (Electronic Arts, Inc. → Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
      (services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
      (services.exe ->) (Nvidia Corporation → NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
      (services.exe ->) (Nvidia Corporation → NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
      (services.exe ->) (Protected Antivirus Limited → TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
      (services.exe ->) (Realtek Semiconductor Corp. → Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
      (services.exe ->) (Realtek Semiconductor Corp. → Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
      (services.exe ->) (Valve Corp. → Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      (svchost.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileCoAuth.exe
      (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
      (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\wlanext.exe
      
      ==================== Registry (Whitelisted) ===================
      
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      
      HKLM...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. → Realtek Semiconductor)
      HKLM-x32...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
      HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. → Oracle Corporation)
      HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
      HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4235112 2022-09-27] (Valve Corp. → Valve Corporation)
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-28] (Epic Games Inc. → Epic Games, Inc.)
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [utweb] => “C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe” /MINIMIZED (No File)
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation → Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.91\Installer\chrmstp.exe [2022-09-30] (Google LLC → Google LLC)
      Startup: C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-07-21]
      ShortcutTarget: MEGAsync.lnk → C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited → Mega Limited)
      GroupPolicy: Restriction ? <==== ATTENTION
      Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
      
      ==================== Scheduled Tasks (Whitelisted) ============
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      Task: {03BC766E-FF4F-4F0D-B5AA-70F448A320FF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
      Task: {0BBCBDB2-4EC0-4A4E-BC06-2F69516ED05D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3795020384-2431542903-1114512080-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165520 2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      Task: {1F398CB2-E47C-4BCF-A928-3A75AF6191AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon (No File)
      Task: {429D6965-94B3-4773-8B25-9E751F9FDCDF} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d48e0e1996 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc → Google LLC)
      Task: {453049D4-92BF-464E-9A53-604EF7C327D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. → Adobe)
      Task: {45BF6774-BD06-45C8-98AB-B7783CF65336} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {4DF561F2-C353-4EB6-B967-689FA0F5942C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {57C406CA-F622-47E2-8E4A-AF6B10D2AD95} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation → NVIDIA Corporation) → -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
      Task: {86F281AD-8751-4B46-ACC7-B45E97C13508} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {8792C639-94C0-4C4D-BC9D-14B9BF9E10D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc → Google LLC)
      Task: {99B33E36-4322-4E02-8FC6-1588A2806B1A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165520 2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      Task: {C5465FD6-0785-479A-9925-B54C7FD44F30} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly (No File)
      Task: {D2502FE5-D3D1-4CB8-B6AE-78AAA488AC3B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {D2A5CE68-6AF4-40A7-BAA1-CB507D41D648} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {DD35A470-D9B6-485E-9568-49C2CB9BA2E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {E6FB9684-EB51-4D1E-8CDE-1D7AE7E37FD8} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation → Intel(R) Corporation)
      Task: {E94BF4D7-B29C-4DAA-B4C7-ACE62A28CFA1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {E94E0A61-AF0A-4944-921C-643F7A819A3B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. → Adobe)
      Task: {EBFAE3F5-44E7-49F6-A8E0-6A99F6B91C41} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3795020384-2431542903-1114512080-1003 => C:\Users\satch\AppData\Local\MEGAsync\MEGAupdater.exe [1776816 2022-07-25] (Mega Limited → )
      Task: {EFD9E021-6178-4E60-991A-017D1AA11581} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
      Task: {F24249F4-E475-4C30-B841-3462B928358A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation → NVIDIA Corporation)
      Task: {F527426C-9F2B-43D5-80F2-EE98572EBA05} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc → Google LLC)
      Task: {F6199833-EE37-4676-879D-FDD52AF35F45} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d48e0f7839 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc → Google LLC)
      
      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
      
      Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe
      
      ==================== Internet (Whitelisted) ====================
      
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      
      Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
      Tcpip..\Interfaces{40366314-3e71-403a-b06c-66834be56760}: [DhcpNameServer] 10.0.1.1 10.0.1.3
      Tcpip..\Interfaces{b0f5eb1c-46cb-427d-a445-cd5b51dfb206}: [DhcpNameServer] 209.18.47.62 209.18.47.61
      [HEADING=1]Edge:[/HEADING]
      Edge Extension: (No Name) → AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
      Edge Extension: (No Name) → BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
      Edge Extension: (No Name) → LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
      Edge Extension: (No Name) → PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
      Edge DefaultProfile: Default
      Edge Profile: C:\Users\satch\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-04]
      Edge Notifications: Default → hxxps://maximus-time.com
      [HEADING=1]FireFox:[/HEADING]
      FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 → C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-22] (Oracle America, Inc. → Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 → C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-22] (Oracle America, Inc. → Oracle Corporation)
      [HEADING=1]Chrome:[/HEADING]
      CHR DefaultProfile: Default
      CHR Profile: C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default [2022-10-04]
      CHR Notifications: Default → hxxps://advnottech.com; hxxps://captchatopsource.com; hxxps://centralheat.net; hxxps://computeradsglobal.com; hxxps://mediaforyour.com; hxxps://nice-day.co.uk; hxxps://pcgamestorrents.com; hxxps://play.pokemonshowdown.com; hxxps://pushnotstudio.com; hxxps://time4news.net; hxxps://www.g2a.com; hxxps://www.paramountplus.com; hxxps://www.wish.com; hxxps://www81.eloypatrick.pro
      CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-08-23]
      CHR Extension: (Google Docs Offline) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
      CHR Extension: (Avast Online Security & Privacy) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-10-04]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
      CHR Profile: C:\Users\satch\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-21]
      CHR Profile: C:\Users\satch\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27]
      CHR HKLM-x32...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
      CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
      
      ==================== Services (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. → Adobe)
      S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2700648 2022-07-17] (HIGH MORALE DEVELOPMENTS LIMITED → )
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-06-09] (BattlEye Innovations e.K. → )
      S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-27] (EasyAntiCheat Oy → Epic Games, Inc.)
      S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. → Epic Games, Inc.)
      S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncHelper.exe [3383688 2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
      S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-08-31] (Malwarebytes Inc. → Malwarebytes)
      S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.191.0911.0001\OneDriveUpdaterService.exe [3804032 2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. → Electronic Arts)
      R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. → Electronic Arts)
      S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-25] (Rockstar Games, Inc. → Rockstar Games)
      R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [267088 2022-06-23] (Protected Antivirus Limited → TotalAV) <==== ATTENTION
      S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
      R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-14] (Microsoft Windows Publisher → Microsoft Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
      
      ===================== Drivers (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1868832 2022-09-23] (HIGH MORALE DEVELOPMENTS LIMITED → ANTICHEATEXPERT.COM)
      S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [772656 2022-09-23] (HIGH MORALE DEVELOPMENTS LIMITED → ANTICHEATEXPERT.COM)
      S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-08-24] (AVAST Software s.r.o. → The OpenVPN Project)
      R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208176 2021-11-09] (Avira Operations GmbH & Co. KG → Avira Operations GmbH & Co. KG)
      R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2021-11-09] (Avira Operations GmbH & Co. KG → Avira Operations GmbH & Co. KG)
      R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2021-11-09] (Avira Operations GmbH & Co. KG → Avira Operations GmbH & Co. KG)
      S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287744 2022-05-13] (Microsoft Corporation) [File not signed]
      R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU → Dokan Project)
      S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2018-04-30] (Travis Lee Robinson → hxxp://libusb-win32.sourceforge.net)
      S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes)
      S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-04] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
      R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation → NVIDIA Corporation)
      S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [17864 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher → TODO: )
      R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd → )
      S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd → )
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. → Samsung Electronics Co., Ltd.)
      S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [36168 2019-10-18] (McAfee, Inc. → The OpenVPN Project)
      S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-14] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-14] (Microsoft Windows → Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-14] (Microsoft Windows → Microsoft Corporation)
      R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher → Windows (R) Win 7 DDK provider) <==== ATTENTION
      
      ==================== NetSvcs (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      ==================== One month (created) (Whitelisted) =========
      
      (If an entry is included in the fixlist, the file/folder will be moved.)
      
      2022-10-04 23:12 - 2022-10-04 23:12 - 000022201 _____ C:\Users\satch\Downloads\FRST.txt
      2022-10-04 23:11 - 2022-10-04 23:12 - 000000000 ____D C:\FRST
      2022-10-04 23:09 - 2022-10-04 23:09 - 002371072 _____ (Farbar) C:\Users\satch\Downloads\FRST64.exe
      2022-09-28 23:00 - 2022-09-28 23:00 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
      2022-09-28 22:58 - 2022-09-23 18:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
      2022-09-28 22:39 - 2022-09-23 21:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
      2022-09-28 22:39 - 2022-09-23 21:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
      2022-09-28 22:39 - 2022-09-23 21:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
      2022-09-28 22:39 - 2022-09-23 21:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
      2022-09-28 22:39 - 2022-09-23 21:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
      2022-09-28 22:39 - 2022-09-23 21:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
      2022-09-28 22:39 - 2022-09-23 21:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
      2022-09-28 22:39 - 2022-09-23 21:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
      2022-09-28 22:39 - 2022-09-23 21:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
      2022-09-28 22:39 - 2022-09-23 21:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
      2022-09-28 22:39 - 2022-09-23 21:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
      2022-09-28 22:39 - 2022-09-23 21:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
      2022-09-28 22:39 - 2022-09-23 21:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
      2022-09-28 22:39 - 2022-09-23 21:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
      2022-09-28 22:39 - 2022-09-23 21:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
      2022-09-28 22:39 - 2022-09-23 21:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
      2022-09-28 22:39 - 2022-09-23 21:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
      2022-09-28 22:39 - 2022-09-23 21:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
      2022-09-28 22:39 - 2022-09-23 21:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
      2022-09-28 22:39 - 2022-09-23 21:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
      2022-09-28 22:39 - 2022-09-23 21:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
      2022-09-28 22:39 - 2022-09-23 21:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
      2022-09-28 22:39 - 2022-09-21 20:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
      2022-09-23 21:20 - 2022-09-23 21:21 - 000000000 ____D C:\Users\satch\AppData\Roaming\Guild Wars 2
      2022-09-23 20:25 - 2022-09-23 20:26 - 075628656 _____ C:\Users\satch\Downloads\mkopenborv1100.rar
      2022-09-23 20:13 - 2022-09-23 20:15 - 023153789 _____ C:\Users\satch\Downloads\OpenHeroSelect.7z
      2022-09-23 19:29 - 2022-09-23 19:29 - 000000000 __SHD C:\WINDOWS\ftpcache
      2022-09-23 19:29 - 2022-09-23 19:29 - 000000000 ____D C:\Users\satch\AppData\Roaming\Macromedia
      2022-09-23 19:24 - 2022-09-23 19:24 - 000000296 _____ C:\WINDOWS\game.ini
      2022-09-23 19:24 - 2022-09-23 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
      2022-09-23 19:23 - 2022-09-23 19:23 - 000000000 ____D C:\Program Files (x86)\Activision
      2022-09-23 19:09 - 2022-09-23 19:21 - 4290215936 _____ C:\Users\satch\Downloads\RAVEN-MUA.iso
      2022-09-15 18:17 - 2022-09-15 18:17 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
      2022-09-15 18:17 - 2022-09-15 18:17 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
      2022-09-15 18:17 - 2022-09-15 18:17 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
      2022-09-15 18:17 - 2022-09-15 18:17 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
      2022-09-15 18:17 - 2022-09-15 18:17 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
      2022-09-15 18:13 - 2022-09-15 18:13 - 000000000 ___HD C:$WinREAgent
      2022-09-11 17:50 - 2022-09-11 17:50 - 000000000 ____D C:\Users\satch\AppData\Roaming\AY std
      2022-09-11 17:50 - 2022-09-11 17:50 - 000000000 ____D C:\Users\satch\AppData\LocalLow\AYstd
      
      ==================== One month (modified) ==================
      
      (If an entry is included in the fixlist, the file/folder will be moved.)
      
      2022-10-04 23:11 - 2019-07-05 17:42 - 000000000 ____D C:\Program Files (x86)\Steam
      2022-10-04 23:07 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2022-10-04 22:57 - 2021-02-19 18:51 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2022-10-04 22:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
      2022-10-04 22:57 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
      2022-10-04 22:52 - 2019-07-05 17:40 - 000000000 ____D C:\Program Files (x86)\Google
      2022-10-04 22:52 - 2019-03-30 13:06 - 000000000 ____D C:\ProgramData\NVIDIA
      2022-10-04 22:51 - 2022-04-16 12:36 - 000001169 _____ C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
      2022-10-04 22:51 - 2022-04-14 19:55 - 000000000 ____D C:\Program Files (x86)\TotalAV
      2022-10-04 22:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
      2022-10-04 22:51 - 2019-07-05 17:37 - 000000000 ___RD C:\Users\satch\OneDrive
      2022-10-04 22:50 - 2021-02-19 18:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2022-10-04 22:50 - 2021-02-19 18:42 - 000008192 ___SH C:\DumpStack.log.tmp
      2022-10-04 22:50 - 2021-02-19 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2022-10-04 21:58 - 2022-04-14 20:00 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2022-10-04 17:51 - 2021-02-19 18:47 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A7B07889-1C55-4ACA-90E3-1EED713D1468}
      2022-10-03 18:15 - 2021-12-11 11:09 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3795020384-2431542903-1114512080-1003
      2022-10-03 18:15 - 2021-09-07 18:50 - 000000000 ____D C:\Program Files\Microsoft OneDrive
      2022-10-03 18:15 - 2021-02-19 18:47 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
      2022-10-03 18:15 - 2020-07-22 07:45 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2022-09-30 17:41 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
      2022-09-30 17:14 - 2019-07-05 17:41 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2022-09-28 23:35 - 2019-03-30 13:05 - 000000000 _D C:\ProgramData\NVIDIA Corporation
      2022-09-28 23:20 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
      2022-09-28 23:19 - 2022-07-07 18:52 - 000001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
      2022-09-28 23:05 - 2019-07-26 07:11 - 000000000 D C:\Users\satch\AppData\Local\CrashDumps
      2022-09-28 23:01 - 2021-02-19 18:47 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2021-02-19 18:47 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2021-02-19 18:47 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:01 - 2019-03-30 13:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2022-09-28 23:01 - 2019-03-30 13:01 - 000000000 __D C:\Program Files\NVIDIA Corporation
      2022-09-28 23:00 - 2021-02-19 18:47 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:00 - 2021-02-19 18:47 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2022-09-28 23:00 - 2019-12-18 00:50 - 000000000 ____D C:\Users\satch\AppData\Local\NVIDIA
      2022-09-27 18:07 - 2020-03-13 14:52 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
      2022-09-26 16:01 - 2019-07-05 17:36 - 000000000 ____D C:\Users\satch\AppData\Local\Packages
      2022-09-25 12:35 - 2019-12-07 08:41 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
      2022-09-23 21:27 - 2021-01-29 20:52 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
      2022-09-23 19:29 - 2019-03-30 11:59 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2022-09-23 19:22 - 2019-01-08 18:46 - 000000000 __RHD C:\Users\Public\AccountPictures
      2022-09-23 18:52 - 2021-01-29 20:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
      2022-09-23 18:19 - 2022-07-17 22:46 - 000000000 ____D C:\ProgramData\AntiCheatExpert
      2022-09-23 17:41 - 2022-07-17 22:47 - 001868832 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys
      2022-09-23 17:41 - 2022-07-17 22:47 - 000772656 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-GAME.sys
      2022-09-23 06:11 - 2019-07-11 10:34 - 000000000 ____D C:\Users\satch\AppData\Local\D3DSCache
      2022-09-20 21:25 - 2019-07-05 17:37 - 000000000 ____D C:\Users\satch\AppData\Local\PlaceholderTileLogoFolder
      2022-09-18 17:29 - 2021-10-18 21:59 - 000000000 ____D C:\Users\satch\AppData\Local\Epic Games
      2022-09-18 17:29 - 2020-05-22 09:03 - 000000000 ____D C:\Users\satch\AppData\Local\EpicGamesLauncher
      2022-09-18 17:28 - 2022-07-10 15:35 - 000000000 ____D C:\Users\satch\OneDrive\Documents\My Games
      2022-09-18 17:28 - 2020-05-22 09:03 - 000000000 ____D C:\ProgramData\Epic
      2022-09-18 17:28 - 2020-05-22 09:03 - 000000000 ____D C:\Program Files (x86)\Epic Games
      2022-09-18 17:28 - 2019-09-29 16:44 - 000000000 ____D C:\Users\satch\AppData\Roaming\alderon-games-launcher
      2022-09-16 18:53 - 2021-02-19 01:22 - 000000000 ___DC C:\WINDOWS\Panther
      2022-09-16 06:22 - 2021-02-19 18:42 - 000267496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
      2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
      2022-09-15 18:18 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
      2022-09-15 18:17 - 2021-02-19 18:46 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
      2022-09-15 18:12 - 2019-07-06 15:30 - 000000000 ____D C:\WINDOWS\system32\MRT
      2022-09-15 18:11 - 2019-07-06 15:30 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2022-09-14 20:02 - 2021-01-14 18:44 - 000000000 ____D C:\Users\satch\AppData\Roaming\Origin
      2022-09-14 20:02 - 2021-01-14 18:44 - 000000000 ____D C:\ProgramData\Origin
      2022-09-14 19:58 - 2022-06-26 18:02 - 000000000 ____D C:\Program Files (x86)\Origin Games
      2022-09-14 19:58 - 2019-07-22 22:08 - 000000000 ____D C:\Users\satch\AppData\Local\Origin
      2022-09-13 06:22 - 2019-07-06 05:06 - 000000000 ____D C:\Users\satch\AppData\Roaming\Discord
      2022-09-13 05:54 - 2019-07-06 05:06 - 000000000 ____D C:\Users\satch\AppData\Local\Discord
      2022-09-12 01:07 - 2020-09-08 01:00 - 002884648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
      2022-09-12 01:07 - 2020-09-08 01:00 - 002220072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
      2022-09-12 01:07 - 2020-09-08 01:00 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
      2022-09-11 14:37 - 2021-02-19 18:43 - 000000000 ____D C:\Users\satch
      2022-09-11 14:36 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
      2022-09-07 10:56 - 2020-11-15 09:10 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
      2022-09-07 10:56 - 2020-11-15 09:10 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
      
      ==================== Files in the root of some directories ========
      
      2022-07-17 22:32 - 2022-07-17 22:32 - 000001000 _____ () C:\Users\satch\AppData\Roaming\wxsh_launcher.reg
      2019-07-16 16:57 - 2019-07-16 16:57 - 000000055 _____ () C:\Users\satch\AppData\Roaming~SiMPLEX.ini
      
      ==================== SigCheck ============================
      
      (There is no automatic fix for files that do not pass verification.)
      
      ==================== End of FRST.txt ========================
      [HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
      Ran by satch (04-10-2022 23:13:40)
      Running from C:\Users\satch\Downloads
      Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-02-19 22:47:08)
      Boot Mode: Normal[/HEADING]
      ==================== Accounts: =============================
      
      (If an entry is included in the fixlist, it will be removed.)
      
      Administrator (S-1-5-21-3795020384-2431542903-1114512080-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-3795020384-2431542903-1114512080-503 - Limited - Disabled)
      Guest (S-1-5-21-3795020384-2431542903-1114512080-501 - Limited - Disabled)
      satch (S-1-5-21-3795020384-2431542903-1114512080-1003 - Administrator - Enabled) => C:\Users\satch
      WDAGUtilityAccount (S-1-5-21-3795020384-2431542903-1114512080-504 - Limited - Disabled)
      
      ==================== Security Center ========================
      
      (If an entry is included in the fixlist, it will be removed.)
      
      AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
      AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
      
      ==================== Installed Programs ======================
      
      (Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
      
      Adobe Flash Player 32 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
      Alderon Games Launcher 1.1.71 (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71) (Version: 1.1.71 - Alderon Games Pty Ltd)
      Core Temp 1.17.1 (HKLM...{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
      Discord (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Discord) (Version: 0.0.309 - Discord Inc.)
      Dokan Library 1.4.0.1000 (x64) (HKLM...{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project) Hidden
      Dokan Library 1.4.0.1000 Bundle (HKLM-x32...{97cfdb6c-2faa-43ba-afbc-469e01845e99}) (Version: 1.4.0.1000 - Dokany Project)
      Dual-Core Optimizer (HKLM-x32...{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
      Eclipse Temurin JDK with Hotspot 17+35 (x64) (HKLM...{D669C4CD-053E-4C32-853C-9FC53FA35FED}) (Version: 17.0.0.35 - Eclipse Foundation)
      Epic Games Launcher (HKLM-x32...{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
      Epic Online Services (HKLM-x32...{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
      Google Chrome (HKLM-x32...\Google Chrome) (Version: 106.0.5249.91 - Google LLC)
      Intel(R) Chipset Device Software (HKLM...{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
      Intel(R) Chipset Device Software (HKLM-x32...{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
      Intel(R) Management Engine Components (HKLM...{A6D99F91-2039-4560-A476-1E8B954E0C70}) (Version: 1.0.0.0 - Intel Corporation) Hidden
      Intel(R) Management Engine Components (HKLM...{BF1D4FDD-6613-4F36-AE24-EDE3D7E30CF4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
      Intel(R) Management Engine Driver (HKLM...{50DC6FA9-9221-495B-B9BF-EF39D7BC4FDE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
      Intel(R) Trusted Connect Service Client x64 (HKLM...{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
      Intel(R) Trusted Connect Service Client x86 (HKLM-x32...{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
      Intel(R) Trusted Connect Services Client (HKLM-x32...{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
      Java 8 Update 341 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
      Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
      Malwarebytes version 4.5.14.210 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}is1) (Version: 4.5.14.210 - Malwarebytes)
      Marvel™ - Ultimate Alliance (HKLM-x32...\InstallShield{932FB3F3-594D-4600-ABFA-F2DE80A14214}) (Version: 1.00.0000 - Activision)
      MEGAsync (HKLM-x32...\MEGAsync) (Version: - Mega Limited)
      Microsoft .NET Core Host - 3.1.8 (x64) (HKLM...{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
      Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM...{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
      Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM...{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
      Microsoft Edge (HKLM-x32...\Microsoft Edge) (Version: 105.0.1343.53 - Microsoft Corporation)
      Microsoft Edge WebView2 Runtime (HKLM-x32...\Microsoft EdgeWebView) (Version: 105.0.1343.53 - Microsoft Corporation)
      Microsoft OneDrive (HKLM...\OneDriveSetup.exe) (Version: 22.191.0911.0001 - Microsoft Corporation)
      Microsoft Update Health Tools (HKLM...{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
      Microsoft VC++ redistributables repacked. (HKLM...{484EF395-8BDF-417B-AF02-35777C5AFC32}) (Version: 12.0.0.0 - Intel Corporation) Hidden
      Microsoft VC++ redistributables repacked. (HKLM-x32...{C79060C7-3052-431F-92F9-609B83317A77}) (Version: 12.0.0.0 - Intel Corporation) Hidden
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM...{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM...{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32...{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32...{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM...{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM...{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32...{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32...{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32...{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32...{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
      Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32...{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32...{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM...{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
      Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM...{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
      Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM...{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
      Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32...{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
      Minecraft Launcher (HKLM-x32...{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
      NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.26.0.131 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
      NVIDIA Graphics Driver 517.48 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
      NVIDIA HD Audio Driver 1.3.39.14 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
      NVIDIA PhysX System Software 9.21.0713 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
      NVIDIA USBC Driver 1.46.831.832 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
      OpenAL (HKLM-x32...\OpenAL) (Version: - )
      OpenIV (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team)
      Origin (HKLM-x32...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
      Paradox Launcher v2 (HKLM...{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
      Python 3.8.7 (64-bit) (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...{a32da68d-eab0-48d8-947e-8187f9630441}) (Version: 3.8.7150.0 - Python Software Foundation)
      Python 3.8.7 Core Interpreter (64-bit) (HKLM...{103C9234-4C33-47A7-BA73-0182EFAEE1AE}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Development Libraries (64-bit) (HKLM...{2B5CFC34-DF9D-46E1-B74A-A4D756AA27B8}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Documentation (64-bit) (HKLM...{AB51D764-256F-4FFC-9F00-FD97EE8D4AE4}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Executables (64-bit) (HKLM...{E9451150-5D78-4B5B-A7F7-2C1DE01EAA87}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 pip Bootstrap (64-bit) (HKLM...{408439E9-1A19-4C26-B5DD-EE7C39ADF749}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Standard Library (64-bit) (HKLM...{4FAEBB7B-E3A6-4E85-8D3C-8DD3C53C7A4E}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Tcl/Tk Support (64-bit) (HKLM...{4D4E250E-7002-4B30-ADCD-4FCEBBCC015B}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Test Suite (64-bit) (HKLM...{4D1D56DE-8FA6-4309-941F-F4B41BA36AA1}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python 3.8.7 Utility Scripts (64-bit) (HKLM...{555B15D5-5D22-4AD4-AD91-D2D8085D198F}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
      Python Launcher (HKLM-x32...{978F3F47-FE6A-4CA8-B412-2A48C0DB05AE}) (Version: 3.8.7294.0 - Python Software Foundation)
      Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
      Rockstar Games Launcher (HKLM-x32...\Rockstar Games Launcher) (Version: 1.0.45.416 - Rockstar Games)
      Rockstar Games Social Club (HKLM-x32...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
      Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      The Elder Scrolls Online (HKLM-x32...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
      TotalAV 5.17.470 (HKLM-x32...\TotalAV) (Version: 5.17.470 - TotalAV) <==== ATTENTION
      Ubisoft Connect (HKLM-x32...\Uplay) (Version: 38.2 - Ubisoft)
      UE Prerequisites (x64) (HKLM...{7916CFE9-D85D-4E68-891E-D5A3C887B73A}) (Version: 1.0.15.0 - Epic Games, Inc.) Hidden
      UE Prerequisites (x64) (HKLM-x32...{284a69a5-9805-4ad5-98ac-173e9f776e0f}) (Version: 1.0.15.0 - Epic Games, Inc.) Hidden
      Vortex (HKLM...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.7 - Black Tree Gaming Ltd.)
      Windows Driver Package - libusbK Nintendo Switch (APX mode) (04/27/2014 3.0.7.0) (HKLM...\C474C3AC0A427B4CF35173FC250E5E8C9C284DE1) (Version: 04/27/2014 3.0.7.0 - libusbK)
      Windows Driver Package - libusbK Nintendo Switch (Homebrew mode) (04/27/2014 3.0.7.0) (HKLM...\6D6BF0768F9873437C984F0DC0E4C569A45227BF) (Version: 04/27/2014 3.0.7.0 - libusbK)
      Windows Driver Package - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7.0) (HKLM...\5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB) (Version: 04/27/2014 3.0.7.0 - libusbK)
      Windows Driver Package - libusbK Tinfoil (04/27/2014 3.0.7.0) (HKLM...\B707C9FC2B732FAAB247365A5AC8FF929DCBE334) (Version: 04/27/2014 3.0.7.0 - libusbK)
      Windows Driver Package - Realtek Semiconductor Corp. (RtkBtFilter) Bluetooth (12/12/2019 1.6.1015.3010) (HKLM...\A251C507301C79B85C3E1CEEAA1B04A16B62832B) (Version: 12/12/2019 1.6.1015.3010 - Realtek Semiconductor Corp.)
      Windows PC Health Check (HKLM...{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
      WinRAR 5.91 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
      [HEADING=1]Packages:[/HEADING]
      LinkedIn → C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-07-05] (LinkedIn)
      Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation) [MS Ad]
      Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation) [MS Ad]
      Microsoft Excel → C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
      Microsoft Office Desktop Apps → C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
      Microsoft PowerPoint → C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
      Microsoft Word → C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
      NVIDIA Control Panel → C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-28] (NVIDIA Corp.)
      Photos Add-on → C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-09-20] (Microsoft Corporation)
      Photos Media Engine Add-on → C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-28] (Microsoft Corporation)
      Realtek Audio Control → C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-10] (Realtek Semiconductor Corp)
      
      ==================== Custom CLSID (Whitelisted): ==============
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      ShellIconOverlayIdentifiers: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ContextMenuHandlers1: [ FileSyncEx] → {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll [2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      ContextMenuHandlers1: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH → Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH → Alexander Roshal)
      ContextMenuHandlers2: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ContextMenuHandlers3: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-31] (Malwarebytes Inc. → Malwarebytes)
      ContextMenuHandlers3: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ContextMenuHandlers4: [ FileSyncEx] → {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll [2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      ContextMenuHandlers4: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited → )
      ContextMenuHandlers5: [ FileSyncEx] → {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll [2022-10-03] (Microsoft Corporation → Microsoft Corporation)
      ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvshext.dll [2022-09-23] (Nvidia Corporation → NVIDIA Corporation)
      ContextMenuHandlers6: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-31] (Malwarebytes Inc. → Malwarebytes)
      ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH → Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH → Alexander Roshal)
      
      ==================== Codecs (Whitelisted) ====================
      
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      
      HKLM...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
      HKLM...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll
      
      ==================== Shortcuts & WMI ========================
      
      (The entries could be listed to be restored or removed.)
      
      ShortcutWithArgument: C:\Users\satch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) → --profile-directory=Default
      
      ==================== Loaded Modules (Whitelisted) =============
      
      2022-02-07 21:10 - 2022-02-07 21:10 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
      2022-02-07 21:10 - 2022-02-07 21:10 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
      2022-02-07 21:10 - 2022-02-07 21:10 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
      2022-08-11 17:07 - 2022-02-07 21:10 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
      2022-08-11 17:07 - 2022-02-07 21:10 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
      2022-08-11 17:07 - 2022-02-07 21:10 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
      2022-08-11 17:07 - 2022-02-07 21:10 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
      2022-08-11 17:07 - 2022-02-07 21:10 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
      2022-08-11 17:07 - 2022-02-07 21:10 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
      
      ==================== Alternate Data Streams (Whitelisted) ========
      
      ==================== Safe Mode (Whitelisted) ==================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
      
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => “”=“Service”
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => “”=“Service”
      
      ==================== Association (Whitelisted) =================
      
      ==================== Internet Explorer (Whitelisted) ==========
      
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
      SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 → DefaultScope {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
      SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 → {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
      BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-22] (Oracle America, Inc. → Oracle Corporation)
      BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-22] (Oracle America, Inc. → Oracle Corporation)
      
      ==================== Hosts content: =========================
      
      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
      
      2018-09-15 03:31 - 2019-12-28 05:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
      
      2019-12-07 08:41 - 2022-09-25 12:35 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
      
      ==================== Other Areas ===========================
      
      (Currently there is no automatic fix for this section.)
      
      HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\Program Files\Eclipse Foundation\jdk-17.0.0.35-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Windows\System32\OpenSSH;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0;C:\WINDOWS\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH
      HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Control Panel\Desktop\Wallpaper → 
      DNS Servers: 209.18.47.62 - 209.18.47.61
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
      Windows Firewall is enabled.
      
      ==================== MSCONFIG/TASK MANAGER disabled items ==
      
      ==================== FirewallRules (Whitelisted) ================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      FirewallRules: [UDP Query User{7B770B6C-1DCC-480C-B5F0-160854436719}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
      FirewallRules: [TCP Query User{E2A41CC3-3EE8-4B76-ABF5-571E3CDF603A}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
      FirewallRules: [UDP Query User{BDAA3302-15DD-4C10-8F8A-D4BB36E6AC69}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
      FirewallRules: [TCP Query User{AB1565DF-FE75-4A2A-AB5E-2EF6A201D5EE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
      FirewallRules: [UDP Query User{AB5EFFFD-28CF-4C99-A5B8-FD4DE04A24C3}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
      FirewallRules: [TCP Query User{29F5D4CF-4F93-4807-8E10-04A196C9EC2D}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
      FirewallRules: [UDP Query User{44C69867-565E-4875-BD60-FACC0DC41928}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe => No File
      FirewallRules: [TCP Query User{8BA9D230-6483-4596-9C02-F95670E032B1}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe => No File
      FirewallRules: [UDP Query User{BB70D444-7BE4-4509-B14C-A85443FD65C1}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
      FirewallRules: [TCP Query User{BA68F78D-D535-422E-89BC-8097A2F82715}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
      FirewallRules: [UDP Query User{050A4E06-B333-448C-8CC1-06903C05567A}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
      FirewallRules: [TCP Query User{68676177-777E-41A6-96ED-448E47C2364C}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
      FirewallRules: [UDP Query User{092D9332-2E48-4675-A2B9-453C0277F869}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
      FirewallRules: [TCP Query User{0319F2A3-5307-4E62-AFB7-810141C77750}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
      FirewallRules: [UDP Query User{034F593B-10B1-45CC-AE9D-CD90281549FE}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
      FirewallRules: [TCP Query User{A8D1F84E-5332-44FD-890C-3004C73AA033}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
      FirewallRules: [UDP Query User{6FDFF054-C31F-4AE5-BA61-E3DCCCFA74C9}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
      FirewallRules: [TCP Query User{96BE7E36-6EE6-4EF0-94A9-6CBD938A14C5}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
      FirewallRules: [{6E37B903-1990-45E8-8B9B-9B4F14887C7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation → NVIDIA Corporation)
      FirewallRules: [{180B0F10-47B1-4803-A848-212EC712A26E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation → NVIDIA Corporation)
      FirewallRules: [UDP Query User{816B8128-95A7-4D6C-B6CE-FF1F25C05C2B}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
      FirewallRules: [TCP Query User{6DCC1FD3-3D41-4F88-90C0-D380047EE548}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
      FirewallRules: [UDP Query User{12FA77F6-97E1-45C7-BD30-041983A5087B}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe => No File
      FirewallRules: [TCP Query User{42D53B9F-11A8-44ED-B6A6-094DF82730FB}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe => No File
      FirewallRules: [UDP Query User{C92408D1-B04C-44A9-B99B-9983DA5760C7}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
      FirewallRules: [TCP Query User{644A5139-23AD-4EA0-AA08-619DB543CBBD}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
      FirewallRules: [UDP Query User{0386548A-12AC-47D2-9BEA-5EBBB6D16A9A}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
      FirewallRules: [TCP Query User{5A78F558-031F-479E-9696-F0BDD96065F6}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
      FirewallRules: [{DF57DF54-B162-46D9-AE83-D32CC9C8381C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. → Valve Corporation)
      FirewallRules: [{A4AA41BE-1CD4-4C90-B2BE-AF9A89FC0D5B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. → Valve Corporation)
      FirewallRules: [{7B96F598-0900-4C46-AFC8-77993225C4C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
      FirewallRules: [{A295EB33-FCC4-4863-8BCA-87864E1299A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
      FirewallRules: [TCP Query User{D73C2AFF-CF08-40A9-86FE-80367A389144}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
      FirewallRules: [UDP Query User{CC5B77AA-F6D6-4ED8-9A58-800509A42EA8}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
      FirewallRules: [TCP Query User{8EFA607B-7BDF-45A7-A8A5-118ED78AFC32}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
      FirewallRules: [UDP Query User{AB910DF9-1417-4BAD-971B-7D8FAD90F8DE}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
      FirewallRules: [{77F5D1C0-4222-486F-B47E-43C4423A6AA4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
      FirewallRules: [{2974298D-457C-4D13-AECA-6AADAACDF824}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
      FirewallRules: [TCP Query User{82DC041A-B2F9-4357-ACA0-89BDDE132174}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
      FirewallRules: [UDP Query User{EA1AF87C-F801-41D8-9121-9F45635DD9CE}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
      FirewallRules: [TCP Query User{7FEDA863-2B6A-4C51-A16E-BF8AC74C31E8}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
      FirewallRules: [UDP Query User{9B602C86-7FC2-4F23-9A7B-A0B9834B577F}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
      FirewallRules: [TCP Query User{F3F91828-04B4-40F2-8322-1A7BCF166335}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
      FirewallRules: [UDP Query User{21B1969D-71BB-42AB-A2B9-A73E7F205869}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
      FirewallRules: [TCP Query User{60184965-5FC1-4D5D-9634-7B8BD3529CC6}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe] => (Allow) C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe (Alderon Games Canada Corporation → Alderon Games Pty Ltd)
      FirewallRules: [UDP Query User{BFD59198-8D4A-41AB-B376-5E45A38A6B48}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe] => (Allow) C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe (Alderon Games Canada Corporation → Alderon Games Pty Ltd)
      FirewallRules: [TCP Query User{DF345B06-8C16-4D35-AA72-E7987186995C}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
      FirewallRules: [UDP Query User{11BF7C4D-01F0-4FC1-BB52-3BE505CF62B4}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
      FirewallRules: [TCP Query User{3B83EFC8-0CBB-483A-8DF1-7DB8FCD312B4}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
      FirewallRules: [UDP Query User{A4A547BD-FF90-44DE-AA71-56B380A59D8B}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
      FirewallRules: [TCP Query User{73612BAF-0812-4CDB-BDBD-DE5F7C7EA3D5}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
      FirewallRules: [UDP Query User{975413B2-02BC-44DE-BFAA-A3D7D5E0F056}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
      FirewallRules: [TCP Query User{2B5598EA-A334-4D14-A0C6-26B5A22AED29}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
      FirewallRules: [UDP Query User{A3CA4C29-8599-457C-881E-D07434CF8CFA}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
      FirewallRules: [{6660084E-A98F-43DE-9A66-17159679861D}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. → Take-Two Interactive Software, Inc.)
      FirewallRules: [{029684B2-58A9-4189-A3E1-E3C8916B929E}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. → Take-Two Interactive Software, Inc.)
      FirewallRules: [{B5B3E607-1103-4A87-ADD5-C4A36965EA87}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. → Take-Two Interactive Software, Inc.)
      FirewallRules: [{CB889081-1F91-4807-AF4C-86B6217DEC34}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. → Take-Two Interactive Software, Inc.)
      FirewallRules: [TCP Query User{C1D1D203-BA80-42C5-A7FE-77C67DC46574}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
      FirewallRules: [UDP Query User{CB3DB246-879A-486B-B230-53505C8D0410}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
      FirewallRules: [TCP Query User{7337DBB1-CD45-4D39-93FE-83A6AB77F22F}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
      FirewallRules: [UDP Query User{4DA77076-239C-4760-98EB-E5B11C06B055}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
      FirewallRules: [TCP Query User{3B8C6209-5BFB-43DD-968A-2ACC5383EC76}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
      FirewallRules: [UDP Query User{ABFC92A7-AB7C-4CEF-9ACA-0B18426BD7AF}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
      FirewallRules: [TCP Query User{83197F3A-7590-43F9-B0F7-56EA65DF201D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
      FirewallRules: [UDP Query User{861ABC38-2C97-4280-89B5-04342011EE8D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
      FirewallRules: [{1F48A2ED-4CD9-4E2D-B743-55531BA73F27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe (CAPCOM CO., LTD. → CAPCOM CO., LTD.)
      FirewallRules: [{CDC17333-2257-42D0-82A4-0422D118A264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe (CAPCOM CO., LTD. → CAPCOM CO., LTD.)
      FirewallRules: [TCP Query User{EB2A34BB-359B-490F-A57C-EA32D21A05C9}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
      FirewallRules: [UDP Query User{D8E6962B-B85C-4A8D-81F1-8D69855FDA57}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
      FirewallRules: [TCP Query User{208FA2FC-51B9-42CA-BE99-B56F40A6CEEC}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
      FirewallRules: [UDP Query User{5C540BEE-DA17-4EF8-81B6-9D8D54B47224}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
      FirewallRules: [TCP Query User{FD6DB533-F2C2-4A1F-82A5-6156E1B805C7}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
      FirewallRules: [UDP Query User{2620784C-22E0-40FC-A584-511B99ABF987}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
      FirewallRules: [{B86B12A5-DB44-486F-8182-7C002C1AC2E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe (Travellers Tales (UK) Limited → Warner Bros. Interactive Entertainment)
      FirewallRules: [{E4CB1534-1338-4591-AE54-57AB67039E53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe (Travellers Tales (UK) Limited → Warner Bros. Interactive Entertainment)
      FirewallRules: [{3D8A4A90-A71D-4DC8-A759-C7CA7742E173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
      FirewallRules: [{13808498-7FAB-4F4F-8203-1DEC16638678}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
      FirewallRules: [{4F330D3C-E0BE-4232-9164-7A4B3F7C9D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. → Ubisoft)
      FirewallRules: [{B32A6AC5-72FA-43AF-AFC4-0BC75F5C4FAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. → Ubisoft)
      FirewallRules: [TCP Query User{720BE36B-2681-48FA-83F9-1EA6624E5ED2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. → Epic Games, Inc.)
      FirewallRules: [UDP Query User{347B0AF5-9315-402B-A155-7CB03E2A4619}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. → Epic Games, Inc.)
      FirewallRules: [TCP Query User{4DBAD25F-3515-4AD0-84C1-BB65640AE2D6}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => No File
      FirewallRules: [UDP Query User{7FDEF80D-1C95-4AF4-A84D-478F38465E0F}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => No File
      FirewallRules: [{51BADCFD-1524-4518-BCCB-69D995A1D84F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
      FirewallRules: [{8CFAA129-AAFE-4A76-9B4D-2DEA4C8BA803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
      FirewallRules: [{682F4526-223F-4FC9-8719-283C43AB8B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited → Warner Bros. Interactive Entertainment)
      FirewallRules: [{15EFA912-F759-4408-981D-6C48184C0F4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited → Warner Bros. Interactive Entertainment)
      FirewallRules: [{02B17D0C-183C-4340-823A-E50770CD1F91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. → )
      FirewallRules: [{8BDAFFD8-17BC-47B9-B3BB-174DB92BC0C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. → )
      FirewallRules: [{FA819B75-6D39-46AB-AB08-F066B9807149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe () [File not signed]
      FirewallRules: [{EC087305-3C3C-4488-9195-E619082AD093}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe () [File not signed]
      FirewallRules: [{5EECE9BE-67AA-4277-B987-3E8F231D0717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
      FirewallRules: [{47457C44-C99A-427B-98FD-55040C6BEE4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
      FirewallRules: [{1A4536A8-A61F-4EF5-BE27-B060B6BB9E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
      FirewallRules: [{DD40E265-7F5C-41A1-B01B-E5794436B351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
      FirewallRules: [{A5C02843-87BF-487B-BDE5-76E91196E836}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe (Frontier Developments) [File not signed]
      FirewallRules: [{0EA75AAF-9E68-4FC1-9465-D706535FB032}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe (Frontier Developments) [File not signed]
      FirewallRules: [{BE517293-7031-44FD-B805-3B97D75291FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [File not signed]
      FirewallRules: [{6913F13B-21A9-4358-9D22-69B13A5988D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [File not signed]
      FirewallRules: [TCP Query User{428567E3-DCF1-43E0-823F-43E66C1172D4}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. → Gearbox)
      FirewallRules: [UDP Query User{EDD270BD-33A4-4D23-8911-54889952116D}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. → Gearbox)
      FirewallRules: [{C8317C52-81E8-4FD5-B32D-C14944E1E3E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe () [File not signed]
      FirewallRules: [{64496028-9971-4762-8A14-C32157367B0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe () [File not signed]
      FirewallRules: [{6015F536-33A1-403C-930F-BF55A56D18D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let’s Build a Zoo\LetsBuildAZoo.exe () [File not signed]
      FirewallRules: [{DFA76206-F250-4D5C-9F49-0A553A618194}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let’s Build a Zoo\LetsBuildAZoo.exe () [File not signed]
      FirewallRules: [{10D3F82E-CEED-43F4-9766-2ADC6D195A48}] => (Allow) C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe (PROXIMA BETA PTE. LIMITED → )
      FirewallRules: [{62AFA97B-3BB9-4F2D-97B9-02E3E3490107}] => (Allow) C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe (PROXIMA BETA PTE. LIMITED → )
      FirewallRules: [{93245947-A952-4E51-9D65-9ABB3938F054}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe (PROXIMA BETA PTE. LIMITED → )
      FirewallRules: [{DF332FDA-9AB0-4BC4-A268-023C44463508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe (PROXIMA BETA PTE. LIMITED → )
      FirewallRules: [{AD711615-7501-4B5E-9A27-3A27DFD9D3E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed]
      FirewallRules: [{D1313D8E-590F-4F4F-AA41-103FFFF5AED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed]
      FirewallRules: [{936FC9E1-B2C1-4E30-AE6E-6CBFACE67DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe () [File not signed]
      FirewallRules: [{529E0360-BABF-4472-BAFF-0F07128BD640}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe () [File not signed]
      FirewallRules: [{19CAC17B-DE11-4410-BED6-BD2693AA9235}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
      FirewallRules: [{BBB3C681-C329-402C-B61A-9F92B54A3A67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
      FirewallRules: [{DF9B3869-5C23-4DC0-908B-1AA54B3346AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
      FirewallRules: [{1C832D1B-A319-4A29-B3FB-AF6BACC689E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
      FirewallRules: [{162DC214-A4CF-4268-8E97-C339A62CAD04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{1488A539-BC86-4980-9DD2-4D7294A3390D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{4AC8966A-CFAA-4EA9-9F86-87970367A3EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{6D110F9D-BFE2-47E6-9EFC-59C7F2326541}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{F7B7BBCC-A44E-47BA-BEDC-6A824943BC65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{C9EC734E-CDD4-407F-8A52-80DA012430BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{3A4F53BB-DCDA-4AB8-B7AB-CFB294379710}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{BFD872B8-8DBD-4BFA-86B2-5CC0384850B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
      FirewallRules: [{0AD633F6-50DF-469D-B9D5-2BF84E4D019B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe (ArenaNet, LLc → ArenaNet)
      FirewallRules: [{0ADECEC3-2C6A-4FB8-A6D2-FC4DF229D2EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe (ArenaNet, LLc → ArenaNet)
      FirewallRules: [{8F191ED7-C474-4016-9ADD-813C4079DA1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{048ADAD1-EBF7-4451-87D5-58A42902BD7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{38CD2E10-BC28-4970-81B4-33376D6681D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{22F3941D-13D8-4824-9B47-208497D94795}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{E3ACFB0D-778A-438F-9FFF-46EB54557503}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{490BB848-5BBA-419A-B5B2-BD411176AFCB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{800BB005-B0C0-424A-8EE6-FB9110D191C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{541F2FD1-8AED-45DF-960C-F459F745C86F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB → Spotify Ltd)
      FirewallRules: [{15889E70-0598-4D48-943A-BB6F6ABF9048}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation → NVIDIA Corporation)
      FirewallRules: [{EDE2F5F5-BDBC-4A4C-95E5-12C3B608A9D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation → NVIDIA Corporation)
      FirewallRules: [{B0A1F3D1-1D3E-4D69-A1DE-615737AE6711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation → NVIDIA Corporation)
      FirewallRules: [{15C0EBE3-9C00-479B-AB2D-3A7220E7763E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation → NVIDIA Corporation)
      FirewallRules: [{9623E8D7-BE2D-430A-BDD7-BED32CE62CA0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.53\msedgewebview2.exe (Microsoft Corporation → Microsoft Corporation)
      FirewallRules: [{7533ECE6-4D8C-4F56-B17B-985B8890989E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC → Google LLC)
      
      ==================== Restore Points =========================
      
      ==================== Faulty Device Manager Devices ============
      
      Name: Intel(R) Wireless Bluetooth(R)
      Description: Intel(R) Wireless Bluetooth(R)
      Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
      Manufacturer: Intel Corporation
      Service: BTHUSB
      Problem: : This device is disabled. (Code 22)
      Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.
      
      ==================== Event log errors: ========================
      [HEADING=1]Application errors:[/HEADING]
      Error: (10/04/2022 09:55:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
      
      Process ID: 4700
      
      Start Time: 01d8d85c361f7079
      
      Termination Time: 4294967295
      
      Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
      
      Report Id: 857305fa-557f-49ca-a1da-df415a03d0a8
      
      Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
      
      Faulting package-relative application ID: ShellFeedsUI
      
      Hang type: Quiesce
      
      Error: (10/04/2022 09:13:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
      
      Process ID: 34a0
      
      Start Time: 01d8d792bf68edf0
      
      Termination Time: 4294967295
      
      Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
      
      Report Id: c6ffadc4-5804-4ae6-8705-d1e9373e8c4d
      
      Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
      
      Faulting package-relative application ID: ShellFeedsUI
      
      Hang type: Navigation
      
      Error: (10/03/2022 09:07:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
      
      Process ID: a28
      
      Start Time: 01d8d76b08a2e8d2
      
      Termination Time: 4294967295
      
      Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
      
      Report Id: 0be71fd8-1c71-45ee-bf5e-03f7e9c78876
      
      Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
      
      Faulting package-relative application ID: ShellFeedsUI
      
      Hang type: Navigation
      
      Error: (10/02/2022 08:09:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
      
      Process ID: 1968
      
      Start Time: 01d8d666c39d95a4
      
      Termination Time: 4294967295
      
      Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
      
      Report Id: 512e57fd-1f66-40d5-ac42-556f01a5a7da
      
      Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
      
      Faulting package-relative application ID: ShellFeedsUI
      
      Hang type: Navigation
      
      Error: (10/02/2022 02:28:01 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Faulting application name: SecurityService.exe, version: 5.17.470.0, time stamp: 0x609c79ed
      Faulting module name: coreclr.dll, version: 4.700.21.26205, time stamp: 0x609c3176
      Exception code: 0xc0000005
      Fault offset: 0x001b17ff
      Faulting process id: 0x4774
      Faulting application start time: 0x01d8d5c100e1b8ab
      Faulting application path: C:\Program Files (x86)\TotalAV\SecurityService.exe
      Faulting module path: C:\Program Files (x86)\TotalAV\coreclr.dll
      Report Id: 1df10e6c-e656-45e1-bc5d-6ed04721daae
      Faulting package full name:
      Faulting package-relative application ID:
      
      Error: (10/02/2022 02:28:01 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
      Description: Application: SecurityService.exe
      CoreCLR Version: 4.700.21.26205
      .NET Core Version: 3.1.16
      Description: The process was terminated due to an internal error in the .NET Runtime at IP 73A917FF (738E0000) with exit code c0000005.
      
      Error: (10/01/2022 02:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Faulting application name: SecurityService.exe, version: 5.17.470.0, time stamp: 0x609c79ed
      Faulting module name: coreclr.dll, version: 4.700.21.26205, time stamp: 0x609c3176
      Exception code: 0xc0000005
      Fault offset: 0x001b17ff
      Faulting process id: 0x1aa4
      Faulting application start time: 0x01d8d5094a81e410
      Faulting application path: C:\Program Files (x86)\TotalAV\SecurityService.exe
      Faulting module path: C:\Program Files (x86)\TotalAV\coreclr.dll
      Report Id: 674b889c-2294-47e7-b147-699b00f6c573
      Faulting package full name:
      Faulting package-relative application ID:
      
      Error: (10/01/2022 02:07:17 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
      Description: Application: SecurityService.exe
      CoreCLR Version: 4.700.21.26205
      .NET Core Version: 3.1.16
      Description: The process was terminated due to an internal error in the .NET Runtime at IP 73A917FF (738E0000) with exit code c0000005.
      [HEADING=1]System errors:[/HEADING]
      Error: (10/04/2022 10:50:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: The LMS service failed to start due to the following error:
      The system cannot find the file specified.
      
      Error: (10/04/2022 10:50:49 PM) (Source: EventLog) (EventID: 6008) (User: )
      Description: The previous system shutdown at 9:55:58 PM on ‎10/‎4/‎2022 was unexpected.
      
      Error: (10/04/2022 10:50:35 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
      Description: 3221225684A fatal error occurred processing the restoration data.
      
      Error: (10/03/2022 10:11:28 PM) (Source: volsnap) (EventID: 36) (User: )
      Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
      
      Error: (10/01/2022 08:03:06 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-Q1JOHSV)
      Description: DCOM got error “1053” attempting to start the service BcastDVRUserService_b7409c with arguments “Unavailable” in order to run the server:
      Windows.Media.Capture.Internal.AppCaptureShell
      
      Error: (10/01/2022 08:03:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: The GameDVR and Broadcast User Service_b7409c service failed to start due to the following error:
      The service did not respond to the start or control request in a timely fashion.
      
      Error: (10/01/2022 08:03:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: A timeout was reached (30000 milliseconds) while waiting for the GameDVR and Broadcast User Service_b7409c service to connect.
      
      Error: (09/30/2022 08:22:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-Q1JOHSV)
      Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.
      [HEADING=1]CodeIntegrity:[/HEADING]
      Date: 2022-10-04 22:51:12
      Description:
      Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\TotalAV\wscf.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
      ==================== Memory info ===========================
      
      BIOS: American Megatrends Inc. 1.30 11/13/2018
      Motherboard: Micro-Star International Co., Ltd. Z390-A PRO (MS-7B98)
      Processor: Intel(R) Core™ i9-9900K CPU @ 3.60GHz
      Percentage of memory in use: 35%
      Total physical RAM: 16322.22 MB
      Available physical RAM: 10595.92 MB
      Total Virtual: 23746.22 MB
      Available Virtual: 16038.85 MB
      
      ==================== Drives ================================
      
      Drive c: (Windows) (Fixed) (Total:930.91 GB) (Free:281.88 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS
      Drive e: () (Removable) (Total:59.45 GB) (Free:59.25 GB) exFAT
      
      \?\Volume{ed66a517-4258-426b-a50e-03cd01dd91fa}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
      \?\Volume{04c32886-782f-41e9-aaf8-130ee3064fc7}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
      
      ==================== MBR & Partition Table ====================
      
      ==========================================================
      Disk: 0 (Size: 931.5 GB) (Disk ID: 70ADC483)
      
      Partition: GPT.
      
      ==========================================================
      Disk: 2 (Size: 59.5 GB) (Disk ID: D9CD6FA1)
      Partition 1: (Not Active) - (Size=59.5 GB) - (Type=07 NTFS)
      
      ==================== End of Addition.txt =======================

      Comment

      • Rum_Ham
        PCHF Member
        • Oct 2022
        • 8

        #4
        OK the AdwCleaner removed my TotalAV for some odd reason, but I can just activate it again with my account info for it, that log you requested is posted below followed by the ESET Online Scanner log.

        Code:
        [HEADING=1]-------------------------------[/HEADING]
        [HEADING=1]Malwarebytes AdwCleaner 8.4.0.0[/HEADING]
        [HEADING=1]-------------------------------[/HEADING]
        [HEADING=1]Build: 08-30-2022[/HEADING]
        [HEADING=1]Database: 2022-08-22.1 (Cloud)[/HEADING]
        [HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
        [HEADING=1]-------------------------------[/HEADING]
        [HEADING=1]Mode: Clean[/HEADING]
        [HEADING=1]-------------------------------[/HEADING]
        [HEADING=1]Start: 10-05-2022[/HEADING]
        [HEADING=1]Duration: 00:00:08[/HEADING]
        [HEADING=1]OS: Windows 10 (Build 19043.2006)[/HEADING]
        [HEADING=1]Cleaned: 19[/HEADING]
        [HEADING=1]Awaiting reboot:3[/HEADING]
        [HEADING=1]Failed: 0[/HEADING]
        ***** [ Services ] *****
        
        Deleted SecurityService
        Deleted webshieldfilter
        
        ***** [ Folders ] *****
        
        Deleted C:\ProgramData\SecuritySuite
        Deleted C:\Users\satch\AppData\Roaming\Tencent
        Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
        Needs Reboot C:\Program Files (x86)\TotalAV
        Needs Reboot C:\ProgramData\TotalAV
        
        ***** [ Files ] *****
        
        Deleted C:\END
        Deleted C:\Users\Public\Desktop\TotalAV.lnk
        Deleted C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
        Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys
        
        ***** [ DLL ] *****
        
        No malicious DLLs cleaned.
        
        ***** [ WMI ] *****
        
        No malicious WMI cleaned.
        
        ***** [ Shortcuts ] *****
        
        No malicious shortcuts cleaned.
        
        ***** [ Tasks ] *****
        
        No malicious tasks cleaned.
        
        ***** [ Registry ] *****
        
        Deleted HKCU\Software\SSProtect
        Deleted HKLM\SOFTWARE\Classes*\shell\TotalAV
        Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
        Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
        Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
        Deleted HKLM\Software\Classes\totalav
        Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
        Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
        
        ***** [ Chromium (and derivatives) ] *****
        
        No malicious Chromium entries cleaned.
        
        ***** [ Chromium URLs ] *****
        
        No malicious Chromium URLs cleaned.
        
        ***** [ Firefox (and derivatives) ] *****
        
        No malicious Firefox entries cleaned.
        
        ***** [ Firefox URLs ] *****
        
        No malicious Firefox URLs cleaned.
        
        ***** [ Hosts File Entries ] *****
        
        No malicious hosts file entries cleaned.
        
        ***** [ Preinstalled Software ] *****
        
        No Preinstalled Software cleaned.
        [HR][/HR]
        [+] Delete Tracing Keys
        [+] Reset Winsock
        [HR][/HR]
        ***** Reboot Required to Complete *****
        
        ***** [ Folders ] *****
        
        Cleaning failed C:\Program Files (x86)\TotalAV
        Cleaning failed C:\ProgramData\TotalAV
        [HR][/HR]
        ***** [ Files ] *****
        
        Cleaning failed C:\Windows\System32\drivers\webshieldfilter.sys
        [HR][/HR]
        AdwCleaner[S00].txt - [2808 octets] - [05/10/2022 16:35:44]
        
        ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
        
        10/5/2022 17:47:21 PM
        Files scanned: 655312
        Detected files: 0
        Cleaned files: 0
        Total scan time: 00:28:20
        Scan status: Finished

        Comment

        • Malnutrition
          PCHF Moderator
          • Jul 2016
          • 7045

          #5
          Total AV is a known to be a scam, and is not recommended. I suggest removing it and just running windows defender, at least for the duration of your time here and the fixes we perform. You can always reinstall it at a later time if you wish.



          FRST Fix.

          Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


          Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
          Once you have started the program, you will need to click the scanner button.
          The program will close all open browsers!
          Once the scan is completed, the you will want to click the Repair button.
          At the end of the process you may be asked to reboot your machine.
          After you reboot a report will open on your desktop.
          Attach the report here in your next reply.



          ZHP Diag Scan Click here to download.
          Save to your desktop.
          Right Click Run as Admin.
          Click the Options button.
          Click on Check All
          Then click close.
          Click the Scanner button.
          When complete please push the report button.
          A notepad will open… attach the report in your next reply.

          Comment

          • Rum_Ham
            PCHF Member
            • Oct 2022
            • 8

            #6
            My Windows Defender will no longer turn on, I effectively have no antivirus, the last time I tried to as of this typing I got a message about IT administrator has not allowed me to use this page or something of that nature.

            Anyways here is the next 3 reports requested:

            Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2022
            [HEADING=1][spoiler]Ran by satch (06-10-2022 05:16:35) Run:1
            Running from C:\Users\satch\OneDrive\Desktop
            Loaded Profiles: satch
            Boot Mode: Normal[/spoiler][/HEADING][spoiler]
            fixlist content:


            Start::
            CloseProcesses:
            SystemRestore: On
            CreateRestorePoint:
            RemoveProxy:
            SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 → DefaultScope {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
            SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 → {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
            FirewallRules: [UDP Query User{7B770B6C-1DCC-480C-B5F0-160854436719}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
            FirewallRules: [TCP Query User{E2A41CC3-3EE8-4B76-ABF5-571E3CDF603A}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
            FirewallRules: [UDP Query User{BDAA3302-15DD-4C10-8F8A-D4BB36E6AC69}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
            FirewallRules: [TCP Query User{AB1565DF-FE75-4A2A-AB5E-2EF6A201D5EE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
            FirewallRules: [UDP Query User{AB5EFFFD-28CF-4C99-A5B8-FD4DE04A24C3}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\p athoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\p athoftitans-win64-shipping.exe => No File
            FirewallRules: [TCP Query User{29F5D4CF-4F93-4807-8E10-04A196C9EC2D}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\p athoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\p athoftitans-win64-shipping.exe => No File
            FirewallRules: [UDP Query User{44C69867-565E-4875-BD60-FACC0DC41928}C:\users\satch\desktop\wasteland.3.me at.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.mari nade\wasteland 3\wl3.exe => No File
            FirewallRules: [TCP Query User{8BA9D230-6483-4596-9C02-F95670E032B1}C:\users\satch\desktop\wasteland.3.me at.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.mari nade\wasteland 3\wl3.exe => No File
            FirewallRules: [UDP Query User{BB70D444-7BE4-4509-B14C-A85443FD65C1}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
            FirewallRules: [TCP Query User{BA68F78D-D535-422E-89BC-8097A2F82715}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
            FirewallRules: [UDP Query User{050A4E06-B333-448C-8CC1-06903C05567A}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
            FirewallRules: [TCP Query User{68676177-777E-41A6-96ED-448E47C2364C}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
            FirewallRules: [UDP Query User{092D9332-2E48-4675-A2B9-453C0277F869}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
            FirewallRules: [TCP Query User{0319F2A3-5307-4E62-AFB7-810141C77750}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
            FirewallRules: [UDP Query User{034F593B-10B1-45CC-AE9D-CD90281549FE}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
            FirewallRules: [TCP Query User{A8D1F84E-5332-44FD-890C-3004C73AA033}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
            FirewallRules: [UDP Query User{6FDFF054-C31F-4AE5-BA61-E3DCCCFA74C9}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
            FirewallRules: [TCP Query User{96BE7E36-6EE6-4EF0-94A9-6CBD938A14C5}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
            FirewallRules: [UDP Query User{816B8128-95A7-4D6C-B6CE-FF1F25C05C2B}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
            FirewallRules: [TCP Query User{6DCC1FD3-3D41-4F88-90C0-D380047EE548}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
            FirewallRules: [UDP Query User{12FA77F6-97E1-45C7-BD30-041983A5087B}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beast sofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beast sofbermuda\binaries\win64\beastsofbermuda.exe => No File
            FirewallRules: [TCP Query User{42D53B9F-11A8-44ED-B6A6-094DF82730FB}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beast sofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beast sofbermuda\binaries\win64\beastsofbermuda.exe => No File
            FirewallRules: [UDP Query User{C92408D1-B04C-44A9-B99B-9983DA5760C7}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
            FirewallRules: [TCP Query User{644A5139-23AD-4EA0-AA08-619DB543CBBD}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
            FirewallRules: [UDP Query User{0386548A-12AC-47D2-9BEA-5EBBB6D16A9A}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
            FirewallRules: [TCP Query User{5A78F558-031F-479E-9696-F0BDD96065F6}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
            FirewallRules: [{7B96F598-0900-4C46-AFC8-77993225C4C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
            FirewallRules: [{A295EB33-FCC4-4863-8BCA-87864E1299A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
            FirewallRules: [TCP Query User{D73C2AFF-CF08-40A9-86FE-80367A389144}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
            FirewallRules: [UDP Query User{CC5B77AA-F6D6-4ED8-9A58-800509A42EA8}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
            FirewallRules: [TCP Query User{8EFA607B-7BDF-45A7-A8A5-118ED78AFC32}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
            FirewallRules: [UDP Query User{AB910DF9-1417-4BAD-971B-7D8FAD90F8DE}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
            FirewallRules: [TCP Query User{82DC041A-B2F9-4357-ACA0-89BDDE132174}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
            FirewallRules: [UDP Query User{EA1AF87C-F801-41D8-9121-9F45635DD9CE}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
            FirewallRules: [TCP Query User{7FEDA863-2B6A-4C51-A16E-BF8AC74C31E8}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
            FirewallRules: [UDP Query User{9B602C86-7FC2-4F23-9A7B-A0B9834B577F}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
            FirewallRules: [TCP Query User{F3F91828-04B4-40F2-8322-1A7BCF166335}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
            FirewallRules: [UDP Query User{21B1969D-71BB-42AB-A2B9-A73E7F205869}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
            FirewallRules: [TCP Query User{DF345B06-8C16-4D35-AA72-E7987186995C}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
            FirewallRules: [UDP Query User{11BF7C4D-01F0-4FC1-BB52-3BE505CF62B4}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
            FirewallRules: [TCP Query User{3B83EFC8-0CBB-483A-8DF1-7DB8FCD312B4}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorde r.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorde r.exe => No File
            FirewallRules: [UDP Query User{A4A547BD-FF90-44DE-AA71-56B380A59D8B}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorde r.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorde r.exe => No File
            FirewallRules: [TCP Query User{73612BAF-0812-4CDB-BDBD-DE5F7C7EA3D5}C:\users\satch\appdata\local\citra\ni ghtly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
            FirewallRules: [UDP Query User{975413B2-02BC-44DE-BFAA-A3D7D5E0F056}C:\users\satch\appdata\local\citra\ni ghtly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
            FirewallRules: [TCP Query User{2B5598EA-A334-4D14-A0C6-26B5A22AED29}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
            FirewallRules: [UDP Query User{A3CA4C29-8599-457C-881E-D07434CF8CFA}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
            FirewallRules: [TCP Query User{C1D1D203-BA80-42C5-A7FE-77C67DC46574}C:\users\satch\desktop\feed.and.grow. fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0. 2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
            FirewallRules: [UDP Query User{CB3DB246-879A-486B-B230-53505C8D0410}C:\users\satch\desktop\feed.and.grow. fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0. 2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
            FirewallRules: [TCP Query User{7337DBB1-CD45-4D39-93FE-83A6AB77F22F}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
            FirewallRules: [UDP Query User{4DA77076-239C-4760-98EB-E5B11C06B055}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
            FirewallRules: [TCP Query User{3B8C6209-5BFB-43DD-968A-2ACC5383EC76}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
            FirewallRules: [UDP Query User{ABFC92A7-AB7C-4CEF-9ACA-0B18426BD7AF}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
            FirewallRules: [TCP Query User{83197F3A-7590-43F9-B0F7-56EA65DF201D}C:\users\satch\appdata\roaming\utorre nt web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
            FirewallRules: [UDP Query User{861ABC38-2C97-4280-89B5-04342011EE8D}C:\users\satch\appdata\roaming\utorre nt web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
            FirewallRules: [TCP Query User{EB2A34BB-359B-490F-A57C-EA32D21A05C9}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
            FirewallRules: [UDP Query User{D8E6962B-B85C-4A8D-81F1-8D69855FDA57}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
            FirewallRules: [TCP Query User{208FA2FC-51B9-42CA-BE99-B56F40A6CEEC}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
            FirewallRules: [UDP Query User{5C540BEE-DA17-4EF8-81B6-9D8D54B47224}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
            FirewallRules: [TCP Query User{FD6DB533-F2C2-4A1F-82A5-6156E1B805C7}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
            FirewallRules: [UDP Query User{2620784C-22E0-40FC-A584-511B99ABF987}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
            FirewallRules: [TCP Query User{4DBAD25F-3515-4AD0-84C1-BB65640AE2D6}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient. exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient. exe => No File
            FirewallRules: [UDP Query User{7FDEF80D-1C95-4AF4-A84D-478F38465E0F}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient. exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient. exe => No File
            FirewallRules: [{1A4536A8-A61F-4EF5-BE27-B060B6BB9E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
            FirewallRules: [{DD40E265-7F5C-41A1-B01B-E5794436B351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
            FirewallRules: [{162DC214-A4CF-4268-8E97-C339A62CAD04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{1488A539-BC86-4980-9DD2-4D7294A3390D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{4AC8966A-CFAA-4EA9-9F86-87970367A3EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{6D110F9D-BFE2-47E6-9EFC-59C7F2326541}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{F7B7BBCC-A44E-47BA-BEDC-6A824943BC65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{C9EC734E-CDD4-407F-8A52-80DA012430BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{3A4F53BB-DCDA-4AB8-B7AB-CFB294379710}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            FirewallRules: [{BFD872B8-8DBD-4BFA-86B2-5CC0384850B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870 .0_x86__zpdnekdrzrea0\Spotify.exe => No File
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [utweb] => “C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe” /MINIMIZED (No File)
            Task: {03BC766E-FF4F-4F0D-B5AA-70F448A320FF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
            Task: {1F398CB2-E47C-4BCF-A928-3A75AF6191AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon (No File)
            Task: {C5465FD6-0785-479A-9925-B54C7FD44F30} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\ProgramHKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [utweb] => “C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe” /MINIMIZED (No File)
            Task: {EFD9E021-6178-4E60-991A-017D1AA11581} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
            GroupPolicy: Restriction ? <==== ATTENTION
            Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003...\Run: [utweb] => “C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe” /MINIMIZED (No File)
            Edge Extension: (No Name) → AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
            Edge Extension: (No Name) → BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
            Edge Extension: (No Name) → LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
            Edge Extension: (No Name) → PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

            CMD: sc stop WSearch
            CMD: sc config WSearch start= disabled
            CMD: sc stop lfsvc
            CMD: sc config lfsvc start= disabled
            CMD: del /s /q %ProgramData%\Microsoft\Diagnosis\ETLLogs\AutoLogg er\AutoLogger-Diagtrack-Listener.etl
            CMD: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQM Client\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
            CMD: reg add hklm\system\currentcontrolset\services\tcpip6\para meters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
            CMD: ipconfig /flushdns
            C:\Windows\Temp*.*
            C:\WINDOWS\system32*.tmp
            C:\WINDOWS\syswow64*.tmp
            emptytemp:
            Reboot:
            End::


            Processes closed successfully.
            SystemRestore: On => completed
            Restore point was successfully created.

            ========= RemoveProxy: =========

            “HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\Internet Settings\Connections\DefaultConnectionSettings” => removed successfully
            “HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\Internet Settings\Connections\SavedLegacySettings” => removed successfully
            “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\DefaultConnectionSettings” => removed successfully
            “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\SavedLegacySettings” => removed successfully

            ========= End of RemoveProxy: =========

            “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope” => removed successfully
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{DCD4E047-FB67-439A-9FD5-732F5B759F32} => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{7B770B6C-1DCC-480C-B5F0-160854436719}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{E2A41CC3-3EE8-4B76-ABF5-571E3CDF603A}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{BDAA3302-15DD-4C10-8F8A-D4BB36E6AC69}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{AB1565DF-FE75-4A2A-AB5E-2EF6A201D5EE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{AB5EFFFD-28CF-4C99-A5B8-FD4DE04A24C3}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\p athoftitans-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{29F5D4CF-4F93-4807-8E10-04A196C9EC2D}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\p athoftitans-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{44C69867-565E-4875-BD60-FACC0DC41928}C:\users\satch\desktop\wasteland.3.me at.maker.marinade\wasteland 3\wl3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{8BA9D230-6483-4596-9C02-F95670E032B1}C:\users\satch\desktop\wasteland.3.me at.maker.marinade\wasteland 3\wl3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{BB70D444-7BE4-4509-B14C-A85443FD65C1}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{BA68F78D-D535-422E-89BC-8097A2F82715}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{050A4E06-B333-448C-8CC1-06903C05567A}C:\gog games\wasteland 3\wl3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{68676177-777E-41A6-96ED-448E47C2364C}C:\gog games\wasteland 3\wl3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{092D9332-2E48-4675-A2B9-453C0277F869}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{0319F2A3-5307-4E62-AFB7-810141C77750}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{034F593B-10B1-45CC-AE9D-CD90281549FE}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{A8D1F84E-5332-44FD-890C-3004C73AA033}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{6FDFF054-C31F-4AE5-BA61-E3DCCCFA74C9}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{96BE7E36-6EE6-4EF0-94A9-6CBD938A14C5}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{816B8128-95A7-4D6C-B6CE-FF1F25C05C2B}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{6DCC1FD3-3D41-4F88-90C0-D380047EE548}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{12FA77F6-97E1-45C7-BD30-041983A5087B}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beast sofbermuda\binaries\win64\beastsofbermuda.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{42D53B9F-11A8-44ED-B6A6-094DF82730FB}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beast sofbermuda\binaries\win64\beastsofbermuda.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{C92408D1-B04C-44A9-B99B-9983DA5760C7}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{644A5139-23AD-4EA0-AA08-619DB543CBBD}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{0386548A-12AC-47D2-9BEA-5EBBB6D16A9A}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{5A78F558-031F-479E-9696-F0BDD96065F6}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{7B96F5 98-0900-4C46-AFC8-77993225C4C6}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{A295EB 33-FCC4-4863-8BCA-87864E1299A2}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{D73C2AFF-CF08-40A9-86FE-80367A389144}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{CC5B77AA-F6D6-4ED8-9A58-800509A42EA8}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{8EFA607B-7BDF-45A7-A8A5-118ED78AFC32}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{AB910DF9-1417-4BAD-971B-7D8FAD90F8DE}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{82DC041A-B2F9-4357-ACA0-89BDDE132174}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{EA1AF87C-F801-41D8-9121-9F45635DD9CE}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{7FEDA863-2B6A-4C51-A16E-BF8AC74C31E8}C:\gog games\age of wonders iii\aow3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{9B602C86-7FC2-4F23-9A7B-A0B9834B577F}C:\gog games\age of wonders iii\aow3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{F3F91828-04B4-40F2-8322-1A7BCF166335}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{21B1969D-71BB-42AB-A2B9-A73E7F205869}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{DF345B06-8C16-4D35-AA72-E7987186995C}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{11BF7C4D-01F0-4FC1-BB52-3BE505CF62B4}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{3B83EFC8-0CBB-483A-8DF1-7DB8FCD312B4}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorde r.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{A4A547BD-FF90-44DE-AA71-56B380A59D8B}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorde r.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{73612BAF-0812-4CDB-BDBD-DE5F7C7EA3D5}C:\users\satch\appdata\local\citra\ni ghtly-mingw\citra-qt.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{975413B2-02BC-44DE-BFAA-A3D7D5E0F056}C:\users\satch\appdata\local\citra\ni ghtly-mingw\citra-qt.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{2B5598EA-A334-4D14-A0C6-26B5A22AED29}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{A3CA4C29-8599-457C-881E-D07434CF8CFA}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{C1D1D203-BA80-42C5-A7FE-77C67DC46574}C:\users\satch\desktop\feed.and.grow. fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{CB3DB246-879A-486B-B230-53505C8D0410}C:\users\satch\desktop\feed.and.grow. fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{7337DBB1-CD45-4D39-93FE-83A6AB77F22F}C:\users\satch\downloads\nut.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{4DA77076-239C-4760-98EB-E5B11C06B055}C:\users\satch\downloads\nut.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{3B8C6209-5BFB-43DD-968A-2ACC5383EC76}C:\users\satch\desktop\nut for tinfoil\nut.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{ABFC92A7-AB7C-4CEF-9ACA-0B18426BD7AF}C:\users\satch\desktop\nut for tinfoil\nut.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{83197F3A-7590-43F9-B0F7-56EA65DF201D}C:\users\satch\appdata\roaming\utorre nt web\utweb.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{861ABC38-2C97-4280-89B5-04342011EE8D}C:\users\satch\appdata\roaming\utorre nt web\utweb.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{EB2A34BB-359B-490F-A57C-EA32D21A05C9}C:\program files\genshin impact\genshin impact game\genshinimpact.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{D8E6962B-B85C-4A8D-81F1-8D69855FDA57}C:\program files\genshin impact\genshin impact game\genshinimpact.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{208FA2FC-51B9-42CA-BE99-B56F40A6CEEC}C:\program files\avast software\secureline vpn\vpn.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{5C540BEE-DA17-4EF8-81B6-9D8D54B47224}C:\program files\avast software\secureline vpn\vpn.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{FD6DB533-F2C2-4A1F-82A5-6156E1B805C7}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{2620784C-22E0-40FC-A584-511B99ABF987}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\TCP Query User{4DBAD25F-3515-4AD0-84C1-BB65640AE2D6}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient. exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\UDP Query User{7FDEF80D-1C95-4AF4-A84D-478F38465E0F}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient. exe” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{1A4536 A8-A61F-4EF5-BE27-B060B6BB9E27}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{DD40E2 65-7F5C-41A1-B01B-E5794436B351}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{162DC2 14-A4CF-4268-8E97-C339A62CAD04}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{1488A5 39-BC86-4980-9DD2-4D7294A3390D}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{4AC896 6A-CFAA-4EA9-9F86-87970367A3EB}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{6D110F 9D-BFE2-47E6-9EFC-59C7F2326541}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{F7B7BB CC-A44E-47BA-BEDC-6A824943BC65}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{C9EC73 4E-CDD4-407F-8A52-80DA012430BD}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{3A4F53 BB-DCDA-4AB8-B7AB-CFB294379710}” => removed successfully
            “HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\{BFD872 B8-8DBD-4BFA-86B2-5CC0384850B9}” => removed successfully
            “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Microsoft\Windows\CurrentVersion\Run \utweb” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{03BC766 E-FF4F-4F0D-B5AA-70F448A320FF}” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{03BC766 E-FF4F-4F0D-B5AA-70F448A320FF}” => removed successfully
            C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpd ateTaskMachineUA” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{1F398CB 2-E47C-4BCF-A928-3A75AF6191AE}” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{1F398CB 2-E47C-4BCF-A928-3A75AF6191AE}” => removed successfully
            C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => moved successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{C5465FD 6-0785-479A-9925-B54C7FD44F30}” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{C5465FD 6-0785-479A-9925-B54C7FD44F30}” => removed successfully
            C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => moved successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{EFD9E02 1-6178-4E60-991A-017D1AA11581}” => removed successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{EFD9E02 1-6178-4E60-991A-017D1AA11581}” => removed successfully
            C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCo re => moved successfully
            “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpd ateTaskMachineCore” => removed successfully
            C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
            C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
            C:\ProgramData\NTUSER.pol => moved successfully
            “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Microsoft\Windows\CurrentVersion\Run \utweb” => not found
            HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\ Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE 08 => removed successfully
            HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\ Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
            HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\ Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
            HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\ Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully

            ========= sc stop WSearch =========

            SERVICE_NAME: WSearch
            TYPE : 10 WIN32_OWN_PROCESS
            STATE : 3 STOP_PENDING
            (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
            WIN32_EXIT_CODE : 0 (0x0)
            SERVICE_EXIT_CODE : 0 (0x0)
            CHECKPOINT : 0x1
            WAIT_HINT : 0x7530

            ========= End of CMD: =========

            ========= sc config WSearch start= disabled =========

            [SC] ChangeServiceConfig SUCCESS

            ========= End of CMD: =========

            ========= sc stop lfsvc =========

            SERVICE_NAME: lfsvc
            TYPE : 30 WIN32
            STATE : 3 STOP_PENDING
            (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
            WIN32_EXIT_CODE : 0 (0x0)
            SERVICE_EXIT_CODE : 0 (0x0)
            CHECKPOINT : 0x2
            WAIT_HINT : 0x2710

            ========= End of CMD: =========

            ========= sc config lfsvc start= disabled =========

            [SC] ChangeServiceConfig SUCCESS

            ========= End of CMD: =========

            ========= del /s /q %ProgramData%\Microsoft\Diagnosis\ETLLogs\AutoLogg er\AutoLogger-Diagtrack-Listener.etl =========

            Could Not Find C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLog ger\AutoLogger-Diagtrack-Listener.etl

            ========= End of CMD: =========

            ========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQM Client\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF =========

            The operation completed successfully.

            ========= End of CMD: =========

            ========= reg add hklm\system\currentcontrolset\services\tcpip6\para meters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF =========

            The operation completed successfully.

            ========= End of CMD: =========

            ========= ipconfig /flushdns =========

            Windows IP Configuration

            Successfully flushed the DNS Resolver Cache.

            ========= End of CMD: =========

            =========== “C:\Windows\Temp*.*” ==========

            C:\Windows\Temp\9a0c0cdc-4be1-405e-a7f4-ccc145fa6894.tmp => moved successfully
            C:\Windows\Temp\chrome_installer.log => moved successfully
            C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
            C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
            C:\Windows\Temp\MpCmdRun.log => moved successfully
            C:\Windows\Temp\msedge_installer.log => moved successfully
            C:\Windows\Temp\wct107D.tmp => moved successfully
            C:\Windows\Temp\wct1287.tmp => moved successfully
            C:\Windows\Temp\wct15AE.tmp => moved successfully
            C:\Windows\Temp\wct1680.tmp => moved successfully
            C:\Windows\Temp\wct27FC.tmp => moved successfully
            C:\Windows\Temp\wct28FC.tmp => moved successfully
            C:\Windows\Temp\wct2BB6.tmp => moved successfully
            C:\Windows\Temp\wct2D05.tmp => moved successfully
            C:\Windows\Temp\wct37E8.tmp => moved successfully
            C:\Windows\Temp\wct41FB.tmp => moved successfully
            C:\Windows\Temp\wct44EF.tmp => moved successfully
            C:\Windows\Temp\wct478C.tmp => moved successfully
            C:\Windows\Temp\wct4A84.tmp => moved successfully
            C:\Windows\Temp\wct4C01.tmp => moved successfully
            C:\Windows\Temp\wct53EC.tmp => moved successfully
            C:\Windows\Temp\wct5425.tmp => moved successfully
            C:\Windows\Temp\wct56CB.tmp => moved successfully
            C:\Windows\Temp\wct57A7.tmp => moved successfully
            C:\Windows\Temp\wct5ABD.tmp => moved successfully
            C:\Windows\Temp\wct5D07.tmp => moved successfully
            C:\Windows\Temp\wct5FC8.tmp => moved successfully
            C:\Windows\Temp\wct619D.tmp => moved successfully
            C:\Windows\Temp\wct652D.tmp => moved successfully
            C:\Windows\Temp\wct6935.tmp => moved successfully
            C:\Windows\Temp\wct6AFB.tmp => moved successfully
            C:\Windows\Temp\wct7510.tmp => moved successfully
            C:\Windows\Temp\wct752D.tmp => moved successfully
            C:\Windows\Temp\wct7A53.tmp => moved successfully
            C:\Windows\Temp\wct7D13.tmp => moved successfully
            C:\Windows\Temp\wct7F26.tmp => moved successfully
            C:\Windows\Temp\wct80F2.tmp => moved successfully
            C:\Windows\Temp\wct85F6.tmp => moved successfully
            C:\Windows\Temp\wct8661.tmp => moved successfully
            C:\Windows\Temp\wct8C22.tmp => moved successfully
            C:\Windows\Temp\wct92F2.tmp => moved successfully
            C:\Windows\Temp\wct967D.tmp => moved successfully
            C:\Windows\Temp\wct9A3D.tmp => moved successfully
            C:\Windows\Temp\wct9E93.tmp => moved successfully
            C:\Windows\Temp\wctA545.tmp => moved successfully
            C:\Windows\Temp\wctA96D.tmp => moved successfully
            C:\Windows\Temp\wctABD4.tmp => moved successfully
            C:\Windows\Temp\wctAEE2.tmp => moved successfully
            C:\Windows\Temp\wctAFAE.tmp => moved successfully
            C:\Windows\Temp\wctB0DA.tmp => moved successfully
            C:\Windows\Temp\wctC2E2.tmp => moved successfully
            C:\Windows\Temp\wctC5B5.tmp => moved successfully
            C:\Windows\Temp\wctC739.tmp => moved successfully
            C:\Windows\Temp\wctD51E.tmp => moved successfully
            C:\Windows\Temp\wctD936.tmp => moved successfully
            C:\Windows\Temp\wctDAB6.tmp => moved successfully
            C:\Windows\Temp\wctDC2B.tmp => moved successfully
            C:\Windows\Temp\wctDE4A.tmp => moved successfully
            C:\Windows\Temp\wctDE9D.tmp => moved successfully
            C:\Windows\Temp\wctDFC7.tmp => moved successfully
            C:\Windows\Temp\wctE1EA.tmp => moved successfully
            C:\Windows\Temp\wctE39A.tmp => moved successfully
            C:\Windows\Temp\wctEAEC.tmp => moved successfully
            C:\Windows\Temp\wctEF62.tmp => moved successfully
            C:\Windows\Temp\wctF5E3.tmp => moved successfully
            C:\Windows\Temp\wctF65A.tmp => moved successfully
            C:\Windows\Temp\wctFACB.tmp => moved successfully
            C:\Windows\Temp\wctFB86.tmp => moved successfully
            C:\Windows\Temp\wctFEF3.tmp => moved successfully
            C:\Windows\Temp\wctFFDD.tmp => moved successfully

            ========= End → “C:\Windows\Temp*.*” ========

            =========== “C:\WINDOWS\system32*.tmp” ==========

            not found

            ========= End → “C:\WINDOWS\system32*.tmp” ========

            =========== “C:\WINDOWS\syswow64*.tmp” ==========

            not found

            ========= End → “C:\WINDOWS\syswow64*.tmp” ========

            =========== EmptyTemp: ==========

            FlushDNS => completed
            BITS transfer queue => 0 B
            DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43359435 B
            Java, Discord, Steam htmlcache => 1139460478 B
            Windows/system/drivers => 2859 B
            Edge => 1317614 B
            Chrome => 2287296426 B
            Firefox => 0 B
            Opera => 0 B

            Temp, IE cache, history, cookies, recent:
            Default => 0 B
            ProgramData => 0 B
            Public => 0 B
            systemprofile => 116342948 B
            systemprofile32 => 196084576 B
            LocalService => 197948398 B
            NetworkService => 197948398 B
            satch => 268447524 B

            RecycleBin => 0 B
            EmptyTemp: => 4.1 GB temporary data Removed.

            ================================

            The system needed a reboot.

            ==== End of Fixlog 05:24:13 ====[/spoiler]

            Code:
            ~ ZHPCleaner v2022.10.4.79 by Nicolas Coolman (2022/10/04)
            ~ Run by satch (Administrator) (06/10/2022 16:43:17)
            ~ Web: https://www.nicolascoolman.com
            ~ Blog: https://nicolascoolman.eu/
            ~ Facebook : ZHP
            ~ State version : Version OK
            ~ Type : Repair
            ~ Report : C:\Users\satch\OneDrive\Desktop\ZHPCleaner (R).txt
            ~ Quarantine : C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
            ~ System Restore Point : OK
            ~ UAC : Activate
            ~ Boot Mode : Normal (Normal boot)
            Windows 10 Home, 64-bit (Build 19043)
            
            —\ Alternate Data Stream (ADS). (0)
            ~ No malicious or unnecessary items found.
            
            —\ Services (0)
            ~ No malicious or unnecessary items found.
            
            —\ Browser internet (0)
            ~ No malicious or unnecessary items found.
            
            —\ Hosts file (1)
            ~ The hosts file is legitimate (21)
            
            —\ Scheduled automatic tasks. (1)
            DELETED task: [Adobe Flash Player PPAPI Notifier] [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe] =>Riskware.FlashPlayer
            
            —\ Explorer ( File, Folder) (12)
            MOVED file: C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
            MOVED file: C:\Users\satch\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
            MOVED file: C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe [Copyright (C) 2022 Pixel. All Rights Reserved. - Chimeraland downloader] =>Adware¨Pirrit
            MOVED file: C:\Windows\Prefetch\TOTALAV.EXE-775A7881.pf =>SUP.Optional.TotalAV
            MOVED folder: C:\Users\satch\AppData\Local\ChimeralandMiniLoader =>Adware¨Pirrit
            MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChimeralandMiniLoader =>Adware¨Pirrit
            MOVED folder: C:\Program Files (x86)\TotalAV =>SUP.Optional.TotalAV
            MOVED folder: C:\ProgramData\TotalAV =>SUP.Optional.TotalAV
            MOVED folder: C:\Users\satch\OneDrive\Documents\TotalAV =>SUP.Optional.TotalAV
            MOVED folder: C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord
            MOVED folder: C:\Documents and Settings\satch\Application Data\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord
            MOVED folder: C:\ProgramData\SecuritySuite =>SUP.Optional.ScanGuard
            
            —\ Registry ( Key, Value, Data) (17)
            DELETED key*: [X64] HKLM\SOFTWARE\57979c68-f490-55b8-8fed-8b017a5af2fe =>Adware.CrossRider
            DELETED key*: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 576] =>.SUP.FirefoxRestriction
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Discord =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\Discord [URL:Discord Protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-349134787773988865 [URL:Run game 349134787773988865 protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-413081698159296512 [URL:Run game 413081698159296512 protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-431033176782012416 [URL:Run game 431033176782012416 protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-452029545843785730 [URL:Run game 452029545843785730 protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-538196365122076713 [URL:Run game 538196365122076713 protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-582873364562182145 [URL:Run game 582873364562182145 protocol] =>.SUP.Discord
            DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-808398272078675989 [URL:Run game 808398272078675989 protocol] =>.SUP.Discord
            DELETED key**: HKCU\Software\Discord =>.SUP.Discord
            DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.] =>.SUP.Discord
            DELETED key*: [X64] HKLM\SOFTWARE\Classes\totalav [URL:Total AV Protocol] =>SUP.Optional.TotalAV
            DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier =>Riskware.FlashPlayer
            DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater =>Riskware.FlashPlayer
            DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI [Adobe] =>Riskware.FlashPlayer
            
            —\ Summary of the elements found (8)
            Zone Anti-Malware - ZAM =>Riskware.FlashPlayer
            Zone Anti-Malware - ZAM =>Préférences Chromium
            Zone Anti-Malware - ZAM =>Adware¨Pirrit
            Zone Anti-Malware - ZAM =>SUP.Optional.TotalAV
            Zone Anti-Malware - ZAM =>.SUP.Discord
            Zone Anti-Malware - ZAM =>SUP.Optional.ScanGuard
            Zone Anti-Malware - ZAM =>Adware.CrossRider
            Zone Anti-Malware - ZAM =>.SUP.FirefoxRestriction
            
            —\ Other deletions. (7)
            ~ Registry Keys Tracing deleted (7)
            ~ Remove the old reports ZHPCleaner. (0)
            
            —\ Result of repair
            ~ Repair carried out successfully
            ~ Google Chrome OK
            ~ Internet Explorer OK
            ~ The system has been restarted.
            
            —\ Statistics
            ~ Items scanned : 1142
            ~ Items found : 0
            ~ Items cancelled : 0
            ~ Space saving (bytes) : 0
            ~ Items options : 9/17
            
            —\ OPTIONS NOT ACTIVES
            ~ Temporary file analysis
            ~ Temporary folder analysis
            ~ Empty Folder CLSID Analysis
            ~ Empty Other Folder Analysis
            ~ Empty LocalLow Folder Analysis
            ~ Empty Local Folder Analysis
            ~ Obsolete Installer File Analysis
            ~ Start browsers with extensions removed
            
            ~ End of clean in 00h00mn33s
            
            —\ Reports (2)
            ZHPCleaner–06102022-16_41_45.txt
            ZHPCleaner-[R]-06102022-16_43_50.txt
            
            ~ ZHPDiag v2022.10.4.79 By Nicolas Coolman (2022/10/04)
            ~ Run by satch (Administrator) (2022/10/06 16:51:29)
            ~ Assistance: https://forum.nicolascoolman.eu/
            ~ Blog: https://nicolascoolman.eu/
            ~ Facebook: ZHP
            ~ Certificate ZHPDiag: Legal
            ~ State version: Version OK
            ~ Mode: Scan
            ~ Report: C:\Users\satch\OneDrive\Desktop\ZHPDiag.txt
            ~ Report: C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag.txt
            ~ UAC: Activate
            ~ System startup: Normal (Normal boot)
            Windows 10 Home, 64-bit (Build 19043) =>.Microsoft Corporation
            
            —\ Internet Browsers (3) - 0s
            ~ GCIE: Google Chrome v106.0.5249.103
            ~ MSIE: Internet Explorer v11.789.19041.0
            ~ OBIE: Microsoft Edge v106.0.1370.34
            
            —\ Windows Product Information (3) - 3s
            ~ Windows Server License Manager Script : OK
            ~ Licence Script File Génération : OK
            Windows Automatic Updates : OK
            
            —\ System protection software (2) - 1s
            Windows Defender W10 (Activate) (Protection)
            Malwarebytes version 4.5.14.210 v4.5.14.210 (Protection)
            
            —\ Informations on the system (6) - 0s
            ~ Operating System: Intel64 Family 6 Model 158 Stepping 12, GenuineIntel
            ~ Operating System: 64-bit
            ~ Boot mode: Normal (Normal boot)
            Total RAM: 16713.956 MB (78% free) : OK =>.RAM Value
            System Restore: Activé (Enable)
            System drive C: has 303 GB (31%) free of 953 GB : OK =>.Disk Space
            
            —\ Connection to the system mode (3) - 0s
            ~ Computer Name: DESKTOP-Q1JOHSV
            ~ User Name: satch
            ~ Logged in as Administrator
            
            —\ Enumeration of the disk units (2) - 0s
            ~ Drive C: has 303 GB free of 953 GB (System)
            ~ Drive E: has 60 GB free of 60 GB
            
            —\ SYSTEM DISK MAIN FEATURES (33) - 8s
            ~ Model: WDC WDS100T2B0A-00SM50 v401000WD (953 Gb )
            ~ Media Type: SSD Fixed Disk ( Bus: SATA)
            
            —\ SYSTEM DISK GENERAL ATTRIBUTES
            OK - N0 - Indicateur d’usure du périphérique de stockage (Storage Device Wear Indicator) (%): 0
            OK - N1 - Temps de latence maximal de vidage (Maximum Flash latency) (ms): 0.254
            OK - N2 - Temps de latence maximal d’écriture (Maximum write latency) (ms): 2.056
            RE - N3 - Temps de latence maximal de lecture (Maximum read latency) (ms): 4.019
            OK - N4 - Vitesse de rotation (Spindle Speed) (RPM): 0
            
            —\ S.M.A.R.T. PARAMETERS - [Flag][Value][Worst] [Threshold][Raw Value]
            OK - 05 - Nombre de secteurs réalloués (Reallocated Sector Count) - [50][100][100] [0][0]
            OK - 09 - Heures de fonctionnement (Power-On Hours Count (POH) - [50][100][100] [0][20671]
            OK - 0C - Nombre de cycles en fonctionnement (Power Cycles Count) - [50][100][100] [0][693]
            OK - A5 - Nombre de Blocs effacés (SLC) (Block Erase Count (SLC) ) - [50][100][100] [0][1292]
            OK - A6 - Minimum de cycles P/E (Minimum P/E Cycles) - [50][100][100] [0][2]
            OK - A7 - Maximum de blocs défectueux /puce (Maximum Bad Blocks per die) - [50][100][100] [0][30]
            OK - A8 - Maximum de cycles P/E (Maximum P/E Cycles) - [50][100][100] [0][28]
            RE - A9 - Nombre total de blocs défectueux (Total Bad Blocks) - [50][100][100] [0][476]
            OK - AA - Nombre de blocs réservés utilisés (Used Reserved Block Count) - [50][100][100] [0][0]
            OK - AB - Taux d’Echec du Programme (SSD Program Fail Count) - [50][100][100] [0][0]
            OK - AC - Taux d’Echec d’effacement (Erase Fail Count) - [50][100][100] [0][0]
            OK - AD - Nombre de blocs effacés (Average Block-Erase Count) - [50][100][100] [0][17]
            OK - AE - Nombre inattendu de perte de puissance (Unexpected Power Off Count) - [50][100][100] [0][34]
            OK - B8 - Nombre d’erreur de correction (Incorrectable Error Count) - [50][100][100] [0][0]
            OK - BB - Nombre d’erreurs incorrigibles (Reported Uncorrectable Errors) - [50][100][100] [0][0]
            OK - BC - Spécifique Constructeur - [50][100][100] [0][6]
            OK - C2 - Température interne actuelle (Temperature) - [34][68][54] [0][32]
            OK - C7 - Nombre d’erreurs CRC Ultra-DMA (CRC Error Count) - [50][100][100] [0][0]
            OK - E6 - Indicateur d’usure des supports (Media Wearout Indicator) - [50][2][2] [0][570]
            OK - E8 - Espace de réserve disponible (Available reserved Space) - [51][100][100] [4][100]
            OK - E9 - NAND GB Ecriture (NAND GB Written) - [50][100][100] [0][17885]
            OK - EA - Durée de vie d’écriture NAND (Lifetime NAND Writes) - [50][100][100] [0][30749]
            
            —\ State of the Windows Security Center (7) - 0s
            [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
            [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
            [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
            [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
            [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
            [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
            [HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
            
            —\ Search Generic System Files (25) - 0s
            [MD5.662F4F92FDE3557E86D110526BB578D5] - 15/09/2022 - (.Microsoft Corporation - Windows Explorer.) – C:\WINDOWS\Explorer.exe [5141208] =>.Microsoft®
            [MD5.EF3179D498793BF4234F708D3BE28633] - 19/02/2021 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [71680] [Unsigned] =>.Microsoft Corporation
            [MD5.3588C1AC44DCE86A043310B07679C508] - 12/04/2022 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\WINDOWS\System32\Wininit.exe [420472] [Unsigned] =>.Microsoft Corporation
            [MD5.11F7419009AF2874C4B0E4505D185D79] - 08/03/2022 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\WINDOWS\System32\wininet.dll [5038592] [Unsigned] =>.Microsoft Corporation
            [MD5.F8B41A1B3E569E7E6F990567F21DCE97] - 10/08/2022 - (.Microsoft Corporation - Windows Logon Application.) – C:\WINDOWS\System32\Winlogon.exe [906240] [Unsigned] =>.Microsoft Corporation
            [MD5.E6C31BCDFB65E2DB98AD082E5DABD164] - 10/08/2022 - (.Microsoft Corporation - Software Licensing Library.) – C:\WINDOWS\System32\sppcomapi.dll [316416] [Unsigned] =>.Microsoft Corporation
            [MD5.C34BA7E91B599463DA4E7B6FA5207BE7] - 10/08/2022 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\System32\dnsapi.dll [821272] =>.Microsoft®
            [MD5.1849E5C84B6EB6EB56EEB842D8CD467E] - 10/08/2022 - (.Microsoft Corporation - DNS Client API DLL.) – C:\WINDOWS\Syswow64\dnsapi.dll [583144] =>.Microsoft®
            [MD5.BA569B43EEFFB0BBB38AE2B82A2DD05B] - 15/09/2022 - (.Microsoft Corporation - Windows Update Agent.) – C:\WINDOWS\System32\wuaueng.dll [3405312] [Unsigned] =>.Microsoft Corporation
            [MD5.AADECAAEE10B5A45E75A9E4DACB49259] - 16/06/2022 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [651104] [Unsigned] =>.Microsoft Corporation
            [MD5.B2C716CEBC11930E3C1E38C3B6B9DDED] - 10/08/2022 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [31064] [Unsigned] =>.Microsoft Corporation
            [MD5.764FE2149251A246F6B047A0F09F5F0B] - 07/12/2019 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
            [MD5.054ABC6C64AE969D033B7876C04D52B4] - 13/10/2021 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
            [MD5.E3A2D15717A96F83723D6AA731B553CB] - 15/09/2022 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [152064] [Unsigned] =>.Microsoft Corporation
            [MD5.4F39254C6E087D4789D2C3EBD3C7F744] - 08/03/2022 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [134656] [Unsigned] =>.Microsoft Corporation
            [MD5.E4B36C6EAAAB703CBFECB92EE590FB31] - 07/12/2019 - (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
            [MD5.7DAAF580A2C442BF7542C5CD43205AE8] - 10/08/2022 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [230400] [Unsigned] =>.Microsoft Corporation
            [MD5.3D1E941BD603AE4BE39215E9F30C3DF3] - 10/08/2022 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [586592] [Unsigned] =>.Microsoft Corporation
            [MD5.49F7DE6F689C47B64A2C2D46CD98E327] - 19/02/2021 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [341504] [Unsigned] =>.Microsoft Corporation
            [MD5.893E5000EBDDF2C6C1EEF28238AC1029] - 15/09/2022 - (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2846552] [Unsigned] =>.Microsoft Corporation
            [MD5.138FDB1EBCB61287A645BD3B06DBED5E] - 07/12/2019 - (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\Parport.sys [109056] [Unsigned] =>.Microsoft Corporation
            [MD5.28CF6FF4491D57F4DD00682C157BAD40] - 14/07/2022 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [110080] [Unsigned] =>.Microsoft Corporation
            [MD5.64991B36F0BD38026F7589572C98E3D6] - 13/04/2021 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
            [MD5.2A8B28579A4964AA7EA8CEB1AC121243] - 15/09/2021 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [117584] [Unsigned] =>.Microsoft Corporation
            [MD5.988A7A685BB51BAC62F4E176BE5432AC] - 19/02/2021 - (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [429880] [Unsigned] =>.Microsoft Corporation
            
            —\ No disabled Windows Services (67) - 2s
            O23 - Service: C:\WINDOWS\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\WINDOWS\System32\AudioEndpointBuilder.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\WINDOWS\System32\Audiosrv.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\WINDOWS\System32\bfe.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) - C:\WINDOWS\System32\qmgr.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\WINDOWS\System32\psmsrv.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R) CDP User Components.) - C:\WINDOWS\System32\CDPUserSvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Connected Devices Platform User Service_90283 (CDPUserSvc_90283) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
            O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft®
            O23 - Service: C:\WINDOWS\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\WINDOWS\System32\cryptsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\das.dll (DeviceAssociationService) . (.Microsoft Corporation - Device Association Service.) - C:\WINDOWS\System32\das.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\diagtrack.dll (DiagTrack) . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) - C:\WINDOWS\System32\diagtrack.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktop Display Broker.) - C:\WINDOWS\System32\DispBroker.Desktop.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\WINDOWS\System32\dnsrslvr.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\dosvc.dll (DoSvc) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
            O23 - Service: C:\WINDOWS\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Data Usage Service.) - C:\WINDOWS\System32\dusmsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Microsoft Edge Update Service (edgeupdate) (edgeupdate) . (.Microsoft Corporation - Microsoft Edge Update.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe =>.Microsoft®
            O23 - Service: C:\WINDOWS\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Event Logging Service.) - C:\WINDOWS\System32\wevtsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows Font Cache Service.) - C:\WINDOWS\System32\FntCache.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Group Policy Client.) - C:\WINDOWS\System32\gpsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google LLC - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
            O23 - Service: C:\WINDOWS\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - IKE extension.) - C:\WINDOWS\System32\ikeext.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe {3BCEA6A75123B821E309D6399265C7BD}. =>.Intel(R) Corporation
            O23 - Service: C:\WINDOWS\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) - C:\WINDOWS\System32\iphlpsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            O23 - Service: C:\WINDOWS\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\WINDOWS\System32\srvsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\WINDOWS\System32\wkssvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe {0ADE8114D7679B066F2DB2DFD2F67AC2}. =>.Intel Corporation
            O23 - Service: C:\WINDOWS\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\WINDOWS\System32\lsm.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Downloaded Maps Manager.) - C:\WINDOWS\System32\moshost.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\WINDOWS\System32\mpssvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\WINDOWS\System32\nlasvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\WINDOWS\System32\nsisvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation®
            O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe =>.Nvidia Corporation®
            O23 - Service: C:\WINDOWS\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\WINDOWS\System32\APHostService.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Sync Host_90283 (OneSyncSvc_90283) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
            O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe {0751A21B29586708685BB12FFCC97D05}. =>.Electronic Arts
            O23 - Service: C:\WINDOWS\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\WINDOWS\System32\umpo.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\WINDOWS\System32\profsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Remote Access Connection Manager.) - C:\WINDOWS\System32\rasmans.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\WINDOWS\System32\RpcEpMap.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\WINDOWS\System32\rpcss.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.®
            O23 - Service: Realtek Bluetooth Device Manager Service (RtkBtManServ) . (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Appl.) - C:\Windows\RtkBtManServ.exe =>.Realtek Semiconductor Corp.®
            O23 - Service: C:\WINDOWS\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Task Scheduler Service.) - C:\WINDOWS\System32\schedsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\WINDOWS\System32\sens.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\SgrmBroker.exe,-100 (SgrmBroker) . (.Microsoft Corporation - System Guard Runtime Monitor Broker Service.) - C:\WINDOWS\System32\SgrmBroker.exe [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) - C:\Windows\System32\shsvcs.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spooler SubSystem App.) - C:\WINDOWS\System32\spoolsv.exe [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\WINDOWS\System32\sppsvc.exe [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Still Image Devices Service.) - C:\WINDOWS\System32\wiaservc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Storage Services.) - C:\WINDOWS\System32\storsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - SysMain Service Host.) - C:\WINDOWS\System32\sysmain.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\WINDOWS\System32\SystemEventsBrokerServer.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\WINDOWS\System32\themeservice.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\WINDOWS\System32\usermgr.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\usosvc.dll (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) - C:\WINDOWS\System32\usosvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\WINDOWS\System32\wcmsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe =>.Microsoft®
            O23 - Service: C:\WINDOWS\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\WINDOWS\System32\wbem\WMIsvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - Windows WLAN AutoConfig Service DLL.) - C:\WINDOWS\System32\wlansvc.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) - C:\WINDOWS\System32\WpnService.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: C:\WINDOWS\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Windows Push Notification User Service.) - C:\WINDOWS\System32\WpnUserService.dll [Unsigned] =>.Microsoft Corporation
            O23 - Service: Windows Push Notifications User Service_90283 (WpnUserService_90283) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe =>.Microsoft®
            O23 - Service: C:\WINDOWS\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\WINDOWS\System32\wscsvc.dll [Unsigned] =>.Microsoft Corporation
            
            —\ Services not Microsoft (SR=Run, SS=Stop) (106) - 6s
            SR - Boot [07/12/2019] [ 107320] (3ware) . (.LSI.) - C:\WINDOWS\System32\drivers\3ware.sys =>.Microsoft®
            SR - Demand [23/09/2022] [ 1868832] ACE-BASE (ACE-BASE) . (.ANTICHEATEXPERT.COM.) - C:\WINDOWS\system32\drivers\ACE-BASE.sys {0F316A214F60D59DC921AEB9685136CC}.
            SR - Demand [23/09/2022] [ 772656] ACE-GAME (ACE-GAME) . (.ANTICHEATEXPERT.COM.) - C:\WINDOWS\system32\drivers\ACE-GAME.sys {0F316A214F60D59DC921AEB9685136CC}.
            SS - Demand [09/06/2020] [ 335416] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Inc.®
            SR - Boot [07/12/2019] [ 1135416] (ADP80XX) . (.PMC-Sierra.) - C:\WINDOWS\System32\drivers\ADP80XX.SYS =>.Microsoft®
            SR - Demand [07/12/2019] [ 18432] AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio2.sys [Unsigned] =>.Advanced Micro Devices, Inc
            SR - Demand [07/12/2019] [ 45568] AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdi2c.sys [Unsigned] =>.Advanced Micro Devices, Inc
            SR - Boot [07/12/2019] [ 83256] (amdsata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdsata.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 259384] (amdsbs) . (.AMD Technologies Inc..) - C:\WINDOWS\System32\drivers\amdsbs.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 26936] (amdxata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdxata.sys =>.Microsoft®
            SS - Demand [17/07/2022] [ 2700648] AntiCheatExpert Service (AntiCheatExpert Service) . (.© AntiCheatExpert.com Limited. All Rights Reserved..) - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe {0F316A214F60D59DC921AEB9685136CC}.
            SR - Boot [07/12/2019] [ 131896] Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\WINDOWS\System32\drivers\arcsas.sys =>.Microsoft®
            SR - Demand [24/08/2021] [ 53904] avast! SecureLine TAP Adapte (aswTap) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\aswTap.sys =>.AVAST Software s.r.o.®
            SR - Auto [09/11/2021] [ 208176] avgntflt (avgntflt) . (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avgntflt.sys =>.Avira Operations GmbH & Co. KG®
            SR - System [09/11/2021] [ 197176] avipbb (avipbb) . (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys =>.Avira Operations GmbH & Co. KG®
            SR - System [09/11/2021] [ 46704] avkmgr (avkmgr) . (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avkmgr.sys =>.Avira Operations GmbH & Co. KG®
            SR - Boot [07/12/2019] [ 533816] QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\bxvbda.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 9728] bcmfn2 Service (bcmfn2) . (…) - C:\WINDOWS\System32\drivers\bcmfn2.sys [Unsigned] =>.Broadcom Corporation
            SS - Demand [09/06/2021] [ 8901968] BattlEye Service (BEService) . (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
            SR - Boot [07/12/2019] [ 319800] (cht4iscsi) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4sx64.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 1853752] Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4vx64.sys =>.Microsoft®
            SR - System [01/06/2020] [ 140280] dokan1 (dokan1) . (.Dokan Project.) - C:\WINDOWS\System32\DRIVERS\dokan1.sys {05B9E5C73998821D2E591A368995B191}. =>.Dokan Project
            SR - Demand [24/04/2020] [ 599928] Intel(R) PRO/1000 (e1dexpress) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_f6c146a8872514f7\e1d68x64.sys =>.Intel(R) INTELND1820®
            SS - Demand [27/02/2022] [ 584680] Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) . (.Epic Games, Inc..) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe =>.EasyAntiCheat Oy®
            SR - Boot [07/12/2019] [ 3418936] QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\evbda.sys =>.Microsoft®
            SS - Demand [11/07/2022] [ 934352] Epic Online Services (EpicOnlineServices) . (.Epic Games, Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe =>.Epic Games Inc.®
            SS - Demand [07/09/2022] [ 401960] NVIDIA FrameView SDK service (FvSvc) . (.NVIDIA.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe =>.Nvidia Corporation®
            SS - Demand [05/10/2022] [ 1675544] Google Chrome Elevation Service (GoogleChromeElevationServi (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\elevation_service.exe =>.Google LLC®
            SR - Auto [05/07/2019] [ 154920] Google Update Service (gupdate) (gupdate) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
            SS - Demand [05/07/2019] [ 154920] Google Update Service (gupdatem) (gupdatem) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
            SR - Boot [07/12/2019] [ 64312] (HpSAMD) . (.Hewlett-Packard Company.) - C:\WINDOWS\System32\drivers\HpSAMD.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 36352] Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iagpio.sys [Unsigned] =>.Intel(R) Corporation
            SR - Demand [07/12/2019] [ 91136] Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iai2c.sys [Unsigned] =>.Intel(R) Corporation
            SR - Demand [07/12/2019] [ 79360] Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 93184] In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 112128] Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 96256] Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 171520] Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 175104] Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 177152] Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 177664] Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned] =>.Intel Corporation
            SR - Demand [07/12/2019] [ 38128] Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys =>.Intel Corporation - Client Components Group®
            SR - Demand [07/12/2019] [ 113152] Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [Unsigned] =>.Intel Corporation
            SR - Boot [07/12/2019] [ 884752] Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorAVC.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 412176] Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorV.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 558904] Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ibbus.sys =>.Microsoft®
            SR - Demand [10/07/2020] [ 230176] Intel(R) Wireless Bluetooth (ibtusb) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4d9e3f3539995c76\ibtusb.sys =>.Intel(R) Wireless Connectivity Solutions®
            SR - Demand [04/06/2018] [ 39504] Intel(R) Watchdog Timer Driver ( (ICCWDT) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\ICCWDT.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            SS - Demand [14/11/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [Unsigned] =>.Macrovision Corporation
            SR - Demand [12/09/2019] [ 6994520] Service for Realtek HD Audio (WDM) (IntcAzAudAddService) . (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.®
            SS - Demand [15/09/2021] [ 785240] Intel(R) Capability Lice (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe {3BCEA6A75123B821E309D6399265C7BD}. =>.Intel(R) Corporation
            SR - Auto [15/09/2021] [ 729944] Intel(R) TPM Provis (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe {3BCEA6A75123B821E309D6399265C7BD}. =>.Intel(R) Corporation
            SR - Boot [07/12/2019] [ 172344] (ItSas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\ItSas35i.sys =>.Microsoft®
            SR - Auto [16/06/2021] [ 628616] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            SR - Demand [30/04/2018] [ 47928] libusbK USB Driver 11/01/2021 - 3.1.0.0 (libusbK) . (.http://libusb-win32.sourceforge.net.) - C:\WINDOWS\System32\drivers\libusbK.sys =>.Travis Lee Robinson®
            SR - Auto [02/09/2021] [ 4064384] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe {0ADE8114D7679B066F2DB2DFD2F67AC2}. =>.Intel Corporation
            SR - Boot [07/12/2019] [ 108856] (LSI_SAS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 124216] (LSI_SAS2i) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 135992] (LSI_SAS3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 82744] (LSI_SSS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sss.sys =>.Microsoft®
            SR - Boot [31/08/2022] [ 21480] MbamElam (MbamElam) . (.Malwarebytes.) - C:\WINDOWS\System32\DRIVERS\MbamElam.sys =>.Microsoft®
            SS - Demand [31/08/2022] [ 8765464] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe =>.Malwarebytes Inc.®
            SR - Demand [04/10/2022] [ 239544] MBAMSwissArmy (MBAMSwissArmy) . (.Malwarebytes.) - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 59704] (megasas) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 81720] (megasas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\MegaSas2i.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 105480] (megasas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas35i.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 575800] (megasr) . (.LSI Corporation, Inc..) - C:\WINDOWS\System32\drivers\megasr.sys =>.Microsoft®
            SR - Demand [15/10/2020] [ 308656] Intel(R) Management Engine Interfa (MEIx64) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_6557ea4289534d04\x64\TeeDriverW10x64.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            SR - Demand [07/12/2019] [ 1131320] Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\mlx4_bus.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 63800] (mvumis) . (.Marvell Semiconductor, Inc..) - C:\WINDOWS\System32\drivers\mvumis.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 146232] NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ndfltr.sys =>.Microsoft®
            SR - Demand [18/09/2020] [ 8651624] ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit (Netwtw04) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\Netwtw04.sys =>.Intel®
            SR - Auto [01/03/2022] [ 1003128] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation®
            SR - Auto [23/09/2022] [ 1014784] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe =>.Nvidia Corporation®
            SR - Demand [23/09/2022] [ 129576] Service for NVIDIA High Definiti (NVHDA) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys =>.Nvidia Corporation®
            SR - Demand [23/09/2022] [43769336] (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvlddmkm.sys =>.Nvidia Corporation®
            SR - Demand [13/07/2022] [ 45656] NvModuleTracker (NvModuleTracker) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys =>.Nvidia Corporation®
            SR - Boot [07/12/2019] [ 150328] (nvraid) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvraid.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 166200] (nvstor) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstor.sys =>.Microsoft®
            SR - Demand [18/03/2019] [ 486184] NVIDIA Stereoscopic 3D USB driver (NvStUSB) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstusb.sys =>.NVIDIA Corporation®
            SR - Demand [15/07/2022] [ 59368] NVIDIA Virtual Au (nvvad_WaveExtensible) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys =>.Nvidia Corporation®
            SR - Demand [21/06/2021] [ 67464] NVVHCI Enumerator Service (nvvhci) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys =>.NVIDIA Corporation®
            SS - Demand [09/08/2022] [ 2579272] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe {0751A21B29586708685BB12FFCC97D05}. =>.Electronic Arts
            SR - Auto [09/08/2022] [ 3497808] Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe {0751A21B29586708685BB12FFCC97D05}. =>.Electronic Arts
            SR - Boot [07/12/2019] [ 58680] (percsas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas2i.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 68408] (percsas3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas3i.sys =>.Microsoft®
            SR - Boot [23/06/2022] [ 17864] (ProtectedELAM) . (.Microsoft.) - C:\WINDOWS\System32\drivers\protected_elam.sys =>.Microsoft®
            SR - Boot [29/05/2019] [ 19152] pwdrvio (pwdrvio) . (.MiniTool Solution Ltd.) - C:\WINDOWS\System32\pwdrvio.sys =>.MiniTool Solution Ltd®
            SR - Demand [29/05/2019] [ 12504] pwdspio (pwdspio) . (.MiniTool Solution Ltd.) - C:\Windows\system32\pwdspio.sys =>.MiniTool Solution Ltd®
            SS - Demand [25/11/2021] [ 2017072] Rockstar Game Library Service (Rockstar Service) . (.Rockstar Games.) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe =>.Rockstar Games, Inc.®
            SR - Auto [27/09/2021] [ 1361000] Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor.) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.®
            SR - Demand [01/04/2021] [ 795448] Realtek Bluetooth Filter Driver (RtkBtFilter) . (.Realtek Semiconductor Corporation.) - C:\WINDOWS\System32\drivers\RtkBtfilter.sys =>.Realtek Semiconductor Corp.®
            SR - Auto [01/04/2021] [ 735544] Realtek Bluetooth Device (RtkBtManServ) . (.Realtek Semiconductor Corp..) - C:\Windows\RtkBtManServ.exe =>.Realtek Semiconductor Corp.®
            SR - Boot [07/12/2019] [ 44856] (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\WINDOWS\System32\drivers\SiSRaid2.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 81720] (SiSRaid4) . (.Silicon Integrated Systems.) - C:\WINDOWS\System32\drivers\sisraid4.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 209720] (SmartSAMD) . (.Microsemi Corportation.) - C:\WINDOWS\System32\drivers\SmartSAMD.sys =>.Microsoft®
            SR - Demand [11/11/2020] [ 167280] SAMSUNG Mobile USB Modem Dr (ssudmdm) . (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys =>.Samsung Electronics Co., Ltd.®
            SS - Demand [27/09/2022] [ 2663784] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve Corp.®
            SR - Boot [07/12/2019] [ 31032] (stexstor) . (.Promise Technology, Inc..) - C:\WINDOWS\System32\drivers\stexstor.sys =>.Microsoft®
            SR - Demand [18/10/2019] [ 36168] TAP-Windows Adapter V9 (tap0901) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tap0901.sys =>.McAfee, Inc.®
            SR - Demand [03/12/2020] [ 707824] NVIDIA USB Type-C PPC S (UcmCxUcsiNvppc) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys =>.NVIDIA Corporation®
            SR - Boot [07/12/2019] [ 166712] (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\WINDOWS\System32\drivers\vsmraid.sys =>.Microsoft®
            SR - Boot [07/12/2019] [ 305464] VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\WINDOWS\System32\drivers\vstxraid.sys =>.Microsoft®
            SR - System [09/11/2021] [ 96264] webshieldfilter (webshieldfilter) . (.Microsoft.) - C:\WINDOWS\System32\drivers\webshieldfilter.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 36152] WinMad Service (WinMad) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winmad.sys =>.Microsoft®
            SR - Demand [07/12/2019] [ 73016] WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winverbs.sys =>.Microsoft®
            
            —\ Task Planned Automatically (Register) (32) - 4s
            O38 - TASK: {429D6965-94B3-4773-8B25-9E751F9FDCDF} [64Bits][\GoogleUpdateTaskMachineCore1d57d48e0e1996] - (.Google LLC - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920] =>.Google LLC
            O38 - TASK: {453049D4-92BF-464E-9A53-604EF7C327D8} [64Bits][\Adobe Flash Player Updater] - (.Adobe - Adobe® Flash® Player Update Service 32.0 r0.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416] =>.Adobe
            O38 - TASK: {45BF6774-BD06-45C8-98AB-B7783CF65336} [64Bits][\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336] =>.NVIDIA Corporation
            O38 - TASK: {4DF561F2-C353-4EB6-B967-689FA0F5942C} [64Bits][\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336] =>.NVIDIA Corporation
            O38 - TASK: {57C406CA-F622-47E2-8E4A-AF6B10D2AD95} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128] =>.NVIDIA Corporation
            O38 - TASK: {86F281AD-8751-4B46-ACC7-B45E97C13508} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328] =>.NVIDIA Corporation
            O38 - TASK: {8792C639-94C0-4C4D-BC9D-14B9BF9E10D6} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google LLC - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920] =>.Google LLC
            O38 - TASK: {D2502FE5-D3D1-4CB8-B6AE-78AAA488AC3B} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) – C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376] =>.NVIDIA Corporation
            O38 - TASK: {D2A5CE68-6AF4-40A7-BAA1-CB507D41D648} [64Bits][\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336] =>.NVIDIA Corporation
            O38 - TASK: {DD35A470-D9B6-485E-9568-49C2CB9BA2E8} [64Bits][\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336] =>.NVIDIA Corporation
            O38 - TASK: {E6FB9684-EB51-4D1E-8CDE-1D7AE7E37FD8} [64Bits][\Intel PTT EK Recertification] - (.Intel(R) Corporation - Intel(R)PTT EK Recertification Service.) – C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008] =>.Intel(R) Corporation
            O38 - TASK: {E94BF4D7-B29C-4DAA-B4C7-ACE62A28CFA1} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256] =>.NVIDIA Corporation
            O38 - TASK: {EBFAE3F5-44E7-49F6-A8E0-6A99F6B91C41} [64Bits][\MEGA\MEGAsync Update Task S-1-5-21-3795020384-2431542903-1114512080-1003] - (.MEGA Limited - .) – C:\Users\satch\AppData\Local\MEGAsync\MEGAupdater.exe [1776816] =>.MEGA Limited
            O38 - TASK: {F24249F4-E475-4C30-B841-3462B928358A} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328] =>.NVIDIA Corporation
            O38 - TASK: {F527426C-9F2B-43D5-80F2-EE98572EBA05} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google LLC - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920] =>.Google LLC
            O38 - TASK: {F6199833-EE37-4676-879D-FDD52AF35F45} [64Bits][\GoogleUpdateTaskMachineUA1d57d48e0f7839] - (.Google LLC - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920] =>.Google LLC
            C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d48e0e1996 - (.Google LLC.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google LLC
            C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater - (.Adobe.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe
            C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContain] =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google LLC.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua ./ua] =>.Google LLC
            C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification - (.Intel(R) Corporation.) – C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe =>.Intel(R) Corporation
            C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [–launcher=TaskScheduler] =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3795020384-2431542903-1114512080-1003 - (.MEGA Limited.) – C:\Users\satch\AppData\Local\MEGAsync\MEGAupdater.exe =>.MEGA Limited
            C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation
            C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google LLC.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google LLC
            C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d48e0f7839 - (.Google LLC.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua ./ua] =>.Google LLC
            
            —\ Auto loading programs from Registry and folders (16) - 1s
            O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) – C:\WINDOWS\system32\SecurityHealthSystray.exe [Unsigned] =>.Microsoft Corporation
            O4 - HKLM..\Run: [RtkAudUService] . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.®
            O4 - HKCU..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Program Files\Microsoft OneDrive\OneDrive.exe =>.Microsoft®
            O4 - HKCU..\Run: [Steam] . (.Valve Corporation - Steam.) – C:\Program Files (x86)\Steam\steam.exe =>.Valve Corp.®
            O4 - HKCU..\Run: [EpicGamesLauncher] . (.Epic Games, Inc. - EpicGamesLauncher.) – C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe =>.Epic Games Inc.®
            O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD] . (…) – . [Unsigned]
            O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
            O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
            O4 - HKLM..\Wow6432Node\Run: [amd_dc_opt] . (.AMD - AMD Dual-Core Optimizer.) – C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [Unsigned] =>.AMD
            O4 - HKLM..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
            O4 - HKUS\S-1-5-19..\StartupApproved\Run: [OneDriveSetup] . (. - .) – 0x020000000000000000000000 =>.SUP.Orphan
            O4 - HKUS\S-1-5-20..\StartupApproved\Run: [OneDriveSetup] . (. - .) – 0x020000000000000000000000 =>.SUP.Orphan
            O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Program Files\Microsoft OneDrive\OneDrive.exe =>.Microsoft®
            O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003..\Run: [Steam] . (.Valve Corporation - Steam.) – C:\Program Files (x86)\Steam\steam.exe =>.Valve Corp.®
            O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003..\Run: [EpicGamesLauncher] . (.Epic Games, Inc. - EpicGamesLauncher.) – C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe =>.Epic Games Inc.®
            O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003..\Run: [MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD] . (…) – . [Unsigned]
            
            —\ Process running (40) - 4s
            [MD5.3CC6ECEB4EE0C8DB89269FB7735C4DDD] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe [1014784] [PID.2220] =>.Nvidia Corporation®
            [MD5.3CC6ECEB4EE0C8DB89269FB7735C4DDD] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe [1014784] [PID.3008] =>.Nvidia Corporation®
            [MD5.C81140F89105F1911C87CCC8D5F8116B] - (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Appl.) – C:\Windows\RtkBtManServ.exe [735544] [PID.4348] =>.Realtek Semiconductor Corp.®
            [MD5.45E63493AA5450B19C91ECCCF46859A6] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128] [PID.4356] =>.Nvidia Corporation®
            [MD5.885425C76F3062A6BD2F78AB7B35D71A] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000] [PID.4364] =>.Realtek Semiconductor Corp.®
            [MD5.D70F69E18869625F9D1E58CD34CCB3A7] - (.Electronic Arts - OriginWebHelperService.) – C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808] [PID.4632] {0751A21B29586708685BB12FFCC97D05}. =>.Electronic Arts
            [MD5.B51AE7EE399283B472F9D861FD3B99A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) – C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [628616] [PID.4836] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            [MD5.45E63493AA5450B19C91ECCCF46859A6] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128] [PID.6220] =>.Nvidia Corporation®
            [MD5.F7338EA60FA504628BAC104BDEE8105E] - (.Node.js - NVIDIA Web Helper Service.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [29446696] [PID.7692] =>.Nvidia Corporation®
            [MD5.5CDDF06A40E89358807A2B9506F064D9] - (…) – C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [793416] [PID.2276] =>.Microsoft®
            [MD5.381C22092074255A291F4C9946A5C28F] - (.Google LLC - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe [309720] [PID.9412] =>.Google LLC®
            [MD5.F1DE10A8B9909A4AF635112C8866D534] - (.Google LLC - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe [408536] [PID.9432] =>.Google LLC®
            [MD5.885425C76F3062A6BD2F78AB7B35D71A] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) – C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000] [PID.6424] =>.Realtek Semiconductor Corp.®
            [MD5.0AC601FA0A439831BC879D401DE54D1B] - (.Valve Corporation - Steam.) – C:\Program Files (x86)\Steam\steam.exe [4235112] [PID.11376] =>.Valve Corp.®
            [MD5.9E74A33DFFCFB6B492FAF5D72D3225D8] - (.Epic Games, Inc. - EpicGamesLauncher.) – C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080] [PID.11428] =>.Epic Games Inc.®
            [MD5.08DC03BE5C28DDA3839A6BC4696EFECF] - (.Mega Limited - MEGAsync.) – C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe [61203632] [PID.11820] =>.Mega Limited®
            [MD5.F137632705A22B84FB980E4C2A6A4963] - (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328] [PID.11888] =>.Oracle America, Inc.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.4408] =>.Valve Corp.®
            [MD5.FFCEC9459D97BB1CC8BE0EC198FE4B41] - (.Epic Games, Inc. - EpicWebHelper.) – C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [3614160] [PID.11800] =>.Epic Games Inc.®
            [MD5.21F5FE3A96BC977E4D598A8DE8A6C888] - (.Valve Corporation - Steam Client Service.) – C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2663784] [PID.11692] =>.Valve Corp.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.6568] =>.Valve Corp.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.4500] =>.Valve Corp.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.12512] =>.Valve Corp.®
            [MD5.FFCEC9459D97BB1CC8BE0EC198FE4B41] - (.Epic Games, Inc. - EpicWebHelper.) – C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [3614160] [PID.13308] =>.Epic Games Inc.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.13164] =>.Valve Corp.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.13156] =>.Valve Corp.®
            [MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.6412] =>.Valve Corp.®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.13060] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.8708] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.12144] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.12260] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.6956] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.10700] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.13508] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.14200] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.13356] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.2264] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.11992] =>.Google LLC®
            [MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.9844] =>.Google LLC®
            [MD5.B026CE833592C42C8839BD784EA92463] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\satch\Downloads\ZHPDiag3.exe [3310792] [PID.3520] [Unsigned] =>.Nicolas Coolman
            
            —\ Google Chrome, Start,Search,Extensions (5) - 0s
            G2 - GCE: Preference [satch][User Data\Default\Extensions] [eofcbnmajmjmplflapaojjnihcjkigck] Avast =>.Avast Software s.r.o
            G2 - GCE: Preference [satch][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
            G2 - GCE: Preference [satch][User Data\Default\Extensions] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security & Privacy =>.Avast Software s.r.o
            G2 - GCE: Preference [satch][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
            G2 - GCE: Preference [satch][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
            
            —\ Internet Explorer Extensions, Start, Search (16) - 0s
            R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.Google Inc.
            R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
            R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://oem17win10.msn.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
            R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
            R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.19041.1806 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
            
            —\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
            ~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
            
            —\ Microsoft Edge,Plugins,Start,Search,Extensions (1) - 0s
            E2 - GCE: Preference [satch][User Data\Default\Local Extension Settings] [jdiccldimpdaibmpdkjnbmckianbfold] =>.Microsoft Corporation
            
            —\ Internet Explorer, Proxy Management (3) - 0s
            R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
            R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
            R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies =>.Microsoft
            
            —\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
            F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
            F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
            F2 - REG:system.ini: VMApplet=
            
            —\ Hosts file redirection (1) - 0s
            ~ Le fichier hôte est sain (The hosts file is clean) (21)
            
            —\ Browser Helper Object (BHO) (1) - 0s
            O2 - BHO: IEToEdge BHO [64Bits] - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} . (.Microsoft Corporation - IEToEdge BHO.) – C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.34\BHO\ie_to_edge_bho_64.dll =>.Microsoft®
            
            —\ Global shortcuts Startup (75) - 5s
            O4 - GS\Desktop [Administrator]: Documents.lnk . (…) C:\Users\satch\OneDrive\Documents [Unsigned]
            O4 - GS\Desktop [Administrator]: Downloads.lnk . (…) C:\Users\satch\Downloads [Unsigned]
            O4 - GS\Desktop [Administrator]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Desktop [Administrator]: Game saves and files.lnk . (…) C:\Users\satch\AppData [Unsigned]
            O4 - GS\Desktop [Administrator]: jwe.lnk . (…) C:\Program Files (x86)\Steam\userdata\70653771\760\remote\1244460\screenshots [Unsigned]
            O4 - GS\Desktop [Administrator]: Steam Games.lnk . (…) C:\Program Files (x86)\Steam\steamapps\common [Unsigned] =>.Steam Games
            O4 - GS\Desktop [Administrator]: USB Drive (E) - Shortcut.lnk . (…) E:\ [Unsigned]
            O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner.exe [Unsigned] =>.Nicolas Coolman
            O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
            O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
            O4 - GS\Quicklaunch [Administrator]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
            O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
            O4 - GS\Startup [Administrator]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
            O4 - GS\Programs [Administrator]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
            O4 - GS\Programs [Administrator]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Programs [Administrator]: uTorrent Web.lnk . (…) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe [Unsigned]
            O4 - GS\Desktop [Guest]: Documents.lnk . (…) C:\Users\satch\OneDrive\Documents [Unsigned]
            O4 - GS\Desktop [Guest]: Downloads.lnk . (…) C:\Users\satch\Downloads [Unsigned]
            O4 - GS\Desktop [Guest]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Desktop [Guest]: Game saves and files.lnk . (…) C:\Users\satch\AppData [Unsigned]
            O4 - GS\Desktop [Guest]: jwe.lnk . (…) C:\Program Files (x86)\Steam\userdata\70653771\760\remote\1244460\screenshots [Unsigned]
            O4 - GS\Desktop [Guest]: Steam Games.lnk . (…) C:\Program Files (x86)\Steam\steamapps\common [Unsigned] =>.Steam Games
            O4 - GS\Desktop [Guest]: USB Drive (E) - Shortcut.lnk . (…) E:\ [Unsigned]
            O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner.exe [Unsigned] =>.Nicolas Coolman
            O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
            O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
            O4 - GS\Quicklaunch [Guest]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
            O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
            O4 - GS\Startup [Guest]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
            O4 - GS\Programs [Guest]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
            O4 - GS\Programs [Guest]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Programs [Guest]: uTorrent Web.lnk . (…) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe [Unsigned]
            O4 - GS\Desktop [satch]: Documents.lnk . (…) C:\Users\satch\OneDrive\Documents [Unsigned]
            O4 - GS\Desktop [satch]: Downloads.lnk . (…) C:\Users\satch\Downloads [Unsigned]
            O4 - GS\Desktop [satch]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Desktop [satch]: Game saves and files.lnk . (…) C:\Users\satch\AppData [Unsigned]
            O4 - GS\Desktop [satch]: jwe.lnk . (…) C:\Program Files (x86)\Steam\userdata\70653771\760\remote\1244460\screenshots [Unsigned]
            O4 - GS\Desktop [satch]: Steam Games.lnk . (…) C:\Program Files (x86)\Steam\steamapps\common [Unsigned] =>.Steam Games
            O4 - GS\Desktop [satch]: USB Drive (E) - Shortcut.lnk . (…) E:\ [Unsigned]
            O4 - GS\Desktop [satch]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner.exe [Unsigned] =>.Nicolas Coolman
            O4 - GS\Desktop [satch]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
            O4 - GS\Quicklaunch [satch]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
            O4 - GS\Quicklaunch [satch]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
            O4 - GS\sendTo [satch]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\sendTo [satch]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
            O4 - GS\Startup [satch]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
            O4 - GS\Programs [satch]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
            O4 - GS\Programs [satch]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Programs [satch]: uTorrent Web.lnk . (…) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe [Unsigned]
            O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - .) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [Unsigned] =>.NVIDIA Corporation
            O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe [Unsigned] =>.Malwarebytes
            O4 - GS\Programs [Public]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
            O4 - GS\Programs [Public]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.®
            O4 - GS\Programs [Public]: uTorrent Web.lnk . (…) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe [Unsigned]
            O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft®
            O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 [Unsigned] =>.Microsoft Corporation
            O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\ProgramsCommon [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncherProxy.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe =>.Epic Games Inc.®
            O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
            O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\ProgramsCommon [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe [Unsigned] =>.Malwarebytes
            O4 - GS\ProgramsCommon [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
            O4 - GS\ProgramsCommon [Public]: OneDrive.lnk . (.Microsoft Corporation - Keep your most important files.) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [Unsigned] =>.Microsoft Corporation
            O4 - GS\ProgramsCommon [Public]: PC Health Check.lnk . (…) C:\Program Files (x86)\PCHealthCheck\PCHealthCheck.exe [Unsigned] =>.Microsoft Corporation
            
            —\ Lop.com/Domain Hijackers (3) - 0s
            O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.62 209.18.47.61 =>.USA Rochester Time Warner Cable Internet LlC
            O17 - HKLM\System\CCS\Services\Tcpip..{40366314-3e71-403a-b06c-66834be56760}: DhcpNameServer = 10.0.1.1 10.0.1.3 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP
            O17 - HKLM\System\CCS\Services\Tcpip..{b0f5eb1c-46cb-427d-a445-cd5b51dfb206}: DhcpNameServer = 209.18.47.62 209.18.47.61 =>.USA Rochester Time Warner Cable Internet LlC
            
            —\ Extra protocols (22) - 0s
            O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
            O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
            O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
            O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
            O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
            
            —\ AppInit_DLLs Registry value Autorun (1) - 0s
            O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
            
            —\ List of key exploring StartupApproved (26) - 0s
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDriveSetup =>.Microsoft Corporation
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive =>.Microsoft Corporation
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Steam =>.Valve
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Discord =>.SUP.Discord
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:DAEMON Tools Lite Automount =>.Disc Soft Ltd
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:EpicGamesLauncher =>.Epic Games
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:utweb
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD
            [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MEGAsync.lnk =>.MegaSystems
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDriveSetup =>.Microsoft Corporation
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive =>.Microsoft Corporation
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Steam =>.Valve
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Discord =>.SUP.Discord
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:DAEMON Tools Lite Automount =>.Disc Soft Ltd
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:EpicGamesLauncher =>.Epic Games
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:utweb
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD
            [HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MEGAsync.lnk =>.MegaSystems
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SecurityHealth =>.Microsoft Corporation
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AvastUI.exe =>.Avast Software s.r.o
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RtkAudUService =>.Realtek Semiconductor Corp.
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RTHDVCPL =>.Realtek Semiconductor Corp.
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:SunJavaUpdateSched =>.Oracle
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:amd_dc_opt
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:McAfee Security Scan Plus.lnk =>.McAfee Inc.
            [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Avast SecureLine VPN.lnk
            
            —\ ASIC (ActiveSetup Installed Components) (7) - 1s
            O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
            O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll [Unsigned] =>.Microsoft Corporation
            O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
            O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe [Unsigned] =>.Microsoft Corporation
            O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft®
            O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) – C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe =>.Google LLC®
            O40 - ASIC: Microsoft Edge [64Bits] - {9459C573-B17A-45AE-9F64-1857B5D58CEE} . (.Microsoft Corporation - Microsoft Edge Installer.) – C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.34\Installer\setup.exe =>.Microsoft®
            
            —\ Software installed (141) - 19s
            O42 - Logiciel: Alderon Games Launcher 1.1.71 - (.Alderon Games Pty Ltd.) [HKCU][64Bits] – d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71 {03AE8F49A5CF5213A20ED85DA16310B9}.
            O42 - Logiciel: Chimeraland - (.Pixel soft.) [HKLM][64Bits] – Steam App 1913730 =>.Valve Corp.®
            O42 - Logiciel: Core Temp 1.17.1 - (.ALCPU.) [HKLM][64Bits] – {086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1 [Unsigned] =>.Alcpu
            O42 - Logiciel: Dokan Library 1.4.0.1000 (x64) - (.Dokany Project.) [HKLM][64Bits] – {65A3A964-3DC3-0104-0000-200601191219} [Unsigned] =>.Dokany Project (Hidden)
            O42 - Logiciel: Dokan Library 1.4.0.1000 Bundle - (.Dokany Project.) [HKLM][64Bits] – {97cfdb6c-2faa-43ba-afbc-469e01845e99} {05B9E5C73998821D2E591A368995B191}. =>.Dokany Project
            O42 - Logiciel: Dual-Core Optimizer - (.AMD.) [HKLM][64Bits] – {9FD6F1A8-5550-46AF-8509-271DF0E768B5} [Unsigned] =>.AMD
            O42 - Logiciel: Eclipse Temurin JDK with Hotspot 17+35 (x64) - (.Eclipse Foundation.) [HKLM][64Bits] – {D669C4CD-053E-4C32-853C-9FC53FA35FED} [Unsigned] =>.Eclipse Foundation
            O42 - Logiciel: Epic Games Launcher - (.Epic Games, Inc..) [HKLM][64Bits] – {1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6} [Unsigned] =>.Epic Games, Inc.
            O42 - Logiciel: Epic Online Services - (.Epic Games, Inc..) [HKLM][64Bits] – {19695986-25CE-41AC-9C6F-54794653EDBA} [Unsigned] =>.Epic Games, Inc.
            O42 - Logiciel: Force of Nature 2 - (.A.Y.std.) [HKLM][64Bits] – Steam App 1316230 =>.Valve Corp.®
            O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] – Google Chrome =>.Google LLC®
            O42 - Logiciel: Guild Wars 2 - (.ArenaNet®.) [HKLM][64Bits] – Steam App 1284210 =>.Valve Corp.®
            O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] – {C844CC39-BC28-46CA-8239-3F37D8FE2A59} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] – {55d73ea7-6354-42db-8831-02d048ae57f8} =>.Intel(R) Software and Firmware Products® (Hidden)
            O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {A6D99F91-2039-4560-A476-1E8B954E0C70} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {BF1D4FDD-6613-4F36-AE24-EDE3D7E30CF4} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Intel(R) Management Engine Driver - (.Intel Corporation.) [HKLM][64Bits] – {50DC6FA9-9221-495B-B9BF-EF39D7BC4FDE} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Intel(R) Trusted Connect Service Client x64 - (.Intel Corporation.) [HKLM][64Bits] – {C9552825-7BF2-4344-BA91-D3CD46F4C442} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Intel(R) Trusted Connect Service Client x86 - (.Intel Corporation.) [HKLM][64Bits] – {C9552825-7BF2-4344-BA91-D3CD46F4C441} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Intel(R) Trusted Connect Services Client - (.Intel Corporation.) [HKLM][64Bits] – {66129f84-d3f0-4884-ac54-369ae6fc2cf6} =>.Intel(R) Trust Services® (Hidden)
            O42 - Logiciel: Java 8 Update 341 - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F32180341F0} [Unsigned] =>.Oracle Corporation
            O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} [Unsigned] =>.Oracle Corporation (Hidden)
            O42 - Logiciel: Jurassic World Evolution 2 - (.Frontier Developments.) [HKLM][64Bits] – Steam App 1244460 =>.Valve Corp.®
            O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {c6c5a357-c7ca-4a5f-9789-3bb1af579253} =>.Epic Games Inc.® (Hidden)
            O42 - Logiciel: LEGO® MARVEL Super Heroes 2 - (.TT Games.) [HKLM][64Bits] – Steam App 647830 =>.Valve Corp.®
            O42 - Logiciel: LEGO® Star Wars™: The Skywalker Saga - (.TT Games.) [HKLM][64Bits] – Steam App 920210 =>.Valve Corp.®
            O42 - Logiciel: Let’s Build a Zoo - (.Springloaded.) [HKLM][64Bits] – Steam App 1547890 =>.Valve Corp.®
            O42 - Logiciel: Malwarebytes version 4.5.14.210 - (.Malwarebytes.) [HKLM][64Bits] – {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes Inc.®
            O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM][64Bits] – MEGAsync =>.Mega Limited®
            O42 - Logiciel: Microsoft .NET Core Host - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {D375EE6D-18EF-4EC9-8260-555DEB0EE4EC} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {907E0A78-B4DF-4E35-9878-FEE2F22B6852} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft .NET Core Runtime - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {912B84A5-61CC-4308-B244-5C34C2C02899} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Edge - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Edge =>.Microsoft®
            O42 - Logiciel: Microsoft Edge Update - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Edge Update [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Edge WebView2 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft EdgeWebView =>.Microsoft®
            O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKLM][64Bits] – OneDriveSetup.exe =>.Microsoft®
            O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] – {7B1FCD52-8F6B-4F12-A143-361EA39F5E7C} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft VC++ redistributables repacked. - (.Intel Corporation.) [HKLM][64Bits] – {484EF395-8BDF-417B-AF02-35777C5AFC32} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Microsoft VC++ redistributables repacked. - (.Intel Corporation.) [HKLM][64Bits] – {C79060C7-3052-431F-92F9-609B83317A77} [Unsigned] =>.Intel Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] – {8220EEFE-38CD-377E-8595-13398D740ACE} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] – {9A25302D-30C0-39D9-BD6F-21E6EC160475} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {9BE518E6-ECC6-35A9-88E4-87755C07200F} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {1D8E6291-B0D5-35EC-8441-6616F567A0F7} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} =>.Microsoft®
            O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft®
            O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {37B8F9C7-03FB-3253-8781-2517C99D7C00} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {B175520C-86A2-35A7-8619-86DC379688B9} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {050d4fc8-5d48-4b8f-8972-47c82c46020f} =>.Microsoft®
            O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {f65db027-aff3-4070-886a-0d87064aabb1} =>.Microsoft®
            O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {929FBD26-9020-399B-9A7A-751D61F0B942} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] – {b2d0f752-adc5-496e-8f70-8669de01f746} =>.Microsoft®
            O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {57a73df6-4ba9-4c1d-bbbb-517289ff6c13} =>.Microsoft®
            O42 - Logiciel: Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] – {14C49FC8-3E9B-4F29-8526-26629B5CF30B} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] – {0D01A812-82A1-481F-8546-8E28E976F8DF} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {6DB765A8-05AF-49A1-A71D-6F645EE3CE41} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {662A0088-6FCD-45DD-9EA7-68674058AED5} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {3e04c2ef-ccc7-4fe6-a32f-f36572af0f42} =>.Microsoft®
            O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {F3871724-6A58-425C-8E4C-4A54935AA68F} [Unsigned] =>.Microsoft Corporation (Hidden)
            O42 - Logiciel: Minecraft Launcher - (.Mojang.) [HKLM][64Bits] – {911FBC64-4C64-4B8F-A637-B34832638C86} [Unsigned] =>.Mojang
            O42 - Logiciel: MONSTER HUNTER RISE - (.CAPCOM Co., Ltd..) [HKLM][64Bits] – Steam App 1446780 =>.Valve Corp.®
            O42 - Logiciel: Monster Hunter Stories 2: Wings of Ruin - (.CAPCOM Co., Ltd..) [HKLM][64Bits] – Steam App 1277400 =>.Valve Corp.®
            O42 - Logiciel: Monster Sanctuary - (.moi rai games.) [HKLM][64Bits] – Steam App 814370 =>.Valve Corp.®
            O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA FrameView SDK 1.3.8107.31782123 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk [Unsigned] =>.NVIDIA Corporation
            O42 - Logiciel: NVIDIA GeForce Experience 3.26.0.131 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience [Unsigned] =>.NVIDIA Corporation
            O42 - Logiciel: NVIDIA GPX Common OSS binaries (POCO, OpenSSL, libprotobuf) - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GpxCommon.Oss [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Graphics Driver 517.48 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned] =>.NVIDIA Corporation
            O42 - Logiciel: NVIDIA HD Audio Driver 1.3.39.14 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver [Unsigned] =>.NVIDIA Corporation
            O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA NVAPI Monitor plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA NvModuleTracker - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Optimus Update 39.4.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA PhysX System Software 9.21.0713 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned] =>.NVIDIA Corporation
            O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA ShadowPlay 3.26.0.131 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Update 39.4.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA USBC Driver 1.46.831.832 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC [Unsigned] =>.NVIDIA Corporation
            O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Virtual Audio 4.45.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog [Unsigned] =>.NVIDIA Corporation (Hidden)
            O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] – OpenAL =>.Creative Labs Inc®
            O42 - Logiciel: OpenIV - (..black/OpenIV Team.) [HKCU][64Bits] – OpenIV [Unsigned] =>..black/OpenIV Team
            O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] – Origin {0751A21B29586708685BB12FFCC97D05}. =>.Electronic Arts, Inc.
            O42 - Logiciel: Paradox Launcher v2 - (.Paradox Interactive.) [HKLM][64Bits] – {F0072197-FCF6-41BF-9D38-832B145922DC} [Unsigned] =>.Paradox Interactive
            O42 - Logiciel: Pathfinder: Wrath of the Righteous - (.Owlcat Games.) [HKLM][64Bits] – Steam App 1184370 =>.Valve Corp.®
            O42 - Logiciel: Python 3.8.7 (64-bit) - (.Python Software Foundation.) [HKCU][64Bits] – {a32da68d-eab0-48d8-947e-8187f9630441} =>.Python Software Foundation®
            O42 - Logiciel: Python 3.8.7 Core Interpreter (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {103C9234-4C33-47A7-BA73-0182EFAEE1AE} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Development Libraries (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {2B5CFC34-DF9D-46E1-B74A-A4D756AA27B8} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Documentation (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {AB51D764-256F-4FFC-9F00-FD97EE8D4AE4} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Executables (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {E9451150-5D78-4B5B-A7F7-2C1DE01EAA87} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 pip Bootstrap (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {408439E9-1A19-4C26-B5DD-EE7C39ADF749} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Standard Library (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {4FAEBB7B-E3A6-4E85-8D3C-8DD3C53C7A4E} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Tcl/Tk Support (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {4D4E250E-7002-4B30-ADCD-4FCEBBCC015B} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Test Suite (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {4D1D56DE-8FA6-4309-941F-F4B41BA36AA1} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python 3.8.7 Utility Scripts (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] – {555B15D5-5D22-4AD4-AD91-D2D8085D198F} [Unsigned] =>.Python Software Foundation (Hidden)
            O42 - Logiciel: Python Launcher - (.Python Software Foundation.) [HKLM][64Bits] – {978F3F47-FE6A-4CA8-B412-2A48C0DB05AE} [Unsigned] =>.Python Software Foundation
            O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.®
            O42 - Logiciel: Rockstar Games Launcher - (.Rockstar Games.) [HKLM][64Bits] – Rockstar Games Launcher =>.Rockstar Games, Inc.®
            O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] – Rockstar Games Social Club =>.Rockstar Games, Inc.®
            O42 - Logiciel: Saints Row IV - (.Deep Silver Volition.) [HKLM][64Bits] – Steam App 206420 =>.Valve Corp.®
            O42 - Logiciel: South Park The Fractured But Whole - (.Ubisoft San Francisco.) [HKLM][64Bits] – Steam App 488790 =>.Valve Corp.®
            O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] – Steam =>.Valve®
            O42 - Logiciel: Subnautica - (.Unknown Worlds Entertainment.) [HKLM][64Bits] – Steam App 264710 =>.Valve Corp.®
            O42 - Logiciel: Tales of Arise - (.Bandai Namco Studios Inc..) [HKLM][64Bits] – Steam App 740130 =>.Valve Corp.®
            O42 - Logiciel: Teenage Mutant Ninja Turtles: Shredder’s Revenge - (.Tribute Games Inc..) [HKLM][64Bits] – Steam App 1361510 =>.Valve Corp.®
            O42 - Logiciel: The Elder Scrolls Online - (.Zenimax Online Studios.) [HKLM][64Bits] – The Elder Scrolls Online [Unsigned] =>.Zenimax Online Studios
            O42 - Logiciel: The Elder Scrolls V: Skyrim Special Edition - (.Bethesda Game Studios.) [HKLM][64Bits] – Steam App 489830 =>.Valve Corp.®
            O42 - Logiciel: The Sims™ 4 - (.Electronic Arts, Inc..) [HKLM][64Bits] – {48EBEBBF-B9F8-4520-A3CF-89A730721917} [Unsigned] =>.Electronic Arts, Inc.
            O42 - Logiciel: The Sims™ 4 - (.Maxis.) [HKLM][64Bits] – Steam App 1222670 =>.Valve Corp.®
            O42 - Logiciel: Ubisoft Connect - (.Ubisoft.) [HKLM][64Bits] – Uplay =>.Ubisoft Entertainment Sweden AB®
            O42 - Logiciel: UE Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {284a69a5-9805-4ad5-98ac-173e9f776e0f} =>.Epic Games Inc.® (Hidden)
            O42 - Logiciel: UE Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {7916CFE9-D85D-4E68-891E-D5A3C887B73A} [Unsigned] =>.Epic Games, Inc. (Hidden)
            O42 - Logiciel: Vortex - (.Black Tree Gaming Ltd..) [HKLM][64Bits] – 57979c68-f490-55b8-8fed-8b017a5af2fe {00C079D009476C5C4C}.
            O42 - Logiciel: Windows Driver Package - libusbK Nintendo Switch (APX mode) (04/27/2014 3.0 - (.libusbK.) [HKLM][64Bits] – C474C3AC0A427B4CF35173FC250E5E8C9C284DE1 =>.Microsoft Windows®
            O42 - Logiciel: Windows Driver Package - libusbK Nintendo Switch (Homebrew mode) (04/27/201 - (.libusbK.) [HKLM][64Bits] – 6D6BF0768F9873437C984F0DC0E4C569A45227BF =>.Microsoft Windows®
            O42 - Logiciel: Windows Driver Package - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7 - (.libusbK.) [HKLM][64Bits] – 5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB =>.Microsoft Windows®
            O42 - Logiciel: Windows Driver Package - libusbK Tinfoil (04/27/2014 3.0.7.0) - (.libusbK.) [HKLM][64Bits] – B707C9FC2B732FAAB247365A5AC8FF929DCBE334 =>.Microsoft Windows®
            O42 - Logiciel: Windows Driver Package - Realtek Semiconductor Corp. (RtkBtFilter) Bluetoot - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – A251C507301C79B85C3E1CEEAA1B04A16B62832B =>.Microsoft Windows Hardware Compatibility Publisher®
            O42 - Logiciel: Windows PC Health Check - (.Microsoft Corporation.) [HKLM][64Bits] – {6798C408-2636-448C-8AC6-F4E341102D27} [Unsigned] =>.Microsoft Corporation
            O42 - Logiciel: WinRAR 5.91 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
            
            —\ HKCU & HKLM Software Keys (260) - 19s
            HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
            HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
            HKLM\SOFTWARE\AVAST Software =>.AVAST Software
            HKLM\SOFTWARE\CVSM =>.Legitimate
            HKLM\SOFTWARE\DefaultUserEnvironment =>.Microsoft Corporation
            HKLM\SOFTWARE\Disc Soft =>.Disc Soft
            HKLM\SOFTWARE\Dolby =>.Dolby
            HKLM\SOFTWARE\dotnet
            HKLM\SOFTWARE\DRWNewFree =>.EaseUS Software
            HKLM\SOFTWARE\DRWNewTrial
            HKLM\SOFTWARE\DTS =>.Creative Technology
            HKLM\SOFTWARE\EA Games =>.EA Games
            HKLM\SOFTWARE\EASEUS =>.EaseUS Software
            HKLM\SOFTWARE\Eclipse Foundation =>.Eclipse Foundation
            HKLM\SOFTWARE\Fortemedia =>.Lugert Europe
            HKLM\SOFTWARE\Futuremark =>.Futuremark
            HKLM\SOFTWARE\Google =>.Google
            HKLM\SOFTWARE\GREATIS =>.Greatis Software
            HKLM\SOFTWARE\Intel =>.Intel
            HKLM\SOFTWARE\Khronos =>.Khronos
            HKLM\SOFTWARE\Knowles =>.Knowles Electronics
            HKLM\SOFTWARE\Macromedia =>.Macromedia
            HKLM\SOFTWARE\Malwarebytes =>.Malwarebytes
            HKLM\SOFTWARE\Maxis =>.Maxis
            HKLM\SOFTWARE\Mozilla =>.Mozilla
            HKLM\SOFTWARE\Nahimic =>.Nahimic
            HKLM\SOFTWARE\Nuance =>.Nuance
            HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
            HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
            HKLM\SOFTWARE\OEM =>.OEM
            HKLM\SOFTWARE\OpenSSH =>.OpenBSD
            HKLM\SOFTWARE\Partner =>.Google Inc.
            HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
            HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
            HKLM\SOFTWARE\Rockstar Games =>.Rockstar Games
            HKLM\SOFTWARE\SonicFocus =>.Sonic Focus
            HKLM\SOFTWARE\SoundResearch =>.Sound Research
            HKLM\SOFTWARE\SRS Labs =>.SRS Labs
            HKLM\SOFTWARE\Windows =>.Microsoft Corporation
            HKLM\SOFTWARE\WinRAR =>.WinRAR
            HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
            HKLM\SOFTWARE\Yamaha APO =>.Yamaha Corp.
            HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
            HKLM\SOFTWARE\WOW6432Node\AMD =>.AMD
            HKLM\SOFTWARE\WOW6432Node\ArenaNet =>.ArenaNet
            HKLM\SOFTWARE\WOW6432Node\Avast Software =>.AVAST Software
            HKLM\SOFTWARE\WOW6432Node\bethesda softworks =>.Bethesda Softworks
            HKLM\SOFTWARE\WOW6432Node\BioWare =>.BioWare
            HKLM\SOFTWARE\WOW6432Node\CleverFiles =>.CleverFiles
            HKLM\SOFTWARE\WOW6432Node\dotnet
            HKLM\SOFTWARE\WOW6432Node\EA Games =>.EA Games
            HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat_EOS =>.EasyAntiCheat
            HKLM\SOFTWARE\WOW6432Node\Electronic Arts =>.Electronic Arts
            HKLM\SOFTWARE\WOW6432Node\Epic Games =>.Epic Games
            HKLM\SOFTWARE\WOW6432Node\EpicGames =>.Epic Games
            HKLM\SOFTWARE\WOW6432Node\Eset =>.ESET
            HKLM\SOFTWARE\WOW6432Node\GOG.com =>.GOG.com
            HKLM\SOFTWARE\WOW6432Node\Google =>.Google
            HKLM\SOFTWARE\WOW6432Node\Greatis =>.Greatis Software
            HKLM\SOFTWARE\WOW6432Node\iMyfone =>.iMyFone
            HKLM\SOFTWARE\WOW6432Node\InstallShield =>.InstallShield
            HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
            HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
            HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
            HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
            HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
            HKLM\SOFTWARE\WOW6432Node\Maxis =>.Maxis
            HKLM\SOFTWARE\WOW6432Node\McAfee =>.McAfee Inc.
            HKLM\SOFTWARE\WOW6432Node\mcafeeupdater =>.McAfee Inc.
            HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
            HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
            HKLM\SOFTWARE\WOW6432Node\Mr DJ =>.Mr DJ
            HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance
            HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
            HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
            HKLM\SOFTWARE\WOW6432Node\OpenAL =>.Open Audio Library
            HKLM\SOFTWARE\WOW6432Node\Oracle =>.Oracle
            HKLM\SOFTWARE\WOW6432Node\Origin =>.Electronic Arts, Inc.
            HKLM\SOFTWARE\WOW6432Node\Origin Games =>.Electronic Arts, Inc.
            HKLM\SOFTWARE\WOW6432Node\Paradox Interactive =>.Paradox Interactive
            HKLM\SOFTWARE\WOW6432Node\Python =>.Python
            HKLM\SOFTWARE\WOW6432Node\Realtek =>.Realtek Semiconductor Corp.
            HKLM\SOFTWARE\WOW6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
            HKLM\SOFTWARE\WOW6432Node\Rockstar Games =>.Rockstar Games
            HKLM\SOFTWARE\WOW6432Node\SRS Labs =>.SRS Labs
            HKLM\SOFTWARE\WOW6432Node\Stardock =>.Stardock
            HKLM\SOFTWARE\WOW6432Node\Tencent =>.Tencent
            HKLM\SOFTWARE\WOW6432Node\Ubisoft =>.Ubisoft
            HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
            HKLM\SOFTWARE\WOW6432Node\Zenimax_Online =>.ZeniMax Online Studios
            HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
            HKCU\SOFTWARE\6 Eyes Studio
            HKCU\SOFTWARE\Aidis
            HKCU\SOFTWARE\Akeo Consulting =>.Akeo Consulting
            HKCU\SOFTWARE\AMPLITUDE Studios =>.Amplitude Studios
            HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
            HKCU\SOFTWARE\Arcupion Art
            HKCU\SOFTWARE\ASProtect =>.ASPack Software
            HKCU\SOFTWARE\Avast Software =>.AVAST Software
            HKCU\SOFTWARE\AYstd
            HKCU\SOFTWARE\BANDAI NAMCO Entertainment =>.BANDAI NAMCO Entertainment
            HKCU\SOFTWARE\Blue Meridian
            HKCU\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
            HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
            HKCU\SOFTWARE\Chromium =>.Chromium
            HKCU\SOFTWARE\CleverFiles =>.CleverFiles
            HKCU\SOFTWARE\Cryptic =>.Cryptic Studios
            HKCU\SOFTWARE\Crystal Dynamics =>.Crystal Dynamics
            HKCU\SOFTWARE\Crytivo Games Inc.
            HKCU\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71 =>Adware.CrossRider
            HKCU\SOFTWARE\Disc Soft =>.Disc Soft
            HKCU\SOFTWARE\Dog Hoggler
            HKCU\SOFTWARE\Dragons
            HKCU\SOFTWARE\EA GAMES =>.EA Games
            HKCU\SOFTWARE\eduweb
            HKCU\SOFTWARE\Elder Game
            HKCU\SOFTWARE\Enterbrain =>.Enterbrain
            HKCU\SOFTWARE\Epic Games =>.Epic Games
            HKCU\SOFTWARE\ESET =>.ESET
            HKCU\SOFTWARE\Gearbox Software =>.Gearbox Software
            HKCU\SOFTWARE\GOG.com =>.GOG.com
            HKCU\SOFTWARE\Google =>.Google
            HKCU\SOFTWARE\Greatis =>.Greatis Software
            HKCU\SOFTWARE\Imagination Technologies =>.Imagination Technologies
            HKCU\SOFTWARE\InxileEntertainment
            HKCU\SOFTWARE\JavaSoft =>.JavaSoft
            HKCU\SOFTWARE\JEDI-VCL =>.JEDI Project
            HKCU\SOFTWARE\Khronos =>.Khronos
            HKCU\SOFTWARE\Larian Studios =>.Larian Studios
            HKCU\SOFTWARE\Ludeon Studios =>.Ludeon Studios
            HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
            HKCU\SOFTWARE\McAfee =>.McAfee Inc.
            HKCU\SOFTWARE\MDickie
            HKCU\SOFTWARE\miHoYo
            HKCU\SOFTWARE\miHoYoSDK
            HKCU\SOFTWARE\MiniTool Software Limited =>.MiniTool Software Limited
            HKCU\SOFTWARE\moi rai games
            HKCU\SOFTWARE\Mojang =>.Mojang
            HKCU\SOFTWARE\NewTechnologyStudio =>.New Technology Studio
            HKCU\SOFTWARE\Nine Dots Studio
            HKCU\SOFTWARE\NTSCorp =>.NTSCorp Ltd
            HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
            HKCU\SOFTWARE\Obsidian Entertainment =>.Obsidian Entertainment
            HKCU\SOFTWARE\OldBlood Productions
            HKCU\SOFTWARE\Owlcat Games
            HKCU\SOFTWARE\Paradox Interactive =>.Paradox Interactive
            HKCU\SOFTWARE\Python =>.Python
            HKCU\SOFTWARE\QtProject =>.QtProject
            HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
            HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
            HKCU\SOFTWARE\Regrun =>.Greatis Software
            HKCU\SOFTWARE\Respawn Entertainment =>.Respawn Entertainment
            HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games
            HKCU\SOFTWARE\ScriptHookV
            HKCU\SOFTWARE\spikechunsoft
            HKCU\SOFTWARE\Stardock =>.Stardock
            HKCU\SOFTWARE\Streets of Rogue
            HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
            HKCU\SOFTWARE\Tequila
            HKCU\SOFTWARE\Ubisoft =>.Ubisoft
            HKCU\SOFTWARE\Unity =>.Unity
            HKCU\SOFTWARE\UnityModManager
            HKCU\SOFTWARE\Unknown Worlds =>.Unknown Worlds
            HKCU\SOFTWARE\Urvogel Games
            HKCU\SOFTWARE\Valve =>.Valve
            HKCU\SOFTWARE\VDimension
            HKCU\SOFTWARE\Warner Bros. Interactive Entertainment =>.Warner Bros. Interactive Entertainment
            HKCU\SOFTWARE\Washbear
            HKCU\SOFTWARE\WinRAR =>.WinRAR
            HKCU\SOFTWARE\WinRAR SFX =>.RarLab
            HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
            HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
            HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
            HKU.DEFAULT\SOFTWARE\AppDataLow =>.Microsoft Corporation
            HKU.DEFAULT\SOFTWARE\AVAST Software =>.AVAST Software
            HKU.DEFAULT\SOFTWARE\Epic Games =>.Epic Games
            HKU.DEFAULT\SOFTWARE\Malwarebytes =>.Malwarebytes
            HKU.DEFAULT\SOFTWARE\Nahimic =>.Nahimic
            HKU.DEFAULT\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\6 Eyes Studio
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Aidis
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Akeo Consulting =>.Akeo Consulting
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\AMPLITUDE Studios =>.Amplitude Studios
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\AppDataLow =>.Microsoft Corporation
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Arcupion Art
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ASProtect =>.ASPack Software
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Avast Software =>.AVAST Software
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\AYstd
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\BANDAI NAMCO Entertainment =>.BANDAI NAMCO Entertainment
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Blue Meridian
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\BugSplat =>.Bugsplat Game
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Chromium =>.Chromium
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\CleverFiles =>.CleverFiles
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Cryptic =>.Cryptic Studios
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Crystal Dynamics =>.Crystal Dynamics
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Crytivo Games Inc.
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71 =>Adware.CrossRider
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Disc Soft =>.Disc Soft
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Dog Hoggler
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Dragons
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\EA GAMES =>.EA Games
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\eduweb
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Elder Game
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Enterbrain =>.Enterbrain
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Epic Games =>.Epic Games
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ESET =>.ESET
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Gearbox Software =>.Gearbox Software
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\GOG.com =>.GOG.com
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Google =>.Google
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Greatis =>.Greatis Software
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Imagination Technologies =>.Imagination Technologies
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\InxileEntertainment
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\JavaSoft =>.JavaSoft
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\JEDI-VCL =>.JEDI Project
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Khronos =>.Khronos
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Larian Studios =>.Larian Studios
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Ludeon Studios =>.Ludeon Studios
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Malwarebytes =>.Malwarebytes
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\McAfee =>.McAfee Inc.
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\MDickie
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\miHoYo
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\miHoYoSDK
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\MiniTool Software Limited =>.MiniTool Software Limited
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\moi rai games
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Mojang =>.Mojang
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\NewTechnologyStudio =>.New Technology Studio
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Nine Dots Studio
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\NTSCorp =>.NTSCorp Ltd
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Obsidian Entertainment =>.Obsidian Entertainment
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\OldBlood Productions
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Owlcat Games
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Paradox Interactive =>.Paradox Interactive
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Python =>.Python
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\QtProject =>.QtProject
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Regrun =>.Greatis Software
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Respawn Entertainment =>.Respawn Entertainment
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Rockstar Games =>.Rockstar Games
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ScriptHookV
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\spikechunsoft
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Stardock =>.Stardock
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Streets of Rogue
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\SyncEngines =>.Microsoft Corporation
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Tequila
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Ubisoft =>.Ubisoft
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Unity =>.Unity
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\UnityModManager
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Unknown Worlds =>.Unknown Worlds
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Urvogel Games
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Valve =>.Valve
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\VDimension
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Warner Bros. Interactive Entertainment =>.Warner Bros. Interactive Entertainment
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Washbear
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\WinRAR =>.WinRAR
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\WinRAR SFX =>.RarLab
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Wow6432Node =>.Microsoft Corporation
            HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ZHP =>.Nicolas Coolman
            
            —\ Packages (5) - 0s
            C:\Program Files (x86)\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy - (.LinkedIn.) [LinkedIn] =>LinkedIn
            C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [UDK Package] =>Microsoft Corporation
            C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe - (.Microsoft.) [NcsiUwpApp] =>Microsoft
            C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [NVIDIA Control Panel] =>nVidia Corporation
            C:\Program Files (x86)\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj - (.Realtek Semiconductor Corp.) [Realtek Audio Control] =>Realtek Semiconductor Corp
            
            —\ Contents of the Common Files folders (348) - 9s
            O43 - CFD: 17/07/2022 - D – C:\Program Files\AntiCheatExpert {0F316A214F60D59DC921AEB9685136CC}.
            O43 - CFD: 11/01/2021 - D – C:\Program Files\Black Tree Gaming Ltd =>.Black Tree Gaming Ltd
            O43 - CFD: 26/06/2022 - D – C:\Program Files\Common Files =>.Microsoft Corporation
            O43 - CFD: 03/05/2021 - D – C:\Program Files\Core Temp =>.Legitimate
            O43 - CFD: 09/11/2021 - D – C:\Program Files\DIFX =>.Microsoft Corporation
            O43 - CFD: 24/12/2020 - D – C:\Program Files\Dokan {05B9E5C73998821D2E591A368995B191}.
            O43 - CFD: 06/10/2020 - D – C:\Program Files\dotnet =>.Microsoft®
            O43 - CFD: 24/12/2020 - D – C:\Program Files\EaseUS =>.EaseUS Software
            O43 - CFD: 03/10/2021 - D – C:\Program Files\Eclipse Foundation {034A447570D970982409EBB3DA98B69D}. =>.Eclipse Foundation
            O43 - CFD: 19/06/2022 - D – C:\Program Files\Epic Games =>.Epic Games
            O43 - CFD: 31/08/2022 - D – C:\Program Files\Google =>.Google
            O43 - CFD: 19/02/2021 - D – C:\Program Files\Intel =>.Intel Corporation
            O43 - CFD: 09/03/2022 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
            O43 - CFD: 31/08/2022 - D – C:\Program Files\Malwarebytes =>.Malwarebytes
            O43 - CFD: 03/10/2022 - D – C:\Program Files\Microsoft OneDrive =>.Microsoft Corporation
            O43 - CFD: 11/04/2022 - D – C:\Program Files\Microsoft Update Health Tools =>.Microsoft Corporation
            O43 - CFD: 07/07/2022 - D – C:\Program Files\MiniTool Partition Wizard 11 =>.MiniTool Solution Ltd
            O43 - CFD: 07/12/2019 - [0] D – C:\Program Files\ModifiableWindowsApps =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
            O43 - CFD: 28/09/2022 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
            O43 - CFD: 23/04/2022 - D – C:\Program Files\PCHealthCheck =>.Microsoft®
            O43 - CFD: 11/05/2020 - D – C:\Program Files\Realtek =>.Realtek
            O43 - CFD: 19/02/2021 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
            O43 - CFD: 25/11/2021 - D – C:\Program Files\Rockstar Games =>.Rockstar Games, Inc.®
            O43 - CFD: 08/01/2019 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
            O43 - CFD: 23/02/2022 - D – C:\Program Files\UNP =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
            O43 - CFD: 13/05/2022 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
            O43 - CFD: 16/07/2022 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Security =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
            O43 - CFD: 05/10/2022 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
            O43 - CFD: 02/08/2020 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
            O43 - CFD: 26/03/2022 - D – C:\Program Files (x86)\AMD [Unsigned] =>.AMD
            O43 - CFD: 30/11/2019 - D – C:\Program Files (x86)\AVAST Software =>.AVAST Software
            O43 - CFD: 23/09/2022 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
            O43 - CFD: 18/10/2021 - D – C:\Program Files (x86)\EasyAntiCheat_EOS =>.EasyAntiCheat
            O43 - CFD: 15/02/2022 - D – C:\Program Files (x86)\Electronic Arts =>.Electronic Arts
            O43 - CFD: 18/09/2022 - D – C:\Program Files (x86)\Epic Games =>.Epic Games
            O43 - CFD: 06/10/2022 - D – C:\Program Files (x86)\Google =>.Google Inc®
            O43 - CFD: 10/10/2021 - D – C:\Program Files (x86)\imyfone_down =>.iMyFone
            O43 - CFD: 06/10/2022 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
            O43 - CFD: 08/11/2021 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
            O43 - CFD: 09/03/2022 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
            O43 - CFD: 22/07/2022 - D – C:\Program Files (x86)\Java =>.Oracle
            O43 - CFD: 03/08/2022 - D – C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
            O43 - CFD: 16/05/2021 - D – C:\Program Files (x86)\Minecraft Launcher =>.Mojang
            O43 - CFD: 16/04/2022 - [0] D – C:\Program Files (x86)\Mr DJ =>.Mr DJ
            O43 - CFD: 19/02/2021 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
            O43 - CFD: 28/09/2022 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
            O43 - CFD: 05/07/2019 - D – C:\Program Files (x86)\OpenAL =>.Open Audio Library
            O43 - CFD: 11/08/2022 - D – C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.
            O43 - CFD: 14/09/2022 - [0] D – C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc.
            O43 - CFD: 30/03/2019 - D – C:\Program Files (x86)\Realtek =>.Realtek
            O43 - CFD: 19/02/2021 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
            O43 - CFD: 25/11/2021 - D – C:\Program Files (x86)\Rockstar Games =>.Rockstar Games, Inc.®
            O43 - CFD: 06/10/2022 - D – C:\Program Files (x86)\Steam =>.Steam Games
            O43 - CFD: 30/03/2019 - [0] HD – C:\Program Files (x86)\Temp =>.Microsoft Corporation
            O43 - CFD: 03/12/2020 - D – C:\Program Files (x86)\Ubisoft =>.Ubisoft
            O43 - CFD: 05/06/2022 - D – C:\Program Files (x86)\UnHackMe =>.Greatis
            O43 - CFD: 11/05/2020 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
            O43 - CFD: 27/02/2021 - D – C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
            O43 - CFD: 19/02/2021 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
            O43 - CFD: 13/05/2022 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
            O43 - CFD: 16/07/2022 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
            O43 - CFD: 10/08/2022 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
            O43 - CFD: 17/02/2022 - D – C:\Program Files (x86)\Zenimax Online [Unsigned]
            O43 - CFD: 20/02/2020 - HD – C:\Program Files (x86)\Zero G Registry =>.Flexera
            O43 - CFD: 19/02/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
            O43 - CFD: 16/09/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
            O43 - CFD: 13/10/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Wonders III [GOG.com]
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd =>.Black Tree Gaming Ltd
            O43 - CFD: 03/05/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp =>.Legitimate
            O43 - CFD: 22/07/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
            O43 - CFD: 07/12/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
            O43 - CFD: 03/04/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher =>.Mojang
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
            O43 - CFD: 14/04/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
            O43 - CFD: 15/09/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
            O43 - CFD: 26/06/2022 - D – C:\ProgramData\Alderon Games
            O43 - CFD: 23/09/2022 - D – C:\ProgramData\AntiCheatExpert
            O43 - CFD: 19/02/2021 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
            O43 - CFD: 11/05/2020 - D – C:\ProgramData\Audyssey Labs =>.Audyssey Labs
            O43 - CFD: 14/04/2022 - D – C:\ProgramData\AVAST Software =>.AVAST Software
            O43 - CFD: 24/12/2020 - D – C:\ProgramData\CleverFiles =>.CleverFiles
            O43 - CFD: 07/01/2021 - D – C:\ProgramData\DAEMON Tools Lite =>.DAEMON Tools
            O43 - CFD: 19/02/2021 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
            O43 - CFD: 21/02/2020 - D – C:\ProgramData\Elder Scrolls Online
            O43 - CFD: 07/02/2022 - D – C:\ProgramData\Electronic Arts =>.Electronic Arts
            O43 - CFD: 18/09/2022 - D – C:\ProgramData\Epic =>.Epic
            O43 - CFD: 09/11/2021 - D – C:\ProgramData\Frontier Developments =>.Frontier Developments
            O43 - CFD: 13/09/2019 - D – C:\ProgramData\GOG.com =>.GOG.com
            O43 - CFD: 30/03/2019 - D – C:\ProgramData\Intel =>.Intel Corporation
            O43 - CFD: 19/07/2022 - [0] D – C:\ProgramData\INTL
            O43 - CFD: 31/08/2022 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
            O43 - CFD: 02/01/2020 - D – C:\ProgramData\McAfee =>.McAfee
            O43 - CFD: 19/02/2021 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
            O43 - CFD: 06/10/2022 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
            O43 - CFD: 28/09/2022 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
            O43 - CFD: 11/02/2020 - D – C:\ProgramData\Oracle =>.Oracle
            O43 - CFD: 14/09/2022 - D – C:\ProgramData\Origin =>.Electronic Arts, Inc.
            O43 - CFD: 17/07/2022 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
            O43 - CFD: 24/06/2022 - D – C:\ProgramData\Packages =>.Microsoft Corporation
            O43 - CFD: 09/11/2021 - D – C:\ProgramData\Realtek =>.Realtek
            O43 - CFD: 06/10/2022 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
            O43 - CFD: 18/01/2020 - D – C:\ProgramData\Rockstar Games =>.Rockstar Games
            O43 - CFD: 07/12/2019 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] D – C:\ProgramData\ssh =>.Microsoft Corporation
            O43 - CFD: 13/09/2019 - D – C:\ProgramData\Stardock =>.Stardock
            O43 - CFD: 19/02/2021 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
            O43 - CFD: 24/12/2020 - D – C:\ProgramData\SystemAcCrux
            O43 - CFD: 19/02/2021 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
            O43 - CFD: 03/12/2020 - D – C:\ProgramData\Ubisoft =>.Ubisoft
            O43 - CFD: 29/12/2021 - D – C:\ProgramData\Unknown Worlds
            O43 - CFD: 19/02/2021 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
            O43 - CFD: 31/05/2020 - D – C:\ProgramData\Vortex
            O43 - CFD: 07/12/2019 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
            O43 - CFD: 05/01/2022 - D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
            O43 - CFD: 26/06/2022 - D – C:\Program Files (x86)\Common Files\BioWare =>.BioWare
            O43 - CFD: 23/09/2022 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
            O43 - CFD: 22/07/2022 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
            O43 - CFD: 19/02/2021 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
            O43 - CFD: 22/07/2022 - D – C:\Program Files (x86)\Common Files\Oracle =>.Oracle
            O43 - CFD: 30/03/2019 - D – C:\Program Files (x86)\Common Files\PostureAgent =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
            O43 - CFD: 06/10/2022 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
            O43 - CFD: 13/05/2022 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
            O43 - CFD: 21/09/2021 - D – C:\Users\satch\AppData\Roaming.minecraft =>.Microsoft Corporation
            O43 - CFD: 06/07/2019 - D – C:\Users\satch\AppData\Roaming.mono =>.Legitimate
            O43 - CFD: 05/07/2019 - D – C:\Users\satch\AppData\Roaming\Adobe =>.Adobe
            O43 - CFD: 29/09/2019 - D – C:\Users\satch\AppData\Roaming\Alderon Games Launcher
            O43 - CFD: 18/09/2022 - D – C:\Users\satch\AppData\Roaming\alderon-games-launcher
            O43 - CFD: 11/09/2022 - D – C:\Users\satch\AppData\Roaming\AY std
            O43 - CFD: 17/07/2022 - D – C:\Users\satch\AppData\Roaming\ChimeralandGlobal
            O43 - CFD: 01/09/2020 - D – C:\Users\satch\AppData\Roaming\Crystal Dynamics =>.Crystal Dynamics
            O43 - CFD: 07/01/2021 - [0] D – C:\Users\satch\AppData\Roaming\DAEMON Tools Lite =>.DAEMON Tools
            O43 - CFD: 13/09/2022 - D – C:\Users\satch\AppData\Roaming\Discord
            O43 - CFD: 27/02/2022 - D – C:\Users\satch\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
            O43 - CFD: 27/02/2022 - D – C:\Users\satch\AppData\Roaming\EldenRing
            O43 - CFD: 09/07/2019 - D – C:\Users\satch\AppData\Roaming\FiraxisLive =>.Firaxis
            O43 - CFD: 07/07/2019 - D – C:\Users\satch\AppData\Roaming\Frontier Developments =>.Frontier Developments
            O43 - CFD: 17/07/2022 - D – C:\Users\satch\AppData\Roaming\GMEGLOBAL
            O43 - CFD: 24/09/2019 - D – C:\Users\satch\AppData\Roaming\Goldberg SteamEmu Saves
            O43 - CFD: 23/09/2022 - D – C:\Users\satch\AppData\Roaming\Guild Wars 2 =>.NCsoft Corporation, Ltd.
            O43 - CFD: 09/07/2019 - D – C:\Users\satch\AppData\Roaming\HelloGames =>.HelloGames
            O43 - CFD: 05/08/2020 - D – C:\Users\satch\AppData\Roaming\HOODLUM =>.Hoodlum
            O43 - CFD: 07/08/2020 - D – C:\Users\satch\AppData\Roaming\launcher-main
            O43 - CFD: 23/09/2022 - D – C:\Users\satch\AppData\Roaming\Macromedia =>.Macromedia
            O43 - CFD: 26/03/2022 - SD – C:\Users\satch\AppData\Roaming\Microsoft =>.Microsoft Corporation
            O43 - CFD: 09/07/2019 - D – C:\Users\satch\AppData\Roaming\ModLauncherWPF =>.Games Software
            O43 - CFD: 24/08/2019 - D – C:\Users\satch\AppData\Roaming\Nippon Ichi Software, Inc
            O43 - CFD: 03/11/2020 - D – C:\Users\satch\AppData\Roaming\NVIDIA =>.nVidia Corporation
            O43 - CFD: 14/09/2022 - D – C:\Users\satch\AppData\Roaming\Origin =>.Electronic Arts, Inc.
            O43 - CFD: 29/07/2020 - D – C:\Users\satch\AppData\Roaming\Paradox Interactive =>.Paradox Interactive
            O43 - CFD: 07/08/2020 - D – C:\Users\satch\AppData\Roaming\Paradox Launcher
            O43 - CFD: 14/05/2022 - D – C:\Users\satch\AppData\Roaming\paradox-launcher-v2
            O43 - CFD: 18/11/2020 - D – C:\Users\satch\AppData\Roaming\Sega =>.SEGA
            O43 - CFD: 09/07/2020 - D – C:\Users\satch\AppData\Roaming\Skype =>.Skype
            O43 - CFD: 03/04/2021 - D – C:\Users\satch\AppData\Roaming\Sun =>.Oracle
            O43 - CFD: 30/03/2022 - D – C:\Users\satch\AppData\Roaming\Vortex
            O43 - CFD: 09/04/2022 - D – C:\Users\satch\AppData\Roaming\Warner Bros. Interactive Entertainment =>.Warner Bros. Interactive Entertainment
            O43 - CFD: 16/07/2019 - D – C:\Users\satch\AppData\Roaming\WinRAR =>.WinRAR
            O43 - CFD: 21/07/2022 - D – C:\Users\satch\AppData\Roaming\wxsh_launcher
            O43 - CFD: 06/10/2022 - D – C:\Users\satch\AppData\Roaming\ZHP =>.Nicolas Coolman
            O43 - CFD: 31/12/2019 - [0] D – C:\Users\satch\AppData\Local\Adobe =>.Adobe
            O43 - CFD: 07/12/2019 - D – C:\Users\satch\AppData\Local\alderon-games-launcher-updater
            O43 - CFD: 10/10/2021 - D – C:\Users\satch\AppData\Local\AnyRecover
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\satch\AppData\Local\Application Data =>.Microsoft Corporation
            O43 - CFD: 14/04/2022 - D – C:\Users\satch\AppData\Local\AVAST Software =>.AVAST Software
            O43 - CFD: 29/05/2022 - D – C:\Users\satch\AppData\Local\BANDAI NAMCO Entertainment =>.BANDAI NAMCO Entertainment
            O43 - CFD: 28/08/2020 - D – C:\Users\satch\AppData\Local\BattlEye =>.BattlEye
            O43 - CFD: 23/08/2021 - D – C:\Users\satch\AppData\Local\BitTorrentHelper
            O43 - CFD: 24/08/2021 - D – C:\Users\satch\AppData\Local\cache =>.Legitimate
            O43 - CFD: 14/12/2020 - D – C:\Users\satch\AppData\Local\CD Projekt Red =>.CD Projekt RED
            O43 - CFD: 05/07/2019 - D – C:\Users\satch\AppData\Local\CEF =>.CEF
            O43 - CFD: 25/12/2020 - D – C:\Users\satch\AppData\Local\CleverFiles =>.CleverFiles
            O43 - CFD: 12/05/2020 - D – C:\Users\satch\AppData\Local\Comms =>.Microsoft Corporation
            O43 - CFD: 06/07/2019 - D – C:\Users\satch\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
            O43 - CFD: 05/10/2022 - D – C:\Users\satch\AppData\Local\CrashDumps =>.Microsoft Corporation
            O43 - CFD: 12/05/2020 - D – C:\Users\satch\AppData\Local\CrashReportClient
            O43 - CFD: 14/10/2019 - D – C:\Users\satch\AppData\Local\CrashRpt
            O43 - CFD: 23/09/2022 - D – C:\Users\satch\AppData\Local\D3DSCache =>.Legitimate
            O43 - CFD: 21/09/2020 - D – C:\Users\satch\AppData\Local\Daybreak Game Company =>.Daybreak Game Company
            O43 - CFD: 18/07/2019 - [0] D – C:\Users\satch\AppData\Local\DBG =>.DBG
            O43 - CFD: 05/08/2020 - D – C:\Users\satch\AppData\Local\DH
            O43 - CFD: 11/09/2022 - D – C:\Users\satch\AppData\Local\Diagnostics =>.Microsoft Corporation
            O43 - CFD: 13/09/2022 - D – C:\Users\satch\AppData\Local\Discord
            O43 - CFD: 16/07/2019 - D – C:\Users\satch\AppData\Local\Disc_Soft_Ltd =>.Disc Soft Ltd
            O43 - CFD: 25/12/2020 - D – C:\Users\satch\AppData\Local\DiskDrill =>.Clever Software
            O43 - CFD: 26/03/2022 - D – C:\Users\satch\AppData\Local\Downloaded Installations =>.Microsoft Corporation
            O43 - CFD: 14/03/2022 - D – C:\Users\satch\AppData\Local\Elder Scrolls Online
            O43 - CFD: 14/12/2021 - [0] D – C:\Users\satch\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
            O43 - CFD: 18/09/2022 - D – C:\Users\satch\AppData\Local\Epic Games =>.Epic Games
            O43 - CFD: 18/09/2022 - D – C:\Users\satch\AppData\Local\EpicGamesLauncher =>.Epic Games
            O43 - CFD: 05/10/2022 - D – C:\Users\satch\AppData\Local\ESET =>.ESET
            O43 - CFD: 09/11/2021 - D – C:\Users\satch\AppData\Local\Frontier Developments =>.Frontier Developments
            O43 - CFD: 21/10/2020 - D – C:\Users\satch\AppData\Local\GameAnalytics
            O43 - CFD: 14/12/2020 - D – C:\Users\satch\AppData\Local\GOG.com =>.GOG.com
            O43 - CFD: 07/07/2019 - D – C:\Users\satch\AppData\Local\Google =>.Google
            O43 - CFD: 14/04/2022 - D – C:\Users\satch\AppData\Local\GUI
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\satch\AppData\Local\History =>.Microsoft Corporation
            O43 - CFD: 25/10/2019 - D – C:\Users\satch\AppData\Local\Indiana
            O43 - CFD: 07/07/2019 - D – C:\Users\satch\AppData\Local\Injustice2
            O43 - CFD: 17/07/2022 - D – C:\Users\satch\AppData\Local\IsolatedStorage =>.id Software
            O43 - CFD: 28/11/2020 - D – C:\Users\satch\AppData\Local\LarianLauncher
            O43 - CFD: 06/10/2020 - D – C:\Users\satch\AppData\Local\LarianStudios
            O43 - CFD: 12/01/2021 - D – C:\Users\satch\AppData\Local\LOOT
            O43 - CFD: 22/05/2020 - D – C:\Users\satch\AppData\Local\Maneater
            O43 - CFD: 11/11/2019 - D – C:\Users\satch\AppData\Local\mbam =>.Malwarebytes
            O43 - CFD: 11/11/2019 - D – C:\Users\satch\AppData\Local\mbamtray =>.Malwarebytes
            O43 - CFD: 21/07/2019 - D – C:\Users\satch\AppData\Local\Mega Limited =>.MEGA Limited
            O43 - CFD: 25/07/2022 - D – C:\Users\satch\AppData\Local\MEGAsync =>.MegaSystems
            O43 - CFD: 14/04/2022 - D – C:\Users\satch\AppData\Local\Microsoft =>.Microsoft Corporation
            O43 - CFD: 05/07/2019 - D – C:\Users\satch\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
            O43 - CFD: 31/08/2021 - D – C:\Users\satch\AppData\Local\miHoYo
            O43 - CFD: 03/09/2020 - D – C:\Users\satch\AppData\Local\MK11
            O43 - CFD: 20/03/2021 - D – C:\Users\satch\AppData\Local\NCSoft =>.NCSOFT
            O43 - CFD: 29/12/2020 - D – C:\Users\satch\AppData\Local\New Technology Studio =>.New Technology Studio
            O43 - CFD: 28/09/2022 - D – C:\Users\satch\AppData\Local\NVIDIA =>.nVidia Corporation
            O43 - CFD: 28/05/2022 - D – C:\Users\satch\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
            O43 - CFD: 07/07/2019 - D – C:\Users\satch\AppData\Local\OneDrive =>.Microsoft Corporation
            O43 - CFD: 14/09/2022 - D – C:\Users\satch\AppData\Local\Origin =>.Electronic Arts, Inc.
            O43 - CFD: 10/11/2020 - D – C:\Users\satch\AppData\Local\OsirisExtender
            O43 - CFD: 17/02/2021 - D – C:\Users\satch\AppData\Local\Package Cache =>.Microsoft Corporation
            O43 - CFD: 26/09/2022 - D – C:\Users\satch\AppData\Local\Packages =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] D – C:\Users\satch\AppData\Local\PackageStaging =>.Apcera
            O43 - CFD: 07/08/2020 - D – C:\Users\satch\AppData\Local\Paradox Interactive =>.Paradox Interactive
            O43 - CFD: 24/01/2022 - D – C:\Users\satch\AppData\Local\PathOfTitans
            O43 - CFD: 17/02/2021 - D – C:\Users\satch\AppData\Local\pip =>.Python
            O43 - CFD: 20/09/2022 - D – C:\Users\satch\AppData\Local\PlaceholderTileLogoFolder =>.Microsoft Corporation
            O43 - CFD: 17/02/2021 - D – C:\Users\satch\AppData\Local\Programs =>.Microsoft Corporation
            O43 - CFD: 05/07/2019 - D – C:\Users\satch\AppData\Local\Publishers =>.Microsoft Corporation
            O43 - CFD: 17/07/2022 - D – C:\Users\satch\AppData\Local\RailCrashReport
            O43 - CFD: 14/12/2020 - D – C:\Users\satch\AppData\Local\REDEngine
            O43 - CFD: 29/12/2020 - D – C:\Users\satch\AppData\Local\Rockstar Games =>.Rockstar Games
            O43 - CFD: 21/09/2020 - D – C:\Users\satch\AppData\Local\SCE =>.SCE
            O43 - CFD: 18/11/2020 - D – C:\Users\satch\AppData\Local\SEGA =>.SEGA
            O43 - CFD: 27/03/2022 - D – C:\Users\satch\AppData\Local\Skyrim Special Edition =>.Nogenious Skyrim Game
            O43 - CFD: 20/07/2022 - D – C:\Users\satch\AppData\Local\speech =>.Microsoft Corporation
            O43 - CFD: 06/07/2019 - D – C:\Users\satch\AppData\Local\SquirrelTemp =>.Squirrels
            O43 - CFD: 07/02/2022 - [0] D – C:\Users\satch\AppData\Local\STAR WARS Battlefront II
            O43 - CFD: 17/03/2021 - D – C:\Users\satch\AppData\Local\StarTradersFrontiers
            O43 - CFD: 05/07/2019 - D – C:\Users\satch\AppData\Local\Steam =>.Steam Games
            O43 - CFD: 20/11/2019 - D – C:\Users\satch\AppData\Local\SwGame
            O43 - CFD: 15/02/2022 - D – C:\Users\satch\AppData\Local\SWTORPerf =>.Electronic Arts, Inc.
            O43 - CFD: 06/10/2022 - D – C:\Users\satch\AppData\Local\Temp =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\satch\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
            O43 - CFD: 05/07/2019 - D – C:\Users\satch\AppData\Local\TheIsle
            O43 - CFD: 19/06/2022 - D – C:\Users\satch\AppData\Local\Tiny Tina’s Wonderlands
            O43 - CFD: 06/02/2022 - D – C:\Users\satch\AppData\Local\Ubisoft Game Launcher =>.Ubisoft
            O43 - CFD: 29/09/2021 - D – C:\Users\satch\AppData\Local\UnityModManagerNet
            O43 - CFD: 19/04/2022 - D – C:\Users\satch\AppData\Local\UnrealEngine =>.Unreal Software
            O43 - CFD: 22/05/2020 - D – C:\Users\satch\AppData\Local\UnrealEngineLauncher =>.Unreal Software
            O43 - CFD: 01/09/2020 - D – C:\Users\satch\AppData\Local\Urvogel Games
            O43 - CFD: 13/04/2022 - D – C:\Users\satch\AppData\Local\VirtualStore =>.Microsoft Corporation
            O43 - CFD: 09/06/2020 - D – C:\Users\satch\AppData\Local\Vortex
            O43 - CFD: 27/03/2022 - D – C:\Users\satch\AppData\Local\vortex-updater
            O43 - CFD: 18/10/2019 - D – C:\Users\satch\AppData\Local\Western Digital =>.Western Digital
            O43 - CFD: 06/10/2022 - D – C:\Users\satch\AppData\Local\ZHP =>.Nicolas Coolman
            O43 - CFD: 10/05/2022 - D – C:\Users\satch\AppData\Local\Programs\alderon-games-launcher
            O43 - CFD: 06/07/2019 - [0] D – C:\Users\satch\AppData\Local\Programs\Common =>.Microsoft Corporation
            O43 - CFD: 14/05/2022 - D – C:\Users\satch\AppData\Local\Programs\Paradox Interactive =>.Paradox Interactive
            O43 - CFD: 17/02/2021 - D – C:\Users\satch\AppData\Local\Programs\Python =>.Python
            O43 - CFD: 27/06/2020 - D – C:\Users\satch\AppData\LocalLow\6 Eyes Studio
            O43 - CFD: 01/09/2021 - D – C:\Users\satch\AppData\LocalLow\Aidis
            O43 - CFD: 19/04/2022 - D – C:\Users\satch\AppData\LocalLow\Arcupion Art
            O43 - CFD: 11/09/2022 - D – C:\Users\satch\AppData\LocalLow\AYstd
            O43 - CFD: 16/03/2021 - D – C:\Users\satch\AppData\LocalLow\Blue Meridian
            O43 - CFD: 19/06/2021 - D – C:\Users\satch\AppData\LocalLow\Crytivo Games Inc_
            O43 - CFD: 21/09/2020 - D – C:\Users\satch\AppData\LocalLow\Daybreak Game Company =>.Daybreak Game Company
            O43 - CFD: 13/06/2020 - D – C:\Users\satch\AppData\LocalLow\Dog Hoggler
            O43 - CFD: 29/06/2021 - D – C:\Users\satch\AppData\LocalLow\Dragons
            O43 - CFD: 23/10/2020 - D – C:\Users\satch\AppData\LocalLow\Elder Game
            O43 - CFD: 09/12/2020 - D – C:\Users\satch\AppData\LocalLow\InxileEntertainment
            O43 - CFD: 06/08/2019 - D – C:\Users\satch\AppData\LocalLow\Ludeon Studios
            O43 - CFD: 14/07/2021 - D – C:\Users\satch\AppData\LocalLow\MDickie
            O43 - CFD: 05/07/2019 - SD – C:\Users\satch\AppData\LocalLow\Microsoft =>.Microsoft Corporation
            O43 - CFD: 29/08/2021 - D – C:\Users\satch\AppData\LocalLow\miHoYo
            O43 - CFD: 09/12/2020 - D – C:\Users\satch\AppData\LocalLow\moi rai games
            O43 - CFD: 23/12/2020 - D – C:\Users\satch\AppData\LocalLow\Nine Dots Studio
            O43 - CFD: 23/10/2019 - D – C:\Users\satch\AppData\LocalLow\Obsidian Entertainment =>.Obsidian Entertainment
            O43 - CFD: 01/03/2021 - D – C:\Users\satch\AppData\LocalLow\OldBlood Productions
            O43 - CFD: 02/09/2021 - D – C:\Users\satch\AppData\LocalLow\Owlcat Games
            O43 - CFD: 04/09/2019 - D – C:\Users\satch\AppData\LocalLow\spikechunsoft
            O43 - CFD: 03/04/2021 - D – C:\Users\satch\AppData\LocalLow\Sun =>.Oracle
            O43 - CFD: 02/09/2021 - D – C:\Users\satch\AppData\LocalLow\Unity =>.Unity
            O43 - CFD: 29/12/2021 - D – C:\Users\satch\AppData\LocalLow\Unknown Worlds
            O43 - CFD: 01/09/2020 - D – C:\Users\satch\AppData\LocalLow\Urvogel Games
            O43 - CFD: 13/06/2020 - D – C:\Users\satch\AppData\LocalLow\VDimension
            O43 - CFD: 26/12/2019 - D – C:\Users\satch\AppData\LocalLow\Washbear
            O43 - CFD: 06/10/2022 - AD – C:\Users\satch\OneDrive\Desktop\FRST-OlderVersion
            O43 - CFD: 26/09/2022 - AD – C:\Users\satch\OneDrive\Desktop\Game =>.Game
            O43 - CFD: 19/02/2021 - RD – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - RD – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - RD – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
            O43 - CFD: 07/12/2019 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync =>.MegaSystems
            O43 - CFD: 19/02/2021 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8 =>.Python
            O43 - CFD: 19/02/2021 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games =>.Rockstar Games
            O43 - CFD: 19/02/2021 - RD – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - RD – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
            O43 - CFD: 17/02/2022 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
            O43 - CFD: 19/02/2021 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft =>.Ubisoft
            O43 - CFD: 19/02/2021 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - D – C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
            O43 - CFD: 25/10/2021 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
            O43 - CFD: 25/10/2021 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
            O43 - CFD: 07/12/2019 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
            O43 - CFD: 19/02/2021 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Application Data =>.Microsoft Corporation
            O43 - CFD: 05/10/2022 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Desktop =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DevelopmentFiles
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Documents =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Favorites =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\History =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\ProgramData
            O43 - CFD: 23/09/2022 - – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Programs =>.Microsoft Corporation
            O43 - CFD: 14/04/2022 - – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\SecurityService
            O43 - CFD: 23/09/2022 - [0] – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
            O43 - CFD: 27/02/2022 - – C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
            O43 - CFD: 23/09/2022 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
            O43 - CFD: 07/02/2022 - – C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Origin =>.Electronic Arts, Inc.
            
            —\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
            O106 - SIOI: MEGA (Pending) [ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O106 - SIOI: MEGA (Synced) [ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202}. (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O106 - SIOI: MEGA (Syncing) [ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
            
            —\ Search Context Menu Handlers (SCMH) (37) - 1s
            O108 - CMH1: FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll =>.Microsoft®
            O108 - CMH1: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
            O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
            O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH2: FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll =>.Microsoft®
            O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nv3dappshext.dll =>.Nvidia Corporation®
            O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nv3dappshext.dll =>.Nvidia Corporation®
            O108 - CMH2: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
            O108 - CMH2: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
            O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH3: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) – C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll =>.Malwarebytes Inc.®
            O108 - CMH3: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH4: FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll =>.Microsoft®
            O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH4: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH5: FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) – C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll =>.Microsoft®
            O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvshext.dll =>.Nvidia Corporation®
            O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft®
            O108 - CMH6: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) – C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll =>.Malwarebytes Inc.®
            O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) – C:\Windows\System32\appresolver.dll =>.Microsoft®
            O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
            O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
            O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
            O108 - CMH7: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (…) – C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited®
            O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
            
            —\ Image File Execution Options (10) - 0s
            O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\1] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
            O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\32768] =>.Microsoft®
            
            —\ System Drivers List (444) - 10s
            O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) – C:\WINDOWS\System32\drivers\1394ohci.sys [266240] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107320] =>.Microsoft®
            O58 - SDL:2022/09/23 17:41:44 A . (.ANTICHEATEXPERT.COM - ACE-BASE64 NT Driver.) – C:\WINDOWS\System32\drivers\ACE-BASE.sys [1868832] {0F316A214F60D59DC921AEB9685136CC}.
            O58 - SDL:2022/09/23 17:41:45 A . (.ANTICHEATEXPERT.COM - ACE-GAME64 NT Driver.) – C:\WINDOWS\System32\drivers\ACE-GAME.sys [772656] {0F316A214F60D59DC921AEB9685136CC}.
            O58 - SDL:2022/06/16 19:20:03 A . (.Microsoft Corporation - ACPI Driver for NT.) – C:\WINDOWS\System32\drivers\acpi.sys [810344] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - ACPI Devices Driver.) – C:\WINDOWS\System32\drivers\AcpiDev.sys [23040] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - ACPIEx Driver.) – C:\WINDOWS\System32\drivers\acpiex.sys [139792] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) – C:\WINDOWS\System32\drivers\acpipagr.sys [14336] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - ACPI Power Metering Driver.) – C:\WINDOWS\System32\drivers\acpipmi.sys [18432] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - ACPI Wake Alarm.) – C:\WINDOWS\System32\drivers\acpitime.sys [16384] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/02/10 22:09:56 A . (.Microsoft Corporation - Audio KMDF Class Extension.) – C:\WINDOWS\System32\drivers\Acx01000.sys [694272] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135416] =>.Microsoft®
            O58 - SDL:2022/06/16 19:20:15 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\WINDOWS\System32\drivers\afd.sys [651104] =>.Microsoft®
            O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - AF_UNIX socket provider.) – C:\WINDOWS\System32\drivers\afunix.sys [44032] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:41 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) – C:\WINDOWS\System32\drivers\agilevpn.sys [114176] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:42 A . (.Microsoft Corporation - Application Compatibility Cache.) – C:\WINDOWS\System32\drivers\ahcache.sys [292352] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\amdgpio2.sys [18432] [Unsigned] =>.Advanced Micro Devices, Inc
            O58 - SDL:2019/12/07 05:07:47 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) – C:\WINDOWS\System32\drivers\amdi2c.sys [45568] [Unsigned] =>.Advanced Micro Devices, Inc
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdk8.sys [209760] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdppm.sys [213856] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83256] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [259384] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [26936] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - AppID Driver.) – C:\WINDOWS\System32\drivers\appid.sys [212320] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - Applocker Filter.) – C:\WINDOWS\System32\drivers\applockerfltr.sys [18432] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131896] =>.Microsoft®
            O58 - SDL:2021/08/24 09:55:35 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) – C:\WINDOWS\System32\drivers\aswTap.sys [53904] =>.AVAST Software s.r.o.®
            O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - MS Remote Access serial network driver.) – C:\WINDOWS\System32\drivers\asyncmac.sys [31232] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [31064] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - ATAPI Driver Extension.) – C:\WINDOWS\System32\drivers\ataport.sys [225104] =>.Microsoft®
            O58 - SDL:2021/11/09 12:51:06 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) – C:\WINDOWS\System32\drivers\avgntflt.sys [208176] =>.Avira Operations GmbH & Co. KG®
            O58 - SDL:2021/11/09 12:51:06 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) – C:\WINDOWS\System32\drivers\avipbb.sys [197176] =>.Avira Operations GmbH & Co. KG®
            O58 - SDL:2021/11/09 12:51:06 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) – C:\WINDOWS\System32\drivers\avkmgr.sys [46704] =>.Avira Operations GmbH & Co. KG®
            O58 - SDL:2019/12/07 05:08:41 A . (.Microsoft Corporation - BAM Kernel Driver.) – C:\WINDOWS\System32\drivers\bam.sys [78136] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Battery Class Driver.) – C:\WINDOWS\System32\drivers\battc.sys [41272] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:47 A . (. - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] [Unsigned] =>.Broadcom Corporation
            O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - BEEP Driver.) – C:\WINDOWS\System32\drivers\beep.sys [10240] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/06/16 19:20:11 A . (.Microsoft Corporation - Windows Bind Filter Driver.) – C:\WINDOWS\System32\drivers\bindflt.sys [145768] =>.Microsoft®
            O58 - SDL:2022/03/08 21:50:16 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) – C:\WINDOWS\System32\drivers\bowser.sys [117760] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:39 A . (.Microsoft Corporation - MAC Bridge Driver.) – C:\WINDOWS\System32\drivers\bridge.sys [127488] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) – C:\WINDOWS\System32\drivers\BtaMPM.sys [36352] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/05/13 17:28:20 N . (.Microsoft Corporation - Bluetooth A2DP Driver.) – C:\WINDOWS\System32\drivers\BthA2dp.sys [287744] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Bus Extender.) – C:\WINDOWS\System32\drivers\bthenum.sys [113664] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/04/12 23:04:42 A . (.Microsoft Corporation - Bluetooth Hands-free Audio Device Driver.) – C:\WINDOWS\System32\drivers\BthHfAud.sys [65536] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/04/12 23:04:42 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) – C:\WINDOWS\System32\drivers\BthHfEnum.sys [147968] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) – C:\WINDOWS\System32\drivers\BthMini.SYS [45568] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Bluetooth Communications Driver.) – C:\WINDOWS\System32\drivers\bthmodem.sys [76800] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) – C:\WINDOWS\System32\drivers\bthpan.sys [133632] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Bus Driver.) – C:\WINDOWS\System32\drivers\bthport.sys [1560064] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) – C:\WINDOWS\System32\drivers\BTHUSB.SYS [110592] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - VHD BTT Filter Driver.) – C:\WINDOWS\System32\drivers\bttflt.sys [43832] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Button Converter Driver.) – C:\WINDOWS\System32\drivers\buttonconverter.sys [44032] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533816] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Charge Arbiration Driver.) – C:\WINDOWS\System32\drivers\CAD.sys [66576] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:37 A . (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/03/08 21:50:21 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) – C:\WINDOWS\System32\drivers\CEA.sys [82256] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [144184] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [319800] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) – C:\WINDOWS\System32\drivers\cht4vfx.sys [28672] [Unsigned] =>.Chelsio Communications
            O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1853752] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:34 A . (…) – C:\WINDOWS\System32\drivers\cimfs.sys [98816] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) – C:\WINDOWS\System32\drivers\circlass.sys [52224] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:02 A . (.Microsoft Corporation - SCSI Class System Dll.) – C:\WINDOWS\System32\drivers\Classpnp.sys [432472] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:36 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) – C:\WINDOWS\System32\drivers\cldflt.sys [496640] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Common Log File System Driver.) – C:\WINDOWS\System32\drivers\clfs.sys [415568] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - CLIP Service.) – C:\WINDOWS\System32\drivers\ClipSp.sys [1104216] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Control Method Battery Driver.) – C:\WINDOWS\System32\drivers\CmBatt.sys [36864] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:28 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) – C:\WINDOWS\System32\drivers\cmimcext.sys [29000] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:36 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) – C:\WINDOWS\System32\drivers\cng.sys [747472] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) – C:\WINDOWS\System32\drivers\cnghwassist.sys [40968] =>.Microsoft®
            O58 - SDL:2021/07/16 19:40:29 A . (.Microsoft Corporation - Console Driver.) – C:\WINDOWS\System32\drivers\condrv.sys [57144] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Crash Dump Driver.) – C:\WINDOWS\System32\drivers\crashdmp.sys [101736] =>.Microsoft®
            O58 - SDL:2021/06/10 16:30:04 A . (.Microsoft Corporation - DAM Kernel Driver.) – C:\WINDOWS\System32\drivers\dam.sys [97096] =>.Microsoft®
            O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) – C:\WINDOWS\System32\drivers\devauthe.sys [47104] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\dfsc.sys [152064] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - PnP Disk Driver.) – C:\WINDOWS\System32\drivers\disk.sys [106336] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Crash Dump Disk Driver.) – C:\WINDOWS\System32\drivers\Diskdump.sys [41312] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) – C:\WINDOWS\System32\drivers\Dmpusbstor.sys [20480] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Dynamic Memory.) – C:\WINDOWS\System32\drivers\dmvsc.sys [59192] =>.Microsoft®
            O58 - SDL:2020/06/01 20:48:58 A . (.Dokan Project - Dokan Driver.) – C:\WINDOWS\System32\drivers\dokan1.sys [140280] {05B9E5C73998821D2E591A368995B191}. =>.Dokan Project
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmk.sys [97792] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmkaud.sys [16128] =>.Microsoft®
            O58 - SDL:2019/07/16 13:45:24 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) – C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256] =>.AVB Disc Soft, SIA®
            O58 - SDL:2019/07/16 13:45:24 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver.) – C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360] =>.AVB Disc Soft, SIA®
            O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - ATAPI Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpata.sys [40784] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:58 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) – C:\WINDOWS\System32\drivers\dumpfve.sys [95176] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - SD Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsd.sys [198496] =>.Microsoft®
            O58 - SDL:2022/06/16 19:20:11 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsdport.sys [32768] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Storport Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpstorport.sys [38232] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - DirectX Graphics Kernel.) – C:\WINDOWS\System32\drivers\dxgkrnl.sys [3814744] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms1.sys [456024] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms2.sys [904024] =>.Microsoft®
            O58 - SDL:2021/05/14 02:20:59 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) – C:\WINDOWS\System32\drivers\EhStorClass.sys [95032] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) – C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [124728] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Error Device Driver.) – C:\WINDOWS\System32\drivers\errdev.sys [15872] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3418936] =>.Microsoft®
            O58 - SDL:2022/03/08 21:50:16 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) – C:\WINDOWS\System32\drivers\exfat.sys [418648] =>.Microsoft®
            O58 - SDL:2022/07/14 22:42:44 A . (.Microsoft Corporation - Fast FAT File System Driver.) – C:\WINDOWS\System32\drivers\fastfat.sys [426320] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) – C:\WINDOWS\System32\drivers\fdc.sys [34816] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) – C:\WINDOWS\System32\drivers\filecrypt.sys [59392] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:46 A . (.Microsoft Corporation - FileInfo Filter Driver.) – C:\WINDOWS\System32\drivers\fileinfo.sys [94736] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:46 A . (.Microsoft Corporation - File Trace Filter Driver.) – C:\WINDOWS\System32\drivers\filetrace.sys [40448] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Floppy Driver.) – C:\WINDOWS\System32\drivers\flpydisk.sys [28672] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/07/14 22:42:52 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) – C:\WINDOWS\System32\drivers\fltMgr.sys [429928] =>.Microsoft®
            O58 - SDL:2021/04/13 17:14:28 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) – C:\WINDOWS\System32\drivers\fsdepends.sys [69968] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - File System Recognizer Driver.) – C:\WINDOWS\System32\drivers\fs_rec.sys [33592] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:58 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) – C:\WINDOWS\System32\drivers\fvevol.sys [802624] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) – C:\WINDOWS\System32\drivers\FWPKCLNT.SYS [503632] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:05 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) – C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8704] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\hdaudbus.sys [134656] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\HdAudio.sys [430080] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Hid Battery Driver.) – C:\WINDOWS\System32\drivers\hidbatt.sys [39440] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Bluetooth Miniport Driver for HID Devices.) – C:\WINDOWS\System32\drivers\hidbth.sys [120320] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:26 A . (.Microsoft Corporation - Hid Class Library.) – C:\WINDOWS\System32\drivers\hidclass.sys [225792] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - I2C HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidi2c.sys [57344] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) – C:\WINDOWS\System32\drivers\hidinterrupt.sys [55824] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidir.sys [48640] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:26 A . (.Microsoft Corporation - Hid Parsing Library.) – C:\WINDOWS\System32\drivers\hidparse.sys [46080] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - SPI HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidspi.sys [66560] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:26 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidusb.sys [44032] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [64312] =>.Microsoft®
            O58 - SDL:2022/08/10 05:18:02 A . (.Microsoft Corporation - HTTP Protocol Stack.) – C:\WINDOWS\System32\drivers\http.sys [1577320] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Hyper-V Crashdump.) – C:\WINDOWS\System32\drivers\hvcrash.sys [35128] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:44 A . (.Microsoft Corporation - Hypervisor Boot Driver.) – C:\WINDOWS\System32\drivers\hvservice.sys [96112] =>.Microsoft®
            O58 - SDL:2022/05/13 17:28:42 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) – C:\WINDOWS\System32\drivers\hvsocket.sys [149328] =>.Microsoft®
            O58 - SDL:2021/02/19 21:37:09 A . (.Microsoft Corporation - Hardware Policy Driver.) – C:\WINDOWS\System32\drivers\hwpolicy.sys [33096] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) – C:\WINDOWS\System32\drivers\hyperkbd.sys [27448] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) – C:\WINDOWS\System32\drivers\HyperVideo.sys [41784] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - i8042 Port Driver.) – C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36352] [Unsigned] =>.Intel(R) Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91136] [Unsigned] =>.Intel(R) Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
            O58 - SDL:2019/12/07 05:07:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] [Unsigned] =>.Intel Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412176] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [558904] =>.Microsoft®
            O58 - SDL:2019/01/24 13:07:44 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) – C:\WINDOWS\System32\drivers\ibtusb.sys [191480] =>.Intel(R) Wireless Connectivity Solutions®
            O58 - SDL:2018/06/04 04:08:22 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) – C:\WINDOWS\System32\drivers\ICCWDT.sys [39504] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            O58 - SDL:2021/02/19 21:37:03 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) – C:\WINDOWS\System32\drivers\IndirectKmd.sys [47104] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Intel PCI IDE Driver.) – C:\WINDOWS\System32\drivers\intelide.sys [20816] =>.Microsoft®
            O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - Intel Power Engine Plugin.) – C:\WINDOWS\System32\drivers\intelpep.sys [418800] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Intel Power Limit Driver.) – C:\WINDOWS\System32\drivers\intelpmax.sys [30720] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\intelppm.sys [234344] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Intel Telemetry Driver.) – C:\WINDOWS\System32\drivers\IntelTA.sys [26608] =>.Microsoft®
            O58 - SDL:2021/06/10 16:29:54 A . (.Microsoft Corporation - I/O rate control Filter.) – C:\WINDOWS\System32\drivers\iorate.sys [57168] =>.Microsoft®
            O58 - SDL:2022/06/16 19:20:19 A . (.Microsoft Corporation - IP FILTER DRIVER.) – C:\WINDOWS\System32\drivers\ipfltdrv.sys [95232] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/06/10 16:29:53 A . (.Microsoft Corporation - WMI IPMI DRIVER.) – C:\WINDOWS\System32\drivers\IPMIDrv.sys [117584] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:59 A . (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\ipnat.sys [230400] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - IPT Driver.) – C:\WINDOWS\System32\drivers\ipt.sys [59704] =>.Microsoft®
            O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - PNP ISA Bus Driver.) – C:\WINDOWS\System32\drivers\isapnp.sys [22864] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) – C:\WINDOWS\System32\drivers\ItSas35i.sys [172344] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Keyboard Class Driver.) – C:\WINDOWS\System32\drivers\kbdclass.sys [71480] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - HID Keyboard Filter Driver.) – C:\WINDOWS\System32\drivers\kbdhid.sys [46592] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) – C:\WINDOWS\System32\drivers\kdnic.sys [33296] =>.Microsoft®
            O58 - SDL:2022/04/12 23:04:43 A . (.Microsoft Corporation - Network Power Dependency Broker.) – C:\WINDOWS\System32\drivers\KNetPwrDepBroker.sys [32256] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:11 A . (.Microsoft Corporation - Kernel CSA Library.) – C:\WINDOWS\System32\drivers\ks.sys [449024] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/03/08 21:50:28 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecdd.sys [148312] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:36 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecpkg.sys [181096] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) – C:\WINDOWS\System32\drivers\ksthunk.sys [29696] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2018/04/30 08:53:14 A . (.http://libusb-win32.sourceforge.net - libusbK(lusbk) WDF USB Driver.) – C:\WINDOWS\System32\drivers\libusbK.sys [47928] =>.Travis Lee Robinson®
            O58 - SDL:2019/12/07 05:08:55 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) – C:\WINDOWS\System32\drivers\lltdio.sys [72704] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/12/25 13:45:00 A . (…) – C:\WINDOWS\System32\drivers\lpsport.sys [61304] =>.AVG Technologies CZ, s.r.o.®
            O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108856] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124216] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [135992] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82744] =>.Microsoft®
            O58 - SDL:2021/03/12 12:42:31 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) – C:\WINDOWS\System32\drivers\luafv.sys [140800] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) – C:\WINDOWS\System32\drivers\mausbhost.sys [537608] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - MA-USB IP Driver.) – C:\WINDOWS\System32\drivers\mausbip.sys [64016] =>.Microsoft®
            O58 - SDL:2022/08/31 20:23:06 A . (.Malwarebytes - Malwarebytes Anti-Exploit.) – C:\WINDOWS\System32\drivers\mbae64.sys [158640] =>.Microsoft®
            O58 - SDL:2022/08/31 20:23:01 A . (.Malwarebytes - Malwarebytes Early Launch Anti-Malware Driv.) – C:\WINDOWS\System32\drivers\MbamElam.sys [21480] =>.Microsoft®
            O58 - SDL:2022/10/04 21:58:02 A . (.Malwarebytes - Malwarebytes SwissArmy.) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys [239544] =>.Microsoft®
            O58 - SDL:2022/04/12 23:04:43 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) – C:\WINDOWS\System32\drivers\MbbCx.sys [386048] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - Medium changer class driver.) – C:\WINDOWS\System32\drivers\mcd.sys [25088] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59704] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [81720] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas35i.sys [105480] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575800] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Avrcp Transport Driver.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [1131320] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:50 A . (.Microsoft Corporation - MMCSS Driver.) – C:\WINDOWS\System32\drivers\mmcss.sys [53248] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:34 A . (.Microsoft Corporation - Modem Device Driver.) – C:\WINDOWS\System32\drivers\modem.sys [47104] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/08/13 00:10:51 A . (.Microsoft Corporation - Monitor Driver.) – C:\WINDOWS\System32\drivers\monitor.sys [83968] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Mouse Class Driver.) – C:\WINDOWS\System32\drivers\mouclass.sys [67600] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - HID Mouse Filter Driver.) – C:\WINDOWS\System32\drivers\mouhid.sys [35328] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Mount Point Manager.) – C:\WINDOWS\System32\drivers\mountmgr.sys [110392] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:33 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) – C:\WINDOWS\System32\drivers\mpsdrv.sys [80896] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/03/08 21:50:44 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) – C:\WINDOWS\System32\drivers\mrxdav.sys [165888] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:03 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\mrxsmb.sys [586592] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) – C:\WINDOWS\System32\drivers\mrxsmb20.sys [268632] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Mailslot driver.) – C:\WINDOWS\System32\drivers\msfs.sys [44048] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:57 A . (.Microsoft Corporation - GPIO Class Extension Driver.) – C:\WINDOWS\System32\drivers\msgpioclx.sys [183112] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - GPIO Button Driver.) – C:\WINDOWS\System32\drivers\msgpiowin32.sys [56120] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) – C:\WINDOWS\System32\drivers\mshidkmdf.sys [8192] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:16 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) – C:\WINDOWS\System32\drivers\mshidumdf.sys [12288] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) – C:\WINDOWS\System32\drivers\mshwnclx.sys [30208] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - ISA Driver.) – C:\WINDOWS\System32\drivers\msisadrv.sys [20280] =>.Microsoft®
            O58 - SDL:2021/08/13 00:10:51 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) – C:\WINDOWS\System32\drivers\msiscsi.sys [293176] =>.Microsoft®
            O58 - SDL:2021/02/19 21:37:11 A . (.Microsoft Corporation - MS KS Server.) – C:\WINDOWS\System32\drivers\mskssrv.sys [34816] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:05 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) – C:\WINDOWS\System32\drivers\mslldp.sys [78848] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - MS Proxy Clock.) – C:\WINDOWS\System32\drivers\mspclock.sys [11264] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - MS Proxy Quality Manager.) – C:\WINDOWS\System32\drivers\mspqm.sys [11264] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:08 A . (.Microsoft Corporation - Windows QUIC Driver.) – C:\WINDOWS\System32\drivers\msquic.sys [322376] =>.Microsoft®
            O58 - SDL:2022/05/13 17:28:30 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) – C:\WINDOWS\System32\drivers\msrpc.sys [376688] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - System Management BIOS Driver.) – C:\WINDOWS\System32\drivers\mssmbios.sys [47928] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) – C:\WINDOWS\System32\drivers\mstee.sys [12288] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) – C:\WINDOWS\System32\drivers\MTConfig.sys [17920] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/03/12 12:42:31 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) – C:\WINDOWS\System32\drivers\mup.sys [132920] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63800] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [146232] =>.Microsoft®
            O58 - SDL:2021/12/15 22:39:19 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) – C:\WINDOWS\System32\drivers\ndis.sys [1476944] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:48 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) – C:\WINDOWS\System32\drivers\ndiscap.sys [54272] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:13 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) – C:\WINDOWS\System32\drivers\NdisImPlatform.sys [135168] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) – C:\WINDOWS\System32\drivers\ndistapi.sys [28672] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - NDIS User mode I/O driver.) – C:\WINDOWS\System32\drivers\ndisuio.sys [70656] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:05 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) – C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [23040] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/05/13 17:28:31 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) – C:\WINDOWS\System32\drivers\ndiswan.sys [208384] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:48 A . (.Microsoft Corporation - RDMA Sample Driver.) – C:\WINDOWS\System32\drivers\NDKPing.sys [72720] =>.Microsoft®
            O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - NDIS Proxy.) – C:\WINDOWS\System32\drivers\ndproxy.sys [93696] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:33 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) – C:\WINDOWS\System32\drivers\Ndu.sys [131584] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/04/12 23:04:56 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) – C:\WINDOWS\System32\drivers\NetAdapterCx.sys [210944] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:04 A . (.Microsoft Corporation - NetBIOS interface driver.) – C:\WINDOWS\System32\drivers\netbios.sys [64312] =>.Microsoft®
            O58 - SDL:2021/02/19 21:37:13 A . (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netbt.sys [341504] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/05/13 17:28:30 A . (.Microsoft Corporation - Network I/O Subsystem.) – C:\WINDOWS\System32\drivers\netio.sys [601944] =>.Microsoft®
            O58 - SDL:2022/06/16 19:20:03 A . (.Microsoft Corporation - Virtual NDIS Miniport.) – C:\WINDOWS\System32\drivers\netvsc.sys [252264] =>.Microsoft®
            O58 - SDL:2020/09/18 20:56:44 N . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) – C:\WINDOWS\System32\drivers\Netwtw04.sys [8651624] =>.Intel®
            O58 - SDL:2022/02/10 22:10:09 A . (.Microsoft Corporation - NPFS Driver.) – C:\WINDOWS\System32\drivers\npfs.sys [87368] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Named pipe service triggers.) – C:\WINDOWS\System32\drivers\npsvctrig.sys [27648] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:09 A . (.Microsoft Corporation - NSI Proxy.) – C:\WINDOWS\System32\drivers\nsiproxy.sys [48640] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - NT File System Driver.) – C:\WINDOWS\System32\drivers\ntfs.sys [2846552] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - NTOS extension host driver.) – C:\WINDOWS\System32\drivers\ntosext.sys [20792] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - NULL Driver.) – C:\WINDOWS\System32\drivers\null.sys [7680] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - NVDIMM device driver.) – C:\WINDOWS\System32\drivers\nvdimm.sys [168464] =>.Microsoft®
            O58 - SDL:2022/09/23 18:52:39 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\WINDOWS\System32\drivers\nvhda64v.sys [129576] =>.Nvidia Corporation®
            O58 - SDL:2021/04/12 20:03:32 A . (.NVIDIA Corporation - Process and module monitoring driver.) – C:\WINDOWS\System32\drivers\NvModuleTracker.sys [43416] =>.NVIDIA Corporation®
            O58 - SDL:2019/12/07 05:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150328] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166200] =>.Microsoft®
            O58 - SDL:2019/03/18 14:32:25 A . (.NVIDIA Corporation - Stereoscopic 3D USB controller driver.) – C:\WINDOWS\System32\drivers\nvstusb.sys [486184] =>.NVIDIA Corporation®
            O58 - SDL:2022/07/15 12:59:26 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\WINDOWS\System32\drivers\nvvad64v.sys [59368] =>.Nvidia Corporation®
            O58 - SDL:2021/06/21 04:43:08 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\WINDOWS\System32\drivers\nvvhci.sys [67464] =>.NVIDIA Corporation®
            O58 - SDL:2021/12/15 22:39:09 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\nwifi.sys [757760] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:02 A . (.Microsoft Corporation - QoS Packet Scheduler.) – C:\WINDOWS\System32\drivers\pacer.sys [161608] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Parallel Port Driver.) – C:\WINDOWS\System32\drivers\parport.sys [109056] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:02 A . (.Microsoft Corporation - Partition driver.) – C:\WINDOWS\System32\drivers\partmgr.sys [186728] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) – C:\WINDOWS\System32\drivers\pci.sys [473424] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) – C:\WINDOWS\System32\drivers\pciide.sys [17752] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) – C:\WINDOWS\System32\drivers\pciidex.sys [57680] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - PCMCIA Bus Driver.) – C:\WINDOWS\System32\drivers\pcmcia.sys [127800] =>.Microsoft®
            O58 - SDL:2022/07/14 22:42:52 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) – C:\WINDOWS\System32\drivers\pcw.sys [60232] =>.Microsoft®
            O58 - SDL:2021/06/10 16:29:55 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) – C:\WINDOWS\System32\drivers\pdc.sys [159056] =>.Microsoft®
            O58 - SDL:2022/05/13 17:28:21 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) – C:\WINDOWS\System32\drivers\PEAuth.sys [825344] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58680] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [68408] =>.Microsoft®
            O58 - SDL:2022/05/13 17:28:41 A . (.Microsoft Corporation - Packet Monitor Driver.) – C:\WINDOWS\System32\drivers\PktMon.sys [131424] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Persistent memory driver.) – C:\WINDOWS\System32\drivers\pmem.sys [142176] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Plug and Play Memory Driver.) – C:\WINDOWS\System32\drivers\pnpmem.sys [17408] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) – C:\WINDOWS\System32\drivers\portcfg.sys [27136] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) – C:\WINDOWS\System32\drivers\portcls.sys [388608] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\processr.sys [218464] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:33 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) – C:\WINDOWS\System32\drivers\ProcLaunchMon.sys [43448] =>.Microsoft®
            O58 - SDL:2022/06/23 09:03:04 A . (. - TODO: .) – C:\WINDOWS\System32\drivers\protected_elam.sys [17864] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:05 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) – C:\WINDOWS\System32\drivers\qwavedrv.sys [53248] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - RAM Disk Driver.) – C:\WINDOWS\System32\drivers\ramdisk.sys [42296] =>.Microsoft®
            O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) – C:\WINDOWS\System32\drivers\rasacd.sys [20480] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/07/14 22:42:57 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\rasl2tp.sys [110080] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\raspppoe.sys [87552] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/05/13 17:28:31 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) – C:\WINDOWS\System32\drivers\raspptp.sys [102400] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) – C:\WINDOWS\System32\drivers\rassstp.sys [86528] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/07/14 22:42:53 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) – C:\WINDOWS\System32\drivers\rdbss.sys [457568] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) – C:\WINDOWS\System32\drivers\rdpbus.sys [28672] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:52 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:48 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) – C:\WINDOWS\System32\drivers\rdpvideominiport.sys [32600] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:54 A . (.Microsoft Corporation - ReadyBoost Driver.) – C:\WINDOWS\System32\drivers\rdyboost.sys [297784] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\WINDOWS\System32\drivers\refs.sys [2010464] =>.Microsoft®
            O58 - SDL:2022/01/14 23:10:47 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\WINDOWS\System32\drivers\refsv1.sys [990536] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) – C:\WINDOWS\System32\drivers\rfcomm.sys [213504] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:27 A . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) – C:\WINDOWS\System32\drivers\RfxVmt.sys [8192] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) – C:\WINDOWS\System32\drivers\rhproxy.sys [115712] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:41 A . (.Microsoft Corporation - Reliable Multicast Transport.) – C:\WINDOWS\System32\drivers\rmcast.sys [158208] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\WINDOWS\System32\drivers\RNDISMP.sys [37376] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\WINDOWS\System32\drivers\rndismp6.sys [41472] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:51 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) – C:\WINDOWS\System32\drivers\rootmdm.sys [13824] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:55 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) – C:\WINDOWS\System32\drivers\rspndr.sys [89088] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:09 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [48640] [Unsigned] =>.Realtek
            O58 - SDL:2021/04/01 03:32:56 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth Filter Driver.) – C:\WINDOWS\System32\drivers\RtkBtfilter.sys [795448] =>.Realtek Semiconductor Corp.®
            O58 - SDL:2019/09/12 00:27:14 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\WINDOWS\System32\drivers\RTKVHD64.sys [6994520] =>.Realtek Semiconductor Corp.®
            O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) – C:\WINDOWS\System32\drivers\sbp2port.sys [118088] =>.Microsoft®
            O58 - SDL:2021/03/12 12:42:35 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) – C:\WINDOWS\System32\drivers\scfilter.sys [44032] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/02/10 22:09:55 A . (.Microsoft Corporation - Storage Class Memory Bus Driver.) – C:\WINDOWS\System32\drivers\scmbus.sys [158520] =>.Microsoft®
            O58 - SDL:2021/10/13 02:41:43 A . (.Microsoft Corporation - SCSI Port Driver.) – C:\WINDOWS\System32\drivers\scsiport.sys [188232] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - SecureDigital Bus Driver.) – C:\WINDOWS\System32\drivers\sdbus.sys [306536] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - SDF Reflector.) – C:\WINDOWS\System32\drivers\SDFRd.sys [35128] =>.Microsoft®
            O58 - SDL:2022/06/16 19:20:04 A . (.Microsoft Corporation - SD Host Controller Port Driver.) – C:\WINDOWS\System32\drivers\sdport.sys [106344] =>.Microsoft®
            O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - SD Storage Class Driver.) – C:\WINDOWS\System32\drivers\sdstor.sys [104264] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Serial Class Extension.) – C:\WINDOWS\System32\drivers\SerCx.sys [86328] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Serial Class Extension V2.) – C:\WINDOWS\System32\drivers\SerCx2.sys [173072] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Serial Port Enumerator.) – C:\WINDOWS\System32\drivers\serenum.sys [27648] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Serial Device Driver.) – C:\WINDOWS\System32\drivers\serial.sys [90624] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Serial Mouse Filter Driver.) – C:\WINDOWS\System32\drivers\sermouse.sys [29184] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - SCSI Floppy Driver.) – C:\WINDOWS\System32\drivers\sfloppy.sys [19456] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:33 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) – C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44856] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81720] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Sleep Study Helper.) – C:\WINDOWS\System32\drivers\SleepStudyHelper.sys [38200] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) – C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:09 A . (.Microsoft Corporation - Smart Card Driver Library.) – C:\WINDOWS\System32\drivers\smclib.sys [21504] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) – C:\WINDOWS\System32\drivers\spacedump.sys [219984] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:34 A . (.Microsoft Corporation - Storage Spaces Parser.) – C:\WINDOWS\System32\drivers\spaceparser.sys [26624] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Storage Spaces Driver.) – C:\WINDOWS\System32\drivers\spaceport.sys [687440] =>.Microsoft®
            O58 - SDL:2019/12/07 05:52:37 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) – C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [90936] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - SPB Class Extension.) – C:\WINDOWS\System32\drivers\SpbCx.sys [87352] =>.Microsoft®
            O58 - SDL:2022/08/10 05:18:03 A . (.Microsoft Corporation - Smb 2.0 Server driver.) – C:\WINDOWS\System32\drivers\srv2.sys [787968] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:03 A . (.Microsoft Corporation - Server Network driver.) – C:\WINDOWS\System32\drivers\srvnet.sys [318976] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2020/11/11 03:54:38 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) – C:\WINDOWS\System32\drivers\ssudmdm.sys [167280] =>.Samsung Electronics Co., Ltd.®
            O58 - SDL:2019/12/07 05:07:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31032] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storahci.sys [187240] =>.Microsoft®
            O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) – C:\WINDOWS\System32\drivers\stornvme.sys [162128] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:31 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) – C:\WINDOWS\System32\drivers\storport.sys [727376] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - Storage QoS Filter.) – C:\WINDOWS\System32\drivers\storqosflt.sys [92984] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storufs.sys [64856] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Storage VSC Driver.) – C:\WINDOWS\System32\drivers\storvsc.sys [44048] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) – C:\WINDOWS\System32\drivers\stream.sys [82432] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:27 A . (.Microsoft Corporation - Microsoft RemoteFX Synth3D Video VSC.) – C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/10/18 05:51:50 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\WINDOWS\System32\drivers\tap0901.sys [36168] =>.McAfee, Inc.®
            O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - SCSI Tape Class Driver.) – C:\WINDOWS\System32\drivers\tape.sys [33280] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:28 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) – C:\WINDOWS\System32\drivers\tbs.sys [31568] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - TCP/IP Driver.) – C:\WINDOWS\System32\drivers\tcpip.sys [2991952] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:04 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) – C:\WINDOWS\System32\drivers\tcpipreg.sys [54784] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - TDI Wrapper.) – C:\WINDOWS\System32\drivers\tdi.sys [39736] =>.Microsoft®
            O58 - SDL:2021/09/15 02:14:10 A . (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [117584] =>.Microsoft®
            O58 - SDL:2018/01/31 21:50:50 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [227456] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Terminal Server Input Driver.) – C:\WINDOWS\System32\drivers\terminpt.sys [41272] =>.Microsoft®
            O58 - SDL:2021/09/15 02:14:01 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) – C:\WINDOWS\System32\drivers\tm.sys [142136] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:49 A . (.Microsoft Corporation - TPM Device Driver.) – C:\WINDOWS\System32\drivers\tpm.sys [255288] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) – C:\WINDOWS\System32\drivers\TsUsbFlt.sys [66560] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/08/13 00:10:51 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) – C:\WINDOWS\System32\drivers\TsUsbGD.sys [37888] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:04 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) – C:\WINDOWS\System32\drivers\tunnel.sys [129024] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Microsoft Uasp Driver.) – C:\WINDOWS\System32\drivers\uaspstor.sys [83816] =>.Microsoft®
            O58 - SDL:2021/10/13 02:41:37 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmCx.sys [160256] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [188416] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) – C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:03 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmUcsiCx.sys [113152] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - USB Controller Extension.) – C:\WINDOWS\System32\drivers\Ucx01000.sys [259896] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - “udecx.DRIVER”.) – C:\WINDOWS\System32\drivers\Udecx.sys [52736] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:09:51 A . (.Microsoft Corporation - UDF File System Driver.) – C:\WINDOWS\System32\drivers\udfs.sys [344064] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/11/08 20:18:23 A . (.Microsoft Corporation - USB Function Driver Class Extension.) – C:\WINDOWS\System32\drivers\ufx01000.sys [324432] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) – C:\WINDOWS\System32\drivers\ufxsynopsys.sys [168264] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Generic pass-through driver.) – C:\WINDOWS\System32\drivers\umpass.sys [15360] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) – C:\WINDOWS\System32\drivers\urscx01000.sys [76304] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\WINDOWS\System32\drivers\usb8023.sys [24064] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\WINDOWS\System32\drivers\usb80236.sys [24064] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/05/13 17:28:20 A . (.Microsoft Corporation - USB Audio Class Driver.) – C:\WINDOWS\System32\drivers\USBAUDIO.sys [205312] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) – C:\WINDOWS\System32\drivers\usbaudio2.sys [260608] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:41 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) – C:\WINDOWS\System32\drivers\USBCAMD2.sys [40448] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) – C:\WINDOWS\System32\drivers\usbccgp.sys [190800] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) – C:\WINDOWS\System32\drivers\usbcir.sys [107520] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Universal Serial Bus Driver.) – C:\WINDOWS\System32\drivers\usbd.sys [33080] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbehci.sys [86544] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Default Hub Driver for USB.) – C:\WINDOWS\System32\drivers\usbhub.sys [528184] =>.Microsoft®
            O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - USB3 HUB Driver.) – C:\WINDOWS\System32\drivers\USBHUB3.SYS [648016] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbohci.sys [30208] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:37 A . (…) – C:\WINDOWS\System32\drivers\UsbPmApi.sys [53248] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) – C:\WINDOWS\System32\drivers\usbport.sys [473400] =>.Microsoft®
            O58 - SDL:2022/07/14 22:42:42 A . (.Microsoft Corporation - USB Printer driver.) – C:\WINDOWS\System32\drivers\usbprint.sys [43008] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - USB Serial Driver.) – C:\WINDOWS\System32\drivers\usbser.sys [81408] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) – C:\WINDOWS\System32\drivers\USBSTOR.SYS [139624] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbuhci.sys [39424] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/07/14 22:42:42 A . (.Microsoft Corporation - USB XHCI Driver.) – C:\WINDOWS\System32\drivers\USBXHCI.SYS [624984] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) – C:\WINDOWS\System32\drivers\vdrvroot.sys [67384] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Driver Verifier Extension.) – C:\WINDOWS\System32\drivers\VerifierExt.sys [347448] =>.Microsoft®
            O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - VHD Miniport Driver.) – C:\WINDOWS\System32\drivers\vhdmp.sys [822096] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) – C:\WINDOWS\System32\drivers\vhf.sys [47616] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/01/14 23:10:43 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) – C:\WINDOWS\System32\drivers\Vid.sys [641352] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Video Port Driver.) – C:\WINDOWS\System32\drivers\videoprt.sys [47104] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:13 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) – C:\WINDOWS\System32\drivers\vmbkmcl.sys [120168] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) – C:\WINDOWS\System32\drivers\vmbus.sys [162128] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) – C:\WINDOWS\System32\drivers\VMBusHID.sys [36664] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) – C:\WINDOWS\System32\drivers\vmgencounter.sys [23864] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) – C:\WINDOWS\System32\drivers\vmgid.sys [19768] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) – C:\WINDOWS\System32\drivers\vms3cap.sys [18960] =>.Microsoft®
            O58 - SDL:2021/05/14 02:20:17 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) – C:\WINDOWS\System32\drivers\vmstorfl.sys [54080] =>.Microsoft®
            O58 - SDL:2022/07/14 22:42:42 A . (.Microsoft Corporation - Volume Manager Driver.) – C:\WINDOWS\System32\drivers\volmgr.sys [92000] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:37 A . (.Microsoft Corporation - Volume Manager Extension Driver.) – C:\WINDOWS\System32\drivers\volmgrx.sys [389432] =>.Microsoft®
            O58 - SDL:2021/02/19 21:36:54 A . (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\WINDOWS\System32\drivers\volsnap.sys [429880] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - Volume driver.) – C:\WINDOWS\System32\drivers\volume.sys [16696] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Virtual PCI Bus.) – C:\WINDOWS\System32\drivers\vpci.sys [95576] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166712] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305464] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:13 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) – C:\WINDOWS\System32\drivers\vwifibus.sys [29184] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/09/15 02:13:50 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) – C:\WINDOWS\System32\drivers\vwififlt.sys [77824] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:13 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\vwifimp.sys [50688] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) – C:\WINDOWS\System32\drivers\wacompen.sys [31232] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) – C:\WINDOWS\System32\drivers\wanarp.sys [93184] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/04/13 17:14:31 A . (.Microsoft Corporation - Watchdog Driver.) – C:\WINDOWS\System32\drivers\watchdog.sys [74752] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/11/09 18:05:46 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) – C:\WINDOWS\System32\drivers\wcifs.sys [202568] =>.Microsoft®
            O58 - SDL:2022/06/16 19:20:11 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) – C:\WINDOWS\System32\drivers\wcnfs.sys [93184] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:15 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) – C:\WINDOWS\System32\drivers\WdBoot.sys [46688] =>.Microsoft®
            O58 - SDL:2022/03/08 21:50:28 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) – C:\WINDOWS\System32\drivers\Wdf01000.sys [828240] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:15 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) – C:\WINDOWS\System32\drivers\WdFilter.sys [350136] =>.Microsoft®
            O58 - SDL:2021/08/13 00:11:04 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) – C:\WINDOWS\System32\drivers\WdfLdr.sys [59192] =>.Microsoft®
            O58 - SDL:2022/07/14 22:42:44 A . (.Microsoft Corporation - WDI Driver Framework Driver.) – C:\WINDOWS\System32\drivers\WdiWiFi.sys [967168] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:39 A . (.Microsoft Corporation - WDM Companion Filter.) – C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:16 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) – C:\WINDOWS\System32\drivers\WdNisDrv.sys [54200] =>.Microsoft®
            O58 - SDL:2021/11/09 12:51:04 A . (. - WebShield WFP Driver (WPP).) – C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) – C:\WINDOWS\System32\drivers\werkernel.sys [52024] =>.Microsoft®
            O58 - SDL:2022/09/15 18:17:34 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) – C:\WINDOWS\System32\drivers\wfplwfs.sys [181584] =>.Microsoft®
            O58 - SDL:2021/09/15 02:13:59 A . (.Microsoft Corporation - Wim file system Driver.) – C:\WINDOWS\System32\drivers\wimmount.sys [39760] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) – C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [76984] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) – C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [18920] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:51 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) – C:\WINDOWS\System32\drivers\winhv.sys [32784] =>.Microsoft®
            O58 - SDL:2019/12/07 05:09:33 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) – C:\WINDOWS\System32\drivers\winhvr.sys [96056] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [36152] =>.Microsoft®
            O58 - SDL:2022/03/08 21:50:16 A . (.Microsoft Corporation - Windows NAT Driver.) – C:\WINDOWS\System32\drivers\winnat.sys [261120] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) – C:\WINDOWS\System32\drivers\winusb.sys [107008] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [73016] =>.Microsoft®
            O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) – C:\WINDOWS\System32\drivers\wmiacpi.sys [19456] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) – C:\WINDOWS\System32\drivers\wmilib.sys [19472] =>.Microsoft®
            O58 - SDL:2021/04/13 17:14:37 A . (.Microsoft Corporation - Windows Overlay Filter.) – C:\WINDOWS\System32\drivers\wof.sys [234296] =>.Microsoft®
            O58 - SDL:2019/12/07 05:52:38 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) – C:\WINDOWS\System32\drivers\WpdUpFltr.sys [32568] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - WPP Trace Recorder.) – C:\WINDOWS\System32\drivers\WppRecorder.sys [43832] =>.Microsoft®
            O58 - SDL:2019/12/07 05:08:41 A . (.Microsoft Corporation - Winsock2 IFS Layer.) – C:\WINDOWS\System32\drivers\ws2ifsl.sys [25088] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFPf.sys [136192] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFRd.sys [315392] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - Game Input Protocol Driver.) – C:\WINDOWS\System32\drivers\xboxgip.sys [332288] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2021/12/15 22:39:08 A . (.Microsoft Corporation - XINPUT filter driver for HID.) – C:\WINDOWS\System32\drivers\xinputhid.sys [51712] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Xbox 360 Common Controller for Windows Driv.) – C:\WINDOWS\System32\drivers\xusb22.sys [102400] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/05/29 14:20:16 A . (…) – C:\WINDOWS\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd®
            O58 - SDL:2019/05/29 14:20:16 A . (…) – C:\WINDOWS\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd®
            O58 - SDL:2022/09/15 18:17:34 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\System32\win32k.sys [596992] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:32 A . (.Microsoft Corporation - Base Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kbase.sys [2892800] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:34 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kfull.sys [3813376] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2019/12/07 05:08:34 A . (.Microsoft Corporation - Win32k non session driver.) – C:\WINDOWS\System32\win32kns.sys [30208] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:42 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\SysWOW64\win32k.sys [329728] [Unsigned] =>.Microsoft Corporation
            O58 - SDL:2022/09/15 18:17:42 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\SysWOW64\win32kfull.sys [2752512] [Unsigned] =>.Microsoft Corporation
            
            —\ File Associations Shell Spawning (10) - 0s
            O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
            O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe [Unsigned] =>.Microsoft Corporation
            O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
            O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
            O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe [Unsigned] =>.Microsoft Corporation
            O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
            O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
            O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe “%1” %* =>.Default.Value
            O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe [Unsigned] =>.Microsoft Corporation
            O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S =>.Default.Value
            
            —\ Start Menu Internet (12) - 1s
            O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
            O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
            O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
            O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
            O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
            O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
            O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
            O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
            O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
            O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
            O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
            O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
            
            —\ Search Browser Infection (3) - 0s
            O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com
            O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
            O69 - SBI: SearchScopes [HKLM] [64Bits]{DCD4E047-FB67-439A-9FD5-732F5B759F32} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
            
            —\ Search Svchost Services (49) - 2s
            O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [302592] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [1335296] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [1054720] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [836608] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\System32\seclogon.dll [37376] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [160768] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [112640] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\System32\schedsvc.dll [814592] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [243712] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [487424] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [515072] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports.) – C:\Windows\System32\wercplsupport.dll [128000] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [2429440] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [333824] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) – C:\Windows\System32\MitigationClient.dll [487936] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Provides infrastructure support for deployi.) – C:\Windows\System32\LanguageOverlayServer.dll [436736] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManager.dll [223232] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1291264] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) – C:\Windows\System32\Windows.Internal.Management.dll [1015808] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows Management Service DLL.) – C:\Windows\System32\Windows.Management.Service.dll [854528] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\System32\themeservice.dll [70656] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\Windows\System32\usermgr.dll [1483264] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) – C:\Windows\System32\NetSetupSvc.dll [329216] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\Windows\System32\wlidsvc.dll [2244608] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) – C:\Windows\System32\TokenBroker.dll [1522176] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) – C:\Windows\System32\lfsvc.dll [48640] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) – C:\Windows\System32\NaturalAuth.dll [454656] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [111616] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [1053184] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [551936] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [77824] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [619008] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [316928] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [3405312] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [1481216] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [283136] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [58880] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) – C:\Windows\System32\flightsettings.dll [940480] =>.Microsoft®
            O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) – C:\Windows\System32\WpnService.dll [245248] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [217600] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1295360] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) – C:\Windows\System32\usosvc.dll [570368] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [72704] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\Windows\System32\NcaSvc.dll [171520] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1049088] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\Windows\System32\DeviceSetupManager.dll [288256] [Unsigned] =>.Microsoft Corporation
            O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [559616] [Unsigned] =>.Microsoft Corporation
            
            —\ Firewall Active Exception List (69) - 16s
            O87 - FAEL: “{6E37B903-1990-45E8-8B9B-9B4F14887C7F}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation®
            O87 - FAEL: “{180B0F10-47B1-4803-A848-212EC712A26E}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation®
            O87 - FAEL: “{DF57DF54-B162-46D9-AE83-D32CC9C8381C}” [In-None-P6-TRUE] .(.Valve Corporation - Steam.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve Corp.®
            O87 - FAEL: “{A4AA41BE-1CD4-4C90-B2BE-AF9A89FC0D5B}” [In-None-P17-TRUE] .(.Valve Corporation - Steam.) – C:\Program Files (x86)\Steam\Steam.exe =>.Valve Corp.®
            O87 - FAEL: “{77F5D1C0-4222-486F-B47E-43C4423A6AA4}” [In-None-P6-TRUE] .(.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.®
            O87 - FAEL: “{2974298D-457C-4D13-AECA-6AADAACDF824}” [In-None-P17-TRUE] .(.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.®
            O87 - FAEL: “TCP Query User{60184965-5FC1-4D5D-9634-7B8BD3529CC6}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe” [In-None-P6-TRUE] .(.Alderon Games Pty Ltd - Alderon Games Launcher.) – C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
            O87 - FAEL: “UDP Query User{BFD59198-8D4A-41AB-B376-5E45A38A6B48}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe” [In-None-P17-TRUE] .(.Alderon Games Pty Ltd - Alderon Games Launcher.) – C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
            O87 - FAEL: “{6660084E-A98F-43DE-9A66-17159679861D}” [In-None-P6-TRUE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) – C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe =>.Rockstar Games, Inc.®
            O87 - FAEL: “{029684B2-58A9-4189-A3E1-E3C8916B929E}” [In-None-P17-TRUE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) – C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe =>.Rockstar Games, Inc.®
            O87 - FAEL: “{B5B3E607-1103-4A87-ADD5-C4A36965EA87}” [In-None-P6-FALSE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) – C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe =>.Rockstar Games, Inc.®
            O87 - FAEL: “{CB889081-1F91-4807-AF4C-86B6217DEC34}” [In-None-P17-FALSE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) – C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe =>.Rockstar Games, Inc.®
            O87 - FAEL: “{1F48A2ED-4CD9-4E2D-B743-55531BA73F27}” [In-None-P6-TRUE] .(.CAPCOM CO., LTD. - MONSTER HUNTER STORIES 2: WINGS OF RUIN.) – C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe =>.CAPCOM CO., LTD.®
            O87 - FAEL: “{CDC17333-2257-42D0-82A4-0422D118A264}” [In-None-P17-TRUE] .(.CAPCOM CO., LTD. - MONSTER HUNTER STORIES 2: WINGS OF RUIN.) – C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe =>.CAPCOM CO., LTD.®
            O87 - FAEL: “{B86B12A5-DB44-486F-8182-7C002C1AC2E6}” [In-None-P6-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® MARVEL Super Heroes 2.) – C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe =>.Travellers Tales (UK) Limited®
            O87 - FAEL: “{E4CB1534-1338-4591-AE54-57AB67039E53}” [In-None-P17-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® MARVEL Super Heroes 2.) – C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe =>.Travellers Tales (UK) Limited®
            O87 - FAEL: “{3D8A4A90-A71D-4DC8-A759-C7CA7742E173}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{13808498-7FAB-4F4F-8203-1DEC16638678}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{4F330D3C-E0BE-4232-9164-7A4B3F7C9D63}” [In-None-P6-TRUE] .(.Ubisoft - South Park TFBW.) – C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe =>.UBISOFT ENTERTAINMENT INC.®
            O87 - FAEL: “{B32A6AC5-72FA-43AF-AFC4-0BC75F5C4FAE}” [In-None-P17-TRUE] .(.Ubisoft - South Park TFBW.) – C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe =>.UBISOFT ENTERTAINMENT INC.®
            O87 - FAEL: “TCP Query User{720BE36B-2681-48FA-83F9-1EA6624E5ED2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe” [In-None-P6-TRUE] .(.Epic Games, Inc. - EpicWebHelper.) – C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe =>.Epic Games Inc.®
            O87 - FAEL: “UDP Query User{347B0AF5-9315-402B-A155-7CB03E2A4619}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe” [In-None-P17-TRUE] .(.Epic Games, Inc. - EpicWebHelper.) – C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe =>.Epic Games Inc.®
            O87 - FAEL: “{51BADCFD-1524-4518-BCCB-69D995A1D84F}” [In-None-P6-TRUE] .(.Bethesda Softworks - The Elder Scrolls V: Skyrim Special Edition.) – C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe [Unsigned] =>.Bethesda Softworks
            O87 - FAEL: “{8CFAA129-AAFE-4A76-9B4D-2DEA4C8BA803}” [In-None-P17-TRUE] .(.Bethesda Softworks - The Elder Scrolls V: Skyrim Special Edition.) – C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe [Unsigned] =>.Bethesda Softworks
            O87 - FAEL: “{682F4526-223F-4FC9-8719-283C43AB8B5F}” [In-None-P6-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® Star Wars™: The Skywalker Saga.) – C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe {00A921C2866BA4737D}. =>.Warner Bros. Interactive Entertainment
            O87 - FAEL: “{15EFA912-F759-4408-981D-6C48184C0F4C}” [In-None-P17-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® Star Wars™: The Skywalker Saga.) – C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe {00A921C2866BA4737D}. =>.Warner Bros. Interactive Entertainment
            O87 - FAEL: “{02B17D0C-183C-4340-823A-E50770CD1F91}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe =>.CAPCOM CO., LTD.®
            O87 - FAEL: “{8BDAFFD8-17BC-47B9-B3BB-174DB92BC0C2}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe =>.CAPCOM CO., LTD.®
            O87 - FAEL: “{FA819B75-6D39-46AB-AB08-F066B9807149}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{EC087305-3C3C-4488-9195-E619082AD093}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{5EECE9BE-67AA-4277-B987-3E8F231D0717}” [In-None-P6-TRUE] .(.BANDAI NAMCO Entertainment Inc. - Tales of Arise.) – C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe [Unsigned] =>.BANDAI NAMCO Entertainment Inc.
            O87 - FAEL: “{47457C44-C99A-427B-98FD-55040C6BEE4E}” [In-None-P17-TRUE] .(.BANDAI NAMCO Entertainment Inc. - Tales of Arise.) – C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe [Unsigned] =>.BANDAI NAMCO Entertainment Inc.
            O87 - FAEL: “{A5C02843-87BF-487B-BDE5-76E91196E836}” [In-None-P6-TRUE] .(.Frontier Developments - Jurassic World Evolution 2.) – C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe [Unsigned] =>.Frontier Developments
            O87 - FAEL: “{0EA75AAF-9E68-4FC1-9465-D706535FB032}” [In-None-P17-TRUE] .(.Frontier Developments - Jurassic World Evolution 2.) – C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe [Unsigned] =>.Frontier Developments
            O87 - FAEL: “{BE517293-7031-44FD-B805-3B97D75291FA}” [In-None-P6-TRUE] .(.Tribute Games - Teenage Mutant Ninja Turtles: Shredder’s Re.) – C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe [Unsigned] =>.Tribute Games
            O87 - FAEL: “{6913F13B-21A9-4358-9D22-69B13A5988D1}” [In-None-P17-TRUE] .(.Tribute Games - Teenage Mutant Ninja Turtles: Shredder’s Re.) – C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe [Unsigned] =>.Tribute Games
            O87 - FAEL: “TCP Query User{428567E3-DCF1-43E0-823F-43E66C1172D4}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe” [In-None-P6-TRUE] .(.Gearbox - Tiny Tina’s Wonderlands.) – C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe {0960B84A46DE76DF04471DCD32C20C1A}.
            O87 - FAEL: “UDP Query User{EDD270BD-33A4-4D23-8911-54889952116D}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe” [In-None-P17-TRUE] .(.Gearbox - Tiny Tina’s Wonderlands.) – C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe {0960B84A46DE76DF04471DCD32C20C1A}.
            O87 - FAEL: “{C8317C52-81E8-4FD5-B32D-C14944E1E3E1}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{64496028-9971-4762-8A14-C32157367B0E}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{6015F536-33A1-403C-930F-BF55A56D18D1}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Let’s Build a Zoo\LetsBuildAZoo.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{DFA76206-F250-4D5C-9F49-0A553A618194}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Let’s Build a Zoo\LetsBuildAZoo.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{10D3F82E-CEED-43F4-9766-2ADC6D195A48}” [In-None-P6-TRUE] .(…) – C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe [Unsigned] (.not file.) =>.SUP.Orphan
            O87 - FAEL: “{62AFA97B-3BB9-4F2D-97B9-02E3E3490107}” [In-None-P17-TRUE] .(…) – C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe [Unsigned] (.not file.) =>.SUP.Orphan
            O87 - FAEL: “{93245947-A952-4E51-9D65-9ABB3938F054}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe {0D601DC6F2239F4FDDC08DB90E9578AC}. =>.Steam Games
            O87 - FAEL: “{DF332FDA-9AB0-4BC4-A268-023C44463508}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe {0D601DC6F2239F4FDDC08DB90E9578AC}. =>.Steam Games
            O87 - FAEL: “{AD711615-7501-4B5E-9A27-3A27DFD9D3E5}” [In-None-P6-TRUE] .(.Koch Media GmbH - Saints Row IV.) – C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe [Unsigned] =>.Koch Media GmbH
            O87 - FAEL: “{D1313D8E-590F-4F4F-AA41-103FFFF5AED5}” [In-None-P17-TRUE] .(.Koch Media GmbH - Saints Row IV.) – C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe [Unsigned] =>.Koch Media GmbH
            O87 - FAEL: “{936FC9E1-B2C1-4E30-AE6E-6CBFACE67DFA}” [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{529E0360-BABF-4472-BAFF-0F07128BD640}” [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe [Unsigned] =>.Steam Games
            O87 - FAEL: “{19CAC17B-DE11-4410-BED6-BD2693AA9235}” [In-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
            O87 - FAEL: “{BBB3C681-C329-402C-B61A-9F92B54A3A67}” [Out-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
            O87 - FAEL: “{DF9B3869-5C23-4DC0-908B-1AA54B3346AA}” [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
            O87 - FAEL: “{1C832D1B-A319-4A29-B3FB-AF6BACC689E2}” [Out-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
            O87 - FAEL: “{0AD633F6-50DF-469D-B9D5-2BF84E4D019B}” [In-None-P6-TRUE] .(.ArenaNet - Guild Wars 2 Game Client.) – C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe =>.ArenaNet, LLc®
            O87 - FAEL: “{0ADECEC3-2C6A-4FB8-A6D2-FC4DF229D2EC}” [In-None-P17-TRUE] .(.ArenaNet - Guild Wars 2 Game Client.) – C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe =>.ArenaNet, LLc®
            O87 - FAEL: “{8F191ED7-C474-4016-9ADD-813C4079DA1D}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{048ADAD1-EBF7-4451-87D5-58A42902BD7F}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{38CD2E10-BC28-4970-81B4-33376D6681D0}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{22F3941D-13D8-4824-9B47-208497D94795}” [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{E3ACFB0D-778A-438F-9FFF-46EB54557503}” [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{490BB848-5BBA-419A-B5B2-BD411176AFCB}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{800BB005-B0C0-424A-8EE6-FB9110D191C5}” [Out-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{541F2FD1-8AED-45DF-960C-F459F745C86F}” [Out-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
            O87 - FAEL: “{15889E70-0598-4D48-943A-BB6F6ABF9048}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation®
            O87 - FAEL: “{EDE2F5F5-BDBC-4A4C-95E5-12C3B608A9D5}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation®
            O87 - FAEL: “{B0A1F3D1-1D3E-4D69-A1DE-615737AE6711}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.Nvidia Corporation®
            O87 - FAEL: “{15C0EBE3-9C00-479B-AB2D-3A7220E7763E}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.Nvidia Corporation®
            O87 - FAEL: “{A0B6171D-FEE5-4D38-B1DE-AC2604078574}” [In-None-P17-TRUE] .(.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
            
            —\ Product Upgrade Codes (65) - 1s
            O90 - PUC: “1926E8D15D0BCE53481466615F760A7F” [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
            O90 - PUC: “19F99D6A930206544A67E1B859E4C007” [HKLM] . (.Intel(R) Management Engine Components.) =>.Intel Corporation
            O90 - PUC: “1af2a8da7e60d0b429d7e6453b3d0182” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>.bl.org
            O90 - PUC: “1D5E3C0FEDA1E123187686FED06E995A” [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
            O90 - PUC: “218A10D01A28F1845864E8829E678FFD” [HKLM] . (.Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334.) =>.Microsoft Corporation
            O90 - PUC: “21EE4A31AE32173319EEFE3BD6FDFFE3” [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
            O90 - PUC: “22BEFC8F7E2A1793E9ADB411DEFE1C58” [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
            O90 - PUC: “25DCF1B7B6F821F41A3463E13AF9E5C7” [HKLM] . (.Microsoft Update Health Tools.) =>.Microsoft Corporation
            O90 - PUC: “4271783F85A6C524E8C4A44539A56AF8” [HKLM] . (.Microsoft Windows Desktop Runtime - 3.1.8 (x64).) =>.Microsoft Corporation
            O90 - PUC: “469A3A563CD340100000026010912191” [HKLM] . (.Dokan Library 1.4.0.1000 (x64).) – C:\WINDOWS\Installer{65A3A964-3DC3-0104-0000-200601191219}\DokanIcon
            O90 - PUC: “46CBF11946C4F8B46A733B842336C868” [HKLM] . (.Minecraft Launcher.) – C:\WINDOWS\Installer{911FBC64-4C64-4B8F-A637-B34832638C86}\minecraft.ico =>.Microsoft Corporation
            O90 - PUC: “4EA42A62D9304AC4784BF2238130140F” [HKLM] . (.Java 8 Update 341.) – C:\Program Files (x86)\Java\jre1.8.0_341\bin\javaws.exe =>.Sun Microsystems
            O90 - PUC: “5282559C2FB74434AB193DDC644F4C14” [HKLM] . (.Intel(R) Trusted Connect Service Client x86.) =>.Intel Corporation
            O90 - PUC: “5282559C2FB74434AB193DDC644F4C24” [HKLM] . (.Intel(R) Trusted Connect Service Client x64.) =>.Intel Corporation
            O90 - PUC: “593FE484FDB8B714FA205377C7A5CF23” [HKLM] . (.Microsoft VC++ redistributables repacked..) =>.bl.org
            O90 - PUC: “5A48B219CC1680342B44C5432C0C8299” [HKLM] . (.Microsoft .NET Core Runtime - 3.1.8 (x64).) =>.Microsoft Corporation
            O90 - PUC: “62DBF9290209B993A9A757D1160F9B24” [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
            O90 - PUC: “67D6ECF5CD5FBA732B8B22BAC8DE1B4D” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161.) =>.bl.org
            O90 - PUC: “68959691EC52CA14C9F645976435DEAB” [HKLM] . (.Epic Online Services.) – C:\WINDOWS\Installer{19695986-25CE-41AC-9C6F-54794653EDBA}\Installer.ico
            O90 - PUC: “6E815EB96CCE9A53884E7857C57002F0” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
            O90 - PUC: “6E8D947A316B3EB3F8F540C548BE2AB9” [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
            O90 - PUC: “74F3F879A6EF8AC44B21A2840CBD50EA” [HKLM] . (.Python Launcher.) – C:\WINDOWS\Installer{978F3F47-FE6A-4CA8-B412-2A48C0DB05AE}\ARPIcon =>.Python
            O90 - PUC: “7C06097C2503F134299F06B93813A777” [HKLM] . (.Microsoft VC++ redistributables repacked..) =>.bl.org
            O90 - PUC: “7C9F8B73BF303523781852719CD9C700” [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
            O90 - PUC: “804C89766362C844A86C4F3E1401D272” [HKLM] . (.Windows PC Health Check.) – C:\WINDOWS\Installer{6798C408-2636-448C-8AC6-F4E341102D27}\ArpIcon.ico
            O90 - PUC: “87A0E709FD4B53E48987EF2E2FB28625” [HKLM] . (.Microsoft .NET Core Host FX Resolver - 3.1.8 (x64).) =>.Microsoft Corporation
            O90 - PUC: “8800A266DCF6DD54E97A86760485EA5D” [HKLM] . (.Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704.) =>.Microsoft Corporation
            O90 - PUC: “8A567BD6FA501A947AD1F646E53EEC14” [HKLM] . (.Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704.) =>.Microsoft Corporation
            O90 - PUC: “8CF94C41B9E392F458626226B9C53FB0” [HKLM] . (.Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334.) =>.Microsoft Corporation
            O90 - PUC: “93CC448C82CBAC642893F3738DEFA295” [HKLM] . (.Intel(R) Chipset Device Software.) =>.Intel Corporation
            O90 - PUC: “9AF6CD051229B5949BFBFE937DCBF4ED” [HKLM] . (.Intel(R) Management Engine Driver.) =>.Intel Corporation
            O90 - PUC: “9EFC6197D58D86E498E15D3A8C787BA3” [HKLM] . (.UE Prerequisites (x64).) – C:\WINDOWS\Installer{7916CFE9-D85D-4E68-891E-D5A3C887B73A}\Setup.ico =>.Legitimate
            O90 - PUC: “B81BE4D1EEF0E4444B1DF6C2BF3C366E” [HKLM] . (.Epic Games Launcher.) – C:\WINDOWS\Installer{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}\Installer.ico =>.Epic Games
            O90 - PUC: “C025571B2A687A53689168CD7369889B” [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
            O90 - PUC: “c1c4f01781cc94c4c8fb1542c0981a2a” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>.bl.org
            O90 - PUC: “C3AEB2FCAE628F23AAB933F1E743AB79” [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
            O90 - PUC: “D20352A90C039D93DBF6126ECE614057” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
            O90 - PUC: “D6EE573DFE819CE4280655D5BEE04ECE” [HKLM] . (.Microsoft .NET Core Host - 3.1.8 (x64).) =>.Microsoft Corporation
            O90 - PUC: “DC4C966DE35023C458C3F95CF33AF5DE” [HKLM] . (.Eclipse Temurin JDK with Hotspot 17+35 (x64).) – C:\WINDOWS\Installer{D669C4CD-053E-4C32-853C-9FC53FA35FED}\logo.ico =>.AnchorFree Inc.
            O90 - PUC: “DC8A59DBF9D1DA5389A1E3975220E6BB” [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
            O90 - PUC: “DDF4D1FB316663F4EA42DE3E7D3EC04F” [HKLM] . (.Intel(R) Management Engine Components.) =>.Intel Corporation
            O90 - PUC: “EFEE0228DC83E77358593193D847A0EC” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17.) =>.bl.org
            O90 - PUC: “F60730A4A66673047777F5728467D401” [HKLM] . (.Java Auto Updater.) =>.Sun Microsystems
            O90 - PUC: “0511549E87D5B5B47A7FC2D10EE1AA78” [HKCU] . (.Python 3.8.7 Executables (64-bit).) =>.bl.org
            O90 - PUC: “4329C30133C47A74AB371028FEEA1EEA” [HKCU] . (.Python 3.8.7 Core Interpreter (64-bit).) =>.Python
            O90 - PUC: “43CFC5B2D9FD1E647BA44A7D65AA728B” [HKCU] . (.Python 3.8.7 Development Libraries (64-bit).) =>.Python
            O90 - PUC: “467D15BAF652CFF4F900DF79EED8A44E” [HKCU] . (.Python 3.8.7 Documentation (64-bit).) =>.Python
            O90 - PUC: “5D51B55522D54DA4DA192D8D80D591F8” [HKCU] . (.Python 3.8.7 Utility Scripts (64-bit).) =>.Python
            O90 - PUC: “7912700F6FCFFB14D98338B2419522CD” [HKCU] . (.Paradox Launcher v2.) – %APPDATA%\Microsoft\Installer{F0072197-FCF6-41BF-9D38-832B145922DC}\ParadoxIcon
            O90 - PUC: “8A1F6DF90555FA64589072D10F7E865B” [HKCU] . (.Dual-Core Optimizer.) – %APPDATA%\Microsoft\Installer{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe =>.Legitimate
            O90 - PUC: “9E93480491A162C45BDDEEC793DA7F94” [HKCU] . (.Python 3.8.7 pip Bootstrap (64-bit).) =>.Python
            O90 - PUC: “B7BBEAF46A3E58E4D8C3D83D5CC3A7E4” [HKCU] . (.Python 3.8.7 Standard Library (64-bit).) =>.Python
            O90 - PUC: “E052E4D4200703B4DADCF4ECBBCC10B5” [HKCU] . (.Python 3.8.7 Tcl/Tk Support (64-bit).) =>.Python
            O90 - PUC: “ED65D1D46AF8903449F14F4BB13AA61A” [HKCU] . (.Python 3.8.7 Test Suite (64-bit).) =>.Python
            O90 - PUC: “0511549E87D5B5B47A7FC2D10EE1AA78” [HKU] . (.Python 3.8.7 Executables (64-bit).) =>.bl.org
            O90 - PUC: “4329C30133C47A74AB371028FEEA1EEA” [HKU] . (.Python 3.8.7 Core Interpreter (64-bit).) =>.Python
            O90 - PUC: “43CFC5B2D9FD1E647BA44A7D65AA728B” [HKU] . (.Python 3.8.7 Development Libraries (64-bit).) =>.Python
            O90 - PUC: “467D15BAF652CFF4F900DF79EED8A44E” [HKU] . (.Python 3.8.7 Documentation (64-bit).) =>.Python
            O90 - PUC: “5D51B55522D54DA4DA192D8D80D591F8” [HKU] . (.Python 3.8.7 Utility Scripts (64-bit).) =>.Python
            O90 - PUC: “7912700F6FCFFB14D98338B2419522CD” [HKU] . (.Paradox Launcher v2.) – %APPDATA%\Microsoft\Installer{F0072197-FCF6-41BF-9D38-832B145922DC}\ParadoxIcon
            O90 - PUC: “8A1F6DF90555FA64589072D10F7E865B” [HKU] . (.Dual-Core Optimizer.) – %APPDATA%\Microsoft\Installer{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe =>.Legitimate
            O90 - PUC: “9E93480491A162C45BDDEEC793DA7F94” [HKU] . (.Python 3.8.7 pip Bootstrap (64-bit).) =>.Python
            O90 - PUC: “B7BBEAF46A3E58E4D8C3D83D5CC3A7E4” [HKU] . (.Python 3.8.7 Standard Library (64-bit).) =>.Python
            O90 - PUC: “E052E4D4200703B4DADCF4ECBBCC10B5” [HKU] . (.Python 3.8.7 Tcl/Tk Support (64-bit).) =>.Python
            O90 - PUC: “ED65D1D46AF8903449F14F4BB13AA61A” [HKU] . (.Python 3.8.7 Test Suite (64-bit).) =>.Python
            
            —\ Windows Installer Scan (29) - 7s
            [MD5.F1D7C4CA034C2F9C10C474CFD3205C93] [WIS][2020/08/07 06:47:22] (.Paradox Interactive - Paradox Launcher v2.) – C:\WINDOWS\Installer\130ee459.msi [74158080] =>.Paradox Interactive
            [MD5.0E2D8C2788D0E33A7C909A3DDF36C3F4] [WIS][2020/12/21 19:11:38] (.Python Software Foundation - Python 3.8.7 Core Interpreter (64-bit).) – C:\WINDOWS\Installer\16c5203c.msi [1597440] =>.Python Software Foundation
            [MD5.A477E3E86CDA61BAD79B63A6DD67448B] [WIS][2020/12/21 19:12:00] (.Python Software Foundation - Python 3.8.7 Development Libraries (64-bit).) – C:\WINDOWS\Installer\16c52040.msi [282624] =>.Python Software Foundation
            [MD5.7FCB329FBF5A7843930A46792EE4C1E8] [WIS][2020/12/21 19:12:12] (.Python Software Foundation - Python 3.8.7 Executables (64-bit).) – C:\WINDOWS\Installer\16c52044.msi [516096] =>.Python Software Foundation
            [MD5.3D5BEB041FDA8A0B99C0CC6B4E1C41B0] [WIS][2020/12/21 19:12:42] (.Python Software Foundation - Python 3.8.7 Standard Library (64-bit).) – C:\WINDOWS\Installer\16c52048.msi [8224768] =>.Python Software Foundation
            [MD5.B4B5F208F955DD6A61A7C56D297BEA39] [WIS][2020/12/21 19:14:00] (.Python Software Foundation - Python 3.8.7 Test Suite (64-bit).) – C:\WINDOWS\Installer\16c5204c.msi [3469312] =>.Python Software Foundation
            [MD5.6FA3B79D702430457C346994595209E9] [WIS][2020/12/21 19:12:10] (.Python Software Foundation - Python 3.8.7 Documentation (64-bit).) – C:\WINDOWS\Installer\16c52050.msi [8568832] =>.Python Software Foundation
            [MD5.3932485A218B1F49EC374F99FF5E4796] [WIS][2020/12/21 19:14:08] (.Python Software Foundation - Python 3.8.7 Utility Scripts (64-bit).) – C:\WINDOWS\Installer\16c52054.msi [208896] =>.Python Software Foundation
            [MD5.1BD4CF494B6957DD8CC550D0FE1B1A03] [WIS][2020/12/21 19:13:36] (.Python Software Foundation - Python 3.8.7 Tcl/Tk Support (64-bit).) – C:\WINDOWS\Installer\16c52058.msi [3563520] =>.Python Software Foundation
            [MD5.16BFBA039A710278BD84E890D5145D4B] [WIS][2020/12/21 19:08:40] (.Python Software Foundation - Python Launcher.) – C:\WINDOWS\Installer\16c52061.msi [602112] =>.Python Software Foundation
            [MD5.13A4344875ECDE53876B37B4AFE9E44D] [WIS][2020/12/21 19:13:18] (.Python Software Foundation - Python 3.8.7 pip Bootstrap (64-bit).) – C:\WINDOWS\Installer\16c52065.msi [253952] =>.Python Software Foundation
            [MD5.A3EBB925E89DFFEFF8809ECAAA969A66] [WIS][2006/09/22 15:07:21] (.InstallShield Software Corporation - GAME.) – C:\WINDOWS\Installer\2d77062.msi [9166128] =>.InstallShield Software Corporation
            [MD5.A8E6C6AC9A6E6C61641102AC0D8FA351] [WIS][2018/01/31 21:56:24] (.Intel Corporation - Intel(R) Management Engine Driver.) – C:\WINDOWS\Installer\32bd7.msi [1433600] =>.Intel Corporation
            [MD5.2CD4160C0537C170A00F5F82DB6211EB] [WIS][2018/01/31 21:54:58] (.Intel Corporation - Intel(R) Management Engine Components.) – C:\WINDOWS\Installer\32bdb.msi [303104] =>.Intel Corporation
            [MD5.69AB3052E018BDA243F812214CB8D684] [WIS][2018/01/31 21:55:22] (.Intel Corporation - Microsoft VC++ redistributables repacked..) – C:\WINDOWS\Installer\32bdf.msi [12840960] =>.Intel Corporation
            [MD5.1C38353620A1E1209DB47BC4B05F5323] [WIS][2018/01/31 21:55:30] (.Intel Corporation - Microsoft VC++ redistributables repacked..) – C:\WINDOWS\Installer\32be3.msi [14307328] =>.Intel Corporation
            [MD5.ABC73900BF25A520EF874CE6908E8A05] [WIS][2018/01/31 21:56:12] (.Intel Corporation - Intel(R) Management Engine Components.) – C:\WINDOWS\Installer\32be7.msi [15622160] =>.Intel Corporation
            [MD5.2D818C2D5E817EC87A1CD952B0E35A0A] [WIS][2017/11/16 21:24:52] (.Intel Corporation - Intel(R) Trusted Connect Service Client x64.) – C:\WINDOWS\Installer\32beb.msi [3686400] =>.Intel Corporation
            [MD5.86C7E46126FABBB2ACAC9ED553423908] [WIS][2017/11/16 21:21:12] (.Intel Corporation - Intel(R) Trusted Connect Service Client x86.) – C:\WINDOWS\Installer\32bef.msi [8237056] =>.Intel Corporation
            [MD5.E4D544771E89C6C07E82BE840E7A82A5] [WIS][2020/06/01 20:50:58] (.Dokany Project - Dokan Library 1.4.0.1000 (x64).) – C:\WINDOWS\Installer\4cd487b8.msi [4497408] =>.Dokany Project
            [MD5.7FA9A6BA8688B9C459D125CE62C2CE17] [WIS][2020/05/22 09:02:57] (.Epic Games, Inc. - Epic Games Launcher.) – C:\WINDOWS\Installer\5e1d124.msi [44081152] =>.Epic Games, Inc.
            [MD5.2517299FA67020242316C30D31AE403B] [WIS][2022/07/14 13:42:41] (.Epic Games, Inc. - Epic Online Services.) – C:\WINDOWS\Installer\618247f.msi [114106368] =>.Epic Games, Inc.
            [MD5.DA6B08A4210B2DF28E791B5583FFE598] [WIS][2018/01/10 11:42:34] (.Intel Corporation - Intel(R) Chipset Device Software.) – C:\WINDOWS\Installer\991dc.msi [1933312] =>.Intel Corporation
            [MD5.D1722715C35C600D83DBC8DE4FDD5E0E] [WIS][2021/04/03 18:18:19] (.Mojang - Minecraft Launcher.) – C:\WINDOWS\Installer\a74f660.msi [2674688] =>.Mojang
            [MD5.6531E4A5373F1AB95BFC94510E323884] [WIS][2022/07/22 17:48:02] (.Oracle Corporation - Java SE Runtime Environment 8 Update 341.) – C:\WINDOWS\Installer\aa64ee3.msi [46469120] =>.Oracle Corporation
            [MD5.0F0D25C251EEDBED3B114E8FD529D457] [WIS][2022/07/22 17:47:58] (.Oracle Corporation - Java Auto Updater.) – C:\WINDOWS\Installer\aa64eec.msi [1040384] =>.Oracle Corporation
            [MD5.1A621582E26B3E086420558B391C1546] [WIS][2022/05/04 20:12:36] (.Epic Games, Inc. - UE Prerequisites (x64).) – C:\WINDOWS\Installer\cbf72a0.msi [11968512] =>.Epic Games, Inc.
            [MD5.A526F3740EE565B77C2C52321504FD5A] [WIS][2021/10/03 15:10:27] (.Eclipse Foundation - Eclipse Temurin Development Kit with Hotspo.) – C:\WINDOWS\Installer\e761642.msi [168548352] =>.Eclipse Foundation
            [MD5.AEF8C93404FB9BD11CCAEBD67FB21B9F] [WIS][2022/03/26 16:48:21] (.AMD - Dual-Core Optimizer.) – C:\WINDOWS\Installer\f1dd1f8.msi [1058304] =>.AMD
            
            —\ FEATURE CONTROL. (130) - 0s
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:mbam.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:mbamtray.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:OneDrive.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:eek:utlook.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:eek:utlook.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:presentationHost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
            [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
            
            —\ Observer Of Events (136) - 22s
            
            Application.Warning: ESENT (2)
            ~Numéro: 37940
            ~Date: 10/06/2022 05:28:27 AM
            ~ID: 636
            ~Description: %1 (%2) %3Flush map file “%4” will be deleted. Reason: %5.
            ~Suggestion: Aucune
            
            Application.Error: VSS (4)
            ~Numéro: 37923
            ~Date: 10/06/2022 05:27:16 AM
            ~ID: 8193
            ~Description: Volume Shadow Copy Service error: Unexpected error calling routine %1. hr = %2.
            ~Suggestion: Utiliser la procédure de reconstruction du VSS
            
            Application.Error: Application Error (71)
            ~Numéro: 37873
            ~Date: 10/05/2022 04:51:41 PM
            ~ID: 1000
            ~Description: Faulting application name: %1, version: %2, time stamp: 0x61e82da2 Faulting module name: %4, version: %5, time stamp: 0x58892bb7 Exception code: 0xc0000005 Fault offset: 0x00313278 Faulting process id: 0x2ff0 Faulting application start time: 0x01d8d8
            ~Suggestion: Réparer ou réinstaller l’application.
            
            Application.Error: Application Hang (10)
            ~Numéro: 37746
            ~Date: 10/04/2022 09:55:30 PM
            ~ID: 1002
            ~Description: The program %1 version %2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 4700 Start Time: 01d8d85c361f
            ~Suggestion: Essayer les commandes suivantes ipconfig /release et ipconfig / renew.
            
            Application.Error: .NET Runtime (12)
            ~Numéro: 37550
            ~Date: 10/02/2022 02:28:01 PM
            ~ID: 1023
            ~Description: Application: SecurityService.exeCoreCLR Version: 4.700.21.26205.NET Core Version: 3.1.16Description: The process was terminated due to an internal error in the .NET Runtime at IP 73A917FF (738E0000) with exit code c0000005.
            
            Application.Warning: Steam Client Service (18)
            ~Numéro: 37247
            ~Date: 09/28/2022 11:36:01 PM
            ~ID: 2
            ~Description: Warning: Updated file “SteamService.dll” from version 0x0007003400270039 to version 0x00070035005d003d.
            
            Application.Warning: Microsoft-Windows-WMI (6)
            ~Numéro: 36105
            ~Date: 09/16/2022 06:22:53 AM
            ~ID: 63
            ~Description: A provider, %1, has been registered in the Windows Management Instrumentation namespace %2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
            ~Suggestion: Généralement LocalSystem n’est pas nécessaire et le contexte de sécurité NetworkServiceHost est plus approprié.
            
            Application.Warning: Microsoft-Windows-System-Restore (1)
            ~Numéro: 35928
            ~Date: 09/15/2022 06:13:37 PM
            ~ID: 8303
            ~Description: Scoping unsuccessful for shadowcopy %1 with error %2.
            ~Suggestion: Exécuter la commande chkdsk / f
            
            System.Warning: DCOM (1386)
            ~Numéro: 65653
            ~Date: 10/06/2022 04:52:38 PM
            ~ID: 10016
            ~Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-Q1JOHSVsatchS-1-5-21-3795020384-2431542903-1114512080-1003LocalHost (Using LRPC)Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_ne
            ~Suggestion: Vérifier les autorisations pour l’accès DCOM
            
            System.Error: Service Control Manager (83)
            ~Numéro: 65634
            ~Date: 10/06/2022 04:46:32 PM
            ~ID: 7000
            ~Description: The %1 service failed to start due to the following error: %%2
            
            System.Warning: e1dexpress (17)
            ~Numéro: 65615
            ~Date: 10/06/2022 04:46:27 PM
            ~ID: 27
            ~Description: Intel(R) Ethernet Connection (7) I219-V
            ~Suggestion: Vérifier la Connection Ethernet
            
            System.Warning: disk (54)
            ~Numéro: 65613
            ~Date: 10/06/2022 04:46:26 PM
            ~ID: 158
            ~Description: Disk %2 has the same disk identifiers as one or more disks connected to the system. Go to Microsoft’s support website (http://support.microsoft.com) and search for KB2983588 to resolve the issue.
            ~Suggestion: Event ID 158 for identical disk GUIDs - Windows Client | Microsoft Learn
            
            System.Warning: Microsoft-Windows-WLAN-AutoConfig (22)
            ~Numéro: 65565
            ~Date: 10/06/2022 04:45:51 PM
            ~ID: 10002
            ~Description: WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll
            ~Suggestion: 1)Désactivez/Réactiver la connexion réseau sans fil. ou 2) Redémarrer le service WLAN AutoConfig
            
            System.Warning: BTHUSB (38)
            ~Numéro: 65537
            ~Date: 10/06/2022 06:26:22 AM
            ~ID: 3
            ~Description: A command sent to the adapter has timed out. The adapter did not respond.
            
            System.Warning: Microsoft-Windows-DNS-Client (121)
            ~Numéro: 65387
            ~Date: 10/05/2022 05:18:43 PM
            ~ID: 1014
            ~Description: Name resolution for the name %1 timed out after none of the configured DNS servers responded.
            ~Suggestion: Event ID 1014: Microsoft Windows DNS Client | Microsoft Learn
            
            System.Error: Application Popup (15)
            ~Numéro: 65385
            ~Date: 10/05/2022 04:56:09 PM
            ~ID: 1060
            ~Description: ??\C:\Users\satch\AppData\Local\Temp\ehdrv.sys
            
            System.Error: EventLog (10)
            ~Numéro: 65109
            ~Date: 10/04/2022 10:50:49 PM
            ~ID: 6008
            ~Description: The previous system shutdown at %1 on %2 was unexpected.
            
            System.Error: Microsoft-Windows-Kernel-Boot (8)
            ~Numéro: 65098
            ~Date: 10/04/2022 10:50:35 PM
            ~ID: 29
            ~Description: 3221225684A fatal error occurred processing the restoration data.
            
            System.Error: volsnap (2)
            ~Numéro: 65061
            ~Date: 10/03/2022 10:11:28 PM
            ~ID: 36
            ~Description: The shadow copies of volume %2 were aborted because the shadow copy storage could not grow due to a user imposed limit.
            
            System.Warning: avgntflt (14)
            ~Numéro: 64991
            ~Date: 10/02/2022 02:30:57 PM
            ~ID: 18
            ~Description: TIMEOUT<WerFault.exe> C:\Windows\SysWOW64\wbem\wbemdisp.dll
            
            System.Warning: Microsoft-Windows-NDIS (88)
            ~Numéro: 64906
            ~Date: 09/30/2022 05:40:49 PM
            ~ID: 10400
            ~Description: The network interface “%4” has begun resetting. There will be a momentary disruption in network connectivity while the hardware resets. Reason: %5. This network interface has reset %6 time(s) since it was last initialized.
            ~Suggestion: Vérifier la connexion à l’interface réseau
            
            System.Error: Netwtw04 (189)
            ~Numéro: 64905
            ~ID: 5007
            ~Description: 5007 - TX/CMD timeout (TfdQueue hanged)
            
            System.Warning: HidBth (12)
            ~Numéro: 64874
            ~Date: 09/30/2022 04:49:09 PM
            ~Description: Bluetooth HID device %2 either went out of range or became unresponsive.
            
            System.Error: Schannel (1)
            ~Numéro: 64426
            ~Date: 09/26/2022 01:53:24 AM
            ~ID: 4103
            ~Description: A fatal error occurred while creating a TLS %1 credential. The internal error state is %2.
            
            System.Error: Microsoft-Windows-WindowsUpdateClient (1)
            ~Numéro: 62025
            ~Date: 09/03/2022 09:56:25 AM
            ~ID: 20
            ~Description: Installation Failure: Windows failed to install the following update with error %1: %2.
            ~Suggestion: EventTracker KB --Event Id: 20 Source: Microsoft-Windows-WindowsUpdateClient
            
            —\ Additional Scan (O88) (543) - 13s
            HKLM\Software\Classes*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
            HKLM\Software\Classes\CLSID{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
            HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
            HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\009 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\011 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\014 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\017 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\018 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\022 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\023 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\024 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\025 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\026 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\027 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\028 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\029 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\030 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\031 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\032 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\033 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\034 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\035 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\036 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\037 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\038 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\040 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\041 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\042 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\043 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\044 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\045 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\046 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\047 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\048 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\049 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\050 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\051 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\052 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\053 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\054 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\055 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\056 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\057 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\058 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\059 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\060 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\061 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\062 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\063 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\064 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\065 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\066 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\067 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\068 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\069 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\070 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\071 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\072 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\073 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\074 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\075 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\076 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\077 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\078 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\079 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\080 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\081 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\082 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\083 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\084 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\085 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\086 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\087 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\088 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\089 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\090 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\091 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\092 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\093 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\094 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\095 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\096 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\097 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\098 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\099 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\100 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\101 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\102 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\103 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\104 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\105 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\106 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\107 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\108 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\110 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\111 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\112 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\113 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\114 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\115 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\116 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\117 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\118 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\119 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\120 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\121 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\122 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\123 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\124 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\125 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\126 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\127 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\128 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\129 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\130 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\131 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\132 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\133 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\134 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\135 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\136 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\137 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\138 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\139 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\140 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\141 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\142 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\143 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\144 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\145 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\146 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\147 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\148 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\149 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\150 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\151 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\152 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\153 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\154 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\155 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\156 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\157 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\158 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\159 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\160 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\161 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\162 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\163 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\164 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\165 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\166 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\167 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\168 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\169 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\170 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\171 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\172 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\173 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\174 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\175 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\176 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\177 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\178 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\179 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\180 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\181 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\182 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\183 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\184 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\185 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\186 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\187 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\188 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\189 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\190 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\191 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\192 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\193 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\194 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\195 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\196 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\197 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\198 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\199 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\200 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\201 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\202 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\203 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\204 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\205 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\206 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\207 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\208 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\209 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\210 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\211 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\212 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\213 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\214 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\215 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\216 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\217 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\218 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\219 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\220 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\221 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\222 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\223 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\224 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\225 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\226 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\227 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\228 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\229 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\230 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\231 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\232 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\233 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\234 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\235 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\236 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\237 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\238 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\239 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\240 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\241 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\242 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\243 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\244 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\245 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\246 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\247 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\248 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\249 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\250 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\251 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\252 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\253 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\254 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\255 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\256 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\257 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\258 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\259 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\260 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\261 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\262 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\263 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\264 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\265 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\266 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\267 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\268 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\269 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\270 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\271 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\272 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\273 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\274 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\275 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\276 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\277 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\278 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\279 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\280 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\281 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\282 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\283 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\285 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\286 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\287 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\288 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\289 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\290 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\291 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\292 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\293 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\294 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\295 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\296 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\297 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\298 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\299 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\300 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\301 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\302 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\303 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\304 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\305 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\306 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\308 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\309 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\310 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\311 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\312 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\313 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\314 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\315 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\316 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\317 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\318 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\319 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\320 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\321 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\322 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\323 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\324 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\325 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\326 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\327 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\328 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\329 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\330 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\331 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\332 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\333 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\334 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\335 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\336 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\337 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\338 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\339 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\340 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\341 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\342 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\343 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\344 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\345 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\346 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\347 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\348 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\349 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\350 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\351 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\352 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\353 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\354 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\355 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\356 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\357 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\358 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\359 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\360 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\361 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\362 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\363 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\364 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\365 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\366 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\367 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\368 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\369 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\370 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\371 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\372 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\373 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\374 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\375 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\376 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\377 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\378 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\379 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\380 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\381 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\382 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\383 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\384 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\385 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\386 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\387 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\388 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\389 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\390 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\391 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\392 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\393 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\394 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\395 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\396 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\397 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\398 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\399 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\400 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\401 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\402 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\403 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\404 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\405 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\406 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\407 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\408 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\409 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\410 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\411 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\412 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\413 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\414 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\415 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\416 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\417 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\418 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\419 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\420 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\421 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\422 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\423 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\424 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\425 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\426 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\427 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\428 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\429 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\430 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\431 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\432 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\433 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\434 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\435 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\436 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\437 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\438 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\439 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\440 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\441 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\442 =>.SUP.Temporary.Chrome
            C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins =>.SUP.Temporary.Chrome
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Star Traders Frontiers\StarTradersFrontiers.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\downloads\nut.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MiniTool Partition Wizard 11\partitionwizard.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\nut for tinfoil\nut.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man’s Sky\Binaries\NMS.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man’s Sky\Binaries\NMS.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\The beasts of 9500\The beasts of 9500.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\genshin impact\genshin impact game\genshinimpact.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe.FriendlyAppName =>.Unsigned
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Prehistoric Kingdom\Prehistoric Kingdom.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe =>.SUP.Discord
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.FriendlyAppName =>.SUP.Discord
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.ApplicationCompany =>.SUP.Discord
            [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe.FriendlyAppName =>.Unsigned
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Star Traders Frontiers\StarTradersFrontiers.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\downloads\nut.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MiniTool Partition Wizard 11\partitionwizard.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\nut for tinfoil\nut.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man’s Sky\Binaries\NMS.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man’s Sky\Binaries\NMS.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\The beasts of 9500\The beasts of 9500.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\genshin impact\genshin impact game\genshinimpact.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe.FriendlyAppName =>.Unsigned
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Prehistoric Kingdom\Prehistoric Kingdom.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.FriendlyAppName =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.ApplicationCompany =>.SUP.Orphan.MUICache
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.FriendlyAppName =>.SUP.Discord
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.ApplicationCompany =>.SUP.Discord
            [HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe.FriendlyAppName =>.Unsigned
            
            —\ Summary of the elements found (8) - 0s
            ZHPDiag et l'analyse S.M.A.R.T. des disques durs - ZAM => SMART Information
            Zone Anti-Malware - ZAM =>.SUP.Orphan
            Zone Anti-Malware - ZAM =>.SUP.Discord
            Zone Anti-Malware - ZAM =>Adware.CrossRider
            Zone Anti-Malware - ZAM =>Warning.EventLogApp
            Zone Anti-Malware - ZAM =>Warning.EventLogSys
            Zone Anti-Malware - ZAM =>.SUP.Temporary.Chrome
            Zone Anti-Malware - ZAM =>.SUP.Orphan.MUICache
            
            —\ Serial Number
            [00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [31/08/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [31/08/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll =>.Malwarebytes Inc.
            [00A657F778B31AE523D667131718D16EB2] [31/08/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe =>.Malwarebytes Inc.
            [00A921C2866BA4737D] [18/08/2022] (.TT Games Studios Limited.) - C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe =>.Not verified
            [00C079D009476C5C4C] [14/03/2022] (.Black Tree Gaming Limited.) - C:\Program Files\Black Tree Gaming Ltd\Vortex\Uninstall Vortex.exe =>.Not verified
            [00C079D009476C5C4C] [14/03/2022] (.Black Tree Gaming Limited.) - C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe =>.Not verified
            [0190971E99FF712E3CD4EF85086849EF] [04/07/2022] (.CAPCOM CO., LTD..) - C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe =>.CAPCOM CO., LTD.
            [0190971E99FF712E3CD4EF85086849EF] [28/09/2022] (.CAPCOM CO., LTD..) - C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe =>.CAPCOM CO., LTD.
            [01993E38970DE6088DE6B6CB39BBEE24] [12/09/2022] (.Cisco WebEx LLC.) - C:\Users\satch\AppData\Local\Discord\app-1.0.9006\modules\discord_voice-2\discord_voice\openh264-2.2.0-win32.dll =>.Cisco WebEx LLC
            [01E20D5BE0B5190B1DBFDE9BEF380D9A] [12/09/2022] (.Discord Inc..) - C:\Users\satch\AppData\Local\Discord\app-1.0.9006\modules\discord_voice-2\discord_voice\capture_helper.exe =>.SUP.Discord
            [01E20D5BE0B5190B1DBFDE9BEF380D9A] [12/09/2022] (.Discord Inc..) - C:\Users\satch\AppData\Local\Discord\app-1.0.9006\modules\discord_voice-2\discord_voice\mediapipe.dll =>.SUP.Discord
            [0320BE3EB866526927F999B97B04346E] [28/02/2018] (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe =>.Realtek Semiconductor Corp.
            [033ED5EDA065D1B8C91DFCF92A6C9BD8] [17/02/2021] (.Python Software Foundation.) - C:\Users\satch\AppData\Local\Package Cache{a32da68d-eab0-48d8-947e-8187f9630441}\python-3.8.7-amd64.exe =>.Python Software Foundation
            [034A447570D970982409EBB3DA98B69D] [14/09/2021] (.Eclipse.org Foundation, Inc..) - C:\Program Files\Eclipse Foundation\jdk-17.0.0.35-hotspot\bin\jabswitch.exe =>.Not verified
            [034A447570D970982409EBB3DA98B69D] [14/09/2021] (.Eclipse.org Foundation, Inc..) - C:\Program Files\Eclipse Foundation\jdk-17.0.0.35-hotspot\bin\javaw.exe =>.Not verified
            [03AE8F49A5CF5213A20ED85DA16310B9] [28/07/2022] (.Alderon Games Canada Corporation.) - C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe =>.Not verified
            [03AE8F49A5CF5213A20ED85DA16310B9] [28/07/2022] (.Alderon Games Canada Corporation.) - C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Uninstall Alderon Games Launcher.exe =>.Not verified
            [045D9B6716C516EF45A1216DFD9F3060] [12/09/2019] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.
            [05101D15D8F858EE5327DC9BF4B5E60B] [27/09/2021] (.Realtek Semiconductor Corp..) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe =>.Realtek Semiconductor Corp.
            [055100FDBCB3E2F470A627F03FCFE5B8] [13/07/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys =>.Nvidia Corporation
            [05B9E5C73998821D2E591A368995B191] [01/06/2020] (.ADAPP SASU.) - C:\Program Files\Dokan\Dokan Library-1.4.0\dokanctl.exe =>.Not verified
            [05B9E5C73998821D2E591A368995B191] [01/06/2020] (.ADAPP SASU.) - C:\WINDOWS\System32\DRIVERS\dokan1.sys =>.Not verified
            [05B9E5C73998821D2E591A368995B191] [24/12/2020] (.ADAPP SASU.) - C:\ProgramData\Package Cache{97cfdb6c-2faa-43ba-afbc-469e01845e99}\DokanSetup.exe =>.Not verified
            [05E6110CFCCFAF76] [03/10/2021] (.Travellers Tales (UK) Limited.) - C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe =>.Travellers Tales (UK) Limited
            [05F97D054A9BFCBF9D5E12F8D0ABBE07] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\edls_64.dll =>.ESET, spol. s r.o.
            [05F97D054A9BFCBF9D5E12F8D0ABBE07] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em002_64.dll =>.ESET, spol. s r.o.
            [05F97D054A9BFCBF9D5E12F8D0ABBE07] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em003_64.dll =>.ESET, spol. s r.o.
            [0689B3BCEB4409890A32D71976B132A4] [27/09/2022] (.Valve Corp..) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve Corp.
            [0689B3BCEB4409890A32D71976B132A4] [27/09/2022] (.Valve Corp..) - C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.
            [0689B3BCEB4409890A32D71976B132A4] [27/09/2022] (.Valve Corp..) - C:\Program Files (x86)\Steam\steam.exe =>.Valve Corp.
            [068BE2F53452C882F18ED41A5DD4E7A3] [16/06/2022] (.Oracle America, Inc..) - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.
            [06AEA76BAC46A9E8CFE6D29E45AAF033] [29/08/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe =>.Google LLC
            [06AEA76BAC46A9E8CFE6D29E45AAF033] [29/08/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe =>.Google LLC
            [0751A21B29586708685BB12FFCC97D05] [09/08/2022] (.Electronic Arts, Inc..) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Not verified
            [0751A21B29586708685BB12FFCC97D05] [09/08/2022] (.Electronic Arts, Inc..) - C:\Program Files (x86)\Origin\OriginUninstall.exe =>.Not verified
            [0751A21B29586708685BB12FFCC97D05] [09/08/2022] (.Electronic Arts, Inc..) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe =>.Not verified
            [07C70F7CAB145BC1ED385FBE69FA3130] [24/08/2021] (.AVAST Software s.r.o..) - C:\WINDOWS\System32\drivers\aswTap.sys =>.AVAST Software s.r.o.
            [0800EE4ED1A959CC9887E905AD662BFE] [01/03/2022] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [04/08/2022] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [07/09/2022] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [12/09/2022] (.Nvidia Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [15/07/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nv3dappshext.dll =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvlddmkm.sys =>.Nvidia Corporation
            [0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvshext.dll =>.Nvidia Corporation
            [084CAF4DF499141D404B7199AA2C2131] [21/05/2018] (.Valve.) - C:\Program Files (x86)\Steam\uninstall.exe =>.Valve
            [094DC9C3B9D09B4F1D07FA327100E5D5] [09/06/2021] (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.
            [0960B84A46DE76DF04471DCD32C20C1A] [29/09/2022] (.Gearbox Software, L.L.C..) - C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe =>.Not verified
            [0A7EE3E63C26B444D53EC4B19A29615E] [04/10/2022] (.ArenaNet, LLc.) - C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe =>.ArenaNet, LLc
            [0BFCFAC08E216A1C1FDAA6B77BB2D66E] [01/04/2021] (.Realtek Semiconductor Corp..) - C:\Windows\RtkBtManServ.exe =>.Realtek Semiconductor Corp.
            [0BFCFAC08E216A1C1FDAA6B77BB2D66E] [01/04/2021] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RtkBtfilter.sys =>.Realtek Semiconductor Corp.
            [0D2CACCD3E9EEC06738410BA31BF6595] [09/06/2020] (.Adobe Inc..) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Inc.
            [0D601DC6F2239F4FDDC08DB90E9578AC] [18/08/2022] (.PROXIMA BETA PTE. LIMITED.) - C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe =>.Not verified
            [0DFE7BA482F076DB90BCC22B2C487CBD] [11/07/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe =>.Epic Games Inc.
            [0DFE7BA482F076DB90BCC22B2C487CBD] [26/06/2022] (.Epic Games Inc..) - C:\ProgramData\Package Cache{284a69a5-9805-4ad5-98ac-173e9f776e0f}\UEPrereqSetup_x64.exe =>.Epic Games Inc.
            [0DFE7BA482F076DB90BCC22B2C487CBD] [28/09/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe =>.Epic Games Inc.
            [0DFE7BA482F076DB90BCC22B2C487CBD] [28/09/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe =>.Epic Games Inc.
            [0DFE7BA482F076DB90BCC22B2C487CBD] [28/09/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe =>.Epic Games Inc.
            [0E4418E2DEDE36DD2974C3443AFB5CE5] [05/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\elevation_service.exe =>.Google LLC
            [0E4418E2DEDE36DD2974C3443AFB5CE5] [05/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
            [0E4418E2DEDE36DD2974C3443AFB5CE5] [06/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe =>.Google LLC
            [0E4418E2DEDE36DD2974C3443AFB5CE5] [06/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\setup.exe =>.Google LLC
            [0E4418E2DEDE36DD2974C3443AFB5CE5] [19/09/2022] (.Google LLC.) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\software_reporter_tool.exe =>.Google LLC
            [0E9ADC2716DC2E59463C0A8A51BE66D7] [30/04/2018] (.Travis Lee Robinson.) - C:\WINDOWS\System32\drivers\libusbK.sys =>.Travis Lee Robinson
            [0F316A214F60D59DC921AEB9685136CC] [17/07/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuard64.exe =>.Not verified
            [0F316A214F60D59DC921AEB9685136CC] [17/07/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe =>.Not verified
            [0F316A214F60D59DC921AEB9685136CC] [23/09/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\WINDOWS\system32\drivers\ACE-BASE.sys =>.Not verified
            [0F316A214F60D59DC921AEB9685136CC] [23/09/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\WINDOWS\system32\drivers\ACE-GAME.sys =>.Not verified
            [0F65F4572517CBCCAA8B3776580A8D3D] [05/10/2021] (.Rockstar Games, Inc..) - C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe =>.Rockstar Games, Inc.
            [0F65F4572517CBCCAA8B3776580A8D3D] [05/10/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe =>.Rockstar Games, Inc.
            [0F65F4572517CBCCAA8B3776580A8D3D] [05/10/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe =>.Rockstar Games, Inc.
            [0F65F4572517CBCCAA8B3776580A8D3D] [25/11/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe =>.Rockstar Games, Inc.
            [0F65F4572517CBCCAA8B3776580A8D3D] [25/11/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Launcher\uninstall.exe =>.Rockstar Games, Inc.
            [0F6C9450E4E7F91B4C42CCCA2297B12F] [28/09/2022] (.Spotify AB.) - C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe =>.Spotify AB
            [1044F31AE1F93A0BB95F19AB9FAAC6BB] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em000_64.dll =>.ESET, spol. s r.o.
            [1121CB5D7302C7544C0407CB59FFDE7FB180] [29/05/2019] (.MiniTool Solution Ltd.) - C:\WINDOWS\System32\pwdrvio.sys =>.MiniTool Solution Ltd
            [1121CB5D7302C7544C0407CB59FFDE7FB180] [29/05/2019] (.MiniTool Solution Ltd.) - C:\Windows\system32\pwdspio.sys =>.MiniTool Solution Ltd
            [1201DB4C3B232ABA43B1B557] [25/07/2022] (.Mega Limited.) - C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited
            [1201DB4C3B232ABA43B1B557] [25/07/2022] (.Mega Limited.) - C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll =>.Mega Limited
            [1201DB4C3B232ABA43B1B557] [25/07/2022] (.Mega Limited.) - C:\Users\satch\AppData\Local\MEGAsync\uninst.exe =>.Mega Limited
            [14781BC862E8DC503A559346F5DCC518] [18/03/2019] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstusb.sys =>.NVIDIA Corporation
            [14F8FDD167F92402B1570B5DC495C815] [05/07/2019] (.Google Inc.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
            [17DF1E696D347A2530B48532] [16/07/2019] (.AVB Disc Soft, SIA.) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys =>.AVB Disc Soft, SIA
            [17DF1E696D347A2530B48532] [16/07/2019] (.AVB Disc Soft, SIA.) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys =>.AVB Disc Soft, SIA
            [26504E0645C8DDDC8C28CC15] [27/02/2022] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe =>.EasyAntiCheat Oy
            [266D333EDE17A8B472053E4FA3934572] [25/12/2021] (.AVG Technologies CZ, s.r.o..) - C:\WINDOWS\System32\drivers\lpsport.sys =>.AVG Technologies CZ, s.r.o.
            [32BF4351F36EC352F398A1A70598DE81] [16/01/2022] (.UBISOFT ENTERTAINMENT INC..) - C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe =>.UBISOFT ENTERTAINMENT INC.
            [330000029B1302828FF3904ED200000000029B] [14/09/2022] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl
            [36336D836A19E244FF0E52882EB5B1DE] [05/07/2019] (.Creative Labs Inc.) - C:\Program Files (x86)\OpenAL\oalinst.exe =>.Creative Labs Inc
            [54CCA67C86AD2DDFBB5CE4D41DC7A3E2] [22/05/2020] (.Epic Games Inc..) - C:\ProgramData\Package Cache{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe =>.Epic Games Inc.
            [56000001475EA46CCAEF0B7481000000000147] [30/03/2019] (.Intel(R) Trust Services.) - C:\ProgramData\Package Cache{66129f84-d3f0-4884-ac54-369ae6fc2cf6}\iclsClientInstaller.exe =>.Intel(R) Trust Services
            [56000001757376CD78AD000C9A000000000175] [04/06/2018] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\WINDOWS\System32\drivers\ICCWDT.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group
            [56000001757376CD78AD000C9A000000000175] [31/01/2018] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group
            [56000002143D5BA1B4E496B7C1000000000214] [30/03/2019] (.Intel(R) Software and Firmware Products.) - C:\ProgramData\Package Cache{55d73ea7-6354-42db-8831-02d048ae57f8}\SetupChipset.exe =>.Intel(R) Software and Firmware Products
            [560000077B478C76C9AFCAFCAF00000000077B] [24/04/2020] (.Intel(R) INTELND1820.) - C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_f6c146a8872514f7\e1d68x64.sys =>.Intel(R) INTELND1820
            [560000082B1E36C56B00276A8A00000000082B] [15/10/2020] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_6557ea4289534d04\x64\TeeDriverW10x64.sys =>.Intel(R) Embedded Subsystems and IP Blocks Group
            [560000089D2953A788A5B8886900000000089D] [24/01/2019] (.Intel(R) Wireless Connectivity Solutions.) - C:\WINDOWS\System32\drivers\ibtusb.sys =>.Intel(R) Wireless Connectivity Solutions
            [5600000BF5F350B283A372355D000000000BF5] [10/07/2020] (.Intel(R) Wireless Connectivity Solutions.) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4d9e3f3539995c76\ibtusb.sys =>.Intel(R) Wireless Connectivity Solutions
            [5600000C970A207F2C4F00043D000000000C97] [16/06/2021] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe =>.Intel(R) Embedded Subsystems and IP Blocks Group
            [62E745E92165213C971F5C490AEA12A5] [03/12/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys =>.NVIDIA Corporation
            [62E745E92165213C971F5C490AEA12A5] [12/04/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys =>.NVIDIA Corporation
            [6385A608FBD858EB4471A022CCE76B8F] [18/10/2019] (.McAfee, Inc..) - C:\WINDOWS\System32\drivers\tap0901.sys =>.McAfee, Inc.
            [65628C146ACE93037FC58659F14BD35F] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em001_64.dll =>.ESET, spol. s r.o.
            [65628C146ACE93037FC58659F14BD35F] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em004_64.dll =>.ESET, spol. s r.o.
            [65628C146ACE93037FC58659F14BD35F] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em005_64.dll =>.ESET, spol. s r.o.
            [65628C146ACE93037FC58659F14BD35F] [05/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe =>.ESET, spol. s r.o.
            [65628C146ACE93037FC58659F14BD35F] [05/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\sciter-x.dll =>.ESET, spol. s r.o.
            [71E68684F7A885A24ABF921CBBF4E0C3] [21/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys =>.NVIDIA Corporation
            [722A666775DC480EA2B841413D7B8765] [29/01/2022] (.Ubisoft Entertainment Sweden AB.) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe =>.Ubisoft Entertainment Sweden AB
            [75B5499C96D676A5FAE2656B351E1FD6] [11/11/2020] (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys =>.Samsung Electronics Co., Ltd.
            [7625A59EA40A7E7B913F910723328E26] [25/06/2020] (.win.rar GmbH.) - C:\Program Files\WinRAR\Rar.exe =>.win.rar GmbH
            [7625A59EA40A7E7B913F910723328E26] [25/06/2020] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH
            [7625A59EA40A7E7B913F910723328E26] [25/06/2020] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe =>.win.rar GmbH
            [76BA9423DDBCE7B145A95F01EE015F17] [09/11/2021] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avgntflt.sys =>.Avira Operations GmbH & Co. KG
            [76BA9423DDBCE7B145A95F01EE015F17] [09/11/2021] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys =>.Avira Operations GmbH & Co. KG
            [76BA9423DDBCE7B145A95F01EE015F17] [09/11/2021] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avkmgr.sys =>.Avira Operations GmbH & Co. KG
            
            ~ Unselected Options: WR,
            ~ End of the scan, 10435 items in 02mn57s (3074)(0)

            Comment

            • Malnutrition
              PCHF Moderator
              • Jul 2016
              • 7045

              #7
              Adobe Flash Player is no longer supported and is a security risk.
              [ul]
              [li]Download Adobe Flash Player Uninstaller and save it to your Desktop[/li][li]Right click on the icon and select Run as administrator[/li][li]Click Uninstall then Done to reboot your computer[/li][/ul]


              FRST Fix.

              Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.



              Now please post Fresh FRST and Addition.txt logs, also let me know if defender starts now and how the machine is performing.

              Comment

              • Rum_Ham
                PCHF Member
                • Oct 2022
                • 8

                #8
                Ok so shortly after my last post I downloaded AVIRA for an antivirus and things seemed to be working fine actually. As far as I could tell anyway.

                Then I went ahead and did the FRST fix and I have posted the log below.

                After that. I checked Defender and it indeed does allow me to run it now, with an option for running it simultaneously with Avira.

                Is Avira useless and should stick with Defender, run them both, or is it in fact a good replacement to run alone without Defender at all? Anyhow I’ll get back to reply tomorrow after work, I appreciate the help with everything.

                Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2022
                [HEADING=1]
                Code:
                Ran by satch (06-10-2022 21:25:04) Run:2
                Running from C:\Users\satch\OneDrive\Desktop
                Loaded Profiles: satch
                Boot Mode: Normal[/HEADING]
                fixlist content:
                [HR][/HR]
                Start::
                CloseProcesses:
                SystemRestore: On
                CreateRestorePoint:
                RemoveProxy:
                HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
                HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
                C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe
                DeleteKey: HKCU\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71
                DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f7
                C:\WINDOWS\System32\DRIVERS\avgntflt.sys
                C:\WINDOWS\System32\drivers\aswTap.sys
                DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastUI.exe
                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|Avast SecureLine VPN.lnk
                DeleteKey: HKLM\SOFTWARE\AVAST Software
                DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software
                DeleteKey: HKCU\SOFTWARE\Avast Software
                DeleteKey: HKCU\SOFTWARE\Browser Cleanup
                DeleteKey: HKU.DEFAULT\SOFTWARE\AVAST Software
                DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Avast Software
                DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Browser Cleanup
                C:\Program Files (x86)\AVAST Software
                C:\ProgramData\AVAST Software
                C:\Users\satch\AppData\Local\AVAST Software
                C:\WINDOWS\System32\drivers\aswTap.sys
                C:\Program Files\AVAST Software
                C:\WINDOWS\System32\DRIVERS\avgntflt.sys
                C:\WINDOWS\System32\DRIVERS\avipbb.sys
                C:\WINDOWS\System32\DRIVERS\avkmgr.sys
                C:\WINDOWS\System32\drivers\avgntflt.sys
                C:\WINDOWS\System32\drivers\avipbb.sys
                C:\WINDOWS\System32\drivers\avkmgr.sys
                C:\WINDOWS\System32\DRIVERS\avgntflt.sys
                C:\WINDOWS\System32\DRIVERS\avipbb.sys
                C:\WINDOWS\System32\DRIVERS\avkmgr.sys
                C:\WINDOWS\System32\drivers\lpsport.sys
                DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent
                C:\ProgramData\TotalAv
                C:\ProgramData\Avira
                C:\WINDOWS\system32\drivers\etc\hosts
                Hosts:
                C:\Program Files (x86)\TotalAV
                C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner
                DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Discord
                DeleteValue: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|utweb
                DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastUI.exe
                DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SunJavaUpdateSched
                DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|Avast SecureLine VPN.lnk
                DeleteKey: HKLM\SOFTWARE\WOW6432Node\Eset
                DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan Plus.lnk
                DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee
                DeleteKey: HKLM\SOFTWARE\WOW6432Node\mcafeeupdater
                DeleteKey: HKCU\SOFTWARE\McAfee
                DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\McAfee
                C:\ProgramData\McAfee
                C:\WINDOWS\System32\drivers\tap0901.sys
                DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent
                C:\Users\satch\AppData\Local\BitTorrentHelper
                C:\WINDOWS\System32\drivers\webshieldfilter.sys
                C:\WINDOWS\System32\drivers\tap0901.sys
                cmd: del /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory*."
                cmd: del /s /q “C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service*.log”
                cmd: del /s /q “C:\ProgramData\Microsoft\Windows Defender\support*.log”
                startpowershell:
                Set-MpPreference -DisableAutoExclusions $true -Force
                set-mppreference -mapsreporting basic -Force
                set-mppreference -DisableRealtimeMonitoring $false -Force
                set-mppreference -DisablePrivacyMode $true -Force
                set-mppreference -DisableIOAVProtection $false -Force
                set-mppreference -CheckForSignaturesBeforeRunningScan $true -Force
                set-mppreference -PUAProtection enabled -Force
                Update-MpSignature
                Get-MpComputerStatus
                get-mppreference
                endpowershell:
                CMD: netsh advfirewall reset
                CMD: netsh advfirewall set allprofiles state ON
                CMD: ipconfig /flushdns
                CMD: netsh winsock reset catalog
                CMD: netsh int ip reset c:\resetlog.txt
                CMD: ipconfig /release
                CMD: ipconfig /renew
                CMD: netsh int ipv4 reset
                CMD: netsh int ipv6 reset
                C:\Windows\Temp*.
                C:\WINDOWS\system32*.tmp
                C:\WINDOWS\syswow64*.tmp
                CMD: “%WINDIR%\SYSTEM32\lodctr.exe” /R
                CMD: “%WINDIR%\SysWOW64\lodctr.exe” /R
                CMD: “C:\Windows\SysWOW64\lodctr.exe” /R
                CMD: “C:\Windows\SYSTEM32\lodctr.exe” /R
                cmd: DISM.exe /Online /Cleanup-image /Scanhealth
                cmd: DISM.exe /Online /Cleanup-image /Restorehealth
                CMD: fltmc instances
                CMD: del /s /q C:\Windows\SoftwareDistribution\download*.*
                CMD: del /s /q “%userprofile%\AppData\Local\temp*.*”
                EmptyTemp:
                CMD: ipconfig /flushdns
                Reboot:
                End::
                [HR][/HR]
                Processes closed successfully.
                SystemRestore: On => completed
                Restore point was successfully created.
                
                ========= RemoveProxy: =========
                
                “HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => removed successfully
                “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => removed successfully
                “HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” => removed successfully
                
                ========= End of RemoveProxy: =========
                
                HKLM\SOFTWARE\Microsoft\Windows Defender\“DisableAntiSpyware”=“0” => value restored successfully
                HKLM\SOFTWARE\Microsoft\Windows Defender\“DisableAntiVirus”=“0” => value restored successfully
                “C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe” => not found
                HKCU\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71 => removed successfully
                HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f7 => not found
                C:\WINDOWS\System32\DRIVERS\avgntflt.sys => moved successfully
                C:\WINDOWS\System32\drivers\aswTap.sys => moved successfully
                “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\AvastUI.exe” => removed successfully
                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|Avast SecureLine VPN.lnk => Error: No automatic fix found for this entry.
                HKLM\SOFTWARE\AVAST Software => removed successfully
                RegLink Found. Source: “” => Target: “HKLM\SOFTWARE\Avast Software”
                “HKLM\SOFTWARE\WOW6432Node\Avast Software” => removed successfully
                HKCU\SOFTWARE\Avast Software => removed successfully
                HKCU\SOFTWARE\Browser Cleanup => removed successfully
                HKU.DEFAULT\SOFTWARE\AVAST Software => removed successfully
                HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Avast Software => not found
                HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Browser Cleanup => not found
                C:\Program Files (x86)\AVAST Software => moved successfully
                C:\ProgramData\AVAST Software => moved successfully
                C:\Users\satch\AppData\Local\AVAST Software => moved successfully
                “C:\WINDOWS\System32\drivers\aswTap.sys” => not found
                “C:\Program Files\AVAST Software” => not found
                “C:\WINDOWS\System32\DRIVERS\avgntflt.sys” => not found
                C:\WINDOWS\System32\DRIVERS\avipbb.sys => moved successfully
                C:\WINDOWS\System32\DRIVERS\avkmgr.sys => moved successfully
                “C:\WINDOWS\System32\drivers\avgntflt.sys” => not found
                “C:\WINDOWS\System32\drivers\avipbb.sys” => not found
                “C:\WINDOWS\System32\drivers\avkmgr.sys” => not found
                “C:\WINDOWS\System32\DRIVERS\avgntflt.sys” => not found
                “C:\WINDOWS\System32\DRIVERS\avipbb.sys” => not found
                “C:\WINDOWS\System32\DRIVERS\avkmgr.sys” => not found
                C:\WINDOWS\System32\drivers\lpsport.sys => moved successfully
                HKLM\SOFTWARE\WOW6432Node\Tencent => removed successfully
                “C:\ProgramData\TotalAv” => not found
                
                “C:\ProgramData\Avira” folder move:
                
                Could not move “C:\ProgramData\Avira” => Scheduled to move on reboot.
                
                C:\WINDOWS\system32\drivers\etc\hosts => moved successfully
                Hosts restored successfully.
                “C:\Program Files (x86)\TotalAV” => not found
                C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner => moved successfully
                “HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\Discord” => removed successfully
                “HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\utweb” => removed successfully
                “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\AvastUI.exe” => not found
                “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\SunJavaUpdateSched” => removed successfully
                “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder” => not found
                HKLM\SOFTWARE\WOW6432Node\Eset => removed successfully
                “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\McAfee Security Scan Plus.lnk” => removed successfully
                HKLM\SOFTWARE\WOW6432Node\McAfee => removed successfully
                HKLM\SOFTWARE\WOW6432Node\mcafeeupdater => removed successfully
                HKCU\SOFTWARE\McAfee => removed successfully
                HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\McAfee => not found
                C:\ProgramData\McAfee => moved successfully
                C:\WINDOWS\System32\drivers\tap0901.sys => moved successfully
                HKLM\SOFTWARE\WOW6432Node\Tencent => not found
                C:\Users\satch\AppData\Local\BitTorrentHelper => moved successfully
                C:\WINDOWS\System32\drivers\webshieldfilter.sys => moved successfully
                “C:\WINDOWS\System32\drivers\tap0901.sys” => not found
                
                ========= del /s /q “C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory*.*” =========
                
                The system cannot find the file specified.
                
                ========= End of CMD: =========
                
                ========= del /s /q “C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service*.log” =========
                
                Deleted file - C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log
                Deleted file - C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log
                
                ========= End of CMD: =========
                
                ========= del /s /q “C:\ProgramData\Microsoft\Windows Defender\support*.log” =========
                
                Deleted file - C:\ProgramData\Microsoft\Windows Defender\support\MPDetection-20220801-162006.log
                Deleted file - C:\ProgramData\Microsoft\Windows Defender\support\MPDetection-20220831-162838.log
                C:\ProgramData\Microsoft\Windows Defender\support\MPDetection-20221004-225051.log
                C:\ProgramData\Microsoft\Windows Defender\support\MPDeviceControl-20220414-200519.log
                C:\ProgramData\Microsoft\Windows Defender\support\MPLog-20220414-195118.log
                
                ========= End of CMD: =========
                
                ========= Powershell: =========
                
                AMEngineVersion : 0.0.0.0
                AMProductVersion : 4.18.2203.5
                AMRunningMode : Not running
                AMServiceEnabled : False
                AMServiceVersion : 0.0.0.0
                AntispywareEnabled : False
                AntispywareSignatureAge : 4294967295
                AntispywareSignatureLastUpdated :
                AntispywareSignatureVersion : 0.0.0.0
                AntivirusEnabled : False
                AntivirusSignatureAge : 4294967295
                AntivirusSignatureLastUpdated :
                AntivirusSignatureVersion : 0.0.0.0
                BehaviorMonitorEnabled : False
                ComputerID : EC685A49-23A7-4945-A4C0-B50F9252DD06
                ComputerState : 0
                DefenderSignaturesOutOfDate : False
                DeviceControlDefaultEnforcement : N/A
                DeviceControlPoliciesLastUpdated : 12/31/1600 7:00:00 PM
                DeviceControlState : N/A
                FullScanAge : 4294967295
                FullScanEndTime :
                FullScanOverdue : False
                FullScanRequired : False
                FullScanSignatureVersion :
                FullScanStartTime :
                IoavProtectionEnabled : False
                IsTamperProtected : False
                IsVirtualMachine : False
                LastFullScanSource : 0
                LastQuickScanSource : 0
                NISEnabled : False
                NISEngineVersion : 0.0.0.0
                NISSignatureAge : 4294967295
                NISSignatureLastUpdated :
                NISSignatureVersion : 0.0.0.0
                OnAccessProtectionEnabled : False
                ProductStatus : 1
                QuickScanAge : 4294967295
                QuickScanEndTime :
                QuickScanOverdue : False
                QuickScanSignatureVersion :
                QuickScanStartTime :
                RealTimeProtectionEnabled : False
                RealTimeScanDirection : 0
                RebootRequired : False
                TamperProtectionSource : Signatures
                TDTMode : N/A
                TDTStatus : N/A
                TDTTelemetry : N/A
                PSComputerName :
                
                AllowDatagramProcessingOnWinServer : False
                AllowNetworkProtectionDownLevel : False
                AllowNetworkProtectionOnWinServer : False
                AllowSwitchToAsyncInspection : False
                AttackSurfaceReductionOnlyExclusions :
                AttackSurfaceReductionRules_Actions :
                AttackSurfaceReductionRules_Ids :
                CheckForSignaturesBeforeRunningScan : False
                CloudBlockLevel : 1
                CloudExtendedTimeout : 1
                ComputerID : EC685A49-23A7-4945-A4C0-B50F9252DD06
                ControlledFolderAccessAllowedApplications :
                ControlledFolderAccessProtectedFolders :
                DefinitionUpdatesChannel : 0
                DisableArchiveScanning : False
                DisableAutoExclusions : False
                DisableBehaviorMonitoring : False
                DisableBlockAtFirstSeen : False
                DisableCatchupFullScan : True
                DisableCatchupQuickScan : True
                DisableCpuThrottleOnIdleScans : True
                DisableDatagramProcessing : False
                DisableDnsOverTcpParsing : False
                DisableDnsParsing : False
                DisableEmailScanning : True
                DisableFtpParsing : False
                DisableGradualRelease : False
                DisableHttpParsing : False
                DisableInboundConnectionFiltering : False
                DisableIOAVProtection : False
                DisableNetworkProtectionPerfTelemetry : False
                DisablePrivacyMode : False
                DisableRdpParsing : False
                DisableRealtimeMonitoring : False
                DisableRemovableDriveScanning : True
                DisableRestorePoint : True
                DisableScanningMappedNetworkDrivesForFullScan : True
                DisableScanningNetworkFiles : False
                DisableScriptScanning : False
                DisableSshParsing : False
                DisableTDTFeature : False
                DisableTlsParsing : False
                EnableControlledFolderAccess : 0
                EnableDnsSinkhole : True
                EnableFileHashComputation : False
                EnableFullScanOnBatteryPower : False
                EnableLowCpuPriority : False
                EnableNetworkProtection : 0
                EngineUpdatesChannel : 0
                ExclusionExtension :
                ExclusionIpAddress :
                ExclusionPath :
                ExclusionProcess :
                ForceUseProxyOnly : False
                HighThreatDefaultAction : 0
                LowThreatDefaultAction : 0
                MAPSReporting : 2
                MeteredConnectionUpdates : False
                ModerateThreatDefaultAction : 0
                PlatformUpdatesChannel : 0
                ProxyBypass :
                ProxyPacUrl :
                ProxyServer :
                PUAProtection : 1
                QuarantinePurgeItemsAfterDelay : 90
                RandomizeScheduleTaskTimes : True
                RealTimeScanDirection : 0
                RemediationScheduleDay : 0
                RemediationScheduleTime : 02:00:00
                ReportingAdditionalActionTimeOut : 10080
                ReportingCriticalFailureTimeOut : 10080
                ReportingNonCriticalTimeOut : 1440
                ScanAvgCPULoadFactor : 50
                ScanOnlyIfIdleEnabled : True
                ScanParameters : 1
                ScanPurgeItemsAfterDelay : 15
                ScanScheduleDay : 0
                ScanScheduleOffset : 120
                ScanScheduleQuickScanTime : 00:00:00
                ScanScheduleTime : 02:00:00
                SchedulerRandomizationTime : 4
                ServiceHealthReportInterval : 60
                SevereThreatDefaultAction : 0
                SharedSignaturesPath :
                SignatureAuGracePeriod : 0
                SignatureBlobFileSharesSources :
                SignatureBlobUpdateInterval : 60
                SignatureDefinitionUpdateFileSharesSources :
                SignatureDisableUpdateOnStartupWithoutEngine : False
                SignatureFallbackOrder : MicrosoftUpdateServer|MMPC
                SignatureFirstAuGracePeriod : 120
                SignatureScheduleDay : 8
                SignatureScheduleTime : 01:45:00
                SignatureUpdateCatchupInterval : 1
                SignatureUpdateInterval : 0
                SubmitSamplesConsent : 1
                ThreatIDDefaultAction_Actions :
                ThreatIDDefaultAction_Ids :
                ThrottleForScheduledScanOnly : True
                TrustLabelProtectionStatus : 0
                UILockdown : False
                UnknownThreatDefaultAction : 0
                PSComputerName :
                
                ========= End of Powershell: =========
                
                ========= netsh advfirewall reset =========
                
                Ok.
                
                ========= End of CMD: =========
                
                ========= netsh advfirewall set allprofiles state ON =========
                
                Ok.
                
                ========= End of CMD: =========
                
                ========= ipconfig /flushdns =========
                
                Windows IP Configuration
                
                Successfully flushed the DNS Resolver Cache.
                
                ========= End of CMD: =========
                
                ========= netsh winsock reset catalog =========
                
                Sucessfully reset the Winsock Catalog.
                You must restart the computer in order to complete the reset.
                
                ========= End of CMD: =========
                
                ========= netsh int ip reset c:\resetlog.txt =========
                
                Resetting Compartment Forwarding, OK!
                Resetting Compartment, OK!
                Resetting Control Protocol, OK!
                Resetting Echo Sequence Request, OK!
                Resetting Global, OK!
                Resetting Interface, OK!
                Resetting Anycast Address, OK!
                Resetting Multicast Address, OK!
                Resetting Unicast Address, OK!
                Resetting Neighbor, OK!
                Resetting Path, OK!
                Resetting Potential, OK!
                Resetting Prefix Policy, OK!
                Resetting Proxy Neighbor, OK!
                Resetting Route, OK!
                Resetting Site Prefix, OK!
                Resetting Subinterface, OK!
                Resetting Wakeup Pattern, OK!
                Resetting Resolve Neighbor, OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , failed.
                Access is denied.
                
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Restart the computer to complete this action.
                
                ========= End of CMD: =========
                
                ========= ipconfig /release =========
                
                Windows IP Configuration
                
                No operation can be performed on Ethernet while it has its media disconnected.
                No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
                No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
                No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
                
                Ethernet adapter Ethernet:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                Wireless LAN adapter Local Area Connection* 3:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                Wireless LAN adapter Local Area Connection* 12:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                Wireless LAN adapter Wi-Fi:
                
                Connection-specific DNS Suffix . :
                Default Gateway . . . . . . . . . :
                
                Ethernet adapter Bluetooth Network Connection:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                ========= End of CMD: =========
                
                ========= ipconfig /renew =========
                
                Windows IP Configuration
                
                No operation can be performed on Ethernet while it has its media disconnected.
                No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
                No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
                No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
                
                Ethernet adapter Ethernet:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                Wireless LAN adapter Local Area Connection* 3:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                Wireless LAN adapter Local Area Connection* 12:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                Wireless LAN adapter Wi-Fi:
                
                Connection-specific DNS Suffix . :
                IPv4 Address. . . . . . . . . . . : 192.168.0.11
                Subnet Mask . . . . . . . . . . . : 255.255.255.0
                Default Gateway . . . . . . . . . : 192.168.0.1
                
                Ethernet adapter Bluetooth Network Connection:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                
                ========= End of CMD: =========
                
                ========= netsh int ipv4 reset =========
                
                Resetting Compartment Forwarding, OK!
                Resetting Compartment, OK!
                Resetting Control Protocol, OK!
                Resetting Echo Sequence Request, OK!
                Resetting Global, OK!
                Resetting Interface, OK!
                Resetting Anycast Address, OK!
                Resetting Multicast Address, OK!
                Resetting Unicast Address, OK!
                Resetting Neighbor, OK!
                Resetting Path, OK!
                Resetting Potential, OK!
                Resetting Prefix Policy, OK!
                Resetting Proxy Neighbor, OK!
                Resetting Route, OK!
                Resetting Site Prefix, OK!
                Resetting Subinterface, OK!
                Resetting Wakeup Pattern, OK!
                Resetting Resolve Neighbor, OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , failed.
                Access is denied.
                
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Restart the computer to complete this action.
                
                ========= End of CMD: =========
                
                ========= netsh int ipv6 reset =========
                
                Resetting Compartment Forwarding, OK!
                Resetting Compartment, OK!
                Resetting Control Protocol, OK!
                Resetting Echo Sequence Request, OK!
                Resetting Global, OK!
                Resetting Interface, OK!
                Resetting Anycast Address, OK!
                Resetting Multicast Address, OK!
                Resetting Unicast Address, OK!
                Resetting Neighbor, OK!
                Resetting Path, OK!
                Resetting Potential, OK!
                Resetting Prefix Policy, OK!
                Resetting Proxy Neighbor, OK!
                Resetting Route, OK!
                Resetting Site Prefix, OK!
                Resetting Subinterface, OK!
                Resetting Wakeup Pattern, OK!
                Resetting Resolve Neighbor, OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , failed.
                Access is denied.
                
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Resetting , OK!
                Restart the computer to complete this action.
                
                ========= End of CMD: =========
                
                =========== “C:\Windows\Temp*.*” ==========
                
                C:\Windows\Temp\MpCmdRun.log => moved successfully
                C:\Windows\Temp\wct4B5F.tmp => moved successfully
                C:\Windows\Temp\wct899E.tmp => moved successfully
                
                ========= End → “C:\Windows\Temp*.*” ========
                
                =========== “C:\WINDOWS\system32*.tmp” ==========
                
                not found
                
                ========= End → “C:\WINDOWS\system32*.tmp” ========
                
                =========== “C:\WINDOWS\syswow64*.tmp” ==========
                
                not found
                
                ========= End → “C:\WINDOWS\syswow64*.tmp” ========
                
                ========= “%WINDIR%\SYSTEM32\lodctr.exe” /R =========
                
                Error: Unable to rebuild performance counter setting from system backup store, error code is 2
                ========= End of CMD: =========
                
                ========= “%WINDIR%\SysWOW64\lodctr.exe” /R =========
                
                Info: Successfully rebuilt performance counter setting from system backup store
                ========= End of CMD: =========
                
                ========= “C:\Windows\SysWOW64\lodctr.exe” /R =========
                
                Info: Successfully rebuilt performance counter setting from system backup store
                ========= End of CMD: =========
                
                ========= “C:\Windows\SYSTEM32\lodctr.exe” /R =========
                
                Info: Successfully rebuilt performance counter setting from system backup store
                ========= End of CMD: =========
                
                ========= DISM.exe /Online /Cleanup-image /Scanhealth =========
                
                Deployment Image Servicing and Management tool
                Version: 10.0.19041.844
                
                Image Version: 10.0.19043.2006
                
                [== 4.9% ]
                
                [=== 5.5% ]
                
                [=== 6.4% ]
                
                [==== 7.4% ]
                
                [==== 7.9% ]
                
                [==== 8.4% ]
                
                [===== 9.0% ]
                
                [===== 10.0% ]
                
                [====== 10.9% ]
                
                [====== 11.9% ]
                
                [======= 12.4% ]
                
                [======= 13.4% ]
                
                [======== 14.3% ]
                
                [======== 15.3% ]
                
                [========= 16.3% ]
                
                [========== 17.3% ]
                
                [========== 18.2% ]
                
                [=========== 19.2% ]
                
                [=========== 20.2% ]
                
                [============ 21.2% ]
                
                [============ 21.6% ]
                
                [============= 22.4% ]
                
                [============= 23.4% ]
                
                [============== 24.4% ]
                
                [============== 25.4% ]
                
                [=============== 26.3% ]
                
                [=============== 27.3% ]
                
                [================ 28.3% ]
                
                [================ 29.3% ]
                
                [================= 30.2% ]
                
                [================== 31.2% ]
                
                [================== 32.2% ]
                
                [=================== 33.2% ]
                
                [=================== 34.1% ]
                
                [==================== 35.1% ]
                
                [==================== 36.1% ]
                
                [===================== 37.1% ]
                
                [====================== 38.0% ]
                
                [====================== 39.0% ]
                
                [======================= 40.0% ]
                
                [======================= 41.0% ]
                
                [======================== 42.0% ]
                
                [======================== 42.5% ]
                
                [========================= 43.5% ]
                
                [========================= 44.0% ]
                
                [========================= 44.6% ]
                
                [========================= 44.8% ]
                
                [========================== 45.0% ]
                
                [========================== 46.0% ]
                
                [===========================46.9% ]
                
                [===========================47.9% ]
                
                [===========================48.9% ]
                
                [===========================49.9% ]
                
                [===========================50.8% ]
                
                [===========================51.8% ]
                
                [===========================52.7% ]
                
                [===========================53.7% ]
                
                [===========================54.6% ]
                
                [===========================55.6% ]
                
                [===========================56.6% ]
                
                [===========================57.3%= ]
                
                [===========================57.5%= ]
                
                [===========================58.0%= ]
                
                [===========================59.0%== ]
                
                [===========================60.0%== ]
                
                [===========================60.3%== ]
                
                [===========================61.2%=== ]
                
                [===========================62.1%==== ]
                
                [===========================62.4%==== ]
                
                [===========================63.0%==== ]
                
                [===========================63.4%==== ]
                
                [===========================63.7%==== ]
                
                [===========================64.5%===== ]
                
                [===========================64.6%===== ]
                
                [===========================64.8%===== ]
                
                [===========================65.3%===== ]
                
                [===========================65.7%====== ]
                
                [===========================66.6%====== ]
                
                [===========================67.2%====== ]
                
                [===========================67.5%======= ]
                
                [===========================68.1%======= ]
                
                [===========================68.4%======= ]
                
                [===========================68.9%======= ]
                
                [===========================69.0%======== ]
                
                [===========================69.2%======== ]
                
                [===========================69.3%======== ]
                
                [===========================70.1%======== ]
                
                [===========================70.9%========= ]
                
                [===========================71.2%========= ]
                
                [===========================71.6%========= ]
                
                [===========================72.0%========= ]
                
                [===========================73.0%========== ]
                
                [===========================73.0%========== ]
                
                [===========================73.1%========== ]
                
                [===========================74.0%========== ]
                
                [===========================74.3%=========== ]
                
                [===========================75.2%=========== ]
                
                [===========================76.2%============ ]
                
                [===========================77.2%============ ]
                
                [===========================78.1%============= ]
                
                [===========================79.1%============= ]
                
                [===========================80.1%============== ]
                
                [===========================81.1%=============== ]
                
                [===========================82.0%=============== ]
                
                [===========================83.0%================ ]
                
                [===========================84.0%================ ]
                
                [===========================85.0%================= ]
                
                [===========================86.0%================= ]
                
                [===========================86.0%================= ]
                
                [===========================86.2%================== ]
                
                [===========================86.2%================== ]
                
                [===========================86.5%================== ]
                
                [===========================86.5%================== ]
                
                [===========================86.6%================== ]
                
                [===========================86.7%================== ]
                
                [===========================86.7%================== ]
                
                [===========================86.8%================== ]
                
                [===========================86.9%================== ]
                
                [===========================87.0%================== ]
                
                [===========================87.0%================== ]
                
                [===========================87.1%================== ]
                
                [===========================87.2%================== ]
                
                [===========================87.3%================== ]
                
                [===========================87.3%================== ]
                
                [===========================87.5%================== ]
                
                [===========================87.6%================== ]
                
                [===========================87.7%================== ]
                
                [===========================87.8%================== ]
                
                [===========================87.9%================== ]
                
                [===========================87.9%================== ]
                
                [===========================88.1%=================== ]
                
                [===========================88.2%=================== ]
                
                [===========================88.3%=================== ]
                
                [===========================88.4%=================== ]
                
                [===========================88.4%=================== ]
                
                [===========================88.5%=================== ]
                
                [===========================88.6%=================== ]
                
                [===========================88.7%=================== ]
                
                [===========================88.7%=================== ]
                
                [===========================88.8%=================== ]
                
                [===========================88.9%=================== ]
                
                [===========================89.1%=================== ]
                
                [===========================89.1%=================== ]
                
                [===========================89.2%=================== ]
                
                [===========================89.5%=================== ]
                
                [===========================89.7%==================== ]
                
                [===========================89.9%==================== ]
                
                [===========================90.0%==================== ]
                
                [===========================90.1%==================== ]
                
                [===========================90.3%==================== ]
                
                [===========================90.4%==================== ]
                
                [===========================90.5%==================== ]
                
                [===========================90.5%==================== ]
                
                [===========================91.5%===================== ]
                
                [===========================92.0%===================== ]
                
                [===========================92.2%===================== ]
                
                [===========================92.7%===================== ]
                
                [===========================93.7%====================== ]
                
                [===========================94.6%====================== ]
                
                [===========================95.6%======================= ]
                
                [===========================96.6%======================== ]
                
                [===========================97.1%======================== ]
                
                [==========================100.0%==========================]
                No component store corruption detected.
                The operation completed successfully.
                
                ========= End of CMD: =========
                
                ========= DISM.exe /Online /Cleanup-image /Restorehealth =========
                
                Deployment Image Servicing and Management tool
                Version: 10.0.19041.844
                
                Image Version: 10.0.19043.2006
                
                [== 3.8% ]
                
                [== 4.8% ]
                
                [=== 5.7% ]
                
                [=== 6.7% ]
                
                [==== 7.7% ]
                
                [===== 8.7% ]
                
                [===== 9.7% ]
                
                [====== 10.6% ]
                
                [====== 11.6% ]
                
                [======= 12.6% ]
                
                [======= 13.6% ]
                
                [======== 14.6% ]
                
                [========= 15.5% ]
                
                [========= 16.5% ]
                
                [========== 17.5% ]
                
                [========== 18.5% ]
                
                [=========== 19.5% ]
                
                [=========== 20.5% ]
                
                [============ 21.4% ]
                
                [============= 22.4% ]
                
                [============= 23.4% ]
                
                [============== 24.4% ]
                
                [============== 25.4% ]
                
                [=============== 26.3% ]
                
                [=============== 27.0% ]
                
                [================ 28.0% ]
                
                [================ 28.2% ]
                
                [================ 29.1% ]
                
                [================= 30.1% ]
                
                [================== 31.1% ]
                
                [================== 32.1% ]
                
                [=================== 33.1% ]
                
                [=================== 34.0% ]
                
                [==================== 35.0% ]
                
                [==================== 36.0% ]
                
                [===================== 37.0% ]
                
                [====================== 38.0% ]
                
                [====================== 38.9% ]
                
                [======================= 39.9% ]
                
                [======================= 40.8% ]
                
                [======================== 41.8% ]
                
                [======================== 42.8% ]
                
                [========================= 43.2% ]
                
                [========================= 44.2% ]
                
                [========================= 44.3% ]
                
                [========================== 45.3% ]
                
                [========================== 45.4% ]
                
                [========================== 46.4% ]
                
                [===========================47.4% ]
                
                [===========================48.4% ]
                
                [===========================49.4% ]
                
                [===========================50.3% ]
                
                [===========================51.3% ]
                
                [===========================52.3% ]
                
                [===========================53.3% ]
                
                [===========================53.5% ]
                
                [===========================53.7% ]
                
                [===========================53.7% ]
                
                [===========================53.8% ]
                
                [===========================53.8% ]
                
                [===========================54.0% ]
                
                [===========================54.0% ]
                
                [===========================54.2% ]
                
                [===========================54.3% ]
                
                [===========================54.4% ]
                
                [===========================54.5% ]
                
                [===========================54.6% ]
                
                [===========================54.7% ]
                
                [===========================54.9% ]
                
                [===========================54.9% ]
                
                [===========================55.0% ]
                
                [===========================55.1% ]
                
                [===========================55.2% ]
                
                [===========================55.5% ]
                
                [===========================55.7% ]
                
                [===========================56.0% ]
                
                [===========================56.1% ]
                
                [===========================57.1%= ]
                
                [===========================58.0%= ]
                
                [===========================59.0%== ]
                
                [===========================60.0%== ]
                
                [===========================62.3%==== ]
                
                [===========================84.9%================= ]
                
                [==========================100.0%==========================]
                The restore operation completed successfully.
                The operation completed successfully.
                
                ========= End of CMD: =========
                
                ========= fltmc instances =========
                
                Filter Volume Name Altitude Instance Name Frame SprtFtrs VlStatus
                [HR][/HR]
                BdSentry 266211 BdSentryInstance 0 0000000c
                BdSentry 266211 BdSentryInstance 0 0000000c
                BdSentry C: 266211 BdSentryInstance 0 0000000c
                BdSentry \Device\HarddiskVolumeShadowCopy1 266211 BdSentryInstance 0 0000000c
                BdSentry \Device\Mup 266211 BdSentryInstance 0 0000000c
                CldFlt C: 180451 CldFlt 0 00000007
                CldFlt \Device\HarddiskVolumeShadowCopy1 180451 CldFlt 0 00000007
                FileInfo 40500 FileInfo 0 00000007
                FileInfo 40500 FileInfo 0 00000007
                FileInfo C: 40500 FileInfo 0 00000007
                FileInfo \Device\HarddiskVolumeShadowCopy1 40500 FileInfo 0 00000007
                FileInfo \Device\Mup 40500 FileInfo 0 00000007
                WdFilter 328010 WdFilter Instance 0 00000007
                WdFilter 328010 WdFilter Instance 0 00000007
                WdFilter C: 328010 WdFilter Instance 0 00000007
                WdFilter \Device\HarddiskVolumeShadowCopy1 328010 WdFilter Instance 0 00000007
                WdFilter \Device\Mup 328010 WdFilter Instance 0 00000007
                Wof 40700 Wof Instance 0 00000007
                Wof C: 40700 Wof Instance 0 00000007
                Wof \Device\HarddiskVolumeShadowCopy1 40700 Wof Instance 0 00000007
                avgntflt 320500 avgntflt 0 00000007
                avgntflt 320500 avgntflt 0 00000007
                avgntflt C: 320500 avgntflt 0 00000007
                avgntflt \Device\Mup 320500 avgntflt 0 00000007
                bindflt C: 409800 bindflt Instance 0 00000007
                luafv C: 135000 luafv 0 00000007
                npsvctrig \Device\NamedPipe 46000 npsvctrig 0 00000000
                rtp_filesystem_filter 320500.5 rtp_filesystem_filter 0 00000007
                rtp_filesystem_filter 320500.5 rtp_filesystem_filter 0 00000007
                rtp_filesystem_filter C: 320500.5 rtp_filesystem_filter 0 00000007
                rtp_filesystem_filter \Device\Mup 320500.5 rtp_filesystem_filter 0 00000007
                rtp_filesystem_filter \Device\NamedPipe 320500.5 rtp_filesystem_filter 0 00000007
                wcifs C: 189900 wcifs Instance 0 00000007
                
                ========= End of CMD: =========
                
                ========= del /s /q C:\Windows\SoftwareDistribution\download*.* =========
                
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\24635bc8-97e7-4d9f-b0a5-3c2ea521e7d9.AggregatedMetadata.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ar-sa.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ar-sa.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_bg-bg.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_bg-bg.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ca-es.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ca-es.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_cs-cz.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_cs-cz.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_da-dk.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_da-dk.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_de-de.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_de-de.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_el-gr.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_el-gr.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-gb.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-gb.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-us.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-us.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-es.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-es.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-mx.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-mx.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_et-ee.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_et-ee.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fi-fi.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fi-fi.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-ca.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-ca.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-fr.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-fr.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_he-il.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_he-il.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hr-hr.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hr-hr.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hu-hu.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hu-hu.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_id-id.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_id-id.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_it-it.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_it-it.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ja-jp.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ja-jp.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ko-kr.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ko-kr.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lt-lt.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lt-lt.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lv-lv.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lv-lv.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nb-no.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nb-no.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_Neutral.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_Neutral.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nl-nl.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nl-nl.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pl-pl.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pl-pl.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-br.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-br.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-pt.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-pt.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ro-ro.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ro-ro.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ru-ru.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ru-ru.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sk-sk.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sk-sk.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sl-si.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sl-si.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sr-latn-rs.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sr-latn-rs.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sv-se.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sv-se.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_th-th.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_th-th.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_tr-tr.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_tr-tr.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_uk-ua.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_uk-ua.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_vi-vn.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_vi-vn.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-cn.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-cn.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-tw.CompDB.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-tw.CompDB.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ar-sa.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ar-sa.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_bg-bg.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_bg-bg.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ca-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ca-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_corecountryspecific_zh-cn.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_corecountryspecific_zh-cn.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_bg-bg.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_bg-bg.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_cs-cz.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_cs-cz.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_da-dk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_da-dk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_de-de.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_de-de.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_el-gr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_el-gr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-gb.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-gb.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-us.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-us.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_es-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_es-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_et-ee.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_et-ee.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fi-fi.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fi-fi.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fr-fr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fr-fr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hr-hr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hr-hr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hu-hu.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hu-hu.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_it-it.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_it-it.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lt-lt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lt-lt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lv-lv.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lv-lv.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nb-no.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nb-no.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nl-nl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nl-nl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pl-pl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pl-pl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pt-pt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pt-pt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_ro-ro.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_ro-ro.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sk-sk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sk-sk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sl-si.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sl-si.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sv-se.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sv-se.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ar-sa.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ar-sa.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_bg-bg.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_bg-bg.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_cs-cz.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_cs-cz.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_da-dk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_da-dk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_de-de.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_de-de.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_el-gr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_el-gr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-gb.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-gb.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-us.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-us.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-mx.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-mx.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_et-ee.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_et-ee.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fi-fi.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fi-fi.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-ca.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-ca.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-fr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-fr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_he-il.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_he-il.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hr-hr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hr-hr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hu-hu.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hu-hu.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_it-it.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_it-it.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ja-jp.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ja-jp.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ko-kr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ko-kr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lt-lt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lt-lt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lv-lv.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lv-lv.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nb-no.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nb-no.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nl-nl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nl-nl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pl-pl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pl-pl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-br.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-br.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-pt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-pt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ro-ro.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ro-ro.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ru-ru.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ru-ru.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sk-sk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sk-sk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sl-si.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sl-si.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sr-latn-rs.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sr-latn-rs.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sv-se.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sv-se.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_th-th.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_th-th.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_tr-tr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_tr-tr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_uk-ua.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_uk-ua.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-cn.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-cn.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-tw.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-tw.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_cs-cz.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_cs-cz.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_da-dk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_da-dk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_de-de.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_de-de.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_el-gr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_el-gr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-gb.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-gb.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-us.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-us.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-mx.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-mx.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_et-ee.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_et-ee.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fi-fi.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fi-fi.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-ca.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-ca.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-fr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-fr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_he-il.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_he-il.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hr-hr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hr-hr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hu-hu.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hu-hu.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_id-id.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_id-id.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_it-it.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_it-it.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ja-jp.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ja-jp.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ko-kr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ko-kr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lt-lt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lt-lt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lv-lv.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lv-lv.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nb-no.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nb-no.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_Neutral.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_Neutral.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nl-nl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nl-nl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pl-pl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pl-pl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ar-sa.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ar-sa.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_bg-bg.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_bg-bg.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_cs-cz.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_cs-cz.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_da-dk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_da-dk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_de-de.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_de-de.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_el-gr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_el-gr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-gb.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-gb.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-us.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-us.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-mx.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-mx.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_et-ee.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_et-ee.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fi-fi.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fi-fi.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-ca.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-ca.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-fr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-fr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_he-il.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_he-il.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hr-hr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hr-hr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hu-hu.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hu-hu.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_it-it.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_it-it.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ja-jp.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ja-jp.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ko-kr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ko-kr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lt-lt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lt-lt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lv-lv.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lv-lv.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nb-no.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nb-no.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nl-nl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nl-nl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pl-pl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pl-pl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-br.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-br.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-pt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-pt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ro-ro.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ro-ro.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ru-ru.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ru-ru.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sk-sk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sk-sk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sl-si.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sl-si.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sr-latn-rs.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sr-latn-rs.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sv-se.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sv-se.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_th-th.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_th-th.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_tr-tr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_tr-tr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_uk-ua.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_uk-ua.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-cn.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-cn.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-tw.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-tw.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_bg-bg.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_bg-bg.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_cs-cz.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_cs-cz.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_da-dk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_da-dk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_de-de.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_de-de.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_el-gr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_el-gr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-gb.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-gb.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-us.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-us.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_es-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_es-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_et-ee.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_et-ee.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fi-fi.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fi-fi.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fr-fr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fr-fr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hr-hr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hr-hr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hu-hu.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hu-hu.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_it-it.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_it-it.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lt-lt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lt-lt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lv-lv.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lv-lv.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nb-no.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nb-no.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nl-nl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nl-nl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pl-pl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pl-pl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pt-pt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pt-pt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_ro-ro.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_ro-ro.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sk-sk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sk-sk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sl-si.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sl-si.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sv-se.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sv-se.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ar-sa.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ar-sa.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_bg-bg.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_bg-bg.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_cs-cz.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_cs-cz.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_da-dk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_da-dk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_de-de.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_de-de.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_el-gr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_el-gr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-gb.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-gb.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-us.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-us.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-es.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-es.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-mx.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-mx.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_et-ee.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_et-ee.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fi-fi.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fi-fi.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-ca.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-ca.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-fr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-fr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_he-il.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_he-il.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hr-hr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hr-hr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hu-hu.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hu-hu.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_it-it.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_it-it.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ja-jp.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ja-jp.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ko-kr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ko-kr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lt-lt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lt-lt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lv-lv.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lv-lv.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nb-no.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nb-no.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nl-nl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nl-nl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pl-pl.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pl-pl.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-br.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-br.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-pt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-pt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ro-ro.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ro-ro.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ru-ru.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ru-ru.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sk-sk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sk-sk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sl-si.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sl-si.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sr-latn-rs.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sr-latn-rs.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sv-se.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sv-se.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_th-th.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_th-th.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_tr-tr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_tr-tr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_uk-ua.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_uk-ua.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-cn.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-cn.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-tw.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-tw.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-br.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-br.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-pt.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-pt.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ro-ro.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ro-ro.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ru-ru.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ru-ru.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sk-sk.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sk-sk.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sl-si.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sl-si.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sr-latn-rs.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sr-latn-rs.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sv-se.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sv-se.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_th-th.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_th-th.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_tr-tr.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_tr-tr.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_uk-ua.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_uk-ua.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_vi-vn.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_vi-vn.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-cn.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-cn.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-tw.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-tw.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetServicedCompdb_Neutral.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetServicedCompDB_Neutral.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DeviceInventory.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\dpx.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\EKBUpdateCompDB_KB5000736.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\EKBUpdateCompDB_KB5000736.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\LCUCompDB_KB5017308.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\LCUCompDB_KB5017308.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\Mitigation.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\OasisAssetCompDB_KB5008575.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\OasisAssetCompDB_KB5008575.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\ReserveManager.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SafeOSDUCompDB_KB5011577.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SafeOSDUCompDB_KB5011577.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705-express.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705-express.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705.xml
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705.xml.cab
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\TurboStack.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\UAOneSettings.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\UpdateAgent.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\wcp.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\WinREAgent.dll
                Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\11b9a533894bc9d9f83ce7045a76c34df807e223087e7b5214b0aea9c395d6b4
                Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\ecdb03814462aeeb90ce91e145a057feb64c6a34de35a6651f9a51980dfa1773
                
                ========= End of CMD: =========
                
                ========= del /s /q “%userprofile%\AppData\Local\temp*.*” =========
                
                Deleted file - C:\Users\satch\AppData\Local\temp.ses
                Deleted file - C:\Users\satch\AppData\Local\temp\591d0145-3a3f-47c5-8609-0c3ebab14503.tmp
                Deleted file - C:\Users\satch\AppData\Local\temp\c0bcd14c-f067-4e4b-833d-5105b3e0f6d8.tmp
                Deleted file - C:\Users\satch\AppData\Local\temp\cv_debug.log
                Deleted file - C:\Users\satch\AppData\Local\temp\e79e8490-ef7b-490b-ad96-8c9969ea8f01.tmp
                Deleted file - C:\Users\satch\AppData\Local\temp\ea86eacc-ab79-4e11-b880-83e1ddaa6423.tmp
                Deleted file - C:\Users\satch\AppData\Local\temp\ecache.bin
                Deleted file - C:\Users\satch\AppData\Local\temp\fb8939b1-9413-4984-828e-0011d0d66331.tmp
                Deleted file - C:\Users\satch\AppData\Local\temp\jusched.log
                Deleted file - C:\Users\satch\AppData\Local\temp\wctCA3F.tmp
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_0
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_1
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_2
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_3
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000001
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000002
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000003
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000004
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000005
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000006
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000007
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000008
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000009
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000a
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000b
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000c
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000d
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000e
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000f
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000010
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000011
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000012
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000013
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000014
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000015
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000016
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000017
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000018
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000019
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001a
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001b
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001c
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001d
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001e
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001f
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000020
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000021
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000022
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000023
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000024
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000025
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000026
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000027
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000028
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000029
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002a
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002b
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002c
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002d
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002e
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002f
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000030
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000031
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000032
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000033
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000034
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000035
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000036
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000037
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000038
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000039
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003a
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003b
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003c
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003d
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003e
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003f
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000040
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000041
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000042
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000043
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000044
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000045
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000046
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000047
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000048
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000049
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004a
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004b
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004c
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004d
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004e
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004f
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000050
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000051
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000052
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000053
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000054
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000055
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000056
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000057
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000058
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000059
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005a
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005b
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005c
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005d
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005e
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005f
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000060
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000061
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000062
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000063
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\index
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_0
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_1
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_2
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_3
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\index
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_file_0.localstorage
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_file_0.localstorage-journal
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_web_0.localstorage
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_web_0.localstorage-journal
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\https_gemstore-dfw-live.ncplatform.net_0.localstorage
                Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\https_gemstore-dfw-live.ncplatform.net_0.localstorage-journal
                
                ========= End of CMD: =========
                
                ========= ipconfig /flushdns =========
                
                Windows IP Configuration
                
                Successfully flushed the DNS Resolver Cache.
                
                ========= End of CMD: =========
                
                =========== EmptyTemp: ==========
                
                FlushDNS => completed
                BITS transfer queue => 0 B
                DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10693417 B
                Java, Discord, Steam htmlcache => 54500264 B
                Windows/system/drivers => 179268544 B
                Edge => 0 B
                Chrome => 209899805 B
                Firefox => 0 B
                Opera => 0 B
                
                Temp, IE cache, history, cookies, recent:
                Default => 0 B
                ProgramData => 0 B
                Public => 0 B
                systemprofile => 64854 B
                systemprofile32 => 65286 B
                LocalService => 75726 B
                NetworkService => 75726 B
                satch => 2028074 B
                
                RecycleBin => 523631 B
                EmptyTemp: => 436 MB temporary data Removed.
                
                ================================
                
                Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-10-2022 21:32:43)
                
                C:\ProgramData\Avira => Could not move
                
                ==== End of Fixlog 21:32:45 ====
                [/HEADING]

                Comment

                • Malnutrition
                  PCHF Moderator
                  • Jul 2016
                  • 7045

                  #9
                  For now lets just use Windows defender.
                  Uninstall Avira with GeekUninstaller. Then…
                  Run the Avira Removal Tool.
                  Select all options.
                  Also, let me know how the machine is performing, as far as CPU usage, I know you said things were fine, but I am just wanting to know of any issues whatsoever.
                  I’ll see the state of the machine with the new logs, also I’d like to see an autoruns log, so we can trim the work load on your machine.




                  Download Autoruns and Autorunsc Unzip it to your desktop and then right click [IMG alt=“Capture.PNG”]https://pchelpforum.net/attachments/capture-png.9995/ Run as Admin.
                  After the scan is finished then click on File----Then click----Save
                  The default name will be autoruns.arn make sure to leave it this way.
                  Attach the file in your next reply.
                  If the file is too large, then use catbox.moe or Ufile.io and send the link in your next reply.[/IMG]

                  Comment

                  • Rum_Ham
                    PCHF Member
                    • Oct 2022
                    • 8

                    #10
                    Yeah I don’t think I looked at it much if at all before this thing started, but I think things look normal with CPU usage and memory, if just a tad high at this very moment with memory (30%). But its never been showing the 97%-99% usage lately that alerted me to a problem.

                    The Avira removal tool had a problem and said I needed to start in safe mode to remove all the registry, unfortunately I only have a bluetooth keyboard that will not connect at all during the selection screen where it requires me to hit 4 to go safe, so I couldn’t do that.

                    Guess it was too large here is the link https://files.catbox.moe/lsu1y1.arn

                    Comment

                    • Malnutrition
                      PCHF Moderator
                      • Jul 2016
                      • 7045

                      #11


                      Just removing Avira with Geek uninstaller should be fine, you can use just windows defender and also I suggest installing ublock origin.

                      Windows defender is fine, and you do not need another antivirus hogging up memory. I’d install a little firewall like Glasswire, or Xvirus firewall if you want an extra layer of protection.

                      Also, I suggest that you run O&O Antispyware this can trim down bandwidth consumption, by stopping your machine uploading to MS servers so constantly.

                      Then for now, disable windows update. You can re enable anytime, you feel like you want to update.

                      Consider Adblocking DNS server. This can be set on your router to block ads on all devices, or individually on your machine with these instructions


                      Security Check Scan.

                      [ul]
                      [li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please Copy and paste that log here in your next post[/li][/ul]



                      Right click Autoruns and run as admin, uncheck the [COLOR=rgb(250, 197, 28)]YELLOW ONLY highlighted items the ones I highlighed and the ones that read [COLOR=rgb(184, 49, 47)]file not found. and then reboot the computer. Leave One drive checked if you use it.
                      [ATTACH type=“full” alt=“1665278709447.png”]10661[/ATTACH]
                      [ATTACH type=“full” alt=“1665278808743.png”]10662[/ATTACH]
                      [ATTACH type=“full” alt=“1665278869430.png”]10663[/ATTACH][/COLOR][/COLOR]

                      Comment

                      • Rum_Ham
                        PCHF Member
                        • Oct 2022
                        • 8

                        #12
                        Ok after the security check I did the autoruns again and uncheck everything highlighted, plus anything else that was a ‘file not found’ although there was a lot of file not founds that it gave an error and said failed to remove or something, so I left those alone.

                        Log below of security check

                        SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
                        WebSite: www.safezone.cc
                        DateLog: 09.10.2022 09:07:26
                        Path starting: C:\Users\satch\AppData\Local\Temp\SecurityCheck\Se curityCheck.exe
                        Log directory: C:\SecurityCheck
                        IsAdmin: True
                        User: satch
                        VersionXML: 10.22is-08.10.2022


                        Windows 10(6.3.19043) (x64) Core Release: 2009 Lang: English(0409)
                        Installation date OS: 19.02.2021 22:47:08
                        LicenseStatus: Windows(R), Core edition The machine is permanently activated.
                        LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode
                        Boot Mode: Normal
                        Default Browser: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        SystemDrive: C: FS: [NTFS] Capacity: [930.9 Gb] Used: [637.8 Gb] Free: [293.1 Gb]
                        ------------------------------- [ Windows ] -------------------------------
                        Internet Explorer 11.789.19041.0
                        User Account Control enabled (Level 3)
                        Never check for updates
                        Security Center (wscsvc) - The service is running
                        Remote Registry (RemoteRegistry) - The service has stopped
                        SSDP Discovery (SSDPSRV) - The service is running
                        Remote Desktop Services (TermService) - The service has stopped
                        Windows Remote Management (WS-Management) (WinRM) - The service has stopped
                        --------------------------- [ FirewallWindows ] ---------------------------
                        Windows Defender Firewall (mpssvc) - The service is running
                        ---------------------- [ AntiVirusFirewallInstall ] -----------------------
                        Malwarebytes version 4.5.14.210 v.4.5.14.210
                        --------------------------- [ OtherUtilities ] ----------------------------
                        NVIDIA GeForce Experience 3.26.0.131 v.3.26.0.131
                        Python 3.8.7 (64-bit) v.3.8.7150.0 Warning! Download Update
                        Steam v.2.10.91.91
                        Epic Games Launcher v.1.1.267.0
                        ------------------------------- [ Backup ] --------------------------------
                        Microsoft OneDrive v.22.191.0911.0001
                        ------------------------------ [ ArchAndFM ] ------------------------------
                        WinRAR 5.91 (64-bit) v.5.91.0 Warning! Download Update
                        -------------------------------- [ Java ] ---------------------------------
                        Java 8 Update 341 v.8.0.3410.10
                        ------------------------------- [ Browser ] -------------------------------
                        Google Chrome v.106.0.5249.103
                        Microsoft Edge v.106.0.1370.37
                        ------------------ [ AntivirusFirewallProcessServices ] -------------------
                        Malwarebytes Service (MBAMService) - The service has stopped
                        C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe v.4.18.2207.7
                        C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe v.4.18.2207.7
                        Microsoft Defender Antivirus Service (WinDefend) - The service is running
                        Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running
                        ----------------------------- [ End of Log ] ------------------------------

                        Comment

                        • Malnutrition
                          PCHF Moderator
                          • Jul 2016
                          • 7045

                          #13
                          Update phython and winrar, and if there are no more questions or issues, I’ll mark this as solved for you?

                          Comment

                          • Rum_Ham
                            PCHF Member
                            • Oct 2022
                            • 8

                            #14
                            Yes everything seems good now, its been some yrs since I had any general knowledge of regular computer maintenance, what antivirus to use, etc. so that is apparent when I used Total AV when I was trying to get up to speed a bit again.

                            Thanks again for your time and help its very much appreciated

                            Comment

                            • Malnutrition
                              PCHF Moderator
                              • Jul 2016
                              • 7045

                              #15
                              Sweet, I’ll mark this as solved. If you could tell a friend or two about us, or perhaps share a link to this site on any social media if you have or so choose. Have a great night.

                              Comment

                              Working...