• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved 100% CPU usage with IDM.

Status
Not open for further replies.
maxim123

maxim123

PCHF Member
Aug 2, 2017
325
18
#1
Hi, when I downloaded big files with IDM, I somehow started getting 100% C drive usage since a few days ago. IDM is installed in D drive. while my drives do have only few gb of space left, there was never that issue until a few days ago. C drive has over 70 gb space left tho out of 222 gb ssd storage.

and today, when I opened my laptop and opened firefox, it also showed 100% C drive usage, not sure if it was because IDM was opening in the background or something else(there was no download running).

I have checked with malwarebytes, but it shows no malware.
One interesting thing is the uninstall file of IDM was gone, and I had to reinstall it to get the uninstall file and uninstall it from there.

It also has been a long time since I did full system checkup, so I would like to look to see if my laptop is infected.

I run windows 10
 
#3
If you are wanting to check the machine for malware I need FRST logs please.

Information - [Prework] Please Read Before Posting

You must be Registered and Logged in to Follow this Procedure. Welcome to the PCHF Malware Removal Forums Please review the PCHF Security team Disclaimer prior to beginning your adventure through malware removal. Additionally, please read the Security Forum Guidelines before posting. Please...
pchelpforum.net pchelpforum.net
 
  • Like
Reactions: maxim123
#4
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Shahil (administrator) on DESKTOP-AKRBR60 (IT Channel Pty Ltd N8xxEP6) (29-09-2023 22:13:33)
Running from C:\Users\Shahil\Desktop\FRST64.exe
Loaded Profiles: Shahil
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] D:\Program Files (x86)\FANTECH X4S MACRO Gaming Mouse\GamingMouse.exe
(Discord Inc. -> Discord Inc.) C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxEM.exe
(E:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] E:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Eclipse.org Foundation, Inc. -> Temurin) C:\Program Files\OmegaT\jre\bin\javaw.exe
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Matthew Malensek) [File not signed] C:\Program Files (x86)\3RVX\3RVX.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) E:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Spotify Ltd) [File not signed] C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe <5>
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <23>
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\FoxitReaderUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_b117548b2e075ba1\aesm_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (83564403-0B26-46B8-9D84-040F43691D31 -> Realtek Semiconductor) C:\Program Files\WindowsApps\realteksemiconductorcorp.realtekaudiocontrol_1.2.175.0_x64__dt26b99r8h8gj\RtkUWP.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [873760 2019-05-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [electron.app.Loom] => C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe [139767008 2022-06-11] (Loom, Inc. -> Loom, Inc.)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [649216 2016-06-04] (Matthew Malensek) [File not signed]
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [Discord] => C:\Users\Shahil\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [Spotify] => C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe [19678208 2022-05-13] (Spotify Ltd) [File not signed]
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [RiotClient] => E:\Riot Games\Riot Client\RiotClientServices.exe [70910864 2023-09-20] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [Viber] => C:\Users\Shahil\AppData\Local\Viber\Viber.exe [76697808 2023-08-09] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [Microsoft Edge Update] => C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-09-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Run: [MicrosoftEdgeAutoLaunch_E6E5DB1D482397EC518CFF1AC2422889] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210112 2023-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\MountPoints2: {a2238154-a538-11ed-bec7-7c2a314fd070} - "E:\Setup.exe" /s
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (No File)
HKU\S-1-5-18\...\Run: [RzAppEngine] => "C:\Program Files\Razer\RzAppEngine\rzappengine.exe" --url-params=autoStart=1&apps=spatial-audio (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe [2023-09-29] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
Startup: C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk [2021-05-04]
ShortcutTarget: EmEditor.lnk -> C:\Users\Shahil\AppData\Local\Programs\EmEditor\emedtray.exe (Emurasoft, Inc. -> Emurasoft, Inc.)
Startup: C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FANTECH X4S MACRO Gaming Mouse.lnk [2022-06-05]
ShortcutTarget: FANTECH X4S MACRO Gaming Mouse.lnk -> C:\Windows\Installer\{7587581E-9DAD-412D-9AA4-8541FCBCCAF6}\GM_Management.exe_E5CB7E2ECE0A4CFE83CEC7EA9D450A79.exe (Flexera Software LLC) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D7FD4C16-F2A7-4F31-B8E5-32D39A3E7F2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-01] (Google LLC -> Google LLC)
Task: {792C814B-A528-47A9-B7C2-C874CADD22E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-01] (Google LLC -> Google LLC)
Task: {297B2B50-0A39-4331-AFDA-35CA01E37739} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAEA94C6-082C-40C9-9945-979BE11A31D5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {521C5AF4-0149-49F7-8B3C-0D706011E0EB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {70C264A3-7FBB-4CBF-9CA1-053D9060F7F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC4631AC-9CCB-4B50-A8BA-C89F4D7AFBDE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A0DA8C9-6F54-4D89-896B-AB6FE548802F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DF4A659-5DE3-4391-A3D7-3EE545447F15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {250067B4-5AA1-44A7-AD57-DC349A336E59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {030D9B99-F424-461C-8C97-9B69AD669D0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {958E5AB4-027D-47EB-87DC-F9165C20D181} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4291915333-2200026273-1243826419-1001Core{662AC59E-70A2-4D68-8516-FAC5921CBB63} => C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {92992D40-B6DA-46B5-AC83-B9D89A06093B} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4291915333-2200026273-1243826419-1001UA{BD7C20F9-8070-421C-907A-C95665264F4F} => C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E56DF7F0-0DF9-49D7-A31A-857889059201} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {92C55CF4-389D-4FB4-B9E6-17908351D8C9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1F28E75-7EAC-40E3-9888-0D7BFAA2144A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {086FEEC0-1D27-4038-AAAB-EB518E569B37} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA6DB11D-B414-4DA8-8479-921D7E635E4F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 110.44.112.245 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{c8f5d8e6-0c6b-4556-ad62-fb5d70a3dc13}: [DhcpNameServer] 110.44.112.245 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{eb99f96e-2be2-40b9-95d4-72c87cf52e46}: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-29]
Edge Extension: (Google Docs Offline) - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-24]

FireFox:
========
FF DefaultProfile: acdycsu3.default
FF ProfilePath: C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\acdycsu3.default [2021-05-04]
FF ProfilePath: C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release [2023-09-29]
FF Homepage: Mozilla\Firefox\Profiles\nrodr46t.default-release -> about:blank
FF Session Restore: Mozilla\Firefox\Profiles\nrodr46t.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\nrodr46t.default-release -> hxxps://fitgirl-repacks.site; hxxps://meet.google.com; hxxps://pomofocus.io
FF Extension: (Tampermonkey) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\firefox@tampermonkey.net.xpi [2023-06-30]
FF Extension: (FoxyProxy Standard) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\foxyproxy@eric.h.jung.xpi [2021-05-04]
FF Extension: (Web Paint) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\jid1-0dhOSYKGj326og@jetpack.xpi [2022-10-05]
FF Extension: (IDM Integration Module) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2023-09-18]
FF Extension: (uBlock Origin) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-09-26]
FF Extension: (ChatGPT Glarity-Summarize YouTube and Google) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\{16ea91b0-8990-4c1a-83fc-660e4bf7614b}.xpi [2023-08-03]
FF Extension: (Universal Bypass) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\{529b261b-df0b-4e3b-bf42-07b462da0ee8}.xpi [2021-07-27]
FF Extension: (Inkah: Chinese & Korean Pop-up Dictionary) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\{de5bbbad-7c53-468e-9d8d-9d737cf5ba81}.xpi [2022-12-12]
FF Extension: (Zhongwen: The Popular Chinese Learning Tool) - C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\Extensions\{dedb3663-6f13-4c6c-bf0f-5bd111cb2c79}.xpi [2023-01-23]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default [2023-08-27]
CHR Extension: (uBlock Origin) - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-08-04]
CHR Extension: (Word Replacer II) - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Extensions\djakfbefalbkkdgnhkkdiihelkjdpbfh [2022-04-20]
CHR Extension: (Google Docs Offline) - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-02]
CHR Extension: (IDM Integration Module) - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-08-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\FoxitReaderUpdateService.exe [2356800 2021-04-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8966256 2023-02-05] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UWPService; C:\WINDOWS\SysWOW64\Creative.UWPRPCService.exe [357296 2021-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DouyinElevationService; "d:\douyin\2.9.2\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 MpKslf22dac7f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B76D7B35-611C-44B3-A640-E9BF49B6D535}\MpKslDrv.sys [263560 2023-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0257; C:\WINDOWS\System32\drivers\RzDev_0257.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-09-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-09-28] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-29 22:13 - 2023-09-29 22:15 - 000023624 _____ C:\Users\Shahil\Desktop\FRST.txt
2023-09-29 22:13 - 2023-09-29 22:14 - 000000000 ____D C:\FRST
2023-09-29 22:12 - 2023-09-29 22:12 - 002382848 _____ (Farbar) C:\Users\Shahil\Desktop\FRST64.exe
2023-09-29 12:15 - 2023-09-29 12:21 - 000000000 ____D C:\Users\Shahil\AppData\Local\Softdeluxe
2023-09-29 12:13 - 2023-09-29 12:13 - 036175944 _____ (Softdeluxe ) C:\Users\Shahil\Downloads\fdm_x64_setup.exe
2023-09-29 12:00 - 2023-09-29 12:00 - 011432008 _____ (Tonec Inc.) C:\Users\Shahil\Downloads\idman641build20.exe
2023-09-29 11:41 - 2023-09-29 11:41 - 000000000 ___HD C:\$WinREAgent
2023-09-20 12:27 - 2023-09-20 12:27 - 000049427 _____ C:\Users\Shahil\Downloads\Hitman.2007.BluRay.1080p.x264.YIFY.srt
2023-09-16 00:37 - 2023-09-16 00:37 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-09-11 22:19 - 2023-09-11 22:19 - 000153767 _____ C:\Users\Shahil\Downloads\The.A.Team.EXTENDED.2010.1080p.BrRip.x264.YIFY.srt
2023-09-11 12:10 - 2023-09-11 12:10 - 000000000 ____D C:\Users\Shahil\AppData\Local\AWSToolkit
2023-09-11 11:52 - 2023-09-23 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-09-11 11:52 - 2023-09-11 11:52 - 000000000 ____D C:\temp
2023-09-11 11:50 - 2023-09-23 18:17 - 000000000 ____D C:\Program Files\Razer
2023-09-11 11:44 - 2023-09-23 18:18 - 000000000 ____D C:\ProgramData\Razer
2023-09-11 11:43 - 2023-09-29 12:04 - 000000000 ____D C:\Program Files (x86)\Razer
2023-09-11 11:43 - 2023-06-16 07:33 - 000161920 _____ (Razer Inc) C:\WINDOWS\system32\RazerS3CoinstallerEx.dll
2023-09-08 00:33 - 2023-09-08 00:47 - 000000256 _____ C:\Users\Shahil\AppData\LocalLow\rbxcsettings.rbx
2023-09-08 00:33 - 2023-09-08 00:39 - 000003878 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4291915333-2200026273-1243826419-1001UA{BD7C20F9-8070-421C-907A-C95665264F4F}
2023-09-08 00:33 - 2023-09-08 00:39 - 000003816 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4291915333-2200026273-1243826419-1001Core{662AC59E-70A2-4D68-8516-FAC5921CBB63}
2023-09-06 19:19 - 2023-09-06 19:19 - 000102201 _____ C:\Users\Shahil\Downloads\Chronicle.2012.1080p.BrRip.x264.YIFY(1).srt
2023-09-06 19:18 - 2023-09-06 19:18 - 000102201 _____ C:\Users\Shahil\Downloads\Chronicle.2012.1080p.BrRip.x264.YIFY.srt
2023-09-06 19:18 - 2023-09-06 19:18 - 000059104 _____ C:\Users\Shahil\Downloads\Beowulf.2007.1080p.BrRip.x264.Deceit.YIFY.srt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-29 21:50 - 2023-02-28 12:49 - 000000000 ____D C:\Users\Shahil\AppData\Local\Discord
2023-09-29 21:34 - 2023-02-28 12:50 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\discord
2023-09-29 21:29 - 2021-05-04 14:53 - 000000000 ____D C:\ProgramData\Riot Games
2023-09-29 21:27 - 2021-05-04 16:14 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Telegram Desktop
2023-09-29 21:22 - 2022-02-12 15:58 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-29 21:22 - 2021-12-01 22:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-29 21:15 - 2023-03-11 19:38 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Spotify
2023-09-29 18:49 - 2021-05-04 21:48 - 000417002 _____ C:\WINDOWS\system32\prfh0804.dat
2023-09-29 18:49 - 2021-05-04 21:48 - 000132710 _____ C:\WINDOWS\system32\prfc0804.dat
2023-09-29 18:49 - 2021-05-04 03:18 - 001390214 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-29 18:49 - 2019-12-07 14:58 - 000000000 ____D C:\WINDOWS\INF
2023-09-29 18:44 - 2023-03-11 19:39 - 000000000 ____D C:\Users\Shahil\AppData\Local\Spotify
2023-09-29 18:44 - 2019-12-07 14:59 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-29 18:42 - 2022-05-14 23:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-29 18:42 - 2022-05-14 16:30 - 000000000 __SHD C:\Users\Shahil\IntelGraphicsProfiles
2023-09-29 18:42 - 2021-05-04 03:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-29 18:42 - 2021-04-28 09:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-29 18:42 - 2019-12-07 14:48 - 000131072 _____ C:\WINDOWS\system32\config\BBI
2023-09-29 18:29 - 2021-05-04 16:14 - 000000000 ____D C:\Users\Shahil\Downloads\Telegram Desktop
2023-09-29 17:28 - 2021-05-31 16:39 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\vlc
2023-09-29 16:41 - 2021-05-04 03:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-29 16:38 - 2022-05-14 23:08 - 000000000 ____D C:\Users\Shahil\AppData\Local\D3DSCache
2023-09-29 12:08 - 2019-12-07 14:59 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-29 12:05 - 2021-05-04 03:05 - 000480800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-29 12:04 - 2021-06-04 00:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-29 12:04 - 2021-05-04 09:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-29 11:57 - 2023-02-05 14:39 - 000000000 ____D C:\Users\Shahil\AppData\Local\Intel
2023-09-29 11:50 - 2021-05-04 09:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-29 11:49 - 2021-05-05 09:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-29 11:49 - 2021-05-03 10:08 - 000000000 ____D C:\Users\Shahil\AppData\LocalLow\Mozilla
2023-09-29 11:48 - 2019-12-07 14:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-29 11:43 - 2021-05-05 09:38 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-29 02:24 - 2021-12-01 22:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-29 02:24 - 2021-12-01 22:32 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-28 17:44 - 2021-09-08 10:08 - 000000579 _____ C:\Users\Shahil\Desktop\loan.txt
2023-09-28 10:48 - 2021-05-04 03:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-28 00:44 - 2019-12-07 14:59 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-27 22:59 - 2023-01-17 12:00 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-27 22:59 - 2023-01-17 12:00 - 000002236 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-25 01:42 - 2021-05-27 17:53 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\qBittorrent
2023-09-24 13:04 - 2023-08-09 09:34 - 000000000 ____D C:\Users\Shahil\Documents\Sound recordings
2023-09-23 10:09 - 2021-05-04 03:17 - 000000000 ____D C:\Users\Shahil\AppData\Local\Packages
2023-09-21 10:58 - 2021-05-05 16:42 - 000000000 ____D C:\Users\Shahil\AppData\Local\CrashDumps
2023-09-20 16:38 - 2021-05-04 11:41 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\ViberPC
2023-09-20 00:03 - 2023-02-28 12:50 - 000002236 _____ C:\Users\Shahil\Desktop\Discord.lnk
2023-09-19 20:17 - 2021-12-01 22:31 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 20:17 - 2021-12-01 22:31 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-16 02:53 - 2022-10-25 17:06 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\obs-studio
2023-09-16 00:37 - 2022-07-07 11:31 - 000001934 _____ C:\Users\Shahil\Desktop\Zoom.lnk
2023-09-16 00:37 - 2022-05-20 11:44 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Zoom
2023-09-13 13:54 - 2021-05-05 11:07 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Microsoft\Excel
2023-09-11 11:57 - 2021-05-08 21:42 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Microsoft\Word
2023-09-11 11:53 - 2021-06-13 13:16 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-11 11:53 - 2021-06-13 13:16 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-11 11:36 - 2021-05-05 11:21 - 000000000 ____D C:\Users\Shahil\AppData\Roaming\Microsoft\UProof

==================== Files in the root of some directories ========

2023-02-19 07:53 - 2023-02-19 07:53 - 000000048 ____H () C:\Program Files (x86)\0pdtbglvvf.dat
2021-05-06 11:07 - 2021-03-18 20:43 - 000497216 _____ (Foxit Software Inc.) C:\Program Files (x86)\64BitMailAgent.exe
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-console-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-datetime-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-debug-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-errorhandling-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000021768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-2-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l2-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-handle-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-heap-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-interlocked-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-libraryloader-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000020744 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-localization-l1-2-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-memory-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-namedpipe-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processenvironment-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-1.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000017672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-profile-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000017672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-rtlsupport-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-string-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-2-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-sysinfo-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-timezone-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-util-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000002560 _____ (Microsoft Corporation) C:\Program Files (x86)\API-MS-Win-core-xstate-l2-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-conio-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000022280 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-convert-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-environment-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-filesystem-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-heap-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-locale-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000028936 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-math-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000026376 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-multibyte-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000072968 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-private-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-process-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000022792 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-runtime-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000024328 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-stdio-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000024328 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-string-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000020744 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-time-l1-1-0.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-utility-l1-1-0.dll
2021-05-06 11:07 - 2021-04-26 23:45 - 105434192 _____ (Foxit Software Inc.) C:\Program Files (x86)\FoxitReader.exe
2021-05-06 11:07 - 2021-04-27 04:23 - 000074588 _____ () C:\Program Files (x86)\FoxitReader.exe.man
2021-05-06 11:07 - 2020-07-10 01:11 - 000000193 _____ () C:\Program Files (x86)\FoxitReader.VisualElementsManifest.xml
2021-05-06 11:07 - 2021-04-20 10:05 - 002356800 _____ (Foxit Software Inc.) C:\Program Files (x86)\FoxitReaderUpdateService.exe
2021-05-06 11:07 - 2021-04-26 19:30 - 005906512 _____ (Foxit Corporation) C:\Program Files (x86)\FoxitUpdater.exe
2021-05-06 11:07 - 2021-04-26 19:29 - 002780752 _____ (Foxit Software Inc.) C:\Program Files (x86)\FPCSDK.dll
2021-05-06 11:07 - 2021-04-26 19:29 - 003671632 _____ (Foxit Software Inc.) C:\Program Files (x86)\FPCSDK64.dll
2021-05-06 11:07 - 2021-03-19 00:43 - 002154416 _____ (TODO: <公司名>) C:\Program Files (x86)\FXCUSTOM.dll
2021-05-06 11:07 - 2020-08-13 20:19 - 001036464 _____ (Foxit Software Inc.) C:\Program Files (x86)\fxLuceneLib.dll
2021-05-06 11:07 - 2021-03-19 00:44 - 010410272 _____ () C:\Program Files (x86)\icudtl.dat
2021-05-06 11:07 - 2021-03-19 00:44 - 000001478 _____ () C:\Program Files (x86)\legal.txt
2021-05-06 11:07 - 2020-08-13 20:19 - 001982128 _____ (Foxit Software Inc.) C:\Program Files (x86)\lucene++-contrib.dll
2021-05-06 11:07 - 2020-08-13 20:19 - 007557296 _____ (Foxit Software Inc.) C:\Program Files (x86)\lucene++.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 005122704 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc140u.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000092816 _____ (Microsoft Corporation) C:\Program Files (x86)\mfcm140u.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000457512 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp140.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000027076 _____ () C:\Program Files (x86)\notice.txt
2021-05-06 11:07 - 2021-03-19 00:44 - 000051888 _____ () C:\Program Files (x86)\opentracing.dll
2021-05-06 11:07 - 2021-03-19 00:44 - 000060080 _____ () C:\Program Files (x86)\opentracing64.dll
2021-05-06 11:07 - 2021-04-12 02:01 - 003095616 _____ (Foxit Corporation) C:\Program Files (x86)\SendCrashReport.exe
2021-05-06 11:07 - 2021-04-26 19:29 - 002786896 _____ (Foxit Corporation) C:\Program Files (x86)\Sensor.dll
2021-05-06 11:07 - 2021-04-26 19:29 - 003991632 _____ (Foxit Corporation) C:\Program Files (x86)\Sensor64.dll
2021-05-06 11:07 - 2021-04-12 02:02 - 003220032 _____ (Foxit Software Inc.) C:\Program Files (x86)\TrackReview.exe
2021-05-06 11:07 - 2020-07-10 01:11 - 001172232 _____ (Microsoft Corporation) C:\Program Files (x86)\ucrtbase.dll
2021-05-06 11:07 - 2021-05-06 11:07 - 000211725 _____ () C:\Program Files (x86)\unins000.dat
2021-05-06 11:07 - 2021-05-06 11:07 - 001487248 _____ () C:\Program Files (x86)\unins000.exe
2021-05-06 11:07 - 2021-05-06 11:07 - 000022709 _____ () C:\Program Files (x86)\unins000.msg
2021-05-06 11:07 - 2021-05-06 11:07 - 000000307 _____ () C:\Program Files (x86)\UpdaterInfo.xml
2021-05-06 11:07 - 2020-07-10 01:11 - 000267592 _____ (Microsoft Corporation) C:\Program Files (x86)\vccorlib140.dll
2021-05-06 11:07 - 2020-07-10 01:11 - 000083784 _____ (Microsoft Corporation) C:\Program Files (x86)\vcruntime140.dll
2022-01-17 15:41 - 2023-02-04 12:30 - 000000032 _____ () C:\Users\Shahil\AppData\Roaming\.machineId
2022-01-31 15:28 - 2022-01-31 15:28 - 000005217 _____ () C:\Users\Shahil\AppData\Roaming\453cc86a-3043-4658-b969-90151e6256bd.tmp
2022-02-19 23:19 - 2022-02-19 23:19 - 000006560 _____ () C:\Users\Shahil\AppData\Roaming\e2490ec6-b57a-4912-b788-3abe1bde2686.tmp
2021-05-19 15:53 - 2021-05-19 15:53 - 000000051 _____ () C:\Users\Shahil\AppData\Roaming\~SiMPLEX.ini
2023-02-17 19:18 - 2023-07-26 00:56 - 000007600 _____ () C:\Users\Shahil\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Click to expand...
 
#5
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Shahil (29-09-2023 22:16:49)
Running from C:\Users\Shahil\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2021-05-03 21:32:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4291915333-2200026273-1243826419-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4291915333-2200026273-1243826419-503 - Limited - Disabled)
Guest (S-1-5-21-4291915333-2200026273-1243826419-501 - Limited - Disabled)
Shahil (S-1-5-21-4291915333-2200026273-1243826419-1001 - Administrator - Enabled) => C:\Users\Shahil
WDAGUtilityAccount (S-1-5-21-4291915333-2200026273-1243826419-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3RVX (HKLM-x32\...\{400A8514-5440-410A-B318-44061BD7EE8E}) (Version: 2.9.2.0 - Matthew Malensek)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Aeterna Noctis (HKLM-x32\...\Aeterna Noctis_is1) (Version: - )
Anki (HKLM-x32\...\Anki) (Version: 2.1.55 - )
Audacity 3.2.4 (HKLM\...\Audacity_is1) (Version: 3.2.4 - Audacity Team)
AutoHotkey 1.1.33.10 (HKLM\...\AutoHotkey) (Version: 1.1.33.10 - Lexikos)
calibre 64bit (HKLM\...\{E52EB67B-875F-4EE4-A2C4-7D8539DEE79F}) (Version: 5.20.0 - Kovid Goyal)
CONVERGENCE: A LoL Story (HKLM-x32\...\CONVERGENCE: A LoL Story_is1) (Version: - )
Discord (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
EaseUS Video Editor V1.5.10.50 (HKLM-x32\...\{160288F0-2C46-47E6-973D-F8F8D0577965}_is1) (Version: 1.5.10.50 - EaseUS)
EmEditor (64-bit) (HKLM\...\{44DB33D1-2C0C-4912-A968-2A8087063A3B}) (Version: 20.6.1 - Emurasoft, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FANTECH X4S MACRO Gaming Mouse (HKLM-x32\...\{7587581E-9DAD-412D-9AA4-8541FCBCCAF6}) (Version: 1.00.0000 - FANTECH)
Final Fantasy I-VI Bundle PR (HKLM-x32\...\Final Fantasy I-VI Bundle PR_is1) (Version: - )
Final Fantasy IX (HKLM-x32\...\Final Fantasy IX_is1) (Version: - )
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.4.37651 - Foxit Software Inc.)
FTMO MetaTrader 4 (HKLM-x32\...\FTMO MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.132 - Google LLC)
Have a Nice Death (HKLM-x32\...\Have a Nice Death_is1) (Version: - )
InstaTrader (HKLM-x32\...\InstaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000070-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.70.0 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Loom 0.134.0 (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.134.0 - Loom, Inc.)
Malwarebytes version 4.5.21.231 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.21.231 - Malwarebytes)
Metal Mutation (HKLM-x32\...\Metal Mutation_is1) (Version: - )
MetaTrader - EXNESS (HKLM-x32\...\MetaTrader - EXNESS) (Version: 4.00 - MetaQuotes Ltd.)
MetaTrader 4 EXNESS (HKLM-x32\...\MetaTrader 4 EXNESS) (Version: 4.00 - MetaQuotes Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 118.0.1 (x64 en-US)) (Version: 118.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
NinjaTrader 8 (HKLM-x32\...\{96989481-8EFF-4E05-A381-48FAAC6E29CF}) (Version: 8.0.22.2 - NinjaTrader, LLC)
NVIDIA Graphics Driver 457.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.20 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
OmegaT version 5.7.1_Beta (HKLM\...\org.omegat_is1) (Version: 5.7.1_Beta - OmegaT)
PingPlotter 5 (HKLM-x32\...\{2744D183-39DE-4473-A4FD-B6D0961D0A12}) (Version: 5.23.3.8770 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.23.3.8770) (Version: 5.23.3.8770 - Pingman Tools, LLC)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
Riot Client (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Sands of Salzaar (HKLM-x32\...\Sands of Salzaar_is1) (Version: - )
Souls of Chronos (HKLM-x32\...\Souls of Chronos_is1) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify ADS Remover version v1.1.85.895 (HKLM-x32\...\Spotify ADS Remover_is1) (Version: v1.1.85.895 - Spotify)
Subtitle Edit 3.6.0 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.0.0 - Nikse)
Tale of Immortal (HKLM-x32\...\Tale of Immortal_is1) (Version: - )
Telegram Desktop (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.10 - Telegram FZ-LLC)
The Knight Witch (HKLM-x32\...\The Knight Witch_is1) (Version: - )
ThinkMarkets MetaTrader 4 (HKLM-x32\...\ThinkMarkets MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{B17078A5-98F0-46A8-8779-F02C36D5225A}) (Version: 15.2.0.0 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\{1af53e16-204d-465f-b193-f3658e89febc}) (Version: 15.2.0.0 - 2010-2021 Viber Media S.a.r.l)
Visual C++ 10.0 CRT (x64) (HKLM\...\{BFF61907-AA2D-3A26-8666-98D956A62ABC}) (Version: 10.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Warm Snow (HKLM-x32\...\Warm Snow_is1) (Version: - )
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WWE 2K Battlegrounds (HKLM-x32\...\WWE 2K Battlegrounds_is1) (Version: - )
Zoom (HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-14] (Microsoft Corporation)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-14] (INTEL CORP) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-04] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-11] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-21] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2021-05-04] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-28] (Microsoft Studios) [MS Ad]
Sound Blaster Connect -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.15.0_x86__13fcda18mhdz2 [2021-08-04] (Creative Technology Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{6e382992-551d-73a1-e14e-4a65f3fb3244}\localserver32 -> "D:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{f9517764-05a4-a748-620a-95087d06a241}\localserver32 -> "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nvshext.dll [2020-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-05] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2020-09-11] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-03-11 19:38 - 2021-10-29 16:16 - 000206848 _____ () [File not signed] C:\Users\Shahil\AppData\Roaming\Spotify\chrome_elf.dll
2023-09-29 18:46 - 2023-09-29 18:46 - 000457216 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] \\?\C:\Users\Shahil\AppData\Local\Temp\JNA590~1.DLL
2023-05-28 12:42 - 2022-07-15 19:45 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-09-29 18:46 - 2023-09-29 18:46 - 000198144 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Shahil\AppData\Local\Temp\jna--1819708545\jna396370206214454652.dll
2023-08-25 12:12 - 2023-08-25 12:12 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-08-25 12:12 - 2023-08-25 12:12 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-25] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 14:59 - 2021-07-20 12:52 - 000000889 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 cap.cyberlink.com
127.0.0.1 activation.cyberlink.com

2022-02-21 13:11 - 2022-02-21 13:11 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Shahil\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\unicorn market open scalp.png
DNS Servers: 110.44.112.245 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\StartupFolder: => "EmEditor.lnk"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "electron.app.Loom"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\StartupApproved\Run: => "Synapse3"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AADFD93D-FA98-4B3E-AD31-6A53874A96C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05CEE27F-1165-4E1F-A0D1-4A6E01A248E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7A2904E-4B94-4756-8261-DEA136CA3050}] => (Allow) C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{C533BF57-EB49-4381-8FC7-919F982C9444}] => (Allow) C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{2C3F8F90-B532-4E32-A807-38A2E63BA013}] => (Allow) C:\Users\Shahil\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{20E28800-5492-4C60-A9D5-D4CDA3755A37}] => (Allow) C:\Users\Shahil\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{64881B98-7DD4-4F04-821C-8CC6B5A5AA21}] => (Allow) C:\Users\Shahil\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7CE2CD0D-4A1E-4BFD-823C-F9E3CB521A4A}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{4B96D514-BDE6-4E52-AE01-4047FC4E7C0C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{83E57E4E-28C4-4E88-8498-070CD1E653EE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7B17AD25-6242-4FDB-9588-B210954893CE}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{E07376B7-2D20-4FA5-B118-4927353C7943}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{300D401B-90C1-4317-A635-590D78D62AD0}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{EDB0CCFD-3AA9-430E-8C2F-C1CE5994E908}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{96319734-85EF-4E48-B581-1C14EA34515E}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN) [File not signed]
FirewallRules: [{0334EA4F-590E-45AF-A968-6C608FFFA0BE}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN) [File not signed]
FirewallRules: [{4B9E50C2-D279-40A6-9511-BC498B37EF32}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{9A9F5343-12E1-447A-A299-B92588D26867}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{62E9BAA5-B8DA-4737-B761-5F1262FB58A7}D:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) D:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [UDP Query User{B60CD3DD-3FC0-456B-9D3F-2ED8383D5947}D:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) D:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [TCP Query User{0C7C19E5-71B4-4321-AE10-7A5013BC3835}C:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) C:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [UDP Query User{7B672783-9D15-4791-9A8F-9D91964B6549}C:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) C:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [TCP Query User{77625322-B2E3-4196-98C0-3D2BDA08350F}D:\games\monopoly plus\monopoly.exe] => (Allow) D:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{E570F52B-E626-42A5-BED8-64FBD4220861}D:\games\monopoly plus\monopoly.exe] => (Allow) D:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{E5E00501-B5DC-48C0-8F82-97085A7D3244}D:\games\roguebook\roguebook.exe] => (Allow) D:\games\roguebook\roguebook.exe => No File
FirewallRules: [UDP Query User{E090A7B8-6A91-4B1A-961D-EBD8EAAC45BE}D:\games\roguebook\roguebook.exe] => (Allow) D:\games\roguebook\roguebook.exe => No File
FirewallRules: [TCP Query User{6BF8D13C-D43D-4BEB-9468-FB7F305B709F}F:\games\age of empires iii - definitive edition\aoe3de_s.exe] => (Allow) F:\games\age of empires iii - definitive edition\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{94ADB712-82D1-4522-8813-F8C23F900DA0}F:\games\age of empires iii - definitive edition\aoe3de_s.exe] => (Allow) F:\games\age of empires iii - definitive edition\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{22F2045A-49C0-43AA-ADB5-50191D8556AD}F:\games\age of empires iii - definitive edition\battleserver.exe] => (Allow) F:\games\age of empires iii - definitive edition\battleserver.exe => No File
FirewallRules: [UDP Query User{C3555991-10D5-4DD8-852F-708FC1636A68}F:\games\age of empires iii - definitive edition\battleserver.exe] => (Allow) F:\games\age of empires iii - definitive edition\battleserver.exe => No File
FirewallRules: [TCP Query User{59314A66-9BF8-4754-9F94-7800C3106D9E}D:\installation files\anydesk.exe] => (Allow) D:\installation files\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{CB881364-41B6-45B4-BF31-26E61AA26066}D:\installation files\anydesk.exe] => (Allow) D:\installation files\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{169F9253-524A-481E-BFF0-6C65BCC79A9F}F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe] => (Allow) F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe (2K Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{3AF4FCEA-ED96-4768-A21A-2AFCE9F4BB7C}F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe] => (Allow) F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe (2K Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{78FA32AF-FD49-41D0-9AF0-1AE762360BDB}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe] => (Allow) D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{6ACDE1A2-C325-41A0-BA00-8003CC0EB3BF}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe] => (Allow) D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4A1FF923-3A57-4C26-886B-CA8D54711695}D:\games\monopoly plus\monopoly plus\monopoly.exe] => (Block) D:\games\monopoly plus\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{6AF1F56D-165D-4E92-B7DE-9ED27505BF4A}D:\games\monopoly plus\monopoly plus\monopoly.exe] => (Block) D:\games\monopoly plus\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{5AD3383A-EE38-48A5-96CA-F352198844E0}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe] => (Allow) F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe => No File
FirewallRules: [UDP Query User{1BE5DE46-9861-4A73-BE39-7959F75BCA81}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe] => (Allow) F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe => No File
FirewallRules: [TCP Query User{A84097DA-264D-4E07-96AD-A0621AB10AAB}D:\games\cook, serve, delicious! 3\csd3.exe] => (Allow) D:\games\cook, serve, delicious! 3\csd3.exe => No File
FirewallRules: [UDP Query User{9E9401FB-6959-4DA4-A2DA-C17A1F78BD15}D:\games\cook, serve, delicious! 3\csd3.exe] => (Allow) D:\games\cook, serve, delicious! 3\csd3.exe => No File
FirewallRules: [TCP Query User{79C1897F-50E5-4012-AD6C-9D54AA207BBC}D:\games\saint games\wish paradise\wishparadise.exe] => (Allow) D:\games\saint games\wish paradise\wishparadise.exe => No File
FirewallRules: [UDP Query User{E5940976-F47B-436D-91CD-7AB1B85BAAAA}D:\games\saint games\wish paradise\wishparadise.exe] => (Allow) D:\games\saint games\wish paradise\wishparadise.exe => No File
FirewallRules: [TCP Query User{F482A2DD-AB64-45A8-AB13-6B89999E507D}D:\games\ris factions\risk factions\risk factions.exe] => (Block) D:\games\ris factions\risk factions\risk factions.exe => No File
FirewallRules: [UDP Query User{E5FFAB36-9F82-4830-B3BA-6DAC86B8AC3D}D:\games\ris factions\risk factions\risk factions.exe] => (Block) D:\games\ris factions\risk factions\risk factions.exe => No File
FirewallRules: [{23CCCE50-230A-4AB2-AED1-3495A4085357}] => (Allow) F:\Garena\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{AF5A6BFA-848B-4890-B874-5A1B082596FF}F:\garena\lol\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\lol\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{283CD3F8-D835-43B0-851B-2D7E6F0EB736}F:\garena\lol\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\lol\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{453637D1-2640-40DD-8528-A520CF135E9B}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe] => (Allow) D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe => No File
FirewallRules: [UDP Query User{34809C7C-9D7D-4B60-BCD0-E3186EC1A6F5}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe] => (Allow) D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe => No File
FirewallRules: [TCP Query User{6FB0EB6F-54CA-4391-BBDA-2A2C2050705E}D:\games\ao tennis 2\tennis2.exe] => (Block) D:\games\ao tennis 2\tennis2.exe => No File
FirewallRules: [UDP Query User{AB8E3E63-43FD-460F-A6EB-1778BF3BD5C9}D:\games\ao tennis 2\tennis2.exe] => (Block) D:\games\ao tennis 2\tennis2.exe => No File
FirewallRules: [TCP Query User{197A3373-DA6C-4173-9603-44F0E4CA5ABD}D:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) D:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{17B9367C-CB03-4EDC-A195-D46AFF1F24D5}D:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) D:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{EFAD8AD8-5DE0-4F20-BF28-A2AB4EB78FF2}F:\games\yaga\yaga.exe] => (Allow) F:\games\yaga\yaga.exe => No File
FirewallRules: [UDP Query User{349EF46B-9932-4F2D-B47F-44D00398594A}F:\games\yaga\yaga.exe] => (Allow) F:\games\yaga\yaga.exe => No File
FirewallRules: [TCP Query User{4283D4CB-ED23-4F77-B092-6D9CFB41CF16}F:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{0BA75188-F69B-48ED-A0E4-76D812B419EA}F:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{986933E0-D688-4E61-ACF2-A764FEB0EF58}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{7C1FEC1D-42A2-407D-8A08-B86C812C1291}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [TCP Query User{187ACECF-238D-4E0F-B076-44A3B1F385CF}C:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) C:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{8BF29289-E5D2-4166-81F6-686BA0F0618E}C:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) C:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [{8A5B76DC-5821-4F4F-AAB9-96C1D4F14028}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01CEACC9-2006-40FA-8E40-A0D4499AF050}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{734E2784-70CF-4C1B-8272-4580DC7E7D95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A782FE41-1F56-43E2-BDBC-F4689638B7A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D89621F-B7A3-4AB0-9B55-FD417CC99AF4}] => (Block) D:\GOG Games\Fell Seal Arbiter's Mark\Fell Seal.exe => No File
FirewallRules: [{C47CDC02-91DD-4A63-BCB2-699FF70CC2C9}] => (Allow) D:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{AA89FF09-5833-46DA-BA2A-FACBDD3CFE19}] => (Allow) D:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{03F30447-B953-4E80-8C69-A5CD82A67AB2}] => (Block) F:\Games\ELDEN RING\Game\eldenring.exe => No File
FirewallRules: [TCP Query User{BDA0CB93-27D3-4D3C-96FF-A7F6352B6395}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe] => (Block) F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe => No File
FirewallRules: [UDP Query User{B77F11AD-10BB-4DDE-929B-1A404DFC9CA9}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe] => (Block) F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe => No File
FirewallRules: [TCP Query User{441CA4D9-E8E8-48E2-ABB2-1CD66D219597}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{461C8E1E-BF98-4217-9B7C-92B34BAC08AC}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{2FCFF498-1FB2-4A44-9BA6-3E65A97A282D}C:\users\shahil\appdata\local\viber\viber.exe] => (Block) C:\users\shahil\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
FirewallRules: [UDP Query User{1B314992-5829-4100-BCB8-5CA3BF68D50B}C:\users\shahil\appdata\local\viber\viber.exe] => (Block) C:\users\shahil\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
FirewallRules: [TCP Query User{A7AB01AB-F4A2-495E-8B74-E6FFA2F9D73D}C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{653BCE3C-17A5-475B-811C-DCAC96294559}C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{3F7A6593-475E-43AF-8EF3-326B574EB4C7}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe] => (Block) F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe => No File
FirewallRules: [UDP Query User{C7A9760E-61B9-4A9D-AD56-A79332A62673}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe] => (Block) F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe => No File
FirewallRules: [TCP Query User{742F6C27-9F93-4E0C-9C67-52DC63125305}D:\games\lost epic\lostepic.exe] => (Allow) D:\games\lost epic\lostepic.exe => No File
FirewallRules: [UDP Query User{C729B5E6-0BAA-4381-AD64-CA99F838FCBD}D:\games\lost epic\lostepic.exe] => (Allow) D:\games\lost epic\lostepic.exe => No File
FirewallRules: [TCP Query User{BDE3EC7E-13F9-4D50-8B9C-F9179FCFFCD0}D:\games\digimon survive\digimonsurvive.exe] => (Block) D:\games\digimon survive\digimonsurvive.exe => No File
FirewallRules: [UDP Query User{5B6A1AB8-1057-4931-AB11-F18D3F4B0F13}D:\games\digimon survive\digimonsurvive.exe] => (Block) D:\games\digimon survive\digimonsurvive.exe => No File
FirewallRules: [TCP Query User{7C942EBC-BC78-4C66-95C1-D6CEA45D5C1C}F:\games\battle chasers - nightwar\bc.exe] => (Block) F:\games\battle chasers - nightwar\bc.exe => No File
FirewallRules: [UDP Query User{CA7400FF-5A86-4FD0-8027-B554ABA569AA}F:\games\battle chasers - nightwar\bc.exe] => (Block) F:\games\battle chasers - nightwar\bc.exe => No File
FirewallRules: [TCP Query User{1215DA21-A53B-4BC0-A58B-36D4D3B5190B}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [UDP Query User{BD35CB9E-DB51-42D2-9A68-EFBED4A4A5D2}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [TCP Query User{7246C8EC-E1E8-46FA-893C-39BC8756A6A3}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5F4C4C93-339D-4DF1-945C-757B00C81657}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{5DD9581D-8065-41B2-A7D8-69D39CDB009C}D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [UDP Query User{B8444062-37B3-4948-A21C-6B2D4CBF58A3}D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [{E16427A0-EAA2-4B49-BC5B-4ECE76EF3F55}] => (Allow) f:\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{ADF0C877-F7E3-4960-993F-0441C99317A0}F:\garena\garena\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\garena\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{DF2A7434-490E-4272-AA74-33A9A27C1E72}F:\garena\garena\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\garena\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{A2E40B88-98A2-497D-B77C-8F9F68DFC989}F:\league\riot games\riot client\riotclientservices.exe] => (Allow) F:\league\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{6DC32F3F-F9C2-4486-B07A-ED39BDB17972}F:\league\riot games\riot client\riotclientservices.exe] => (Allow) F:\league\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{1543C54A-9FD2-428F-8335-C962F1B74C18}D:\games\uno\uno.exe] => (Allow) D:\games\uno\uno.exe => No File
FirewallRules: [UDP Query User{51B34335-CAC9-4264-B298-E9DBDAD6FFE3}D:\games\uno\uno.exe] => (Allow) D:\games\uno\uno.exe => No File
FirewallRules: [TCP Query User{DEBCA4C4-FF46-4607-88F4-E0FF8BA0949A}E:\riot games\riot client\riotclientservices.exe] => (Allow) E:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{E9B73179-9653-4854-A969-A25440A42620}E:\riot games\riot client\riotclientservices.exe] => (Allow) E:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{65D30529-0236-4001-80AC-4BF2730BA3FA}E:\games\warm snow\warmsnow.exe] => (Block) E:\games\warm snow\warmsnow.exe () [File not signed]
FirewallRules: [UDP Query User{50BFCFA2-413F-417E-B9CB-77368B97BDC4}E:\games\warm snow\warmsnow.exe] => (Block) E:\games\warm snow\warmsnow.exe () [File not signed]
FirewallRules: [TCP Query User{C3238E6C-EC0A-47C7-A517-96A1366188E9}E:\games\warm snow\dlc\warmsnow.exe] => (Allow) E:\games\warm snow\dlc\warmsnow.exe () [File not signed]
FirewallRules: [UDP Query User{20B48AE4-F3D5-4B90-AAEF-7E0B2B7C0FAA}E:\games\warm snow\dlc\warmsnow.exe] => (Allow) E:\games\warm snow\dlc\warmsnow.exe () [File not signed]
FirewallRules: [{E9FA6CD9-7CCF-45B1-8CB0-B00BC59498F5}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools LLC -> )
FirewallRules: [{05D54F84-1CD3-4F60-9FD8-EFAA32F02687}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools LLC -> )
FirewallRules: [{68723E0E-A7B7-4CDD-A238-4F6D901F9D05}] => (Allow) D:\installation files\hitpaw-watermark-remover.exe (Adoreshare Co.,Limited -> HitPaw Co., Ltd.)
FirewallRules: [{D4B30B1B-D146-4C61-A5E4-A92D9F4BF09B}] => (Allow) D:\installation files\hitpaw-watermark-remover.exe (Adoreshare Co.,Limited -> HitPaw Co., Ltd.)
FirewallRules: [TCP Query User{B443D784-2D80-45C0-9057-AD49BCF243B1}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{74A182F1-AE91-45AF-B0EC-4F59DC90D461}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{5C323ED5-D469-4F5F-9444-A484175C2AD3}C:\users\shahil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\shahil\appdata\roaming\spotify\spotify.exe (Spotify Ltd) [File not signed]
FirewallRules: [UDP Query User{819D6B04-800C-485D-80BB-CFF5C1C5AB39}C:\users\shahil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\shahil\appdata\roaming\spotify\spotify.exe (Spotify Ltd) [File not signed]
FirewallRules: [{4187891B-D5EA-45B7-84FE-E7D4D3B53AEE}] => (Allow) e:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe (EaseUS) [File not signed]
FirewallRules: [{FC2E15BA-5F0D-4921-9892-FED276DC4A42}] => (Allow) e:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe (EaseUS) [File not signed]
FirewallRules: [TCP Query User{C8696EFA-FC82-4952-B39D-D655FED9E7C5}E:\games\the mageseeker - a league of legends story\the mageseeker.exe] => (Allow) E:\games\the mageseeker - a league of legends story\the mageseeker.exe => No File
FirewallRules: [UDP Query User{8BB529C8-9894-4C41-95B6-4034C4EA9EA4}E:\games\the mageseeker - a league of legends story\the mageseeker.exe] => (Allow) E:\games\the mageseeker - a league of legends story\the mageseeker.exe => No File
FirewallRules: [TCP Query User{BE0E2DD1-7D8E-4481-83D7-6CF8CAD6EF8B}E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe] => (Block) E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [UDP Query User{D62A71C7-871B-435E-8050-3F54D7DFAE2E}E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe] => (Block) E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [TCP Query User{1A70594E-A75F-40A1-9CF3-A3319BDF88EA}E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe] => (Allow) E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [UDP Query User{7F1E8E08-58C5-40C3-AEC4-B83E4FBF2711}E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe] => (Allow) E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [TCP Query User{8F296261-C121-4BE7-B391-42F5A96E93A8}E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe] => (Allow) E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [UDP Query User{B595B5C4-EFA9-4950-A08E-B1F94864C9EA}E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe] => (Allow) E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [{8F7417DA-A614-419F-9E07-73B8A3A50179}] => (Allow) e:\Program Files\MetaTrader 5\metatester64.exe => No File
FirewallRules: [{8E8E9F93-EB47-4D9E-8D77-6330AB0C88AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AC255297-AF34-413C-B241-CDE9958620FE}F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe] => (Allow) F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe (Passtech Games) [File not signed]
FirewallRules: [UDP Query User{351FAB75-4CA7-42A3-B2FD-6582635DE997}F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe] => (Allow) F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe (Passtech Games) [File not signed]
FirewallRules: [{23629F32-BC68-4650-B98F-5ACF5C12CD4E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D49A467-DBCE-41E5-8413-F6245E32F7DE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-09-2023 03:26:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/23/2023 06:17:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Faulting module name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Exception code: 0xc0000005
Fault offset: 0x00029705
Faulting process id: 0xc3e0
Faulting application start time: 0x01d9ee1a063777e9
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Report Id: cc47b3a6-64b7-4ba2-a676-0cad53fbcb4f
Faulting package full name:
Faulting package-relative application ID:

Error: (09/23/2023 06:17:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Faulting module name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Exception code: 0xc0000005
Fault offset: 0x00029705
Faulting process id: 0xc97c
Faulting application start time: 0x01d9ee1a03d92245
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Report Id: d902c495-8294-4988-b9c0-d2b04acfa6c3
Faulting package full name:
Faulting package-relative application ID:

Error: (09/23/2023 06:17:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Faulting module name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Exception code: 0xc0000005
Fault offset: 0x00029705
Faulting process id: 0x1b70
Faulting application start time: 0x01d9e4761ad70ddb
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Report Id: d41e1c26-badc-49ef-9a51-fea59cec4950
Faulting package full name:
Faulting package-relative application ID:

Error: (09/21/2023 10:58:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LeagueLobby.exe, version: 1.0.0.0, time stamp: 0x98e76720
Faulting module name: KERNELBASE.dll, version: 10.0.19041.3324, time stamp: 0xbe39fd8b
Exception code: 0xe0434352
Fault offset: 0x0013d8c2
Faulting process id: 0x72b0
Faulting application start time: 0x01d9ec4a20b40508
Faulting application path: D:\Max\Downloads\LeagueLobby\bin\Debug\LeagueLobby.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 934baaa0-f828-44c9-9e99-bf32a96699da
Faulting package full name:
Faulting package-relative application ID:

Error: (09/21/2023 10:58:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: LeagueLobby.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
at System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
at System.Windows.Forms.Control.Invoke(System.Delegate)
at LeagueLobby.Custom.<AddBot_Click>b__8_1(System.String)
at API.LCUHttpHelper+<>c__DisplayClass2_0.<Post>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/11/2023 11:50:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Faulting module name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Exception code: 0xc0000005
Fault offset: 0x00019e95
Faulting process id: 0x3a10
Faulting application start time: 0x01d9e475fe93056a
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Report Id: e90360f5-afcc-4658-bead-9810e3151096
Faulting package full name:
Faulting package-relative application ID:

Error: (09/11/2023 11:50:41 AM) (Source: Razer Chroma SDK Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/11/2023 11:50:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Faulting module name: RzSDKService.exe, version: 2.11.11.148, time stamp: 0x64a6bfdd
Exception code: 0xc0000005
Fault offset: 0x00029705
Faulting process id: 0x2394
Faulting application start time: 0x01d9e475fb0c910c
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Report Id: d4343830-d874-48e5-8313-402340cfce55
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (09/29/2023 06:42:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AKRBR60)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (09/29/2023 12:52:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.

Error: (09/29/2023 12:52:19 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.

Error: (09/29/2023 12:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0845: Microsoft .NET Framework 4.8.1 for Windows 10 Version 22H2 for x64 (KB5011048).

Error: (09/29/2023 12:04:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AKRBR60)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (09/29/2023 11:42:15 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/29/2023 03:16:12 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AKRBR60)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (09/27/2023 11:44:54 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2023-09-29 14:37:27
Description:
在完成前停止了 Microsoft Defender Antivirus 扫描。
扫描 ID: {2790A933-8C3C-4CE4-8C7C-3F63F1E52CAA}
扫描类型: Antimalware
扫描参数: Quick Scan
用户: NT AUTHORITY\SYSTEM

Date: 2023-09-27 13:35:20
Description:
在完成前停止了 Microsoft Defender Antivirus 扫描。
扫描 ID: {07374B39-58CB-434D-80D3-9B79DB0BB04B}
扫描类型: Antimalware
扫描参数: Quick Scan
用户: NT AUTHORITY\SYSTEM

Date: 2023-09-26 12:20:08
Description:
在完成前停止了 Microsoft Defender Antivirus 扫描。
扫描 ID: {AC36E534-03C4-414E-88A4-1E1A1EF19087}
扫描类型: Antimalware
扫描参数: Quick Scan
用户: NT AUTHORITY\SYSTEM

Date: 2023-09-25 12:49:30
Description:
在完成前停止了 Microsoft Defender Antivirus 扫描。
扫描 ID: {F4EEE9AE-A299-407A-8A89-440B13A83306}
扫描类型: Antimalware
扫描参数: Quick Scan
用户: NT AUTHORITY\SYSTEM

Date: 2023-09-24 11:22:02
Description:
在完成前停止了 Microsoft Defender Antivirus 扫描。
扫描 ID: {D2E81D13-917F-4281-B216-3BB0CAACD5A9}
扫描类型: Antimalware
扫描参数: Quick Scan
用户: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-04 18:08:34
Description:
Microsoft Defender Antivirus 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.391.351.0
更新源: Microsoft Update Server
安全智能类型: AntiVirus
更新类型: Full
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23050.3
错误代码: 0x80070102
错误说明: The wait operation timed out.

Date: 2023-06-04 18:08:34
Description:
Microsoft Defender Antivirus 尝试更新安全智能时遇到错误。
新安全智能版本:
以前的安全智能版本: 1.391.351.0
更新源: Microsoft Update Server
安全智能类型: AntiVirus
更新类型: Full
用户: NT AUTHORITY\SYSTEM
当前引擎版本:
上一个引擎版本: 1.1.23050.3
错误代码: 0x80070102
错误说明: The wait operation timed out.

CodeIntegrity:
===============
Date: 2023-09-29 18:55:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-29 14:36:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 7.11 08/10/2018
Motherboard: IT Channel Pty Ltd N8xxEP6
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 47%
Total physical RAM: 16204.48 MB
Available physical RAM: 8563.13 MB
Total Virtual: 19788.48 MB
Available Virtual: 9513.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.02 GB) (Free:67.08 GB) (Model: WDC WDS240G2G0B-00EPW0) NTFS
Drive d: (GAMES & SOFTWARES) (Fixed) (Total:443.23 GB) (Free:4.01 GB) (Model: WDC WD10SPZX-22Z10T0) NTFS
Drive e: (PortableSSD) (Fixed) (Total:931.51 GB) (Free:4.37 GB) (Model: SanDisk Portable SSD SCSI Disk Device) NTFS
Drive f: (EDUCATION) (Fixed) (Total:488.28 GB) (Free:12.34 GB) (Model: WDC WD10SPZX-22Z10T0) NTFS

\\?\Volume{e51c16dc-45a8-43c0-9671-5ec0379218d4}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{1605f9d5-7457-466a-a188-83f8ef71412b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================
Click to expand...
 
#6
Adware Cleaner

  • Download AdwCleaner and save it to your Desktop
  • Right-click on AdwCleaner.exeand select, Run as Administrator
  • Accept the EULA (I accept), then click on Scan Now
  • Let the scan complete
  • Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
  • Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
  • Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
  • Close all other open windows and allow it to restart
  • After the restart, Notepad will open with the AdwCleaner cleaning log
  • Please Attach the contents of that log into your next reply to me



Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code: 
start::
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (No File)
HKU\S-1-5-18\...\Run: [RzAppEngine] => "C:\Program Files\Razer\RzAppEngine\rzappengine.exe" --url-params=autoStart=1&apps=spatial-audio (No File)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\MountPoints2: {a2238154-a538-11ed-bec7-7c2a314fd070} - "E:\Setup.exe" /s
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
Tcpip\Parameters: [DhcpNameServer] 110.44.112.245 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{c8f5d8e6-0c6b-4556-ad62-fb5d70a3dc13}: [DhcpNameServer] 110.44.112.245 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{eb99f96e-2be2-40b9-95d4-72c87cf52e46}: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4
S3 DouyinElevationService; "d:\douyin\2.9.2\elevation_service.exe" [X]
C:\Program Files (x86)\0pdtbglvvf.dat
C:\Program Files (x86)\icudtl.dat
C:\Program Files (x86)\legal.txt
C:\Program Files (x86)\unins000.dat
C:\Program Files (x86)\unins000.exe
C:\Program Files (x86)\unins000.msg
C:\Program Files (x86)\UpdaterInfo.xml
File: C:\Program Files (x86)\mfc140u.dll
File: C:\Program Files (x86)\mfcm140u.dll
File: C:\Program Files (x86)\msvcp140.dll
File: C:\Program Files (x86)\vccorlib140.dll
File: C:\Program Files (x86)\vcruntime140.dll
VirusTotal: C:\Program Files (x86)\mfc140u.dll, C:\Program Files (x86)\mfcm140u.dll, C:\Program Files (x86)\msvcp140.dll, C:\Program Files (x86)\vccorlib140.dll, C:\Program Files (x86)\vcruntime140.dll
C:\Users\Shahil\AppData\Roaming\453cc86a-3043-4658-b969-90151e6256bd.tmp
C:\Users\Shahil\AppData\Roaming\e2490ec6-b57a-4912-b788-3abe1bde2686.tmp
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{6e382992-551d-73a1-e14e-4a65f3fb3244}\localserver32 -> "D:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{f9517764-05a4-a748-620a-95087d06a241}\localserver32 -> "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
FirewallRules: [{D7A2904E-4B94-4756-8261-DEA136CA3050}] => (Allow) C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{C533BF57-EB49-4381-8FC7-919F982C9444}] => (Allow) C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{7CE2CD0D-4A1E-4BFD-823C-F9E3CB521A4A}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [{7B17AD25-6242-4FDB-9588-B210954893CE}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{E07376B7-2D20-4FA5-B118-4927353C7943}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{300D401B-90C1-4317-A635-590D78D62AD0}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{EDB0CCFD-3AA9-430E-8C2F-C1CE5994E908}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{62E9BAA5-B8DA-4737-B761-5F1262FB58A7}D:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) D:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [UDP Query User{B60CD3DD-3FC0-456B-9D3F-2ED8383D5947}D:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) D:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [TCP Query User{0C7C19E5-71B4-4321-AE10-7A5013BC3835}C:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) C:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [UDP Query User{7B672783-9D15-4791-9A8F-9D91964B6549}C:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) C:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [TCP Query User{77625322-B2E3-4196-98C0-3D2BDA08350F}D:\games\monopoly plus\monopoly.exe] => (Allow) D:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{E570F52B-E626-42A5-BED8-64FBD4220861}D:\games\monopoly plus\monopoly.exe] => (Allow) D:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{E5E00501-B5DC-48C0-8F82-97085A7D3244}D:\games\roguebook\roguebook.exe] => (Allow) D:\games\roguebook\roguebook.exe => No File
FirewallRules: [UDP Query User{E090A7B8-6A91-4B1A-961D-EBD8EAAC45BE}D:\games\roguebook\roguebook.exe] => (Allow) D:\games\roguebook\roguebook.exe => No File
FirewallRules: [TCP Query User{6BF8D13C-D43D-4BEB-9468-FB7F305B709F}F:\games\age of empires iii - definitive edition\aoe3de_s.exe] => (Allow) F:\games\age of empires iii - definitive edition\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{94ADB712-82D1-4522-8813-F8C23F900DA0}F:\games\age of empires iii - definitive edition\aoe3de_s.exe] => (Allow) F:\games\age of empires iii - definitive edition\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{22F2045A-49C0-43AA-ADB5-50191D8556AD}F:\games\age of empires iii - definitive edition\battleserver.exe] => (Allow) F:\games\age of empires iii - definitive edition\battleserver.exe => No File
FirewallRules: [UDP Query User{C3555991-10D5-4DD8-852F-708FC1636A68}F:\games\age of empires iii - definitive edition\battleserver.exe] => (Allow) F:\games\age of empires iii - definitive edition\battleserver.exe => No File
FirewallRules: [TCP Query User{78FA32AF-FD49-41D0-9AF0-1AE762360BDB}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe] => (Allow) D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{6ACDE1A2-C325-41A0-BA00-8003CC0EB3BF}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe] => (Allow) D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4A1FF923-3A57-4C26-886B-CA8D54711695}D:\games\monopoly plus\monopoly plus\monopoly.exe] => (Block) D:\games\monopoly plus\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{6AF1F56D-165D-4E92-B7DE-9ED27505BF4A}D:\games\monopoly plus\monopoly plus\monopoly.exe] => (Block) D:\games\monopoly plus\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{5AD3383A-EE38-48A5-96CA-F352198844E0}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe] => (Allow) F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe => No File
FirewallRules: [UDP Query User{1BE5DE46-9861-4A73-BE39-7959F75BCA81}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe] => (Allow) F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe => No File
FirewallRules: [TCP Query User{A84097DA-264D-4E07-96AD-A0621AB10AAB}D:\games\cook, serve, delicious! 3\csd3.exe] => (Allow) D:\games\cook, serve, delicious! 3\csd3.exe => No File
FirewallRules: [UDP Query User{9E9401FB-6959-4DA4-A2DA-C17A1F78BD15}D:\games\cook, serve, delicious! 3\csd3.exe] => (Allow) D:\games\cook, serve, delicious! 3\csd3.exe => No File
FirewallRules: [TCP Query User{79C1897F-50E5-4012-AD6C-9D54AA207BBC}D:\games\saint games\wish paradise\wishparadise.exe] => (Allow) D:\games\saint games\wish paradise\wishparadise.exe => No File
FirewallRules: [UDP Query User{E5940976-F47B-436D-91CD-7AB1B85BAAAA}D:\games\saint games\wish paradise\wishparadise.exe] => (Allow) D:\games\saint games\wish paradise\wishparadise.exe => No File
FirewallRules: [TCP Query User{F482A2DD-AB64-45A8-AB13-6B89999E507D}D:\games\ris factions\risk factions\risk factions.exe] => (Block) D:\games\ris factions\risk factions\risk factions.exe => No File
FirewallRules: [UDP Query User{E5FFAB36-9F82-4830-B3BA-6DAC86B8AC3D}D:\games\ris factions\risk factions\risk factions.exe] => (Block) D:\games\ris factions\risk factions\risk factions.exe => No File
FirewallRules: [{23CCCE50-230A-4AB2-AED1-3495A4085357}] => (Allow) F:\Garena\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{AF5A6BFA-848B-4890-B874-5A1B082596FF}F:\garena\lol\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\lol\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{283CD3F8-D835-43B0-851B-2D7E6F0EB736}F:\garena\lol\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\lol\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{453637D1-2640-40DD-8528-A520CF135E9B}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe] => (Allow) D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe => No File
FirewallRules: [UDP Query User{34809C7C-9D7D-4B60-BCD0-E3186EC1A6F5}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe] => (Allow) D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe => No File
FirewallRules: [TCP Query User{6FB0EB6F-54CA-4391-BBDA-2A2C2050705E}D:\games\ao tennis 2\tennis2.exe] => (Block) D:\games\ao tennis 2\tennis2.exe => No File
FirewallRules: [UDP Query User{AB8E3E63-43FD-460F-A6EB-1778BF3BD5C9}D:\games\ao tennis 2\tennis2.exe] => (Block) D:\games\ao tennis 2\tennis2.exe => No File
FirewallRules: [TCP Query User{197A3373-DA6C-4173-9603-44F0E4CA5ABD}D:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) D:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{17B9367C-CB03-4EDC-A195-D46AFF1F24D5}D:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) D:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{EFAD8AD8-5DE0-4F20-BF28-A2AB4EB78FF2}F:\games\yaga\yaga.exe] => (Allow) F:\games\yaga\yaga.exe => No File
FirewallRules: [UDP Query User{349EF46B-9932-4F2D-B47F-44D00398594A}F:\games\yaga\yaga.exe] => (Allow) F:\games\yaga\yaga.exe => No File
FirewallRules: [TCP Query User{4283D4CB-ED23-4F77-B092-6D9CFB41CF16}F:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{0BA75188-F69B-48ED-A0E4-76D812B419EA}F:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{986933E0-D688-4E61-ACF2-A764FEB0EF58}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{7C1FEC1D-42A2-407D-8A08-B86C812C1291}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [TCP Query User{187ACECF-238D-4E0F-B076-44A3B1F385CF}C:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) C:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{8BF29289-E5D2-4166-81F6-686BA0F0618E}C:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) C:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [{1D89621F-B7A3-4AB0-9B55-FD417CC99AF4}] => (Block) D:\GOG Games\Fell Seal Arbiter's Mark\Fell Seal.exe => No File
FirewallRules: [{03F30447-B953-4E80-8C69-A5CD82A67AB2}] => (Block) F:\Games\ELDEN RING\Game\eldenring.exe => No File
FirewallRules: [TCP Query User{BDA0CB93-27D3-4D3C-96FF-A7F6352B6395}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe] => (Block) F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe => No File
FirewallRules: [UDP Query User{B77F11AD-10BB-4DDE-929B-1A404DFC9CA9}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe] => (Block) F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe => No File
FirewallRules: [TCP Query User{441CA4D9-E8E8-48E2-ABB2-1CD66D219597}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{461C8E1E-BF98-4217-9B7C-92B34BAC08AC}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{3F7A6593-475E-43AF-8EF3-326B574EB4C7}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe] => (Block) F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe => No File
FirewallRules: [UDP Query User{C7A9760E-61B9-4A9D-AD56-A79332A62673}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe] => (Block) F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe => No File
FirewallRules: [TCP Query User{742F6C27-9F93-4E0C-9C67-52DC63125305}D:\games\lost epic\lostepic.exe] => (Allow) D:\games\lost epic\lostepic.exe => No File
FirewallRules: [UDP Query User{C729B5E6-0BAA-4381-AD64-CA99F838FCBD}D:\games\lost epic\lostepic.exe] => (Allow) D:\games\lost epic\lostepic.exe => No File
FirewallRules: [TCP Query User{BDE3EC7E-13F9-4D50-8B9C-F9179FCFFCD0}D:\games\digimon survive\digimonsurvive.exe] => (Block) D:\games\digimon survive\digimonsurvive.exe => No File
FirewallRules: [UDP Query User{5B6A1AB8-1057-4931-AB11-F18D3F4B0F13}D:\games\digimon survive\digimonsurvive.exe] => (Block) D:\games\digimon survive\digimonsurvive.exe => No File
FirewallRules: [TCP Query User{7C942EBC-BC78-4C66-95C1-D6CEA45D5C1C}F:\games\battle chasers - nightwar\bc.exe] => (Block) F:\games\battle chasers - nightwar\bc.exe => No File
FirewallRules: [UDP Query User{CA7400FF-5A86-4FD0-8027-B554ABA569AA}F:\games\battle chasers - nightwar\bc.exe] => (Block) F:\games\battle chasers - nightwar\bc.exe => No File
FirewallRules: [TCP Query User{1215DA21-A53B-4BC0-A58B-36D4D3B5190B}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [UDP Query User{BD35CB9E-DB51-42D2-9A68-EFBED4A4A5D2}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [TCP Query User{7246C8EC-E1E8-46FA-893C-39BC8756A6A3}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5F4C4C93-339D-4DF1-945C-757B00C81657}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{E16427A0-EAA2-4B49-BC5B-4ECE76EF3F55}] => (Allow) f:\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{ADF0C877-F7E3-4960-993F-0441C99317A0}F:\garena\garena\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\garena\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{DF2A7434-490E-4272-AA74-33A9A27C1E72}F:\garena\garena\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\garena\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{A2E40B88-98A2-497D-B77C-8F9F68DFC989}F:\league\riot games\riot client\riotclientservices.exe] => (Allow) F:\league\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{6DC32F3F-F9C2-4486-B07A-ED39BDB17972}F:\league\riot games\riot client\riotclientservices.exe] => (Allow) F:\league\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{1543C54A-9FD2-428F-8335-C962F1B74C18}D:\games\uno\uno.exe] => (Allow) D:\games\uno\uno.exe => No File
FirewallRules: [UDP Query User{51B34335-CAC9-4264-B298-E9DBDAD6FFE3}D:\games\uno\uno.exe] => (Allow) D:\games\uno\uno.exe => No File
FirewallRules: [TCP Query User{B443D784-2D80-45C0-9057-AD49BCF243B1}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{74A182F1-AE91-45AF-B0EC-4F59DC90D461}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{C8696EFA-FC82-4952-B39D-D655FED9E7C5}E:\games\the mageseeker - a league of legends story\the mageseeker.exe] => (Allow) E:\games\the mageseeker - a league of legends story\the mageseeker.exe => No File
FirewallRules: [UDP Query User{8BB529C8-9894-4C41-95B6-4034C4EA9EA4}E:\games\the mageseeker - a league of legends story\the mageseeker.exe] => (Allow) E:\games\the mageseeker - a league of legends story\the mageseeker.exe => No File
FirewallRules: [{8F7417DA-A614-419F-9E07-73B8A3A50179}] => (Allow) e:\Program Files\MetaTrader 5\metatester64.exe => No File
C:\Users\Shahil\AppData\Local\Temp\JNA590~1.DLL
C:\Users\Shahil\AppData\Local\Temp\jna--1819708545\jna396370206214454652.dll
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\drivers\etc\hosts
Hosts:
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::



Download ZHP Suite to your desktop.
Right Click Run as admin.
Hit the scanner button.
Once it is complete a file name ZHPdiag.txt will be on your desktop.
Attach it.
 
#7
Hi, this is the Adwcleaner logs

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-30-2023
# Duration: 00:00:31
# OS: Windows 10 (Build 19045.3324)
# Scanned: 32075
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Click to expand...
 
#8
Malnutrition said:
Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
Click to expand...
1696061320076.png


Hi, there was no clean & repair option. This is the second scan, I clicked skip basic repair after the first scan, and it went back to dashboard. I clicked scan again to take this screenshot.
 
#10
weird thing happened. I got a BSOD just now. I could only see that it said windows something and / stopcode.
it has been over a year since I got a BSOD (I think). not sure about the cause here. I was watching instagram reels(in browser), then closed the instagram page and it gave BSOD.
 
#11
“do I copy the code to search box? and click the Fix button?”

No just copy the code, then right click frst run as admin then click fix. Once copied, there is no need to paste anywhere.
 
  • Like
Reactions: maxim123
#12
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Shahil (30-09-2023 17:24:49) Run:1
Running from C:\Users\Shahil\Desktop
Loaded Profiles: Shahil
Boot Mode: Normal
==============================================

fixlist content:
*****************
start::
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (No File)
HKU\S-1-5-18\...\Run: [RzAppEngine] => "C:\Program Files\Razer\RzAppEngine\rzappengine.exe" --url-params=autoStart=1&apps=spatial-audio (No File)
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\...\MountPoints2: {a2238154-a538-11ed-bec7-7c2a314fd070} - "E:\Setup.exe" /s
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
Tcpip\Parameters: [DhcpNameServer] 110.44.112.245 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{c8f5d8e6-0c6b-4556-ad62-fb5d70a3dc13}: [DhcpNameServer] 110.44.112.245 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{eb99f96e-2be2-40b9-95d4-72c87cf52e46}: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4
S3 DouyinElevationService; "d:\douyin\2.9.2\elevation_service.exe" [X]
C:\Program Files (x86)\0pdtbglvvf.dat
C:\Program Files (x86)\icudtl.dat
C:\Program Files (x86)\legal.txt
C:\Program Files (x86)\unins000.dat
C:\Program Files (x86)\unins000.exe
C:\Program Files (x86)\unins000.msg
C:\Program Files (x86)\UpdaterInfo.xml
File: C:\Program Files (x86)\mfc140u.dll
File: C:\Program Files (x86)\mfcm140u.dll
File: C:\Program Files (x86)\msvcp140.dll
File: C:\Program Files (x86)\vccorlib140.dll
File: C:\Program Files (x86)\vcruntime140.dll
VirusTotal: C:\Program Files (x86)\mfc140u.dll, C:\Program Files (x86)\mfcm140u.dll, C:\Program Files (x86)\msvcp140.dll, C:\Program Files (x86)\vccorlib140.dll, C:\Program Files (x86)\vcruntime140.dll
C:\Users\Shahil\AppData\Roaming\453cc86a-3043-4658-b969-90151e6256bd.tmp
C:\Users\Shahil\AppData\Roaming\e2490ec6-b57a-4912-b788-3abe1bde2686.tmp
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{6e382992-551d-73a1-e14e-4a65f3fb3244}\localserver32 -> "D:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{f9517764-05a4-a748-620a-95087d06a241}\localserver32 -> "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Shahil\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
FirewallRules: [{D7A2904E-4B94-4756-8261-DEA136CA3050}] => (Allow) C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{C533BF57-EB49-4381-8FC7-919F982C9444}] => (Allow) C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{7CE2CD0D-4A1E-4BFD-823C-F9E3CB521A4A}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [{7B17AD25-6242-4FDB-9588-B210954893CE}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{E07376B7-2D20-4FA5-B118-4927353C7943}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{300D401B-90C1-4317-A635-590D78D62AD0}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{EDB0CCFD-3AA9-430E-8C2F-C1CE5994E908}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{62E9BAA5-B8DA-4737-B761-5F1262FB58A7}D:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) D:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [UDP Query User{B60CD3DD-3FC0-456B-9D3F-2ED8383D5947}D:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) D:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [TCP Query User{0C7C19E5-71B4-4321-AE10-7A5013BC3835}C:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) C:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [UDP Query User{7B672783-9D15-4791-9A8F-9D91964B6549}C:\games\disgaea 4 complete plus\disgaea4pc.exe] => (Allow) C:\games\disgaea 4 complete plus\disgaea4pc.exe => No File
FirewallRules: [TCP Query User{77625322-B2E3-4196-98C0-3D2BDA08350F}D:\games\monopoly plus\monopoly.exe] => (Allow) D:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{E570F52B-E626-42A5-BED8-64FBD4220861}D:\games\monopoly plus\monopoly.exe] => (Allow) D:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{E5E00501-B5DC-48C0-8F82-97085A7D3244}D:\games\roguebook\roguebook.exe] => (Allow) D:\games\roguebook\roguebook.exe => No File
FirewallRules: [UDP Query User{E090A7B8-6A91-4B1A-961D-EBD8EAAC45BE}D:\games\roguebook\roguebook.exe] => (Allow) D:\games\roguebook\roguebook.exe => No File
FirewallRules: [TCP Query User{6BF8D13C-D43D-4BEB-9468-FB7F305B709F}F:\games\age of empires iii - definitive edition\aoe3de_s.exe] => (Allow) F:\games\age of empires iii - definitive edition\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{94ADB712-82D1-4522-8813-F8C23F900DA0}F:\games\age of empires iii - definitive edition\aoe3de_s.exe] => (Allow) F:\games\age of empires iii - definitive edition\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{22F2045A-49C0-43AA-ADB5-50191D8556AD}F:\games\age of empires iii - definitive edition\battleserver.exe] => (Allow) F:\games\age of empires iii - definitive edition\battleserver.exe => No File
FirewallRules: [UDP Query User{C3555991-10D5-4DD8-852F-708FC1636A68}F:\games\age of empires iii - definitive edition\battleserver.exe] => (Allow) F:\games\age of empires iii - definitive edition\battleserver.exe => No File
FirewallRules: [TCP Query User{78FA32AF-FD49-41D0-9AF0-1AE762360BDB}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe] => (Allow) D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{6ACDE1A2-C325-41A0-BA00-8003CC0EB3BF}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe] => (Allow) D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4A1FF923-3A57-4C26-886B-CA8D54711695}D:\games\monopoly plus\monopoly plus\monopoly.exe] => (Block) D:\games\monopoly plus\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{6AF1F56D-165D-4E92-B7DE-9ED27505BF4A}D:\games\monopoly plus\monopoly plus\monopoly.exe] => (Block) D:\games\monopoly plus\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{5AD3383A-EE38-48A5-96CA-F352198844E0}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe] => (Allow) F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe => No File
FirewallRules: [UDP Query User{1BE5DE46-9861-4A73-BE39-7959F75BCA81}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe] => (Allow) F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe => No File
FirewallRules: [TCP Query User{A84097DA-264D-4E07-96AD-A0621AB10AAB}D:\games\cook, serve, delicious! 3\csd3.exe] => (Allow) D:\games\cook, serve, delicious! 3\csd3.exe => No File
FirewallRules: [UDP Query User{9E9401FB-6959-4DA4-A2DA-C17A1F78BD15}D:\games\cook, serve, delicious! 3\csd3.exe] => (Allow) D:\games\cook, serve, delicious! 3\csd3.exe => No File
FirewallRules: [TCP Query User{79C1897F-50E5-4012-AD6C-9D54AA207BBC}D:\games\saint games\wish paradise\wishparadise.exe] => (Allow) D:\games\saint games\wish paradise\wishparadise.exe => No File
FirewallRules: [UDP Query User{E5940976-F47B-436D-91CD-7AB1B85BAAAA}D:\games\saint games\wish paradise\wishparadise.exe] => (Allow) D:\games\saint games\wish paradise\wishparadise.exe => No File
FirewallRules: [TCP Query User{F482A2DD-AB64-45A8-AB13-6B89999E507D}D:\games\ris factions\risk factions\risk factions.exe] => (Block) D:\games\ris factions\risk factions\risk factions.exe => No File
FirewallRules: [UDP Query User{E5FFAB36-9F82-4830-B3BA-6DAC86B8AC3D}D:\games\ris factions\risk factions\risk factions.exe] => (Block) D:\games\ris factions\risk factions\risk factions.exe => No File
FirewallRules: [{23CCCE50-230A-4AB2-AED1-3495A4085357}] => (Allow) F:\Garena\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{AF5A6BFA-848B-4890-B874-5A1B082596FF}F:\garena\lol\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\lol\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{283CD3F8-D835-43B0-851B-2D7E6F0EB736}F:\garena\lol\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\lol\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{453637D1-2640-40DD-8528-A520CF135E9B}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe] => (Allow) D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe => No File
FirewallRules: [UDP Query User{34809C7C-9D7D-4B60-BCD0-E3186EC1A6F5}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe] => (Allow) D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe => No File
FirewallRules: [TCP Query User{6FB0EB6F-54CA-4391-BBDA-2A2C2050705E}D:\games\ao tennis 2\tennis2.exe] => (Block) D:\games\ao tennis 2\tennis2.exe => No File
FirewallRules: [UDP Query User{AB8E3E63-43FD-460F-A6EB-1778BF3BD5C9}D:\games\ao tennis 2\tennis2.exe] => (Block) D:\games\ao tennis 2\tennis2.exe => No File
FirewallRules: [TCP Query User{197A3373-DA6C-4173-9603-44F0E4CA5ABD}D:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) D:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{17B9367C-CB03-4EDC-A195-D46AFF1F24D5}D:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) D:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{EFAD8AD8-5DE0-4F20-BF28-A2AB4EB78FF2}F:\games\yaga\yaga.exe] => (Allow) F:\games\yaga\yaga.exe => No File
FirewallRules: [UDP Query User{349EF46B-9932-4F2D-B47F-44D00398594A}F:\games\yaga\yaga.exe] => (Allow) F:\games\yaga\yaga.exe => No File
FirewallRules: [TCP Query User{4283D4CB-ED23-4F77-B092-6D9CFB41CF16}F:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{0BA75188-F69B-48ED-A0E4-76D812B419EA}F:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{986933E0-D688-4E61-ACF2-A764FEB0EF58}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [UDP Query User{7C1FEC1D-42A2-407D-8A08-B86C812C1291}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe] => (Allow) F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe => No File
FirewallRules: [TCP Query User{187ACECF-238D-4E0F-B076-44A3B1F385CF}C:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) C:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{8BF29289-E5D2-4166-81F6-686BA0F0618E}C:\garena\games\32771\riot client\riotclientservices.exe] => (Allow) C:\garena\games\32771\riot client\riotclientservices.exe => No File
FirewallRules: [{1D89621F-B7A3-4AB0-9B55-FD417CC99AF4}] => (Block) D:\GOG Games\Fell Seal Arbiter's Mark\Fell Seal.exe => No File
FirewallRules: [{03F30447-B953-4E80-8C69-A5CD82A67AB2}] => (Block) F:\Games\ELDEN RING\Game\eldenring.exe => No File
FirewallRules: [TCP Query User{BDA0CB93-27D3-4D3C-96FF-A7F6352B6395}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe] => (Block) F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe => No File
FirewallRules: [UDP Query User{B77F11AD-10BB-4DDE-929B-1A404DFC9CA9}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe] => (Block) F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe => No File
FirewallRules: [TCP Query User{441CA4D9-E8E8-48E2-ABB2-1CD66D219597}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{461C8E1E-BF98-4217-9B7C-92B34BAC08AC}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{3F7A6593-475E-43AF-8EF3-326B574EB4C7}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe] => (Block) F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe => No File
FirewallRules: [UDP Query User{C7A9760E-61B9-4A9D-AD56-A79332A62673}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe] => (Block) F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe => No File
FirewallRules: [TCP Query User{742F6C27-9F93-4E0C-9C67-52DC63125305}D:\games\lost epic\lostepic.exe] => (Allow) D:\games\lost epic\lostepic.exe => No File
FirewallRules: [UDP Query User{C729B5E6-0BAA-4381-AD64-CA99F838FCBD}D:\games\lost epic\lostepic.exe] => (Allow) D:\games\lost epic\lostepic.exe => No File
FirewallRules: [TCP Query User{BDE3EC7E-13F9-4D50-8B9C-F9179FCFFCD0}D:\games\digimon survive\digimonsurvive.exe] => (Block) D:\games\digimon survive\digimonsurvive.exe => No File
FirewallRules: [UDP Query User{5B6A1AB8-1057-4931-AB11-F18D3F4B0F13}D:\games\digimon survive\digimonsurvive.exe] => (Block) D:\games\digimon survive\digimonsurvive.exe => No File
FirewallRules: [TCP Query User{7C942EBC-BC78-4C66-95C1-D6CEA45D5C1C}F:\games\battle chasers - nightwar\bc.exe] => (Block) F:\games\battle chasers - nightwar\bc.exe => No File
FirewallRules: [UDP Query User{CA7400FF-5A86-4FD0-8027-B554ABA569AA}F:\games\battle chasers - nightwar\bc.exe] => (Block) F:\games\battle chasers - nightwar\bc.exe => No File
FirewallRules: [TCP Query User{1215DA21-A53B-4BC0-A58B-36D4D3B5190B}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [UDP Query User{BD35CB9E-DB51-42D2-9A68-EFBED4A4A5D2}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [TCP Query User{7246C8EC-E1E8-46FA-893C-39BC8756A6A3}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5F4C4C93-339D-4DF1-945C-757B00C81657}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{E16427A0-EAA2-4B49-BC5B-4ECE76EF3F55}] => (Allow) f:\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [TCP Query User{ADF0C877-F7E3-4960-993F-0441C99317A0}F:\garena\garena\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\garena\32771\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{DF2A7434-490E-4272-AA74-33A9A27C1E72}F:\garena\garena\32771\riot client\riotclientservices.exe] => (Allow) F:\garena\garena\32771\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{A2E40B88-98A2-497D-B77C-8F9F68DFC989}F:\league\riot games\riot client\riotclientservices.exe] => (Allow) F:\league\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{6DC32F3F-F9C2-4486-B07A-ED39BDB17972}F:\league\riot games\riot client\riotclientservices.exe] => (Allow) F:\league\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{1543C54A-9FD2-428F-8335-C962F1B74C18}D:\games\uno\uno.exe] => (Allow) D:\games\uno\uno.exe => No File
FirewallRules: [UDP Query User{51B34335-CAC9-4264-B298-E9DBDAD6FFE3}D:\games\uno\uno.exe] => (Allow) D:\games\uno\uno.exe => No File
FirewallRules: [TCP Query User{B443D784-2D80-45C0-9057-AD49BCF243B1}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{74A182F1-AE91-45AF-B0EC-4F59DC90D461}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{C8696EFA-FC82-4952-B39D-D655FED9E7C5}E:\games\the mageseeker - a league of legends story\the mageseeker.exe] => (Allow) E:\games\the mageseeker - a league of legends story\the mageseeker.exe => No File
FirewallRules: [UDP Query User{8BB529C8-9894-4C41-95B6-4034C4EA9EA4}E:\games\the mageseeker - a league of legends story\the mageseeker.exe] => (Allow) E:\games\the mageseeker - a league of legends story\the mageseeker.exe => No File
FirewallRules: [{8F7417DA-A614-419F-9E07-73B8A3A50179}] => (Allow) e:\Program Files\MetaTrader 5\metatester64.exe => No File
C:\Users\Shahil\AppData\Local\Temp\JNA590~1.DLL
C:\Users\Shahil\AppData\Local\Temp\jna--1819708545\jna396370206214454652.dll
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\drivers\etc\hosts
Hosts:
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::
*****************

Restore point was successfully created.
Processes closed successfully.

"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully

"C:\WINDOWS\system32\GroupPolicy\User" folder move:

C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RZTHXHelper" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TeamsMachineUninstallerLocalAppData" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TeamsMachineUninstallerProgramData" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Synapse3" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\RzAppEngine" => removed successfully
"HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAMeetNow" => removed successfully
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2238154-a538-11ed-bec7-7c2a314fd070} => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\osppsvc.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c8f5d8e6-0c6b-4556-ad62-fb5d70a3dc13}\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{eb99f96e-2be2-40b9-95d4-72c87cf52e46}\\DhcpNameServer" => removed successfully
HKLM\System\CurrentControlSet\Services\DouyinElevationService => removed successfully
DouyinElevationService => service removed successfully
C:\Program Files (x86)\0pdtbglvvf.dat => moved successfully
C:\Program Files (x86)\icudtl.dat => moved successfully
C:\Program Files (x86)\legal.txt => moved successfully
C:\Program Files (x86)\unins000.dat => moved successfully
C:\Program Files (x86)\unins000.exe => moved successfully
C:\Program Files (x86)\unins000.msg => moved successfully
C:\Program Files (x86)\UpdaterInfo.xml => moved successfully

========================= File: C:\Program Files (x86)\mfc140u.dll ========================

C:\Program Files (x86)\mfc140u.dll
File is digitally signed
MD5: 118F2BC2314AB6EA8A64D86162E38582
Creation and modification date: 2021-05-06 11:07 - 2020-07-10 01:11
Size: 005122704
Attributes: ----A
Company Name: Microsoft Corporation -> Microsoft Corporation
Internal Name: MFC140U.DLL
Original Name: MFC140U.DLL
Product: Microsoft® Visual Studio® 2017
Description: MFCDLL Shared Library - Retail Version
File Version: 14.13.26020.0 built by: VCTOOLSREL
Product Version: 14.13.26020.0
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file...aab58e6413e6876029b32865b8564d2f9f-1687945471

====== End of File: ======


========================= File: C:\Program Files (x86)\mfcm140u.dll ========================

C:\Program Files (x86)\mfcm140u.dll
File is digitally signed
MD5: 9FDE2EF25DC414E130C06D34B8D60D28
Creation and modification date: 2021-05-06 11:07 - 2020-07-10 01:11
Size: 000092816
Attributes: ----A
Company Name: Microsoft Corporation -> Microsoft Corporation
Internal Name: MFCM140U.DLL
Original Name: MFCM140U.DLL
Product: Microsoft® Visual Studio® 2017
Description: MFC Managed Library - Retail Version
File Version: 14.13.26020.0 built by: VCTOOLSREL
Product Version: 14.13.26020.0
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file...8799393c9d352f616dea273eaa42e9e4ca-1682540629

====== End of File: ======


========================= File: C:\Program Files (x86)\msvcp140.dll ========================

C:\Program Files (x86)\msvcp140.dll
File is digitally signed
MD5: B33902774CE0EDED02B0CF1B54622736
Creation and modification date: 2021-05-06 11:07 - 2020-07-10 01:11
Size: 000457512
Attributes: ----A
Company Name: Microsoft Corporation -> Microsoft Corporation
Internal Name: msvcp140.dll
Original Name: msvcp140.dll
Product: Microsoft® Visual Studio® 2017
Description: Microsoft® C Runtime Library
File Version: 14.13.26020.0 built by: VCTOOLSREL
Product Version: 14.13.26020.0
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file...217966e7ea7e0d4038aa21a2d92a5a0612-1691135476

====== End of File: ======


========================= File: C:\Program Files (x86)\vccorlib140.dll ========================

C:\Program Files (x86)\vccorlib140.dll
File is digitally signed
MD5: 60F11A76E35FD4A9CD2455EA3EFF3224
Creation and modification date: 2021-05-06 11:07 - 2020-07-10 01:11
Size: 000267592
Attributes: ----A
Company Name: Microsoft Corporation -> Microsoft Corporation
Internal Name: vccorlib140.DLL
Original Name: vccorlib140.DLL
Product: Microsoft® Visual Studio® 2015
Description: Microsoft ® VC WinRT core library
File Version: 14.00.24210.0 built by: VCTOOLSREL
Product Version: 14.00.24210.0
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file...a0a163af6f92384279c1dd7afcb7f52293-1696041957

====== End of File: ======


========================= File: C:\Program Files (x86)\vcruntime140.dll ========================

C:\Program Files (x86)\vcruntime140.dll
File is digitally signed
MD5: A2523EA6950E248CBDF18C9EA1A844F6
Creation and modification date: 2021-05-06 11:07 - 2020-07-10 01:11
Size: 000083784
Attributes: ----A
Company Name: Microsoft Corporation -> Microsoft Corporation
Internal Name: vcruntime140.dll
Original Name: vcruntime140.dll
Product: Microsoft® Visual Studio® 2015
Description: Microsoft® C Runtime Library
File Version: 14.00.24210.0 built by: VCTOOLSREL
Product Version: 14.00.24210.0
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: 0

====== End of File: ======

"VirusTotal: C:\Program Files (x86)\mfc140u.dll, C:\Program Files (x86)\mfcm140u.dll, C:\Program Files (x86)\msvcp140.dll, C:\Program Files (x86)\vccorlib140.dll, C:\Program Files (x86)\vcruntime140.dll" => not found
C:\Users\Shahil\AppData\Roaming\453cc86a-3043-4658-b969-90151e6256bd.tmp => moved successfully
C:\Users\Shahil\AppData\Roaming\e2490ec6-b57a-4912-b788-3abe1bde2686.tmp => moved successfully
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{6e382992-551d-73a1-e14e-4a65f3fb3244} => removed successfully
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394} => removed successfully
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001_Classes\CLSID\{f9517764-05a4-a748-620a-95087d06a241} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7A2904E-4B94-4756-8261-DEA136CA3050}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C533BF57-EB49-4381-8FC7-919F982C9444}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CE2CD0D-4A1E-4BFD-823C-F9E3CB521A4A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B17AD25-6242-4FDB-9588-B210954893CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E07376B7-2D20-4FA5-B118-4927353C7943}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{300D401B-90C1-4317-A635-590D78D62AD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDB0CCFD-3AA9-430E-8C2F-C1CE5994E908}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{62E9BAA5-B8DA-4737-B761-5F1262FB58A7}D:\games\disgaea 4 complete plus\disgaea4pc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B60CD3DD-3FC0-456B-9D3F-2ED8383D5947}D:\games\disgaea 4 complete plus\disgaea4pc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0C7C19E5-71B4-4321-AE10-7A5013BC3835}C:\games\disgaea 4 complete plus\disgaea4pc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B672783-9D15-4791-9A8F-9D91964B6549}C:\games\disgaea 4 complete plus\disgaea4pc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{77625322-B2E3-4196-98C0-3D2BDA08350F}D:\games\monopoly plus\monopoly.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E570F52B-E626-42A5-BED8-64FBD4220861}D:\games\monopoly plus\monopoly.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E5E00501-B5DC-48C0-8F82-97085A7D3244}D:\games\roguebook\roguebook.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E090A7B8-6A91-4B1A-961D-EBD8EAAC45BE}D:\games\roguebook\roguebook.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6BF8D13C-D43D-4BEB-9468-FB7F305B709F}F:\games\age of empires iii - definitive edition\aoe3de_s.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{94ADB712-82D1-4522-8813-F8C23F900DA0}F:\games\age of empires iii - definitive edition\aoe3de_s.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22F2045A-49C0-43AA-ADB5-50191D8556AD}F:\games\age of empires iii - definitive edition\battleserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C3555991-10D5-4DD8-852F-708FC1636A68}F:\games\age of empires iii - definitive edition\battleserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{78FA32AF-FD49-41D0-9AF0-1AE762360BDB}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6ACDE1A2-C325-41A0-BA00-8003CC0EB3BF}D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4A1FF923-3A57-4C26-886B-CA8D54711695}D:\games\monopoly plus\monopoly plus\monopoly.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6AF1F56D-165D-4E92-B7DE-9ED27505BF4A}D:\games\monopoly plus\monopoly plus\monopoly.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5AD3383A-EE38-48A5-96CA-F352198844E0}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1BE5DE46-9861-4A73-BE39-7959F75BCA81}F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A84097DA-264D-4E07-96AD-A0621AB10AAB}D:\games\cook, serve, delicious! 3\csd3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E9401FB-6959-4DA4-A2DA-C17A1F78BD15}D:\games\cook, serve, delicious! 3\csd3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79C1897F-50E5-4012-AD6C-9D54AA207BBC}D:\games\saint games\wish paradise\wishparadise.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E5940976-F47B-436D-91CD-7AB1B85BAAAA}D:\games\saint games\wish paradise\wishparadise.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F482A2DD-AB64-45A8-AB13-6B89999E507D}D:\games\ris factions\risk factions\risk factions.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E5FFAB36-9F82-4830-B3BA-6DAC86B8AC3D}D:\games\ris factions\risk factions\risk factions.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{23CCCE50-230A-4AB2-AED1-3495A4085357}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AF5A6BFA-848B-4890-B874-5A1B082596FF}F:\garena\lol\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{283CD3F8-D835-43B0-851B-2D7E6F0EB736}F:\garena\lol\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{453637D1-2640-40DD-8528-A520CF135E9B}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{34809C7C-9D7D-4B60-BCD0-E3186EC1A6F5}D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6FB0EB6F-54CA-4391-BBDA-2A2C2050705E}D:\games\ao tennis 2\tennis2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB8E3E63-43FD-460F-A6EB-1778BF3BD5C9}D:\games\ao tennis 2\tennis2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{197A3373-DA6C-4173-9603-44F0E4CA5ABD}D:\garena\games\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17B9367C-CB03-4EDC-A195-D46AFF1F24D5}D:\garena\games\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EFAD8AD8-5DE0-4F20-BF28-A2AB4EB78FF2}F:\games\yaga\yaga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{349EF46B-9932-4F2D-B47F-44D00398594A}F:\games\yaga\yaga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4283D4CB-ED23-4F77-B092-6D9CFB41CF16}F:\garena\games\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BA75188-F69B-48ED-A0E4-76D812B419EA}F:\garena\games\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{986933E0-D688-4E61-ACF2-A764FEB0EF58}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7C1FEC1D-42A2-407D-8A08-B86C812C1291}F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{187ACECF-238D-4E0F-B076-44A3B1F385CF}C:\garena\games\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8BF29289-E5D2-4166-81F6-686BA0F0618E}C:\garena\games\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D89621F-B7A3-4AB0-9B55-FD417CC99AF4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{03F30447-B953-4E80-8C69-A5CD82A67AB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BDA0CB93-27D3-4D3C-96FF-A7F6352B6395}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B77F11AD-10BB-4DDE-929B-1A404DFC9CA9}F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{441CA4D9-E8E8-48E2-ABB2-1CD66D219597}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{461C8E1E-BF98-4217-9B7C-92B34BAC08AC}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F7A6593-475E-43AF-8EF3-326B574EB4C7}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C7A9760E-61B9-4A9D-AD56-A79332A62673}F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{742F6C27-9F93-4E0C-9C67-52DC63125305}D:\games\lost epic\lostepic.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C729B5E6-0BAA-4381-AD64-CA99F838FCBD}D:\games\lost epic\lostepic.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BDE3EC7E-13F9-4D50-8B9C-F9179FCFFCD0}D:\games\digimon survive\digimonsurvive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5B6A1AB8-1057-4931-AB11-F18D3F4B0F13}D:\games\digimon survive\digimonsurvive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C942EBC-BC78-4C66-95C1-D6CEA45D5C1C}F:\games\battle chasers - nightwar\bc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CA7400FF-5A86-4FD0-8027-B554ABA569AA}F:\games\battle chasers - nightwar\bc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1215DA21-A53B-4BC0-A58B-36D4D3B5190B}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD35CB9E-DB51-42D2-9A68-EFBED4A4A5D2}C:\users\shahil\appdata\local\discord\app-1.0.9006\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7246C8EC-E1E8-46FA-893C-39BC8756A6A3}D:\games\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5F4C4C93-339D-4DF1-945C-757B00C81657}D:\games\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E16427A0-EAA2-4B49-BC5B-4ECE76EF3F55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ADF0C877-F7E3-4960-993F-0441C99317A0}F:\garena\garena\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF2A7434-490E-4272-AA74-33A9A27C1E72}F:\garena\garena\32771\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A2E40B88-98A2-497D-B77C-8F9F68DFC989}F:\league\riot games\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6DC32F3F-F9C2-4486-B07A-ED39BDB17972}F:\league\riot games\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1543C54A-9FD2-428F-8335-C962F1B74C18}D:\games\uno\uno.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{51B34335-CAC9-4264-B298-E9DBDAD6FFE3}D:\games\uno\uno.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B443D784-2D80-45C0-9057-AD49BCF243B1}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{74A182F1-AE91-45AF-B0EC-4F59DC90D461}E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C8696EFA-FC82-4952-B39D-D655FED9E7C5}E:\games\the mageseeker - a league of legends story\the mageseeker.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8BB529C8-9894-4C41-95B6-4034C4EA9EA4}E:\games\the mageseeker - a league of legends story\the mageseeker.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F7417DA-A614-419F-9E07-73B8A3A50179}" => removed successfully
C:\Users\Shahil\AppData\Local\Temp\JNA590~1.DLL => moved successfully
"C:\Users\Shahil\AppData\Local\Temp\jna--1819708545\jna396370206214454652.dll" => not found
C:\WINDOWS\system32\drivers\etc\hosts.ics => moved successfully
C:\WINDOWS\system32\drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= del /f /s /q %windir%\prefetch\*.* =========

Deleted file - C:\WINDOWS\prefetch\3RVX.EXE-9141C494.pf
Deleted file - C:\WINDOWS\prefetch\7ZFM.EXE-56DE4F9A.pf
Deleted file - C:\WINDOWS\prefetch\7ZG.EXE-F49B3D46.pf
Deleted file - C:\WINDOWS\prefetch\ADWCLEANER.EXE-8AD56CB7.pf
Deleted file - C:\WINDOWS\prefetch\AESM_SERVICE.EXE-049AE9B7.pf
Deleted file - C:\WINDOWS\prefetch\AM_DELTA_PATCH_1.397.1814.0.E-473A18FA.pf
Deleted file - C:\WINDOWS\prefetch\APPLICATIONFRAMEHOST.EXE-8CE9A1EE.pf
Deleted file - C:\WINDOWS\prefetch\AUDIODG.EXE-AB22E9A6.pf
Deleted file - C:\WINDOWS\prefetch\AUTOHOTKEY.EXE-FE642FA5.pf
Deleted file - C:\WINDOWS\prefetch\BACKGROUNDTASKHOST.EXE-05A8BF9D.pf
Deleted file - C:\WINDOWS\prefetch\BLITZ.EXE-37D59BBA.pf
Deleted file - C:\WINDOWS\prefetch\cadrespri.7db
Deleted file - C:\WINDOWS\prefetch\CALCULATOR.EXE-B4C49869.pf
Deleted file - C:\WINDOWS\prefetch\CALCULATORAPP.EXE-BD3622F6.pf
Deleted file - C:\WINDOWS\prefetch\CALCULATORAPP.EXE-DC469C54.pf
Deleted file - C:\WINDOWS\prefetch\CALIBRE-PARALLEL.EXE-506DAD43.pf
Deleted file - C:\WINDOWS\prefetch\CHCP.COM-E5840C00.pf
Deleted file - C:\WINDOWS\prefetch\CHROME.EXE-AED7BA44.pf
Deleted file - C:\WINDOWS\prefetch\CHSIME.EXE-450F47D5.pf
Deleted file - C:\WINDOWS\prefetch\CMD.EXE-6D6290C5.pf
Deleted file - C:\WINDOWS\prefetch\COMPPKGSRV.EXE-4780F0C1.pf
Deleted file - C:\WINDOWS\prefetch\CONHOST.EXE-0C6456FB.pf
Deleted file - C:\WINDOWS\prefetch\CONSENT.EXE-40419367.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-018047E8.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-4D536F8F.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-58BC732D.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-A48F9AD4.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-AA441CA3.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-AFF89E72.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-AFF89E73.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-AFF89E74.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-AFF89E79.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-AFF89E7A.pf
Deleted file - C:\WINDOWS\prefetch\DISCORD.EXE-FBCBC619.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-6F625E57.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-7D5CE0CA.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-810B6BBE.pf
Deleted file - C:\WINDOWS\prefetch\DLLHOST.EXE-D200FEC3.pf
Deleted file - C:\WINDOWS\prefetch\DOUYIN.EXE-0C6AF703.pf
Deleted file - C:\WINDOWS\prefetch\DOUYIN.EXE-52630348.pf
Deleted file - C:\WINDOWS\prefetch\DRVINST.EXE-39D9EAC7.pf
Deleted file - C:\WINDOWS\prefetch\dynrespri.7db
Deleted file - C:\WINDOWS\prefetch\EBOOK-VIEWER.EXE-75CC2DA2.pf
Deleted file - C:\WINDOWS\prefetch\EMEDITOR.EXE-F7D8CBEA.pf
Deleted file - C:\WINDOWS\prefetch\EXCEL.EXE-FE860005.pf
Deleted file - C:\WINDOWS\prefetch\EXPLORER.EXE-D5E97654.pf
Deleted file - C:\WINDOWS\prefetch\FDM_X64_SETUP.TMP-D3D1EFC0.pf
Deleted file - C:\WINDOWS\prefetch\FDM_X64_SETUP.TMP-E972FC70.pf
Deleted file - C:\WINDOWS\prefetch\FIREFOX.EXE-66015FD1.pf
Deleted file - C:\WINDOWS\prefetch\FOXITREADER.EXE-2353E2C3.pf
Deleted file - C:\WINDOWS\prefetch\FOXITREADERUPDATER.EXE-B2B9A721.pf
Deleted file - C:\WINDOWS\prefetch\FRST64.EXE-64A1814E.pf
Deleted file - C:\WINDOWS\prefetch\GAMEBAR.EXE-A57B08C6.pf
Deleted file - C:\WINDOWS\prefetch\GAMEBAR.EXE-B3E9C87E.pf
Deleted file - C:\WINDOWS\prefetch\GAMEBARPRESENCEWRITER.EXE-5ADEE7C2.pf
Deleted file - C:\WINDOWS\prefetch\GAMINGMOUSE.EXE-90066052.pf
Deleted file - C:\WINDOWS\prefetch\GARENA.EXE-D76C4144.pf
Deleted file - C:\WINDOWS\prefetch\GEEK64.EXE-1BA53531.pf
Deleted file - C:\WINDOWS\prefetch\GFXDOWNLOADWRAPPER.EXE-EA7E7869.pf
Deleted file - C:\WINDOWS\prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf
Deleted file - C:\WINDOWS\prefetch\ICACLS.EXE-CCAC2A58.pf
Deleted file - C:\WINDOWS\prefetch\IDM1.TMP-519B81F4.pf
Deleted file - C:\WINDOWS\prefetch\IDMAN.EXE-152097A9.pf
Deleted file - C:\WINDOWS\prefetch\IDMAN641BUILD20.EXE-AC24DE94.pf
Deleted file - C:\WINDOWS\prefetch\IGCC.EXE-C3FC3DDF.pf
Deleted file - C:\WINDOWS\prefetch\JAVAW.EXE-0B318ECB.pf
Deleted file - C:\WINDOWS\prefetch\Layout.ini
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-03958EE2.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-19A14981.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-3B6F3DBC.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-44E427ED.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-7110E8CB.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-A33E136F.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-A7F45B66.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUE OF LEGENDS.EXE-E2BDD6E6.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENT.EXE-35C03AEB.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENT.EXE-77593B39.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENT.EXE-8C1BF555.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENT.EXE-CD6A8E60.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENT.EXE-F471A1E0.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENT.EXE-F4C85C32.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUX.EXE-0CE61D0B.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUX.EXE-60783AA2.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUX.EXE-BEB8A134.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUX.EXE-C86AAA59.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUX.EXE-DBA805D9.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUX.EXE-E55A0EFE.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUXRENDER.EXE-8B2113CD.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUXRENDER.EXE-8B2113CE.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECLIENTUXRENDER.EXE-8B2113D4.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECRASHHANDLER.EXE-595DC710.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECRASHHANDLER.EXE-B40FAE02.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECRASHHANDLER.EXE-C6214DB9.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECRASHHANDLER.EXE-FB0FB80B.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECRASHHANDLER64.EXE-16FF7F27.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUECRASHHANDLER64.EXE-5F6E7B3D.pf
Deleted file - C:\WINDOWS\prefetch\LEAGUELOBBY.EXE-00D9E1D5.pf
Deleted file - C:\WINDOWS\prefetch\LOCKAPP.EXE-ACD69F07.pf
Deleted file - C:\WINDOWS\prefetch\LOGONUI.EXE-F639BD7E.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFT.PHOTOS.EXE-AB2B554C.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFT.PHOTOS.EXE-CED05E2C.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFT.PHOTOS.EXE-D3CE6DA2.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFTEDGEUPDATE.EXE-4AA4780D.pf
Deleted file - C:\WINDOWS\prefetch\MICROSOFTEDGEUPDATE.EXE-7A595326.pf
Deleted file - C:\WINDOWS\prefetch\MOBSYNC.EXE-B307E1CC.pf
Deleted file - C:\WINDOWS\prefetch\MOUSOCOREWORKER.EXE-4429AC2B.pf
Deleted file - C:\WINDOWS\prefetch\MPCMDRUN.EXE-DA124C3B.pf
Deleted file - C:\WINDOWS\prefetch\MPSIGSTUB.EXE-5D0450B3.pf
Deleted file - C:\WINDOWS\prefetch\MSCORSVW.EXE-16B291C4.pf
Deleted file - C:\WINDOWS\prefetch\MSCORSVW.EXE-8CE1A322.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGE.EXE-37D25F9C.pf
Deleted file - C:\WINDOWS\prefetch\MSEDGE.EXE-37D25FA2.pf
Deleted file - C:\WINDOWS\prefetch\MSIEXEC.EXE-8FFB1633.pf
Deleted file - C:\WINDOWS\prefetch\MSIEXEC.EXE-CDBFC0F7.pf
Deleted file - C:\WINDOWS\prefetch\MSPAINT.EXE-6406C4A1.pf
Deleted file - C:\WINDOWS\prefetch\NGEN.EXE-4A8DA13E.pf
Deleted file - C:\WINDOWS\prefetch\NGEN.EXE-734C6620.pf
Deleted file - C:\WINDOWS\prefetch\NGENTASK.EXE-849BFD75.pf
Deleted file - C:\WINDOWS\prefetch\NOTEPAD.EXE-C5670914.pf
Deleted file - C:\WINDOWS\prefetch\NVDISPLAY.CONTAINER.EXE-DC353407.pf
Deleted file - C:\WINDOWS\prefetch\Op-MSEDGE.EXE-37D25F9A-00000001.pf
Deleted file - C:\WINDOWS\prefetch\OPENWITH.EXE-8B50D58B.pf
C:\WINDOWS\prefetch\PfPre_3b1d879b.mkd
Deleted file - C:\WINDOWS\prefetch\PHOTOSAPP.EXE-9837C503.pf
Deleted file - C:\WINDOWS\prefetch\POQEXEC.EXE-567EE1A6.pf
Deleted file - C:\WINDOWS\prefetch\QBITTORRENT.EXE-57DBDBF1.pf
Deleted file - C:\WINDOWS\prefetch\REG.EXE-0AC99A87.pf
Deleted file - C:\WINDOWS\prefetch\REGEDIT.EXE-DAB4D60B.pf
Deleted file - C:\WINDOWS\prefetch\ResPriHMStaticDb.ebd
Deleted file - C:\WINDOWS\prefetch\RIOTCLIENTCRASHHANDLER.EXE-7FE863A4.pf
Deleted file - C:\WINDOWS\prefetch\RIOTCLIENTSERVICES.EXE-3933FF4F.pf
Deleted file - C:\WINDOWS\prefetch\RIOTCLIENTSERVICES.EXE-4891F655.pf
Deleted file - C:\WINDOWS\prefetch\RIOTCLIENTSERVICES.EXE-FE271B04.pf
Deleted file - C:\WINDOWS\prefetch\RIOTCLIENTUX.EXE-3538DB39.pf
Deleted file - C:\WINDOWS\prefetch\RIOTCLIENTUX.EXE-91F4251F.pf
Deleted file - C:\WINDOWS\prefetch\RTKAUDUSERVICE64.EXE-19F8321C.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-52A71BD0.pf
Deleted file - C:\WINDOWS\prefetch\RUNDLL32.EXE-75313621.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-4551A062.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-6B83017D.pf
Deleted file - C:\WINDOWS\prefetch\RUNTIMEBROKER.EXE-929314A6.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHAPP.EXE-8E99DBE2.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHAPP.EXE-D91D826A.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHFILTERHOST.EXE-44162447.pf
Deleted file - C:\WINDOWS\prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
Deleted file - C:\WINDOWS\prefetch\SECURITYHEALTHSERVICE.EXE-91B5FB98.pf
Deleted file - C:\WINDOWS\prefetch\SHELLEXPERIENCEHOST.EXE-4CC9062B.pf
Deleted file - C:\WINDOWS\prefetch\SHELLEXPERIENCEHOST.EXE-6810C51B.pf
Deleted file - C:\WINDOWS\prefetch\SHELLEXPERIENCEHOST.EXE-B3EF1F80.pf
Deleted file - C:\WINDOWS\prefetch\SIHOST.EXE-115B507F.pf
Deleted file - C:\WINDOWS\prefetch\SPECCY64.EXE-567DC185.pf
Deleted file - C:\WINDOWS\prefetch\SPOTIFY.EXE-18C55343.pf
Deleted file - C:\WINDOWS\prefetch\SPOTIFY.EXE-18C55345.pf
Deleted file - C:\WINDOWS\prefetch\SPOTIFY.EXE-18C5534B.pf
Deleted file - C:\WINDOWS\prefetch\SPPSVC.EXE-96070FE0.pf
Deleted file - C:\WINDOWS\prefetch\SRTASKS.EXE-3C9D2EEC.pf
Deleted file - C:\WINDOWS\prefetch\STARTMENUEXPERIENCEHOST.EXE-DF593AF9.pf
Deleted file - C:\WINDOWS\prefetch\SUBTITLEEDIT.EXE-52B97CA1.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-117C4441.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-1454AA18.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-19B557B1.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-3D497EFC.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4B98D760.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-4D0E9C8C.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-59780EBF.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-59D511F9.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-6867B1E5.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-73D024B2.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-852EC587.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-9A28EB78.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-9D041ABC.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-BE3D0421.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C2DA4F6F.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C38EF8DD.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-C625B657.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-D8C907E1.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-E8870FF5.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-F952D9A9.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-FA38241C.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-FB759C0F.pf
Deleted file - C:\WINDOWS\prefetch\SVCHOST.EXE-FC46CD61.pf
Deleted file - C:\WINDOWS\prefetch\SYNTPENH.EXE-26A3FEA2.pf
Deleted file - C:\WINDOWS\prefetch\SYSTEMSETTINGS.EXE-BE0858C5.pf
Deleted file - C:\WINDOWS\prefetch\TAKEOWN.EXE-952D132A.pf
Deleted file - C:\WINDOWS\prefetch\TASKHOSTW.EXE-2E5D4B75.pf
Deleted file - C:\WINDOWS\prefetch\TASKMGR.EXE-4C8500BA.pf
Deleted file - C:\WINDOWS\prefetch\TELEGRAM.EXE-70AB0853.pf
Deleted file - C:\WINDOWS\prefetch\TERMINAL.EXE-B70A3F0B.pf
Deleted file - C:\WINDOWS\prefetch\TERMINAL.EXE-C022B99E.pf
Deleted file - C:\WINDOWS\prefetch\TERMINAL.EXE-C41C2DC1.pf
Deleted file - C:\WINDOWS\prefetch\TERMINAL.EXE-CA369914.pf
Deleted file - C:\WINDOWS\prefetch\TERMINAL.EXE-F2C78301.pf
Deleted file - C:\WINDOWS\prefetch\TERMINAL.EXE-F9AEAEA7.pf
Deleted file - C:\WINDOWS\prefetch\TEXTINPUTHOST.EXE-1D647C71.pf
Deleted file - C:\WINDOWS\prefetch\TEXTINPUTHOST.EXE-91C3EC58.pf
Deleted file - C:\WINDOWS\prefetch\TEXTINPUTHOST.EXE-B983F932.pf
Deleted file - C:\WINDOWS\prefetch\TEXTINPUTHOST.EXE-CAB6150D.pf
Deleted file - C:\WINDOWS\prefetch\TIWORKER.EXE-BBB24D77.pf
Deleted file - C:\WINDOWS\prefetch\TIWORKER.EXE-C5273175.pf
Deleted file - C:\WINDOWS\prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
Deleted file - C:\WINDOWS\prefetch\UNIFIEDINSTALLER.EXE-A2B5863C.pf
Deleted file - C:\WINDOWS\prefetch\UNINS000.EXE-AFE97D07.pf
Deleted file - C:\WINDOWS\prefetch\UNINSTALL.EXE-1B22E3BD.pf
Deleted file - C:\WINDOWS\prefetch\UNINSTALL.EXE-D8E27CB6.pf
Deleted file - C:\WINDOWS\prefetch\UN_A.EXE-73FDAB32.pf
Deleted file - C:\WINDOWS\prefetch\UPDATE.EXE-94615F94.pf
Deleted file - C:\WINDOWS\prefetch\VIBER.EXE-2C5D668D.pf
Deleted file - C:\WINDOWS\prefetch\VLC.EXE-5F2E6616.pf
Deleted file - C:\WINDOWS\prefetch\VLC.EXE-F6030DC6.pf
Deleted file - C:\WINDOWS\prefetch\VSSVC.EXE-6C8F0C66.pf
Deleted file - C:\WINDOWS\prefetch\WERFAULT.EXE-155C56CF.pf
Deleted file - C:\WINDOWS\prefetch\WERFAULT.EXE-661188F3.pf
Deleted file - C:\WINDOWS\prefetch\WERMGR.EXE-F439C551.pf
Deleted file - C:\WINDOWS\prefetch\WLRMDR.EXE-A7C36FDD.pf
Deleted file - C:\WINDOWS\prefetch\WMIADAP.EXE-BB21CD77.pf
Deleted file - C:\WINDOWS\prefetch\WMIPRVSE.EXE-E8B8DD29.pf
Deleted file - C:\WINDOWS\prefetch\WORDPAD.EXE-942EAA71.pf
Deleted file - C:\WINDOWS\prefetch\WUAUCLT.EXE-5D573F0E.pf
Deleted file - C:\WINDOWS\prefetch\ZOOM.EXE-D6D4E67A.pf
Deleted file - C:\WINDOWS\prefetch\_IU14D2N.TMP-DC8A06B4.pf
Deleted file - C:\WINDOWS\prefetch\_UNINS.TMP-148400FD.pf


========= End of CMD: =========


========= del /s /q C:\Windows\SoftwareDistribution\download\*.* =========

Deleted file - C:\Windows\SoftwareDistribution\download\1c2e45965e891bec2c95dc9335404600af8bf2a4
Deleted file - C:\Windows\SoftwareDistribution\download\4bf27e91bcb2d89db4fd68ce01d8ad5d180ffbf8
Deleted file - C:\Windows\SoftwareDistribution\download\4dea12d5d0b77fe7c8cf583004e07e2b8e60a0a8
Deleted file - C:\Windows\SoftwareDistribution\download\4e8e5e229c5f7dadef32ac5f182a0662d0c2f370
Deleted file - C:\Windows\SoftwareDistribution\download\4f3e8bba3362b9186811a73fd8fe9cd28355cfe3
Deleted file - C:\Windows\SoftwareDistribution\download\5ae80c402b6bf7001eb59cff06fb163cc5c2b955
Deleted file - C:\Windows\SoftwareDistribution\download\615e8b2ac0f028a225377d8db381647eda9b75d2
Deleted file - C:\Windows\SoftwareDistribution\download\8fc2275f5c00297fad03a81ddd488d937b3bf72e
Deleted file - C:\Windows\SoftwareDistribution\download\ae49eee6e8ea6dd838a47a93f1989775ef5dfdcf
Deleted file - C:\Windows\SoftwareDistribution\download\e915f415a2e2eb889d8293aa711219a6616bd48e
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\ActionList.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\compdb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\DownloadList.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\DownloadList_old.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\ExeUpdateAgentDeployment.cab
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\unifiedinstaller.exe
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\UpdHealthTools.cab
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\windlp.state-old.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\windlp.state.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Logs\CapsulePublishRemediation.001.etl
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\compdb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\compdb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\DeviceInventory.xml
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\Dpx.dll
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\ExeUpdateAgent.dll
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\Mitigation.dll
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\UAOneSettings.dll
Deleted file - C:\Windows\SoftwareDistribution\download\73e4510ac6d4d974af24a7a5a00e17a3\Metadata\UpdateAgent.dll
Deleted file - C:\Windows\SoftwareDistribution\download\9dbde960dbff0b004ef17a0616c3a8ef\Metadata\SSU-19041.3385-x64-express\amd64_deployment-f8f4f67f..c5f202e39c52441006a_31bf3856ad364e35_10.0.19041.3385_none_e68f05b6738d6806.manifest
Deleted file - C:\Windows\SoftwareDistribution\download\ad8877db26972f985c4bba0497d5b49e\Windows10.0-KB5029923-x64-NDP48.cab
Deleted file - C:\Windows\SoftwareDistribution\download\ad8877db26972f985c4bba0497d5b49e\cbshandler\state
Deleted file - C:\Windows\SoftwareDistribution\download\Install\AM_Delta_Patch_1.397.1814.0.exe
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\006bdd0831299ed2a59ee6b9c1cc801807fd1e4449dcb93984c7f9985c1aed81
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\33c98d7e951d1b97352565c770a2ef52d9758905160eee35f80b7c6408a97b9f
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\b1a506907858809b817d3f46283f150f6799c85fdf9d4695ec986e122bd3bba5
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\e22cb1e62c814298d0f6646968a94cf20baff9d1f0f81e079998793c5f511584


========= End of CMD: =========


========= del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" =========

Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000062
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000065
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000066
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000069
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000072
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000074
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000075
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000077
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000078
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000079
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000081
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000082
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000083
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000084
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000085
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000088
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000090
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000091
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000092
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000093
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000094
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000095
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000097
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000099
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000aa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ab
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ac
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ad
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000af
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ca
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ce
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000da
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000db
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000dc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000dd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000de
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000df
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ea
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ec
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ed
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ee
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ef
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ff
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000101
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000103
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000104
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000105
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000106
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000107
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000108
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000109
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000110
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000111
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000112
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000113
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000114
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000115
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000116
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000117
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000118
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000119
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000120
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000121
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000122
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000123
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000124
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000125
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000126
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000127
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000128
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000129
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000130
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000131
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000132
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000133
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000134
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000135
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000136
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000137
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000138
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000139
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000140
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000141
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000142
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000143
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000144
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000145
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000146
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000147
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000148
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000149
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000150
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000151
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000152
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000153
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000154
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000155
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000156
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000157
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000158
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000159
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000160
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000161
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000162
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000163
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000164
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000165
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000166
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000167
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000168
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000169
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000170
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000171
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000172
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000173
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000174
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000175
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000176
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000177
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000178
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000179
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00017a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00017b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00017c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00017d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00017e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00017f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000180
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000181
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000182
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000183
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000184
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000185
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000186
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000187
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000188
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000189
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00018a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00018b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00018c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00018d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00018e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00018f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000190
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000191
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000192
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000193
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000194
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000195
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000196
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000197
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000198
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000199
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001aa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ab
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ac
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ad
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ae
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001af
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ba
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001bb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001bc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001bd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001be
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001bf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ca
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001cb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001cc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001cd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ce
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001cf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001da
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001db
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001dc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001dd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001de
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001df
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ea
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001eb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ec
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ed
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ee
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ef
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001fa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001fb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001fc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001fd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001fe
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ff
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000200
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000201
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000202
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000203
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000204
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000205
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000206
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000207
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000208
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000209
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000210
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000211
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000212
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000213
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000215
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000216
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000217
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000218
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000219
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00021a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00021b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00021c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00021d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00021e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00021f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000220
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000221
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000222
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000224
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000225
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000226
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000228
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000229
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00022a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00022f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000235
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000236
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00023a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00023d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00023f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000240
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000241
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000242
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000243
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000244
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000245
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000248
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000249
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000253
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000259
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000260
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000261
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000262
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000263
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000265
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000266
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000267
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000268
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000269
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00026a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00026b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00026c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00026d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00026e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00026f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000270
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000271
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000272
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000273
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000274
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000275
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000276
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000277
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000278
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000279
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00027a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00027c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00027d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00027e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00027f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000280
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000281
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000282
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000283
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000284
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000285
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000286
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000287
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000289
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00028a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00028c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00028d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000290
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000292
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000293
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000294
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000295
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000296
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000297
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000298
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000299
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00029a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00029b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00029c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00029d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00029e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00029f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002a9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002aa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ac
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ae
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002af
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002b0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002b1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002b3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002b4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002b9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ba
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002bb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002bc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002bd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002be
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002bf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002c9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ca
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002cb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002cc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002cd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ce
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002cf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002d9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002da
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002db
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002dc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002dd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002de
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002df
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002e9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ea
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002eb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ec
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ed
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ee
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ef
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002f9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002fa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002fb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002fc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002fd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002fe
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0002ff
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000300
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000301
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000302
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000303
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000304
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000305
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000306
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000307
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000308
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000309
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00030a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00030b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00030c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00030d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00030e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00030f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000310
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000311
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000312
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000313
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000314
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000315
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000316
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000317
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000318
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000319
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00031a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00031b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00031c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00031d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00031e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00031f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000320
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000321
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000322
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000323
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000324
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000325
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000326
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000327
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000328
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000329
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00032f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000330
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000331
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000334
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000335
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000336
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000337
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000338
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000339
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00033a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00033b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00033c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00033d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00033e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00033f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000341
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000342
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000343
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000344
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000345
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000346
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000347
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000348
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00034a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00034b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00034c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00034d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00034e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00034f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000350
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000351
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000352
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000355
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000356
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000357
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000358
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000359
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00035a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00035b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00035c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00035d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000363
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000364
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000365
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000366
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00036d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000370
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000373
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000375
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000376
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000377
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000378
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000379
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00037b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00037c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00037d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00037e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00037f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000380
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000381
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000385
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000386
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000387
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000388
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000389
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00038a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00038b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00038c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00038d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00038e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00038f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000390
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000391
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000392
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000393
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000394
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000395
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000396
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000398
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000399
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00039a
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00039b
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00039c
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00039d
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00039e
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00039f
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003a9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003aa
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ab
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ac
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ad
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ae
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003af
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003b9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ba
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003bc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003bd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003be
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003bf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003c9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ca
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003cb
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003cc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003cd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ce
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003cf
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d4
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d5
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d6
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d7
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d8
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003d9
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003da
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003db
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003dc
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003dd
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003de
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003df
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e0
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e1
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e2
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e3
Deleted file - C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\index


========= End of CMD: =========


========= del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*" =========

Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000001
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000002
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000003
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000004
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000005
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000006
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000007
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000008
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000009
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00000a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00000b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00000c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00000d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00000e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00000f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000010
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000011
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000012
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000013
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000014
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000015
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000016
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000017
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000018
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000019
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00001a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00001b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00001c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00001d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00001e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00001f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000020
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000021
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000022
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000023
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000024
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000025
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000026
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000027
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000028
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000029
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00002a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00002b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00002c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00002d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00002e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00002f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000030
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000031
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000032
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000033
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000034
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000035
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000036
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000037
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000038
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000039
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00003a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00003b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00003c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00003d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00003e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00003f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000040
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000041
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000042
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000043
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000044
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000045
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000046
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000047
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000048
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000049
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00004a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00004b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00004c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00004d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00004e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00004f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000050
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000051
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000052
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000053
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000054
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000055
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000056
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000057
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000058
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000059
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000060
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000061
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000062
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000063
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000064
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000065
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000066
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000067
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000068
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000069
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000070
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000071
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000072
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000080
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000081
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000084
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000085
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000086
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000087
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000088
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000089
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000090
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000091
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000092
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000093
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000094
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000095
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000096
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000097
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000098
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000099
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009a
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009b
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009c
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009d
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009e
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009f
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a0
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a1
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a2
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a3
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a4
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a5
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a6
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a7
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a8
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a9
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000aa
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ab
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ac
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ad
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ae
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000af
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b0
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b1
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b2
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b3
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b4
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b5
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b6
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b7
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b8
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b9
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bb
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bc
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bd
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bf
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c1
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c2
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c3
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c4
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c5
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c8
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c9
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ca
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000cb
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000cc
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000cd
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ce
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000cf
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d0
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d1
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d2
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d3
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d4
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d5
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d6
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d7
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d8
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d9
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000da
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000db
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000dc
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000dd
Deleted file - C:\Users\Shahil\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\index


========= End of CMD: =========


========= del /s /q "%userprofile%\AppData\Local\temp\*.*" =========

Deleted file - C:\Users\Shahil\AppData\Local\temp\%%%2045.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\%%%DDE.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\2a2979eb-cf5c-451c-873f-2357b13d90fe.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\4b7d74b2-a0ab-4ac5-82b5-6e35313ed4de.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\704a75cd-c3b3-4bbc-84d8-75becc5f22a3.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\7e0a3178-aa57-4270-8171-9213b7f2435d.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\90d8b780-3a51-4d92-9f81-798b121730c3.tmp
Deleted file - C:\Users\Shahil\AppData\Local\temp\app_package_efcecb04d1.log
Deleted file - C:\Users\Shahil\AppData\Local\temp\b111905969ad19b36419933d76085763-{87A94AB0-E370-4cde-98D3-ACC110C5967D}
Deleted file - C:\Users\Shahil\AppData\Local\temp\cv_debug.log
Deleted file - C:\Users\Shahil\AppData\Local\temp\d3bsbodp.q2h.xml
Deleted file - C:\Users\Shahil\AppData\Local\temp\geek64.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna1710487099516837404.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna2502776614432721806.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna3752183323020265583.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna5147435996100189108.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna5679844685889903770.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna6099599153884718423.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna6120358007038335358.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna7091889797189788997.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna7278724066850085766.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna7880831176240894529.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna8307476427305369671.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna8689938278186713701.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna8847142032109656893.hunspell-win-x86-64.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\MicrosoftEdgeUpdate.log
Deleted file - C:\Users\Shahil\AppData\Local\temp\msedge_installer.log
Deleted file - C:\Users\Shahil\AppData\Local\temp\RazerInstallerCleaner.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\RazerInstallerFiles.xml
Deleted file - C:\Users\Shahil\AppData\Local\temp\temp_file_screenshot_45500.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\tmpaddon
Deleted file - C:\Users\Shahil\AppData\Local\temp\Uninstall.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\Un_A.log
Deleted file - C:\Users\Shahil\AppData\Local\temp\{03D757C9-B8C1-4BDB-9B35-ECE58DFBAF7D} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{04009619-521D-4469-9AC2-A7FE392D3A1B} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{0B591014-27AE-4AC9-8367-1DFAC577C056} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{455FD718-5AC9-4359-BB9E-AAD805B1E8A1} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{46D830B2-8362-4609-AD91-5DCF0533D707} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{4F9FC72F-AED6-4B65-9176-6BE135F03516} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{6C753A92-2ECB-4914-AB65-28A9227C8BB9} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{8A854459-3EB3-4E56-9C04-29C0A9920EC4} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{99E40140-DE4D-4965-83D5-2B188BDB9755} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{BF0A0505-C676-4FB6-9DD0-A76F90DA12F1} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{D0D457BE-EB81-408A-A6BE-126C1C2D193E} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{D2E2EF43-2B0B-4B1A-B9BF-BD9AC3BC3EE9} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{E40CE3A7-52B3-4776-833C-5035BE9F8DA4} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\{E8D9C33A-687F-4AE0-AC95-750710DED214} - OProcSessId.dat
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DF422A4A9C72871870.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DF450671B21F8D3FB2.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DF4B384516BD35F0BC.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DF5B60AB29684F2AA9.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DF6A523C7D5E4F456C.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DF6E151F2A53C97680.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DFA6C05D594F2180C3.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DFAD78E5EEB94DEB5F.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DFC7EBA802A2E05A85.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\~DFC894C12A55B09D0B.TMP
Deleted file - C:\Users\Shahil\AppData\Local\temp\07833278-F96A-4F31-BE34-3CA4DBF4B329\DismHost.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\7zO0558C853\geek.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\7zO46E728B5\Introduction.txt
Deleted file - C:\Users\Shahil\AppData\Local\temp\7zO856313FC\geek.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\BB8EF059-7A0D-4171-B87D-7FFE0ECC583B\DismHost.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\AppxProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\AssocProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\CbsProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\DismCore.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\DismCorePS.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\DismHost.exe
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\DismProv.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\DmiProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\FfuProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\FolderProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\GenericProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\IBSProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\ImagingProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\IntlProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\LogProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\MsiProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\OfflineSetupProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\OSProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\ProvProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\SetupPlatformProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\SmiProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\SysprepProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\TransmogProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\UnattendProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\VhdProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\WimProvider.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\AppxProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\AssocProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\DismCore.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\DismProv.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\FfuProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\GenericProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\IBSProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\ImagingProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\LogProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\OfflineSetupProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\OSProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\ProvProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\SetupPlatformProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\SysprepProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\VhdProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\en-US\WimProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\AppxProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\AssocProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\CbsProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\DismCore.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\DismProv.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\DmiProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\FfuProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\FolderProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\GenericProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\ImagingProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\IntlProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\LogProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\MsiProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\OfflineSetupProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\OSProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\ProvProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\SetupPlatformProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\SmiProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\TransmogProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\UnattendProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\VhdProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\C0404018-8854-4C36-B646-DACE0520B61A\zh-CN\WimProvider.dll.mui
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_10008_1308121124\11f73fd8-ce9c-4301-86d1-49dcad522d03
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_10260_1986751772\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_10260_2141771352\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_10500_425289963\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_11568_1123696085\c1b0f565-f520-4e36-b282-708aa9e316cd
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_11568_949100819\198da330-782c-4555-b1a2-9fd404f600a7
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_15912_891271876\c1b0f565-f520-4e36-b282-708aa9e316cd
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_16872_842981154\0c731568-fe71-43f9-8418-0fefff1010b6
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_18760_2031025567\426143b9-1585-4703-8ef1-d9b0e56c4a99
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_21016_981853745\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_26284_1907021091\0c731568-fe71-43f9-8418-0fefff1010b6
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_26284_1910108165\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_28980_807652775\0c731568-fe71-43f9-8418-0fefff1010b6
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_2940_1714647387\426143b9-1585-4703-8ef1-d9b0e56c4a99
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_29764_181235755\c1b0f565-f520-4e36-b282-708aa9e316cd
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_32188_1152817425\5686322a-ffa9-43cd-98c7-9900dceae2d0
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_32188_2135721600\e9f8c500-8e5e-4ddd-9bef-4e0b522248e9
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_32188_456048362\426143b9-1585-4703-8ef1-d9b0e56c4a99
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_32188_65412016\1578ed53-947d-4939-a800-ca7545c0b030
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_36224_44282563\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_39848_1257481496\0c731568-fe71-43f9-8418-0fefff1010b6
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_45868_1629422972\c1b0f565-f520-4e36-b282-708aa9e316cd
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_45868_1934827658\0c731568-fe71-43f9-8418-0fefff1010b6
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_45868_926618299\c50698d5-282c-4c8d-9fa6-c155f2d8d379
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_6020_1448320286\11f73fd8-ce9c-4301-86d1-49dcad522d03
Deleted file - C:\Users\Shahil\AppData\Local\temp\edge_BITS_9828_1629499255\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna--1819708545\jna6239859140550525560.dll
Deleted file - C:\Users\Shahil\AppData\Local\temp\jna--1819708545\jna6239859140550525560.dll.x
Deleted file - C:\Users\Shahil\AppData\Local\temp\mbam\qt-jl-icons\2c52d530960.ico
Deleted file - C:\Users\Shahil\AppData\Local\temp\mbam\qt-jl-icons\2c52d5309a0.ico
Deleted file - C:\Users\Shahil\AppData\Local\temp\mbam\qt-jl-icons\2c52d5309c0.ico
Deleted file - C:\Users\Shahil\AppData\Local\temp\msedge_url_fetcher_552_939392372\48de876d-cfac-4eb6-8209-1fc4f836c76f
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir26356_1662264542\4b34c58c71fb88f99c84dcad1cea3616.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir26356_1662264542\5d8277196fc195608a15e8debd039131.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir26356_1662264542\9ce3a2d06abde4ab095a636582548332.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir35040_636790216\09fa95c5ca56d8f99efbce0c9607866f.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir35040_636790216\315638b90cac7632f76bbc3fd4a8c911.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir35040_636790216\5d8277196fc195608a15e8debd039131.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir35040_636790216\9ce3a2d06abde4ab095a636582548332.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir35040_636790216\d7847632d65ef563e555aa6b7d0bb948.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir3556_398066266\5d8277196fc195608a15e8debd039131.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir3556_398066266\9ce3a2d06abde4ab095a636582548332.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir6364_696574948\315638b90cac7632f76bbc3fd4a8c911.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir6364_696574948\5d8277196fc195608a15e8debd039131.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir6364_696574948\9ce3a2d06abde4ab095a636582548332.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir7800_1702015642\5d8277196fc195608a15e8debd039131.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir7800_1702015642\9ce3a2d06abde4ab095a636582548332.png
Deleted file - C:\Users\Shahil\AppData\Local\temp\scoped_dir9840_1930591077\315638b90cac7632f76bbc3fd4a8c911.png


========= End of CMD: =========


=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230825-1210.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230923-1602.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230923-1808.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-0258.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1054.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1056.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1119.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1235.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1323.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1332.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1720.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1726.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1736.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-1828.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230924-2030.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-0033.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-0149.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-0150.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1026.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1026a.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1029.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1040.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1048.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1148.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1249.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1438.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1456.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1551.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1613.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1637.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-1801.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230925-2232.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1009.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1011.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1017.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1026.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1112.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1220.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1336.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1525.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-1725.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-2229.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230926-2239.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-0259.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1148.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1148a.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1148b.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1335.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1509.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1603.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1904.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-1943.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-2159.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230927-2335.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-0325.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-0328.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1047.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1047a.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1049.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1101.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1122.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1148.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1227.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1507.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-1514.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-2123.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230928-2251.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1137.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1140.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1140a.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1142.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1205.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1210.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1436.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1637.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1842.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-1847.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230929-2005.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-0144.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1031.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1034.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1036.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1203.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1335.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1406.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1411.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1551.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1711.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1718.log => moved successfully
C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1721.log => moved successfully
Could not move "C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1725.log" => Scheduled to move on reboot.
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\TS_59C.tmp => moved successfully
C:\Windows\Temp\TS_5CC.tmp => moved successfully
C:\Windows\Temp\TS_7A8F.tmp => moved successfully
C:\Windows\Temp\yo5tb69kwc.tmp => moved successfully

========= End -> "C:\Windows\Temp\*.*" ========


=========== "C:\WINDOWS\system32\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\system32\*.tmp" ========


=========== "C:\WINDOWS\syswow64\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\syswow64\*.tmp" ========


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1858407519 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 356630050 B
Windows/system/drivers => 23821898 B
Edge => 0 B
Chrome => 44335999 B
Firefox => 2086103743 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 2244 B
LocalService => 2244 B
NetworkService => 946900 B
Shahil => 1886345 B

RecycleBin => 2641255 B
EmptyTemp: => 4.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 30-09-2023 17:32:46)

C:\Windows\Temp\DESKTOP-AKRBR60-20230930-1725.log => Is moved successfully

==== End of Fixlog 17:32:46 ====
Click to expand...
 
#13
Code: 
~ ZHPDiag v2023.9.26.45 By Nicolas Coolman (2023/09/26)
~ Run by Shahil (Administrator)  (2023/09/30 17:37:46)
~ Assistance: https://forum.nicolascoolman.eu/
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\Shahil\Desktop\ZHPDiag.txt
~ Report: C:\Users\Shahil\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 19045)  =>.Microsoft Corporation

---\\ Internet Browsers (4) - 0s
~ GCIE: Google Chrome v117.0.5938.132
~ MFIE: Mozilla Firefox 118.0.1 (x64 en-US)
~ MSIE: Internet Explorer v11.789.19041.0
~ OBIE: Microsoft Edge v117.0.2045.43

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (2) - 1s
Windows Defender W10 (Activate) (Protection)
Malwarebytes version 4.5.21.231 v4.5.21.231 (Protection)

---\\ Sharing software PeerToPeer (1) - 1s
~ qBittorrent 4.4.0 v4.4.0 (P2P)

---\\ Informations on the system (18) - 1s
~ Operating System: Intel64 Family 6 Model 158 Stepping 10, GenuineIntel
~ Operating System:  64-bit
~ Boot mode: Normal (Normal boot)
System Restore: Activé (Enable)
System drive C: has 73 GB (32%) free of 227 GB : OK  =>.Disk Space

---\\ INFORMATIONS MÉMOIRE (MEMORY INFORMATIONS)
~ Slots Total (Total Slots) : 2
~ Slots Utilisés (Used Slots) : 1
~ Slots Disponibles (Free Slots) : 1
~ Type de barrette (FormFactor): SO-DIMM
~ Taille (Size) : 16 Go
~ Vitesse (Speed) : 2400
~ Charge mémoire (Memory Usage) : 19%
~ RAM physique Total (Total Physical) : 16 Go : OK
~ RAM physique Disponible (Available Physical) : 13 Go
~ Total virtuelle (Total Virtual) : 19.32 Go
~ Disponible virtuelle (Available Virtual): 15.29 Go

---\\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-AKRBR60
~ User Name: Shahil
~ Logged in as Administrator

---\\ Enumeration of the disk units (8) - 0s
~ Drive C: has 73 GB free of 227 GB  (System)
~ Drive D: has 4 GB free of 453 GB
~ Drive E: has 4 GB free of 953 GB
~ Drive F: has 12 GB free of 499 GB

---\\ ETAT DE LA COMMANDE TRIM
~ La commande TRIM est active (NTFS)
~ La commande TRIM est active (ReFS)

---\\ SYSTEM DISK MAIN FEATURES (28) - 18s
~ Model: WDC WDS240G2G0B-00EPW0 vUJ450000  (227 Gb )
~ Media Type: SSD Fixed Disk   ( Bus: RAID)

---\\ SYSTEM DISK GENERAL ATTRIBUTES
OK - N0 - Indicateur d'usure du périphérique de stockage (Storage Device Wear Indicator) (%):  0
OK - N1 - Temps de latence maximal de vidage (Maximum Flash latency) (ms): 0.032
OK - N2 - Temps de latence maximal d'écriture (Maximum write latency) (ms): 2.107
RE - N3 - Temps de latence maximal de lecture (Maximum read latency) (ms): 3.358
OK - N4 - Vitesse de rotation (Spindle Speed) (RPM): 0


---\\ S.M.A.R.T. PARAMETERS    -     [Flag][Value][Worst]  [Threshold][Raw Value]
OK - 01 - Taux d'erreur de lecture (Raw Read Error Rate) - [47][200][200]   [51][0]   
OK - 03 - Cellules de rechange disponibles (Available Spare Cells) - [39][196][187]   [21][1191]   
OK - 04 - Nombre de démarrages/arrêts (Start/Stop Count) - [50][89][89]   [0][11997]   
OK - 05 - Nombre de secteurs réalloués (Reallocated Sector Count) - [51][200][200]   [140][0]   
OK - 07 - Taux d’erreur de recherche (Seek Error Rate) - [46][200][200]   [0][0]   
OK - 09 - Heures de fonctionnement (Power-On Hours Count (POH) - [50][73][73]   [0][20050]   
OK - 0A - Spécifique Constructeur - [50][100][100]   [0][0]   
OK - 0B - Spécifique Constructeur - [50][100][100]   [0][0]   
OK - 0C - Nombre de cycles en fonctionnement (Power Cycles Count) - [50][96][96]   [0][4072]   
OK - C0 - Pertes de Puissance inattendues (Unexpected Power Loss Count) - [50][200][200]   [0][196]   
OK - C1 - Cycles de charge/décharge (Load/Unload Cycle Count) - [50][138][138]   [0][57601]   
OK - C2 - Température interne actuelle (Temperature) - [34][107][86]   [0][36]   
OK - C4 - Nombre d’événements de réallocation (Réallocation Event Count) - [50][200][200]   [0][0]   
OK - C5 - Nombre actuel d’ECC en attente (Current Pending ECC Count) - [50][200][200]   [0][0]   
OK - C6 - Total d'erreur incorrigibles (Uncorrectable Errors) - [48][100][253]   [0][0]   
OK - C7 - Nombre d'erreurs CRC Ultra-DMA (CRC Error Count) - [50][200][200]   [0][0]   
OK - C8 - Nombre total d'erreurs d'écriture (Offline Uncorrectable Errors - [8][100][253]   [0][0]   

---\\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (25) - 2s
[MD5.574AF6D80FE7CC6422A8592DE7A39F78] - 30/09/2023 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [5311304]  =>.Microsoft?
[MD5.EF3179D498793BF4234F708D3BE28633] - 04/05/2021 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [71680] [Unsigned]  =>.Microsoft Corporation
[MD5.D6E3B995E46D08046875E60ECCFF109B] - 05/02/2023 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [420456] [Unsigned]  =>.Microsoft Corporation
[MD5.7BE0A4024A6095690D5AA819708F9989] - 30/09/2023 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [5039616] [Unsigned]  =>.Microsoft Corporation
[MD5.B2AD768FF9A9DE3D886825A59DEF307A] - 30/09/2023 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [905216] [Unsigned]  =>.Microsoft Corporation
[MD5.E6C31BCDFB65E2DB98AD082E5DABD164] - 26/08/2022 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [316416] [Unsigned]  =>.Microsoft Corporation
[MD5.3BFBF674CF23E6F1501AC8599BCAF610] - 21/08/2023 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [821224]  =>.Microsoft?
[MD5.F1AC5FCDF2A974E81EDF0B14A9F648AC] - 21/08/2023 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [583104]  =>.Microsoft?
[MD5.D9D1E573B40DFC4A85CB5A7CE420BE15] - 21/08/2023 - (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\System32\wuaueng.dll [3447296] [Unsigned]  =>.Microsoft Corporation
[MD5.741A4DAC54E1E9D6E52EF1C57BCB7695] - 21/08/2023 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [651648] [Unsigned]  =>.Microsoft Corporation
[MD5.B2C716CEBC11930E3C1E38C3B6B9DDED] - 26/08/2022 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [31064] [Unsigned]  =>.Microsoft Corporation
[MD5.BD8897A464332FA5802486DC64248E03] - 05/02/2023 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [100864] [Unsigned]  =>.Microsoft Corporation
[MD5.054ABC6C64AE969D033B7876C04D52B4] - 13/10/2021 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [175616] [Unsigned]  =>.Microsoft Corporation
[MD5.AC8F072A3B69339079A65D5F5FC56459] - 21/04/2023 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [152064] [Unsigned]  =>.Microsoft Corporation
[MD5.0823AE866BF27AB24F2033DAD69691FA] - 21/08/2023 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [138240] [Unsigned]  =>.Microsoft Corporation
[MD5.E4B36C6EAAAB703CBFECB92EE590FB31] - 07/12/2019 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned]  =>.Microsoft Corporation
[MD5.E143A8B531B719C681A5FE27DAD7CFB3] - 21/08/2023 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [227840] [Unsigned]  =>.Microsoft Corporation
[MD5.FE59E44FA3566A541EEBEBB0F217A3F0] - 21/08/2023 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [584064] [Unsigned]  =>.Microsoft Corporation
[MD5.49F7DE6F689C47B64A2C2D46CD98E327] - 04/05/2021 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [341504] [Unsigned]  =>.Microsoft Corporation
[MD5.C106D5315746C3EBF3A5AC2F405216F2] - 30/09/2023 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2844528] [Unsigned]  =>.Microsoft Corporation
[MD5.138FDB1EBCB61287A645BD3B06DBED5E] - 07/12/2019 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [109056] [Unsigned]  =>.Microsoft Corporation
[MD5.561A30F3087256E9D02B99B3630D1016] - 30/09/2023 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [112128] [Unsigned]  =>.Microsoft Corporation
[MD5.64991B36F0BD38026F7589572C98E3D6] - 04/05/2021 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned]  =>.Microsoft Corporation
[MD5.2A8B28579A4964AA7EA8CEB1AC121243] - 29/09/2021 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [117584] [Unsigned]  =>.Microsoft Corporation
[MD5.37988A4065ACBC7A6A7E03E25AFFAE4A] - 21/08/2023 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [430928] [Unsigned]  =>.Microsoft Corporation

---\\ No disabled Windows Services (68) - 2s
O23 - Service: Intel® SGX AESM (AESMService) . (.Intel Corporation - Intel® SGX Application Enclave Services Man.) - C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_0564699426b3a50a\aesm_service.exe {008EB42BFD09BD26F5D90DE46FCAADD1B7}.  =>.Intel Corporation
O23 - Service: C:\WINDOWS\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\WINDOWS\System32\AudioEndpointBuilder.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\WINDOWS\System32\Audiosrv.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\WINDOWS\System32\bfe.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\WINDOWS\System32\psmsrv.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R) CDP User Components.) - C:\WINDOWS\System32\CDPUserSvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Connected Devices Platform User Service_62f6f (CDPUserSvc_62f6f) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft?
O23 - Service: Microsoft Office Click-to-Run Service (ClickToRunSvc) . (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe  =>.Microsoft?
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll  =>.Microsoft?
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHDCPSvc.exe  =>.Intel(R) pGFX?
O23 - Service: C:\WINDOWS\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\WINDOWS\System32\cryptsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\diagtrack.dll (DiagTrack) . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) - C:\WINDOWS\System32\diagtrack.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktop Display Broker.) - C:\WINDOWS\System32\DispBroker.Desktop.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\WINDOWS\System32\dnsrslvr.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Data Usage Service.) - C:\WINDOWS\System32\dusmsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Microsoft Edge Update Service (edgeupdate) (edgeupdate) . (.Microsoft Corporation - Microsoft Edge Update.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe  =>.Microsoft?
O23 - Service: C:\WINDOWS\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Event Logging Service.) - C:\WINDOWS\System32\wevtsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\fhsvc.dll (fhsvc) . (.Microsoft Corporation - File History Service.) - C:\WINDOWS\System32\fhsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows Font Cache Service.) - C:\WINDOWS\System32\FntCache.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Foxit Reader Update Service (FoxitReaderUpdateService) . (.Foxit Software Inc. - Foxit Reader Update Service.) - C:\Program Files (x86)\FoxitReaderUpdateService.exe  =>.FOXIT SOFTWARE INC.?
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Group Policy Client.) - C:\WINDOWS\System32\gpsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google LLC - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google LLC?
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) . (.Intel Corporation - Intel® Graphics Command Center Service.) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe {63F80010501D2B4B6C5FD1004665FFE7}.  =>.Intel Corporation
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe  =>.Intel(R) pGFX?
O23 - Service: C:\WINDOWS\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) - C:\WINDOWS\System32\iphlpsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\WINDOWS\System32\srvsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\WINDOWS\System32\wkssvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\WINDOWS\System32\lsm.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Downloaded Maps Manager.) - C:\WINDOWS\System32\moshost.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\WINDOWS\System32\mpssvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\WINDOWS\System32\nlasvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\WINDOWS\System32\nsisvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe  =>.NVIDIA Corporation?
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe  =>.NVIDIA Corporation?
O23 - Service: C:\WINDOWS\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\WINDOWS\System32\APHostService.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Sync Host_62f6f (OneSyncSvc_62f6f) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft?
O23 - Service: C:\WINDOWS\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\WINDOWS\System32\umpo.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\WINDOWS\System32\profsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Remote Access Connection Manager.) - C:\WINDOWS\System32\rasmans.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\WINDOWS\System32\RpcEpMap.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\WINDOWS\System32\rpcss.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - C:\WINDOWS\System32\RtkAudUService64.exe [Unsigned]  =>.Realtek Semiconductor
O23 - Service: C:\WINDOWS\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Task Scheduler Service.) - C:\WINDOWS\System32\schedsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\WINDOWS\System32\sens.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SgrmBroker.exe,-100 (SgrmBroker) . (.Microsoft Corporation - System Guard Runtime Monitor Broker Service.) - C:\WINDOWS\System32\SgrmBroker.exe [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) - C:\Windows\System32\shsvcs.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spooler SubSystem App.) - C:\WINDOWS\System32\spoolsv.exe [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\WINDOWS\System32\sppsvc.exe [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Still Image Devices Service.) - C:\WINDOWS\System32\wiaservc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Storage Services.) - C:\WINDOWS\System32\storsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: SynTPEnhService (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\WINDOWS\System32\SynTPEnhService.exe [Unsigned]  =>.Synaptics Incorporated
O23 - Service: C:\WINDOWS\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - SysMain Service Host.) - C:\WINDOWS\System32\sysmain.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\WINDOWS\System32\SystemEventsBrokerServer.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\WINDOWS\System32\themeservice.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\WINDOWS\System32\usermgr.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usosvc.dll (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) - C:\WINDOWS\System32\usosvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: UWP RPC Service (UWPService) . (.Creative Technology Ltd - .) - C:\Windows\SysWOW64\Creative.UWPRPCService.exe  =>.Microsoft?
O23 - Service: C:\WINDOWS\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\WINDOWS\System32\wcmsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe  =>.Microsoft?
O23 - Service: C:\WINDOWS\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\WINDOWS\System32\wbem\WMIsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - Windows WLAN AutoConfig Service DLL.) - C:\WINDOWS\System32\wlansvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) - C:\WINDOWS\System32\WpnService.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Windows Push Notification User Service.) - C:\WINDOWS\System32\WpnUserService.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Windows Push Notifications User Service_62f6f (WpnUserService_62f6f) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft?
O23 - Service: C:\WINDOWS\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\WINDOWS\System32\wscsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) - C:\Windows\System32\SearchIndexer.exe [Unsigned]  =>.Microsoft Corporation

---\\ Services not Microsoft (SR=Run, SS=Stop) (94) - 13s
SR - Boot   [07/12/2019] [  107320]   (3ware) . (.LSI.) - C:\WINDOWS\System32\drivers\3ware.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [ 1135416]   (ADP80XX) . (.PMC-Sierra.) - C:\WINDOWS\System32\drivers\ADP80XX.SYS  =>.Microsoft?
SR - Auto   [13/08/2023] [ 2503376]  Intel® SGX AESM (AESMService) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_0564699426b3a50a\aesm_service.exe {008EB42BFD09BD26F5D90DE46FCAADD1B7}.  =>.Intel Corporation
SR - Demand [07/12/2019] [   18432]  AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio2.sys [Unsigned]  =>.Advanced Micro Devices, Inc
SR - Demand [07/12/2019] [   45568]  AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdi2c.sys [Unsigned]  =>.Advanced Micro Devices, Inc
SR - Boot   [07/12/2019] [   83256]   (amdsata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdsata.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  259384]   (amdsbs) . (.AMD Technologies Inc..) - C:\WINDOWS\System32\drivers\amdsbs.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [   26936]   (amdxata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdxata.sys  =>.Microsoft?
SR - Demand [09/10/2020] [   35976]  Apple Lower Filter (AppleLowerFilter) . (.Apple Inc..) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys  =>.WDKTestCert build,132303256403278908?
SR - Boot   [07/12/2019] [  131896]  Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\WINDOWS\System32\drivers\arcsas.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  533816]  QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\bxvbda.sys  =>.Microsoft?
SR - Demand [07/12/2019] [    9728]  bcmfn2 Service (bcmfn2) . (...) - C:\WINDOWS\System32\drivers\bcmfn2.sys [Unsigned]  =>.Broadcom Corporation
SR - Boot   [07/12/2019] [  319800]   (cht4iscsi) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4sx64.sys  =>.Microsoft?
SR - Demand [07/12/2019] [ 1853752]  Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4vx64.sys  =>.Microsoft?
SS - Demand [06/12/2019] [  517328]  Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHeciSvc.exe  =>.Intel(R) pGFX?
SR - Auto   [06/12/2019] [  518352]  Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHDCPSvc.exe  =>.Intel(R) pGFX?
SR - Demand [30/09/2022] [  167440]  SAMSUNG Mobile USB Com (dg_ssudbus) . (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudbus2.sys  =>.Samsung Electronics CO., LTD.?
SR - Boot   [07/12/2019] [ 3418936]  QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\evbda.sys  =>.Microsoft?
SR - Auto   [20/04/2021] [ 2356800]  Foxit Reader Update Service (FoxitReaderUpdateService) . (.Foxit Software Inc..) - C:\Program Files (x86)\FoxitReaderUpdateService.exe  =>.FOXIT SOFTWARE INC.?
SS - Demand [27/09/2023] [ 1802528]  Google Chrome Elevation Service (GoogleChromeElevationServi (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files\Google\Chrome\Application\117.0.5938.132\elevation_service.exe  =>.Google LLC?
SR - Auto   [01/12/2021] [  156232]  Google Update Service (gupdate) (gupdate) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google LLC?
SS - Demand [01/12/2021] [  156232]  Google Update Service (gupdatem) (gupdatem) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google LLC?
SR - Demand [19/04/2019] [   85664]  Intel(R) HID Event Filter (HidEventFilter) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_ca1148cff9a7eea6\HidEventFilter.sys  =>.Intel(R) Software?
SR - Boot   [07/12/2019] [   64312]   (HpSAMD) . (.Hewlett-Packard Company.) - C:\WINDOWS\System32\drivers\HpSAMD.sys  =>.Microsoft?
SR - Demand [07/12/2019] [   36352]  Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iagpio.sys [Unsigned]  =>.Intel(R) Corporation
SR - Demand [07/12/2019] [   91136]  Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iai2c.sys [Unsigned]  =>.Intel(R) Corporation
SR - Demand [07/12/2019] [   79360]  Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [   93184]  In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  112128]  Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [   96256]  Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  171520]  Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  175104]  Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  177152]  Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  177664]  Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [   38128]  Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys  =>.Intel Corporation - Client Components Group?
SR - Demand [07/12/2019] [  113152]  Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [Unsigned]  =>.Intel Corporation
SR - Boot   [07/12/2019] [  884752]  Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorAVC.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  412176]  Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorV.sys  =>.Microsoft?
SR - Demand [07/12/2019] [  558904]  Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ibbus.sys  =>.Microsoft?
SR - Demand [06/10/2022] [ 8141392]  Intel(R) Wireless Bluetooth (ibtusb) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_a34fabf5c8696dcb\ibtusb.sys {28D8BD3C11854B538A3996B7E4F8EE23}.  =>.Intel Corporation
SR - Demand [04/06/2018] [   39504]  Intel(R) Watchdog Timer Driver  (ICCWDT) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\ICCWDT.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group?
SR - Auto   [16/08/2022] [   84024]  Intel(R) Graphics Command Center Service (igccservice) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe {63F80010501D2B4B6C5FD1004665FFE7}.  =>.Intel Corporation
SR - Demand [06/12/2019] [20629144]   (igfx) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\igdkmd64.sys  =>.Intel(R) pGFX?
SR - Auto   [06/12/2019] [  400496]  Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe  =>.Intel(R) pGFX?
SR - Demand [06/05/2019] [ 6840408]  Service for Realtek HD Audio (WDM) (IntcAzAudAddService) . (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys  =>.Realtek Semiconductor Corp.?
SR - Demand [06/05/2022] [  348840]  Intel(R) Display Audio (IntcDAud) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\intcdaud.inf_amd64_718877413f6508de\IntcDAud.sys {63F80010501D2B4B6C5FD1004665FFE7}.  =>.Intel(R) Corporation
SR - Boot   [07/12/2019] [  172344]   (ItSas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\ItSas35i.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  108856]   (LSI_SAS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  124216]   (LSI_SAS2i) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  135992]   (LSI_SAS3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [   82744]   (LSI_SSS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sss.sys  =>.Microsoft?
SR - Boot   [05/02/2023] [   21480]  MbamElam (MbamElam) . (.Malwarebytes.) - C:\WINDOWS\System32\DRIVERS\MbamElam.sys  =>.Microsoft?
SS - Demand [05/02/2023] [ 8966256]  Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe  =>.Malwarebytes Inc.?
SR - Demand [05/02/2023] [  239544]  MBAMSwissArmy (MBAMSwissArmy) . (.Malwarebytes.) - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys  =>.Microsoft?
SR - Demand [06/05/2019] [   43456]   (MBfilt) . (.Creative Technology Ltd..) - C:\WINDOWS\System32\drivers\MBfilt64.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [   59704]   (megasas) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [   81720]   (megasas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\MegaSas2i.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  105480]   (megasas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas35i.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  575800]   (megasr) . (.LSI Corporation, Inc..) - C:\WINDOWS\System32\drivers\megasr.sys  =>.Microsoft?
SR - Demand [17/04/2019] [  266128]  Intel(R) Management Engine Interfac (MEIx64) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group?
SR - Demand [07/12/2019] [ 1131320]  Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\mlx4_bus.sys  =>.Microsoft?
SS - Demand [29/09/2023] [  239008]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe  =>.Mozilla Corporation?
SR - Boot   [07/12/2019] [   63800]   (mvumis) . (.Marvell Semiconductor, Inc..) - C:\WINDOWS\System32\drivers\mvumis.sys  =>.Microsoft?
SR - Demand [07/12/2019] [  146232]  NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ndfltr.sys  =>.Microsoft?
SR - Demand [15/08/2022] [ 8831064]  ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit (Netwtw08) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\Netwtw08.sys {58B1C1C43E999C1CF7C694A1D776D0FE}.  =>.Intel Corporation
SR - Auto   [17/11/2020] [  893848]  NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe  =>.NVIDIA Corporation?
SR - Demand [17/11/2020] [33063152]   (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nvlddmkm.sys  =>.NVIDIA Corporation?
SR - Boot   [07/12/2019] [  150328]   (nvraid) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvraid.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  166200]   (nvstor) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstor.sys  =>.Microsoft?
SR - Auto   [14/03/2018] [  469952]  NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe  =>.NVIDIA Corporation?
SR - Boot   [07/12/2019] [   58680]   (percsas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas2i.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [   68408]   (percsas3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas3i.sys  =>.Microsoft?
SR - Demand [26/10/2022] [ 1210240]  Realtek RT640 NT Driver (rt640x64) . (.Realtek.) - C:\WINDOWS\System32\drivers\rt640x64.sys  =>.Realtek Semiconductor Corp.?
SR - Auto   [06/05/2019] [  873760]  Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor.) - C:\WINDOWS\System32\RtkAudUService64.exe  =>.Realtek Semiconductor Corp.?
SR - Demand [31/05/2019] [ 1012640]  Realtek PCIE Card Reader - PER (RTSPER) . (.Realsil Semiconductor Corporation.) - C:\WINDOWS\System32\drivers\RtsPer.sys  =>.Realtek Semiconductor Corp.?
SR - Demand [18/08/2022] [   64168]  Razer Control Service (RzCommon) . (.Razer Inc.) - C:\WINDOWS\System32\drivers\RzCommon.sys {0DCDADD13E8649F619040327F45A575F}.  =>.Razer Inc
SR - Demand [24/08/2020] [   54152]  Razer 0257 Service (RzDev_0257) . (.Razer Inc.) - C:\WINDOWS\System32\drivers\RzDev_0257.sys  =>.Razer USA Ltd.?
SR - Boot   [07/12/2019] [   44856]   (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\WINDOWS\System32\drivers\SiSRaid2.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [   81720]   (SiSRaid4) . (.Silicon Integrated Systems.) - C:\WINDOWS\System32\drivers\sisraid4.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  209720]   (SmartSAMD) . (.Microsemi Corportation.) - C:\WINDOWS\System32\drivers\SmartSAMD.sys  =>.Microsoft?
SR - Demand [06/06/2019] [   48480]   (SmbDrv) . (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys  =>.Synaptics Incorporated?
SR - Demand [06/06/2019] [   48992]   (SmbDrvI) . (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys  =>.Synaptics Incorporated?
SR - Demand [30/09/2022] [  174112]  SAMSUNG  Mobile USB Modem Dr (ssudmdm) . (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys  =>.Samsung Electronics CO., LTD.?
SR - Boot   [07/12/2019] [   31032]   (stexstor) . (.Promise Technology, Inc..) - C:\WINDOWS\System32\drivers\stexstor.sys  =>.Microsoft?
SR - Demand [06/06/2019] [  766816]  Synaptics TouchPad HID Mini Driver (SynTP) . (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\SynTP.sys  =>.Synaptics Incorporated?
SR - Auto   [06/06/2019] [  394592]  SynTPEnhService (SynTPEnhService) . (.Synaptics Incorporated.) - C:\WINDOWS\System32\SynTPEnhService.exe  =>.Synaptics Incorporated?
SR - Demand [01/04/2022] [   49024]  TAP-ProtonVPN Windows Adapte (tapprotonvpn) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tapprotonvpn.sys  =>.Microsoft?
SR - Auto   [01/03/2021] [  357296]  UWP RPC Service (UWPService) . (.Creative Technology Ltd.) - C:\Windows\SysWOW64\Creative.UWPRPCService.exe  =>.Microsoft?
SR - Boot   [07/12/2019] [  166712]   (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\WINDOWS\System32\drivers\vsmraid.sys  =>.Microsoft?
SR - Boot   [07/12/2019] [  305464]  VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\WINDOWS\System32\drivers\vstxraid.sys  =>.Microsoft?
SR - Demand [07/12/2019] [   36152]  WinMad Service (WinMad) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winmad.sys  =>.Microsoft?
SR - Demand [07/12/2019] [   73016]  WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winverbs.sys  =>.Microsoft?
SR - Demand [01/06/2022] [  489368]  WireGuard (WireGuard) . (.WireGuard LLC.) - C:\WINDOWS\System32\drivers\wireguard.sys  =>.Microsoft?
SR - Demand [15/01/2019] [   56024]  Intel(R) Extreme Tuning  (XtuAcpiDriver) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys  =>.Intel(R) Extreme Tuning Utility?

---\\ Task Planned Automatically (Register) (14) - 8s
O38 - TASK: {086FEEC0-1D27-4038-AAAB-EB518E569B37} [64Bits][\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA telemetry monitor.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe  [510912]   =>.NVIDIA Corporation
O38 - TASK: {792C814B-A528-47A9-B7C2-C874CADD22E4} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google LLC - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [156232]   =>.Google LLC
O38 - TASK: {92C55CF4-389D-4FB4-B9E6-17908351D8C9} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  [662464]   =>.NVIDIA Corporation
O38 - TASK: {D1F28E75-7EAC-40E3-9888-0D7BFAA2144A} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  [662464]   =>.NVIDIA Corporation
O38 - TASK: {D7FD4C16-F2A7-4F31-B8E5-32D39A3E7F2D} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google LLC - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [156232]   =>.Google LLC
O38 - TASK: {E56DF7F0-0DF9-49D7-A31A-857889059201} [64Bits][\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB] - (.Mozilla Foundation - Firefox Default Browser Agent.) -- C:\Program Files\Mozilla Firefox\default-browser-agent.exe  [717728]   =>.Mozilla Foundation
O38 - TASK: {EA6DB11D-B414-4DA8-8479-921D7E635E4F} [64Bits][\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe  [757184]   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google LLC.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [/ua ./ua]   =>.Google LLC
C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google LLC.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [/c]   =>.Google LLC
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - (.Mozilla Foundation.) -- C:\Program Files\Mozilla Firefox\default-browser-agent.exe  [do-task "308046B0AF4A39CB.do-task]   =>.Mozilla Foundation
C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe  []   =>.NVIDIA Corporation

---\\ Auto loading programs from Registry and folders (20) - 5s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) -- C:\WINDOWS\system32\SecurityHealthSystray.exe [Unsigned]  =>.Microsoft Corporation
O4 - HKLM\..\Run: [RtkAudUService] . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) -- C:\WINDOWS\System32\RtkAudUService64.exe [Unsigned]  =>.Realtek Semiconductor
O4 - HKCU\..\Run: [electron.app.Loom] . (.Loom, Inc. - Loom.) -- C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe {016E03238CDF778275BB123A9C6ADA51}.
O4 - HKCU\..\Run: [3RVX] . (.Matthew Malensek - 3RVX.) -- C:\Program Files (x86)\3RVX\3RVX.exe [Unsigned]
O4 - HKCU\..\Run: [Discord] . (. - .) -- Discord.exe
O4 - HKCU\..\Run: [Spotify] . (. - .) -- --minimized.
O4 - HKCU\..\Run: [RiotClient] . (.Riot Games, Inc. - Riot Client.) -- E:\Riot Games\Riot Client\RiotClientServices.exe {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
O4 - HKCU\..\Run: [Viber] . (.Viber Media S.Ã  r.l. - Viber.) -- C:\Users\Shahil\AppData\Local\Viber\Viber.exe {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - HKCU\..\Run: [Microsoft Edge Update] . (.Microsoft Corporation - Microsoft Edge Update.) -- C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe  =>.Microsoft?
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_E6E5DB1D482397EC518CFF1AC2422889] . (...) -- . [Unsigned]
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Corporation?
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Corporation?
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [electron.app.Loom] . (.Loom, Inc. - Loom.) -- C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe {016E03238CDF778275BB123A9C6ADA51}.
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [3RVX] . (.Matthew Malensek - 3RVX.) -- C:\Program Files (x86)\3RVX\3RVX.exe [Unsigned]
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [Discord] . (. - .) -- Discord.exe
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [Spotify] . (. - .) -- --minimized.
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [RiotClient] . (.Riot Games, Inc. - Riot Client.) -- E:\Riot Games\Riot Client\RiotClientServices.exe {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [Viber] . (.Viber Media S.Ã  r.l. - Viber.) -- C:\Users\Shahil\AppData\Local\Viber\Viber.exe {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [Microsoft Edge Update] . (.Microsoft Corporation - Microsoft Edge Update.) -- C:\Users\Shahil\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe  =>.Microsoft?
O4 - HKUS\S-1-5-21-4291915333-2200026273-1243826419-1001\..\Run: [MicrosoftEdgeAutoLaunch_E6E5DB1D482397EC518CFF1AC2422889] . (...) -- . [Unsigned]

---\\ Process running (29) - 8s
[MD5.3F0E012C36241E4C3793834D14983D85] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe [400496] [PID.1988]  =>.Intel(R) pGFX?
[MD5.28233B765C6A052DA848DB0A435EA2E1] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Windows\System32\SynTPEnhService.exe [394592] [PID.2380] [Unsigned]  =>.Synaptics Incorporated
[MD5.05EDF1CD1D700CE94D005EFE2B223072] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe [893848] [PID.2824]  =>.NVIDIA Corporation?
[MD5.05EDF1CD1D700CE94D005EFE2B223072] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe [893848] [PID.3424]  =>.NVIDIA Corporation?
[MD5.13F354EF9C542E1FD1AD40023EA6A5FE] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) -- C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHDCPSvc.exe [518352] [PID.4324]  =>.Intel(R) pGFX?
[MD5.B9664C362AB0F0612AD9C566E5FAEFFA] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) -- C:\WINDOWS\System32\RtkAudUService64.exe [873760] [PID.4344] [Unsigned]  =>.Realtek Semiconductor
[MD5.A26FB881CF0BD79883343E07B973C6F7] - (.Intel Corporation - Intel® Graphics Command Center Service.) -- C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe [84024] [PID.4424] {63F80010501D2B4B6C5FD1004665FFE7}.  =>.Intel Corporation
[MD5.BDA6918765EAA460AF4049D3A9F88FD4] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [469952] [PID.4448]  =>.NVIDIA Corporation?
[MD5.121DDD683306F3ABA33C30F7C75BCC18] - (.Creative Technology Ltd - .) -- C:\Windows\SysWOW64\Creative.UWPRPCService.exe [357296] [PID.4492]  =>.Microsoft?
[MD5.D478B37996354A3D3952FEF8A509C67F] - (.Foxit Software Inc. - Foxit Reader Update Service.) -- C:\Program Files (x86)\FoxitReaderUpdateService.exe [2356800] [PID.4520]  =>.FOXIT SOFTWARE INC.?
[MD5.8137772CB1C90710E524156DBD2DB4C7] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHeciSvc.exe [517328] [PID.5084]  =>.Intel(R) pGFX?
[MD5.A4E9E3B4F81D70A999F4E27897631A28] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Windows\System32\SynTPEnh.exe [4515168] [PID.4168] [Unsigned]  =>.Synaptics Incorporated
[MD5.A42CA4FE35744D1B8302B2E84ECC958D] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Windows\System32\SYNTPHELPER.EXE [243040] [PID.7280] [Unsigned]  =>.Synaptics Incorporated
[MD5.BCF13D5C759FA6E94764E18CBB119FB5] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxEM.exe [906144] [PID.7744]  =>.Intel(R) pGFX?
[MD5.5CDDF06A40E89358807A2B9506F064D9] - (...) -- C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [793416] [PID.8168]  =>.Microsoft?
[MD5.B9664C362AB0F0612AD9C566E5FAEFFA] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) -- C:\Windows\System32\RtkAudUService64.exe [873760] [PID.9508] [Unsigned]  =>.Realtek Semiconductor
[MD5.CCCC13762A9F6D55CC7EE140A8E14C7A] - (.Matthew Malensek - 3RVX.) -- C:\Program Files (x86)\3RVX\3RVX.exe [649216] [PID.9584] [Unsigned]
[MD5.B726C4DAD495E6897E95F3D2C60BB73C] - (.Spotify Ltd - Spotify.) -- C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe [19678208] [PID.6848] [Unsigned]  =>.Spotify Ltd
[MD5.B726C4DAD495E6897E95F3D2C60BB73C] - (.Spotify Ltd - Spotify.) -- C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe [19678208] [PID.2568] [Unsigned]  =>.Spotify Ltd
[MD5.EA196EEDA6205826A931F494C01C4A1E] - (.Riot Games, Inc. - Riot Client.) -- E:\Riot Games\Riot Client\RiotClientServices.exe [70910864] [PID.10184] {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
[MD5.B726C4DAD495E6897E95F3D2C60BB73C] - (.Spotify Ltd - Spotify.) -- C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe [19678208] [PID.5884] [Unsigned]  =>.Spotify Ltd
[MD5.B726C4DAD495E6897E95F3D2C60BB73C] - (.Spotify Ltd - Spotify.) -- C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe [19678208] [PID.6084] [Unsigned]  =>.Spotify Ltd
[MD5.B726C4DAD495E6897E95F3D2C60BB73C] - (.Spotify Ltd - Spotify.) -- C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe [19678208] [PID.3552] [Unsigned]  =>.Spotify Ltd
[MD5.2557389E014E042D596D6D872DD3C7C6] - (.Intel Corporation - IGCCTray.) -- C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe [1001984] [PID.8244] [Unsigned]  =>.Intel Corporation
[MD5.E9022AF4E5CF995C2F2A9D897AF560E9] - (...) -- E:\Riot Games\Riot Client\RiotClientCrashHandler.exe [1947648] [PID.11152] [Unsigned]
[MD5.00616CE18ED5AB919762B04D7E546C0D] - (.Intel Corporation - IGCC.) -- C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt\IGCC.exe [20480] [PID.2072] [Unsigned]  =>.Intel Corporation
[MD5.76520A87E2A8AFFC24C2AB1825B7899D] - (.(c) InstatMicroElectronic. All rights reserved. - GAMING MOUSE.) -- D:\Program Files (x86)\FANTECH X4S MACRO Gaming Mouse\GamingMouse.exe [2183168] [PID.10800] [Unsigned]
[MD5.C702E6CE9AB867A2D270C988FD5A1FD8] - (.Intel Corporation - Intel® SGX Application Enclave Services Man.) -- C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_0564699426b3a50a\aesm_service.exe [2503376] [PID.7104] {008EB42BFD09BD26F5D90DE46FCAADD1B7}.  =>.Intel Corporation
[MD5.7F19E6B460767398530A1AB5F75E0E3A] - (.Nicolas Coolman - ZHPSuite.) -- C:\Users\Shahil\Desktop\ZHPSuite.exe [3511456] [PID.2688] [Unsigned]  =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (11) - 0s
G2 - GCE: Preference [Shahil][User Data\Default\Extensions] [cjpalhdlnbpafiamejdnhcphjbkeiagm] uBlock Origin  =>.Raymond Hill
G2 - GCE: Preference [Shahil][User Data\Default\Extensions] [djakfbefalbkkdgnhkkdiihelkjdpbfh] Word Replacer II
G2 - GCE: Preference [Shahil][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]   =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Shahil][User Data\Default\Extensions] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module  =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [Shahil][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda]   =>.Google Inc. {Wallet}
G2 - GCE: Preference [Shahil][User Data\Default\Local Extension Settings] [bijmdfcbjejgkcjdbjnfjbhggicapgel]
G2 - GCE: Preference [Shahil][User Data\Default\Local Extension Settings] [cjpalhdlnbpafiamejdnhcphjbkeiagm]   =>.uBlock Origin
G2 - GCE: Preference [Shahil][User Data\Default\Local Extension Settings] [djakfbefalbkkdgnhkkdiihelkjdpbfh]
G2 - GCE: Preference [Shahil][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]   =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Shahil][User Data\Default\Managed Extension Settings] [cjpalhdlnbpafiamejdnhcphjbkeiagm]   =>.uBlock Origin
G2 - GCE: Preference [Shahil][User Data\Default\Sync Extension Settings] [bijmdfcbjejgkcjdbjnfjbhggicapgel]

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (41) - 4s
P2 - EXT FILE: (...) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\firefox@tampermonkey.net.xpi [Unsigned]
P2 - EXT FILE: (...) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\foxyproxy@eric.h.jung.xpi [Unsigned]
P2 - EXT FILE: (.Web Paint - Draw shapes, lines, and add text to li.) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\jid1-0dhOSYKGj326og@jetpack.xpi [Unsigned]
P2 - EXT FILE: (.IDM Integration Module.) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\mozilla_cc3@internetdownloadmanager.com.xpi [Unsigned]
P2 - EXT FILE: (.uBlock Origin.) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\uBlock0@raymondhill.net.xpi [Unsigned]  =>.uBlock Origin
P2 - EXT FILE: (...) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\{16ea91b0-8990-4c1a-83fc-660e4bf7614b}.xpi [Unsigned]
P2 - EXT FILE: (.Universal Bypass.) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\{529b261b-df0b-4e3b-bf42-07b462da0ee8}.xpi [Unsigned]  =>.Universal Bypass
P2 - EXT FILE: (.Inkah: Chinese & Korean Pop-up Diction - Look up Korean & Chinese / Zhongwen wo.) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\{de5bbbad-7c53-468e-9d8d-9d737cf5ba81}.xpi [Unsigned]
P2 - EXT FILE: (.Zhongwen - Official Firefox port of the Zhongwen .) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\{dedb3663-6f13-4c6c-bf0f-5bd111cb2c79}.xpi [Unsigned]
P2 - EXT FILE: (.Mozilla - Firefox.) -- C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi  =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) -- C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi  =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) -- C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi  =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi  =>.Mozilla
P2 - EXT FILE: (.Mozilla - Firefox.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi  =>.Mozilla
P2 - EXT: (...) -- C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions\staged  =>.Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\bookmarkbackups  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\crashes  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\datareporting  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extension-store  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\extensions  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\features  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\gmp  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\gmp-gmpopenh264  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\gmp-widevinecdm  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\minidumps  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\saved-telemetry-pings  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\security_state  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\sessionstore-backups  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\settings  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\shader-cache  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\storage  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\weave  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\ffext_basicvideoext@startpage24
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\mozilla_cc3@internetdownloadmanager.com  =>Tonec Inc
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\reset-search-defaults@mozilla.com  =>Mozilla Corporation
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\song-id@losnappas
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\{3294b874-a429-4856-bf67-57f84efa0002}
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\{4ce83447-8255-43c2-b8f7-e02eb8c2cc39}
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}  =>Michel Gutierrez
C:\Users\Shahil\AppData\Roaming\Mozilla\Firefox\Profiles\nrodr46t.default-release\browser-extension-data\{e58d3966-3d76-4cd9-8552-1582fbc800c1}

---\\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/  =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/  =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.19041.2546 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll  =>.Microsoft Corporation

---\\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)

---\\ Microsoft Edge,Plugins,Start,Search,Extensions (3) - 0s
E2 - GCE: Preference [Shahil][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]   =>.Google Inc. {Docs hors connexion}
E2 - GCE: Preference [Shahil][User Data\Default\Extensions] [jmjflgjpcpepeafmmgdpfkogkghcpiha] Edge relevant text changes  =>.Legitimate
E2 - GCE: Preference [Shahil][User Data\Default\Local Extension Settings] [jdiccldimpdaibmpdkjnbmckianbfold]   =>.Microsoft Corporation

---\\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0  =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1  =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []  =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: IEToEdge BHO [64Bits] - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} . (.Microsoft Corporation - IEToEdge BHO.) -- C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.43\BHO\ie_to_edge_bho_64.dll  =>.Microsoft?

---\\ Global shortcuts Startup (178) - 36s
O4 - GS\Desktop [Administrator]: 17. Resources - Shortcut.lnk . (...) F:\Trading\PDFS\SMC\17. Resources.pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: 50 Writing Tools Roy Peter Clark - Shortcut.lnk . (...) F:\50 Writing Tools Roy Peter Clark\50 Writing Tools Roy Peter Clark.pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: CM Academy by Kishane Robinson - The Currency Merchant - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\Copy of CM Academy by Kishane Robinson - The Currency Merchant.pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Shahil\AppData\Local\Discord\Update.exe --processStart Discord.exe   =>.SUP.Discord
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe   [Unsigned]  =>.Free Time Co., Ltd.
O4 - GS\Desktop [Administrator]: Inducement @ICT_Capital  - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\Inducement @ICT_Capital .pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: KEYS_TO_ALGO_DELIVERY - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\KEYS_TO_ALGO_DELIVERY.pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\Desktop [Administrator]: Market Structure And Powerful Setups [By Wade Fx Setups](1) - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Market Structure And Powerful Setups [By Wade Fx Setups](1).pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: orderblock.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\4_5782966562604453396.pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: PTP_3.0 - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\PTP_3.0.pdf   [Unsigned]
O4 - GS\Desktop [Administrator]: Putting it all together Part 1 - Shortcut.lnk . (...) F:\Trading\currency merchant all videos\Putting it all together Part 1.mp4   [Unsigned]
O4 - GS\Desktop [Administrator]: stkish chat group.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\ChatExport_2022-07-06   [Unsigned]
O4 - GS\Desktop [Administrator]: Telegram.lnk . (.Telegram FZ-LLC - Telegram Desktop.) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe   {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O4 - GS\Desktop [Administrator]: Viber.lnk . (.Viber Media S.Ã  r.l. - Viber.) C:\Users\Shahil\AppData\Local\Viber\Viber.exe   {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - GS\Desktop [Administrator]: VLC NEW FOR CH SUBS.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC - Copy\vlc.exe    =>.VideoLAN?
O4 - GS\Desktop [Administrator]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\Shahil\AppData\Roaming\ZHP\ZHPSuite.exe    =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: Zoom.lnk . (.Zoom Video Communications, Inc. - Zoom Meetings.) C:\Users\Shahil\AppData\Roaming\Zoom\bin\Zoom.exe   {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Access the Internet.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [Unsigned]  =>.Google LLC
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe   [Unsigned]  =>.Free Time Co., Ltd.
O4 - GS\sendTo [Administrator]: Viber.lnk . (.Viber Media S.Ã  r.l. - Viber.) C:\Users\Shahil\AppData\Local\Viber\Viber.exe ShareFiles  {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - GS\TaskBar [Administrator]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation?
O4 - GS\TaskBar [Administrator]: FTMO MetaTrader 4.lnk . (.MetaQuotes Ltd. - MetaTrader.) D:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Administrator]: IFX Trader.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\InstaTrader\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Administrator]: MetaTrader 4 EXNESS.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\MetaTrader 4 EXNESS\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Administrator]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Telegram.lnk . (.Telegram FZ-LLC - Telegram Desktop.) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe   {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O4 - GS\TaskBar [Administrator]: ThinkMarkets MT4.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\ThinkMarkets MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\Startup [Administrator]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor Tray Icon program.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\emedtray.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Startup [Administrator]: FANTECH X4S MACRO Gaming Mouse.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{7587581E-9DAD-412D-9AA4-8541FCBCCAF6}\GM_Management.exe_E5CB7E2ECE0A4CFE83CEC7EA9D450A79.exe   [Unsigned]  =>.Flexera Software LLC
O4 - GS\Programs [Administrator]: Arfax13 - Course.lnk . (...) F:\Trading\Arfax13 - Course   [Unsigned]
O4 - GS\Programs [Administrator]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Programs [Administrator]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe   [Unsigned]  =>.Mozilla Corporation
O4 - GS\Programs [Administrator]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\Desktop [Guest]: 17. Resources - Shortcut.lnk . (...) F:\Trading\PDFS\SMC\17. Resources.pdf   [Unsigned]
O4 - GS\Desktop [Guest]: 50 Writing Tools Roy Peter Clark - Shortcut.lnk . (...) F:\50 Writing Tools Roy Peter Clark\50 Writing Tools Roy Peter Clark.pdf   [Unsigned]
O4 - GS\Desktop [Guest]: CM Academy by Kishane Robinson - The Currency Merchant - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\Copy of CM Academy by Kishane Robinson - The Currency Merchant.pdf   [Unsigned]
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Shahil\AppData\Local\Discord\Update.exe --processStart Discord.exe   =>.SUP.Discord
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe   [Unsigned]  =>.Free Time Co., Ltd.
O4 - GS\Desktop [Guest]: Inducement @ICT_Capital  - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\Inducement @ICT_Capital .pdf   [Unsigned]
O4 - GS\Desktop [Guest]: KEYS_TO_ALGO_DELIVERY - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\KEYS_TO_ALGO_DELIVERY.pdf   [Unsigned]
O4 - GS\Desktop [Guest]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\Desktop [Guest]: Market Structure And Powerful Setups [By Wade Fx Setups](1) - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Market Structure And Powerful Setups [By Wade Fx Setups](1).pdf   [Unsigned]
O4 - GS\Desktop [Guest]: orderblock.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\4_5782966562604453396.pdf   [Unsigned]
O4 - GS\Desktop [Guest]: PTP_3.0 - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\PTP_3.0.pdf   [Unsigned]
O4 - GS\Desktop [Guest]: Putting it all together Part 1 - Shortcut.lnk . (...) F:\Trading\currency merchant all videos\Putting it all together Part 1.mp4   [Unsigned]
O4 - GS\Desktop [Guest]: stkish chat group.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\ChatExport_2022-07-06   [Unsigned]
O4 - GS\Desktop [Guest]: Telegram.lnk . (.Telegram FZ-LLC - Telegram Desktop.) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe   {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O4 - GS\Desktop [Guest]: Viber.lnk . (.Viber Media S.Ã  r.l. - Viber.) C:\Users\Shahil\AppData\Local\Viber\Viber.exe   {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - GS\Desktop [Guest]: VLC NEW FOR CH SUBS.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC - Copy\vlc.exe    =>.VideoLAN?
O4 - GS\Desktop [Guest]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\Shahil\AppData\Roaming\ZHP\ZHPSuite.exe    =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: Zoom.lnk . (.Zoom Video Communications, Inc. - Zoom Meetings.) C:\Users\Shahil\AppData\Roaming\Zoom\bin\Zoom.exe   {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google LLC - Access the Internet.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [Unsigned]  =>.Google LLC
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe   [Unsigned]  =>.Free Time Co., Ltd.
O4 - GS\sendTo [Guest]: Viber.lnk . (.Viber Media S.Ã  r.l. - Viber.) C:\Users\Shahil\AppData\Local\Viber\Viber.exe ShareFiles  {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - GS\TaskBar [Guest]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation?
O4 - GS\TaskBar [Guest]: FTMO MetaTrader 4.lnk . (.MetaQuotes Ltd. - MetaTrader.) D:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Guest]: IFX Trader.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\InstaTrader\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Guest]: MetaTrader 4 EXNESS.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\MetaTrader 4 EXNESS\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Guest]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Telegram.lnk . (.Telegram FZ-LLC - Telegram Desktop.) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe   {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O4 - GS\TaskBar [Guest]: ThinkMarkets MT4.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\ThinkMarkets MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\Startup [Guest]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor Tray Icon program.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\emedtray.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Startup [Guest]: FANTECH X4S MACRO Gaming Mouse.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{7587581E-9DAD-412D-9AA4-8541FCBCCAF6}\GM_Management.exe_E5CB7E2ECE0A4CFE83CEC7EA9D450A79.exe   [Unsigned]  =>.Flexera Software LLC
O4 - GS\Programs [Guest]: Arfax13 - Course.lnk . (...) F:\Trading\Arfax13 - Course   [Unsigned]
O4 - GS\Programs [Guest]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Programs [Guest]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe   [Unsigned]  =>.Mozilla Corporation
O4 - GS\Programs [Guest]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\Desktop [Shahil]: 17. Resources - Shortcut.lnk . (...) F:\Trading\PDFS\SMC\17. Resources.pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: 50 Writing Tools Roy Peter Clark - Shortcut.lnk . (...) F:\50 Writing Tools Roy Peter Clark\50 Writing Tools Roy Peter Clark.pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: CM Academy by Kishane Robinson - The Currency Merchant - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\Copy of CM Academy by Kishane Robinson - The Currency Merchant.pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: Discord.lnk . (.GitHub - Update.) C:\Users\Shahil\AppData\Local\Discord\Update.exe --processStart Discord.exe   =>.SUP.Discord
O4 - GS\Desktop [Shahil]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe   [Unsigned]  =>.Free Time Co., Ltd.
O4 - GS\Desktop [Shahil]: Inducement @ICT_Capital  - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\Inducement @ICT_Capital .pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: KEYS_TO_ALGO_DELIVERY - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\KEYS_TO_ALGO_DELIVERY.pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\Desktop [Shahil]: Market Structure And Powerful Setups [By Wade Fx Setups](1) - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Market Structure And Powerful Setups [By Wade Fx Setups](1).pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: orderblock.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\4_5782966562604453396.pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: PTP_3.0 - Shortcut.lnk . (...) C:\Users\Shahil\Downloads\Documents\PTP_3.0.pdf   [Unsigned]
O4 - GS\Desktop [Shahil]: Putting it all together Part 1 - Shortcut.lnk . (...) F:\Trading\currency merchant all videos\Putting it all together Part 1.mp4   [Unsigned]
O4 - GS\Desktop [Shahil]: stkish chat group.lnk . (...) C:\Users\Shahil\Downloads\Telegram Desktop\ChatExport_2022-07-06   [Unsigned]
O4 - GS\Desktop [Shahil]: Telegram.lnk . (.Telegram FZ-LLC - Telegram Desktop.) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe   {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O4 - GS\Desktop [Shahil]: Viber.lnk . (.Viber Media S.Ã  r.l. - Viber.) C:\Users\Shahil\AppData\Local\Viber\Viber.exe   {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - GS\Desktop [Shahil]: VLC NEW FOR CH SUBS.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC - Copy\vlc.exe    =>.VideoLAN?
O4 - GS\Desktop [Shahil]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\Shahil\AppData\Roaming\ZHP\ZHPSuite.exe    =>.Nicolas Coolman
O4 - GS\Desktop [Shahil]: Zoom.lnk . (.Zoom Video Communications, Inc. - Zoom Meetings.) C:\Users\Shahil\AppData\Roaming\Zoom\bin\Zoom.exe   {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.
O4 - GS\Quicklaunch [Shahil]: Google Chrome.lnk . (.Google LLC - Access the Internet.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [Unsigned]  =>.Google LLC
O4 - GS\sendTo [Shahil]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe    =>.Microsoft Corporation
O4 - GS\sendTo [Shahil]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\sendTo [Shahil]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo   =>.Microsoft Corporation
O4 - GS\sendTo [Shahil]: Format Factory.lnk . (.Free Time Co., Ltd. - FormatFactory.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe   [Unsigned]  =>.Free Time Co., Ltd.
O4 - GS\sendTo [Shahil]: Viber.lnk . (.Viber Media S.Ã  r.l. - Viber.) C:\Users\Shahil\AppData\Local\Viber\Viber.exe ShareFiles  {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O4 - GS\TaskBar [Shahil]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation?
O4 - GS\TaskBar [Shahil]: FTMO MetaTrader 4.lnk . (.MetaQuotes Ltd. - MetaTrader.) D:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Shahil]: IFX Trader.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\InstaTrader\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Shahil]: MetaTrader 4 EXNESS.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\MetaTrader 4 EXNESS\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\TaskBar [Shahil]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\TaskBar [Shahil]: Telegram.lnk . (.Telegram FZ-LLC - Telegram Desktop.) C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe   {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O4 - GS\TaskBar [Shahil]: ThinkMarkets MT4.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\ThinkMarkets MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\Startup [Shahil]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor Tray Icon program.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\emedtray.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Startup [Shahil]: FANTECH X4S MACRO Gaming Mouse.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer\{7587581E-9DAD-412D-9AA4-8541FCBCCAF6}\GM_Management.exe_E5CB7E2ECE0A4CFE83CEC7EA9D450A79.exe   [Unsigned]  =>.Flexera Software LLC
O4 - GS\Programs [Shahil]: Arfax13 - Course.lnk . (...) F:\Trading\Arfax13 - Course   [Unsigned]
O4 - GS\Programs [Shahil]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Programs [Shahil]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe   [Unsigned]  =>.Mozilla Corporation
O4 - GS\Programs [Shahil]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\CommonDesktop [Public]: Aeterna Noctis.lnk . (.(c) 2023 Unity Technologies ApS. All rights reserved. - .) E:\Games\Aeterna Noctis\Aeterna Noctis.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: Anki.lnk . (...) C:\Program Files\Anki\anki.exe   {112C3F3ACD305D62BA1D39BB64CF209A}.
O4 - GS\CommonDesktop [Public]: Audacity.lnk . (.Audacity Team - Audacity® Cross-Platform Sound Editor.) E:\Program Files\Audacity\Audacity.exe    =>.Musecy SM Ltd.?
O4 - GS\CommonDesktop [Public]: CONVERGENCE - A LoL Story.lnk . (...) E:\Games\CONVERGENCE - A LoL Story\Convergence.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: EaseUS Video Editor.lnk . (.EaseUS - EaseUS Video Editor.) E:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe   [Unsigned]  =>.EaseUS
O4 - GS\CommonDesktop [Public]: FANTECH X4S MACRO Gaming Mouse.lnk . (...) D:\Program Files (x86)\FANTECH X4S MACRO Gaming Mouse\GM_Management.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: Final Fantasy I PR.lnk . (.© 1987, 2021 SQUARE ENIX CO., LTD. All Rights Reserve - .) E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF1\FINAL FANTASY.exe   {06090BC9266DA993F5EDE9404938D9E3}.
O4 - GS\CommonDesktop [Public]: Final Fantasy II PR.lnk . (.© 1988, 2021 SQUARE ENIX CO., LTD. All Rights Reserve - .) E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF2\FINAL FANTASY II.exe   {06090BC9266DA993F5EDE9404938D9E3}.
O4 - GS\CommonDesktop [Public]: Final Fantasy III PR.lnk . (.© 1990, 2021 SQUARE ENIX CO., LTD. All Rights Reserve - .) E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF3\FINAL FANTASY III.exe   {06090BC9266DA993F5EDE9404938D9E3}.
O4 - GS\CommonDesktop [Public]: Final Fantasy IV PR.lnk . (.© 1991, 2021 SQUARE ENIX CO., LTD. All Rights Reserve - .) E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF4\FINAL FANTASY IV.exe   {06090BC9266DA993F5EDE9404938D9E3}.
O4 - GS\CommonDesktop [Public]: Final Fantasy IX.lnk . (.(c)2000, 2001, 2016 SQUARE ENIX CO.,LTD. ALL RIGTHS R - FINAL FANTASY IX.) D:\Games\Final Fantasy IX\FF9_Launcher.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: Final Fantasy V PR.lnk . (.© 1992, 2021 SQUARE ENIX CO., LTD. All Rights Reserve - .) E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF5\FINAL FANTASY V.exe   {06090BC9266DA993F5EDE9404938D9E3}.
O4 - GS\CommonDesktop [Public]: Final Fantasy VI PR.lnk . (.© 1994, 2022 SQUARE ENIX CO., LTD. All Rights Reserve - .) E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF6\FINAL FANTASY VI.exe   {06090BC9266DA993F5EDE9404938D9E3}.
O4 - GS\CommonDesktop [Public]: FTMO MetaTrader 4.lnk . (.MetaQuotes Ltd. - MetaTrader.) D:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google LLC - Access the Internet.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [Unsigned]  =>.Google LLC
O4 - GS\CommonDesktop [Public]: Have a Nice Death.lnk . (.(c) 2022 Unity Technologies ApS. All rights reserved. - .) E:\Games\Have a Nice Death\HaveaNiceDeath.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: League of Legends.lnk . (.Riot Games, Inc. - Riot Client.) E:\Riot Games\Riot Client\RiotClientServices.exe --launch-product=league_of_legends --launch-patchline=live  {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe   [Unsigned]  =>.Malwarebytes
O4 - GS\CommonDesktop [Public]: Metal Mutation.lnk . (.(c) 2022 Unity Technologies ApS. All rights reserved. - .) E:\Games\Metal Mutation\MetalMutation.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: MetaTrader 4 EXNESS.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\MetaTrader 4 EXNESS\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\CommonDesktop [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe    =>.Microsoft?
O4 - GS\CommonDesktop [Public]: NinjaTrader 8 (64-bit).lnk . (...) C:\WINDOWS\Installer\{96989481-8EFF-4E05-A381-48FAAC6E29CF}\NinjaTrader.ico   [Unsigned]
O4 - GS\CommonDesktop [Public]: NinjaTrader 8.lnk . (...) C:\WINDOWS\Installer\{96989481-8EFF-4E05-A381-48FAAC6E29CF}\NinjaTrader.ico   [Unsigned]
O4 - GS\CommonDesktop [Public]: OBS Studio.lnk . (.OBS - OBS Studio.) D:\Program Files\obs-studio\bin\64bit\obs64.exe    =>.Hugh Bailey?
O4 - GS\CommonDesktop [Public]: OmegaT.lnk . (...) C:\Program Files\OmegaT\OmegaT.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: Riot Client.lnk . (.Riot Games, Inc. - Riot Client.) E:\Riot Games\Riot Client\RiotClientServices.exe --launch-product= --launch-patchline=  {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
O4 - GS\CommonDesktop [Public]: Sands of Salzaar.lnk . (...) E:\Games\Sands of Salzaar\DesertLegend.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: Souls of Chronos.lnk . (.Unity Technologies ApS - Unity playback engine..) E:\Games\Souls of Chronos\ShiLing.exe   [Unsigned]  =>.Unity Technologies ApS
O4 - GS\CommonDesktop [Public]: Speccy.lnk . (.Piriform Software Ltd - Speccy.) D:\Program Files\Speccy\Speccy64.exe    =>.Piriform Software Ltd?
O4 - GS\CommonDesktop [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Shahil\AppData\Roaming\Spotify\Spotify.exe   [Unsigned]  =>.Spotify Ltd
O4 - GS\CommonDesktop [Public]: Tale of Immortal.lnk . (...) E:\Games\Tale of Immortal\guigubahuang.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: The Knight Witch.lnk . (...) F:\Games\The Knight Witch\TheKnightWitch.58.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: ThinkMarkets MetaTrader 4.lnk . (.MetaQuotes Ltd. - MetaTrader.) C:\Program Files (x86)\ThinkMarkets MetaTrader 4\terminal.exe   {04390A4C5F8906A1D7052C1768D45047}.
O4 - GS\CommonDesktop [Public]: Warm Snow + DLC.lnk . (...) E:\Games\Warm Snow\DLC\SmartSteamLoader_x64.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: Warm Snow.lnk . (...) E:\Games\Warm Snow\SmartSteamLoader_x64.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: WWE 2K Battlegrounds.lnk . (.Epic Games, Inc. - BootstrapPackagedGame.) F:\Games\WWE 2K Battlegrounds\WWEBattlegrounds.exe   [Unsigned]  =>.Epic Games, Inc.
O4 - GS\Programs [Public]: Arfax13 - Course.lnk . (...) F:\Trading\Arfax13 - Course   [Unsigned]
O4 - GS\Programs [Public]: EmEditor.lnk . (.Emurasoft, Inc. - EmEditor.) C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe   {37D55D25C7EAA680F0A0E7AE734D7BBF}.  =>.Emurasoft, Inc.
O4 - GS\Programs [Public]: Firefox Private Browsing.lnk . (.Mozilla Corporation - Firefox Private Browsing.) C:\Program Files (x86)\Mozilla Firefox\private_browsing.exe   [Unsigned]  =>.Mozilla Corporation
O4 - GS\Programs [Public]: Loom.lnk . (.Loom, Inc. - Loom.) C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe   {016E03238CDF778275BB123A9C6ADA51}.
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe    =>.Microsoft?
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe    =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1   =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe    =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - Build a professional app quick.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Anki.lnk . (...) C:\Program Files\Anki\anki.exe   {112C3F3ACD305D62BA1D39BB64CF209A}.
O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.Audacity Team - Audacity® Cross-Platform Sound Editor.) E:\Program Files\Audacity\Audacity.exe    =>.Musecy SM Ltd.?
O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - Easily discover, visualize, an.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe    =>.Mozilla Corporation?
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Access the Internet.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [Unsigned]  =>.Google LLC
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe   [Unsigned]  =>.Malwarebytes
O4 - GS\ProgramsCommon [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe    =>.Microsoft?
O4 - GS\ProgramsCommon [Public]: OneNote.lnk . (.Microsoft Corporation - Take notes and have them when .) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - Manage your email, schedules, .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PC Health Check.lnk . (...) C:\Program Files (x86)\PCHealthCheck\PCHealthCheck.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - Design and deliver beautiful p.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - Create professional-grade publ.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE    =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - Create beautiful documents, ea.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE    =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 110.44.112.200 110.44.113.200 4.4.4.4  =>.Private IP
O17 - HKLM\System\CCS\Services\Tcpip\..\{c8f5d8e6-0c6b-4556-ad62-fb5d70a3dc13}: DhcpNameServer = 110.44.112.200 110.44.113.200 4.4.4.4  =>.Private IP

---\\ Extra protocols (27) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL  =>.Microsoft?
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL  =>.Microsoft?
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL  =>.Microsoft?
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL  =>.Microsoft?
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL  =>.Microsoft?

---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\WINDOWS\system32\userinit.exe  =>.Microsoft Corporation

---\\ List of key exploring StartupApproved (34) - 1s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber  =>.Viber
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Discord  =>.SUP.Discord
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan  =>.Tonec Inc
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Steam  =>.Valve
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:EpicGamesLauncher  =>.Epic Games
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:electron.app.Loom
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:3RVX
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:com.blitz.app
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RiotClient
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Spotify  =>.Spotify
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Microsoft Edge Update
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Synapse3
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:EmEditor.lnk
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:FANTECH X4S MACRO Gaming Mouse.lnk
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber  =>.Viber
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Discord  =>.SUP.Discord
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan  =>.Tonec Inc
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Steam  =>.Valve
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:EpicGamesLauncher  =>.Epic Games
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:electron.app.Loom
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:3RVX
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:com.blitz.app
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RiotClient
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Spotify  =>.Spotify
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Microsoft Edge Update
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Synapse3
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:EmEditor.lnk
[HKEY_USERS\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:FANTECH X4S MACRO Gaming Mouse.lnk
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SecurityHealth  =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RtkAudUService  =>.Realtek Semiconductor Corp.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RZTHXHelper
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:TeamsMachineUninstallerProgramData
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:TeamsMachineUninstallerLocalAppData
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:TeamsMachineInstaller

---\\ ASIC (ActiveSetup Installed Components) (6) - 1s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll  =>.Microsoft?
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe  =>.Google LLC?
O40 - ASIC: Microsoft Edge [64Bits] - {9459C573-B17A-45AE-9F64-1857B5D58CEE} . (.Microsoft Corporation - Microsoft Edge Installer.) -- C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.43\Installer\setup.exe  =>.Microsoft?

---\\ Software installed (106) - 38s
O42 - Logiciel: 3RVX - (.Matthew Malensek.) [HKLM][64Bits] -- {400A8514-5440-410A-B318-44061BD7EE8E} [Unsigned]
O42 - Logiciel: 7-Zip 22.01 (x64) - (.Igor Pavlov.) [HKLM][64Bits] -- 7-Zip [Unsigned]  =>.Igor Pavlov
O42 - Logiciel: Aeterna Noctis - (..) [HKLM][64Bits] -- Aeterna Noctis_is1 [Unsigned]
O42 - Logiciel: Anki - (.Damien Elmes.) [HKLM][64Bits] -- Anki {112C3F3ACD305D62BA1D39BB64CF209A}.  =>.Damien Elmes
O42 - Logiciel: Audacity 3.2.4 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1  =>.Musecy SM Ltd.?
O42 - Logiciel: AutoHotkey 1.1.33.10 - (.Lexikos.) [HKLM][64Bits] -- AutoHotkey [Unsigned]  =>.Lexikos
O42 - Logiciel: calibre 64bit - (.Kovid Goyal.) [HKLM][64Bits] -- {E52EB67B-875F-4EE4-A2C4-7D8539DEE79F} [Unsigned]  =>.Kovid Goyal
O42 - Logiciel: CONVERGENCE: A LoL Story - (..) [HKLM][64Bits] -- CONVERGENCE: A LoL Story_is1 [Unsigned]
O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] -- Discord  =>.SUP.Discord
O42 - Logiciel: EaseUS Video Editor V1.5.10.50 - (.EaseUS.) [HKLM][64Bits] -- {160288F0-2C46-47E6-973D-F8F8D0577965}_is1 [Unsigned]  =>.EaseUS
O42 - Logiciel: EmEditor (64-bit) - (.Emurasoft, Inc..) [HKLM][64Bits] -- {44DB33D1-2C0C-4912-A968-2A8087063A3B} [Unsigned]  =>.Emurasoft, Inc.
O42 - Logiciel: Epic Games Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] -- {F9C5C994-F6B9-4D75-B3E7-AD01B84073E9} [Unsigned]  =>.Epic Games, Inc. (Hidden)
O42 - Logiciel: FANTECH X4S MACRO Gaming Mouse - (.FANTECH.) [HKLM][64Bits] -- {7587581E-9DAD-412D-9AA4-8541FCBCCAF6} [Unsigned]
O42 - Logiciel: Final Fantasy I-VI Bundle PR - (..) [HKLM][64Bits] -- Final Fantasy I-VI Bundle PR_is1 [Unsigned]
O42 - Logiciel: Final Fantasy IX - (..) [HKLM][64Bits] -- Final Fantasy IX_is1 [Unsigned]
O42 - Logiciel: FormatFactory 4.3.0.0 - (.Free Time.) [HKLM][64Bits] -- FormatFactory [Unsigned]  =>.Free Time
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 [Unsigned]  =>.Foxit Software Inc.
O42 - Logiciel: FTMO MetaTrader 4 - (.MetaQuotes Ltd..) [HKLM][64Bits] -- FTMO MetaTrader 4  =>.MetaQuotes Ltd.?
O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] -- Google Chrome  =>.Google LLC?
O42 - Logiciel: Have a Nice Death - (..) [HKLM][64Bits] -- Have a Nice Death_is1 [Unsigned]
O42 - Logiciel: InstaTrader - (.MetaQuotes Software Corp..) [HKLM][64Bits] -- InstaTrader  =>.MetaQuotes Software Corp.?
O42 - Logiciel: Intel(R) Graphics Driver Software - (.Intel.) [HKLM][64Bits] -- {34663e82-6c5e-4b48-b1b1-fee1881dc39b} {00DE6DA3D54F315A9E69E1BEF10CD340D4}.  =>.Intel (Hidden)
O42 - Logiciel: Intel(R) Wireless Bluetooth(R) - (.Intel Corporation.) [HKLM][64Bits] -- {00000070-0200-1033-84C8-B8D95FA3C8C3} [Unsigned]  =>.Intel Corporation
O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] -- {43a03b9c-4770-409c-a999-587b60700b63}  =>.Epic Games Inc.? (Hidden)
O42 - Logiciel: League of Legends - (.Riot Games, Inc.) [HKCU][64Bits] -- Riot Game league_of_legends.live {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc
O42 - Logiciel: Loom 0.134.0 - (.Loom, Inc..) [HKCU][64Bits] -- 3643b966-bc28-5bc8-95ff-3d47d66438db {016E03238CDF778275BB123A9C6ADA51}.
O42 - Logiciel: Malwarebytes version 4.5.21.231 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1  =>.Malwarebytes Inc.?
O42 - Logiciel: Metal Mutation - (..) [HKLM][64Bits] -- Metal Mutation_is1 [Unsigned]
O42 - Logiciel: MetaTrader - EXNESS - (.MetaQuotes Ltd..) [HKLM][64Bits] -- MetaTrader - EXNESS  =>.MetaQuotes Ltd.?
O42 - Logiciel: MetaTrader 4 EXNESS - (.MetaQuotes Ltd..) [HKLM][64Bits] -- MetaTrader 4 EXNESS  =>.MetaQuotes Ltd.?
O42 - Logiciel: Microsoft Edge - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Edge  =>.Microsoft?
O42 - Logiciel: Microsoft Edge Update - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Edge Update [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Edge WebView2 Runtime - (.Microsoft Corporation.) [HKCU][64Bits] -- Microsoft EdgeWebView  =>.Microsoft?
O42 - Logiciel: Microsoft Edge WebView2 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft EdgeWebView  =>.Microsoft?
O42 - Logiciel: Microsoft Office Professional Plus 2021 - en-us - (.Microsoft Corporation.) [HKLM][64Bits] -- ProPlus2021Retail - en-us  =>.Microsoft?
O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] -- {2953E19B-9F91-4A49-A23B-7E25970A1951} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual Basic/C++ Runtime (x86) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5E3A69D-D391-45A6-A8FB-00B01E2B010D} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2DFD8316-9EF1-3210-908C-4CB61961C1AC} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM][64Bits] -- {527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 - (.Microsoft Corporation.) [HKLM][64Bits] -- {37B8F9C7-03FB-3253-8781-2517C99D7C00} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B175520C-86A2-35A7-8619-86DC379688B9} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] -- {050d4fc8-5d48-4b8f-8972-47c82c46020f}  =>.Microsoft?
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] -- {f65db027-aff3-4070-886a-0d87064aabb1}  =>.Microsoft?
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 - (.Microsoft Corporation.) [HKLM][64Bits] -- {010792BA-551A-3AC0-A7EF-0FAB4156C382} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 - (.Microsoft Corporation.) [HKLM][64Bits] -- {53CF6934-A98D-3D84-9146-FC4EDF3D5641} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 - (.Microsoft Corporation.) [HKLM][64Bits] -- {D401961D-3A20-3AC7-943B-6139D5BD490A} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8122DAB1-ED4D-3676-BB0A-CA368196543E} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2d507699-404c-4c8b-a54a-38e352f32cdd}  =>.Microsoft?
O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 - (.Microsoft Corporation.) [HKLM][64Bits] -- {817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}  =>.Microsoft?
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 - (.Microsoft Corporation.) [HKLM][64Bits] -- {38624EB5-356D-4B08-8357-C33D89A5C0C5} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 - (.Microsoft Corporation.) [HKLM][64Bits] -- {C96241EA-9900-4FE8-85B3-1E238D509DF6} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 - (.Microsoft Corporation.) [HKLM][64Bits] -- {A250E750-DB3F-40C1-8460-8EF77C7582DA} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 - (.Microsoft Corporation.) [HKLM][64Bits] -- {46E11E7F-01E1-44D0-BB86-C67342D253DD} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {47C2CCDB-7A04-3797-992B-A84D3E90258F} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM][64Bits] -- {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 118.0.1 (x64 en-US)  =>.Mozilla Corporation?
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService [Unsigned]  =>.Mozilla
O42 - Logiciel: NinjaTrader 8 - (.NinjaTrader, LLC.) [HKLM][64Bits] -- {96989481-8EFF-4E05-A381-48FAAC6E29CF} [Unsigned]
O42 - Logiciel: NVIDIA Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Control Panel 389.27 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Graphics Driver 457.20 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Optimus Update 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX System Software 9.19.0218 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: OBS Studio - (.OBS Project.) [HKLM][64Bits] -- OBS Studio [Unsigned]  =>.OBS Project
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: OmegaT version 5.7.1_Beta - (.OmegaT.) [HKLM][64Bits] -- org.omegat_is1 [Unsigned]
O42 - Logiciel: PingPlotter 5 - (.Pingman Tools, LLC.) [HKLM][64Bits] -- {2744D183-39DE-4473-A4FD-B6D0961D0A12} [Unsigned]  =>.Pingman Tools, LLC (Hidden)
O42 - Logiciel: PingPlotter 5 - (.Pingman Tools, LLC.) [HKLM][64Bits] -- PingPlotter 5 5.23.3.8770 [Unsigned]  =>.Pingman Tools, LLC
O42 - Logiciel: qBittorrent 4.4.0 - (.The qBittorrent project.) [HKLM][64Bits] -- qBittorrent [Unsigned]  =>.The qBittorrent project
O42 - Logiciel: RGSS-RTP Standard - (.Enterbrain.) [HKLM][64Bits] -- {5A9FE525-8B8F-4701-A937-7F6745A4E9C7} [Unsigned]  =>.Enterbrain
O42 - Logiciel: Riot Client  - (.Riot Games, Inc.) [HKCU][64Bits] -- Riot Game Riot_Client. {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc
O42 - Logiciel: Sands of Salzaar - (..) [HKLM][64Bits] -- Sands of Salzaar_is1 [Unsigned]
O42 - Logiciel: Souls of Chronos - (..) [HKLM][64Bits] -- Souls of Chronos_is1 [Unsigned]
O42 - Logiciel: Speccy - (.Piriform.) [HKLM][64Bits] -- Speccy  =>.Piriform Software Ltd?
O42 - Logiciel: Spotify ADS Remover version v1.1.85.895 - (.Spotify.) [HKLM][64Bits] -- Spotify ADS Remover_is1 [Unsigned]  =>.Spotify
O42 - Logiciel: Subtitle Edit 3.6.0 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 [Unsigned]  =>.Nikse
O42 - Logiciel: Tale of Immortal - (..) [HKLM][64Bits] -- Tale of Immortal_is1 [Unsigned]
O42 - Logiciel: Telegram Desktop - (.Telegram FZ-LLC.) [HKCU][64Bits] -- {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 [Unsigned]  =>.Telegram FZ-LLC
O42 - Logiciel: The Knight Witch - (..) [HKLM][64Bits] -- The Knight Witch_is1 [Unsigned]
O42 - Logiciel: ThinkMarkets MetaTrader 4 - (.MetaQuotes Ltd..) [HKLM][64Bits] -- ThinkMarkets MetaTrader 4 {04390A4C5F8906A1D7052C1768D45047}.
O42 - Logiciel: Update for Windows 10 for x64-based Systems (KB5001716) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C22F49B1-0F67-47DC-A490-E8B4B6558EA9} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Viber - (.2010-2021 Viber Media S.a.r.l.) [HKCU][64Bits] -- {1af53e16-204d-465f-b193-f3658e89febc}  =>.Viber Media S.à r.l.?
O42 - Logiciel: Viber - (.Viber Media S.a.r.l.) [HKLM][64Bits] -- {B17078A5-98F0-46A8-8779-F02C36D5225A} [Unsigned]  =>.Viber Media S.a.r.l (Hidden)
O42 - Logiciel: Visual C++ 10.0 CRT (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BFF61907-AA2D-3A26-8666-98D956A62ABC} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player [Unsigned]  =>.VideoLAN
O42 - Logiciel: Warm Snow - (..) [HKLM][64Bits] -- Warm Snow_is1 [Unsigned]
O42 - Logiciel: Windows PC Health Check - (.Microsoft Corporation.) [HKLM][64Bits] -- {6798C408-2636-448C-8AC6-F4E341102D27} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: WWE 2K Battlegrounds - (..) [HKLM][64Bits] -- WWE 2K Battlegrounds_is1 [Unsigned]
O42 - Logiciel: Zoom - (.Zoom Video Communications, Inc..) [HKCU][64Bits] -- ZoomUMX {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.

---\\ HKCU & HKLM Software Keys (321) - 38s
HKLM\SOFTWARE\7-Zip  =>.Igor Pavlov
HKLM\SOFTWARE\AGEIA Technologies  =>.AGEIA Technologies
HKLM\SOFTWARE\Apple Inc.  =>.Apple Inc.
HKLM\SOFTWARE\AutoHotkey  =>.AutoHotkey
HKLM\SOFTWARE\calibre 64bit
HKLM\SOFTWARE\CVSM  =>.Legitimate
HKLM\SOFTWARE\Cygwin  =>.Cygwin
HKLM\SOFTWARE\DefaultUserEnvironment  =>.Microsoft Corporation
HKLM\SOFTWARE\Google  =>.Google
HKLM\SOFTWARE\Intel  =>.Intel
HKLM\SOFTWARE\Khronos  =>.Khronos
HKLM\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKLM\SOFTWARE\MetaQuotes Software  =>.MetaQuotes Software
HKLM\SOFTWARE\Mozilla  =>.Mozilla
HKLM\SOFTWARE\mozilla.org  =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins  =>.MozillaPlugins
HKLM\SOFTWARE\NewBlue  =>.NewBlue
HKLM\SOFTWARE\Nikse  =>.Nikse
HKLM\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKLM\SOFTWARE\OBS Studio  =>.OBS Studio
HKLM\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM  =>.OEM
HKLM\SOFTWARE\OpenSSH  =>.OpenBSD
HKLM\SOFTWARE\Partner  =>.Google Inc.
HKLM\SOFTWARE\Piriform  =>.Piriform
HKLM\SOFTWARE\proDAD  =>.proDAD GmbH
HKLM\SOFTWARE\Razer  =>.Razer
HKLM\SOFTWARE\RAZERWUD
HKLM\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKLM\SOFTWARE\Synaptics  =>.Synaptics
HKLM\SOFTWARE\Windows  =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node  =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies  =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\Anki  =>.Damien Elmes
HKLM\SOFTWARE\WOW6432Node\Blizzard Entertainment  =>.Blizzard Entertainment
HKLM\SOFTWARE\WOW6432Node\BraveSoftware  =>.Brave Software Inc.
HKLM\SOFTWARE\WOW6432Node\ByteDance
HKLM\SOFTWARE\WOW6432Node\Caphyon  =>.Caphyon
HKLM\SOFTWARE\WOW6432Node\CDDB  =>.Cddb Software
HKLM\SOFTWARE\WOW6432Node\Crate Entertainment
HKLM\SOFTWARE\WOW6432Node\CyberLink  =>.CyberLink Corporation
HKLM\SOFTWARE\WOW6432Node\ej-technologies  =>.ej-technologies
HKLM\SOFTWARE\WOW6432Node\Enterbrain  =>.Enterbrain
HKLM\SOFTWARE\WOW6432Node\Foxit Software  =>.Foxit Software
HKLM\SOFTWARE\WOW6432Node\Garena  =>.Garena
HKLM\SOFTWARE\WOW6432Node\GOG.com  =>.GOG.com
HKLM\SOFTWARE\WOW6432Node\Google  =>.Google
HKLM\SOFTWARE\WOW6432Node\GuidGuid13  =>.Legitimate
HKLM\SOFTWARE\WOW6432Node\Intel  =>.Intel
HKLM\SOFTWARE\WOW6432Node\JavaSoft  =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\Khronos  =>.Khronos
HKLM\SOFTWARE\WOW6432Node\MAGIX  =>.MAGIX_Software_GmbH
HKLM\SOFTWARE\WOW6432Node\Mozilla  =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins  =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NewBlue  =>.NewBlue
HKLM\SOFTWARE\WOW6432Node\NinjaTrader, LLC
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation  =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\OBS Studio  =>.OBS Studio
HKLM\SOFTWARE\WOW6432Node\ODBC  =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\Pingman Tools  =>.Pingman Tools
HKLM\SOFTWARE\WOW6432Node\Pingman Tools, LLC  =>.Pingman Tools
HKLM\SOFTWARE\WOW6432Node\Piriform  =>.Piriform
HKLM\SOFTWARE\WOW6432Node\Proton Technologies AG  =>.Proton Technologies AG
HKLM\SOFTWARE\WOW6432Node\qBittorrent  =>.uTorrent (P2P)
HKLM\SOFTWARE\WOW6432Node\Tenorshare  =>.Tenorshare
HKLM\SOFTWARE\WOW6432Node\Valve  =>.Valve
HKLM\SOFTWARE\WOW6432Node\VideoLAN  =>.VideoLan Team
HKLM\SOFTWARE\WOW6432Node\Wow6432Node  =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications  =>.Microsoft Corporation
HKCU\SOFTWARE\3643b966-bc28-5bc8-95ff-3d47d66438db  =>Adware.CrossRider
HKCU\SOFTWARE\3RVX
HKCU\SOFTWARE\6 Eyes Studio
HKCU\SOFTWARE\7-Zip  =>.Igor Pavlov
HKCU\SOFTWARE\Abrakam Entertainment SA
HKCU\SOFTWARE\Adobe  =>.Adobe
HKCU\SOFTWARE\Airship Syndicate
HKCU\SOFTWARE\Amazon  =>.Amazon
HKCU\SOFTWARE\AMPLITUDE Studios  =>.Amplitude Studios
HKCU\SOFTWARE\Apowersoft  =>.Apowersoft
HKCU\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKCU\SOFTWARE\AppWork  =>.Appwork GmbH
HKCU\SOFTWARE\Awaken Realms
HKCU\SOFTWARE\Backup_IDM
HKCU\SOFTWARE\BadMudStudio
HKCU\SOFTWARE\BANDAI NAMCO Entertainment Inc.  =>.BANDAI NAMCO Entertainment Inc.
HKCU\SOFTWARE\BitTorrentPersist
HKCU\SOFTWARE\Blizzard Entertainment  =>.Blizzard Entertainment
HKCU\SOFTWARE\BraveSoftware  =>.Brave Software Inc.
HKCU\SOFTWARE\Breadcrumbs
HKCU\SOFTWARE\BugSplat  =>.Bugsplat Game
HKCU\SOFTWARE\ByteDance
HKCU\SOFTWARE\calibre  =>.Kovid Goyal
HKCU\SOFTWARE\Caphyon  =>.Caphyon
HKCU\SOFTWARE\Chromium  =>.Chromium
HKCU\SOFTWARE\Clover Bite
HKCU\SOFTWARE\CRITICAL_VALUE
HKCU\SOFTWARE\CyberLink  =>.CyberLink Corporation
HKCU\SOFTWARE\Daniel Mullins Games
HKCU\SOFTWARE\DigitalSun
HKCU\SOFTWARE\DirectShow  =>.Microsoft Corporation
HKCU\SOFTWARE\Discord  =>.SUP.Discord
HKCU\SOFTWARE\Double Stallion
HKCU\SOFTWARE\EaseUS  =>.EaseUS Software
HKCU\SOFTWARE\ej-technologies  =>.ej-technologies
HKCU\SOFTWARE\EmSoft  =>.EmSoft
HKCU\SOFTWARE\Enterbrain  =>.Enterbrain
HKCU\SOFTWARE\Epic Games  =>.Epic Games
HKCU\SOFTWARE\epsxe  =>.ePSXe
HKCU\SOFTWARE\Ferdafs
HKCU\SOFTWARE\Foxit Software  =>.Foxit Software
HKCU\SOFTWARE\FreeTime  =>.FreeTime Inc
HKCU\SOFTWARE\GameHouse  =>.GameHouse
HKCU\SOFTWARE\Gavra Games
HKCU\SOFTWARE\Geek Uninstaller  =>.Geek Uninstaller
HKCU\SOFTWARE\GOG.com  =>.GOG.com
HKCU\SOFTWARE\Google  =>.Google
HKCU\SOFTWARE\guigugame
HKCU\SOFTWARE\Hasbro, Inc.
HKCU\SOFTWARE\illusion  =>.Illusion
HKCU\SOFTWARE\IM Providers  =>.IM Providers
HKCU\SOFTWARE\Indigo Rose  =>.Legitimate
HKCU\SOFTWARE\Intel  =>.Intel
HKCU\SOFTWARE\JavaSoft  =>.JavaSoft
HKCU\SOFTWARE\Khronos  =>.Khronos
HKCU\SOFTWARE\KoeiTecmo
HKCU\SOFTWARE\Landfall Games  =>.Landfall Games
HKCU\SOFTWARE\Leikir Studio
HKCU\SOFTWARE\Licenses  =>.Microsoft Corporation
HKCU\SOFTWARE\Logitech  =>.Logitech
HKCU\SOFTWARE\MagicDesignStudio
HKCU\SOFTWARE\Magix  =>.MAGIX_Software_GmbH
HKCU\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKCU\SOFTWARE\MetaQuotes Software  =>.MetaQuotes Software
HKCU\SOFTWARE\Midgar Studio
HKCU\SOFTWARE\miHoYo
HKCU\SOFTWARE\miHoYoSDK
HKCU\SOFTWARE\MOMENTUMGAMES
HKCU\SOFTWARE\Mozilla  =>.Mozilla
HKCU\SOFTWARE\Netscape  =>.Netscape
HKCU\SOFTWARE\NewBlue  =>.NewBlue
HKCU\SOFTWARE\NinjaTrader, LLC
HKCU\SOFTWARE\NotGames
HKCU\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKCU\SOFTWARE\nwjs  =>.NW.js
HKCU\SOFTWARE\Obsidian Entertainment  =>.Obsidian Entertainment
HKCU\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKCU\SOFTWARE\oneoreight
HKCU\SOFTWARE\Opera Stable Offer  =>.Opera Software
HKCU\SOFTWARE\Pingman Tools  =>.Pingman Tools
HKCU\SOFTWARE\Piriform  =>.Piriform
HKCU\SOFTWARE\Power Struggle Games
HKCU\SOFTWARE\proDAD  =>.proDAD GmbH
HKCU\SOFTWARE\QtProject  =>.QtProject
HKCU\SOFTWARE\Razer  =>.Razer
HKCU\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKCU\SOFTWARE\Riot Games  =>.Riot Games
HKCU\SOFTWARE\ROBLOX Corporation  =>.Roblox Corporation
HKCU\SOFTWARE\ruanniu
HKCU\SOFTWARE\Siangltiag
HKCU\SOFTWARE\Silver Dollar Games
HKCU\SOFTWARE\Softdeluxe  =>.Softdeluxe
HKCU\SOFTWARE\Something Something Studios
HKCU\SOFTWARE\Sony Creative Software  =>.Sony Creative Software
HKCU\SOFTWARE\Spotify  =>.Spotify
HKCU\SOFTWARE\SQUARE ENIX, Inc.
HKCU\SOFTWARE\SquareEnix  =>.SquareEnix
HKCU\SOFTWARE\SuperMegaTeam
HKCU\SOFTWARE\Synaptics  =>.Synaptics
HKCU\SOFTWARE\SYSTEM_APPLICATION
HKCU\SOFTWARE\T0
HKCU\SOFTWARE\Team Cherry
HKCU\SOFTWARE\TEAM R2R  =>.TEAM R2R
HKCU\SOFTWARE\TelegramDesktop  =>.TelegramDesktop
HKCU\SOFTWARE\Tenorshare  =>.Tenorshare
HKCU\SOFTWARE\TikGames  =>.TikGames
HKCU\SOFTWARE\UberPie
HKCU\SOFTWARE\UbiSoftCTU  =>.Ubisoft
HKCU\SOFTWARE\Unity  =>.Unity
HKCU\SOFTWARE\Valve  =>.Valve
HKCU\SOFTWARE\Viber  =>.Viber
HKCU\SOFTWARE\Vision Thing
HKCU\SOFTWARE\Wastelands Interactive
HKCU\SOFTWARE\WildFire
HKCU\SOFTWARE\WOW6432Node  =>.Microsoft Corporation
HKCU\SOFTWARE\Yandex  =>.Yandex
HKCU\SOFTWARE\Youda Games Holding B.V.
HKCU\SOFTWARE\ZHP  =>.Nicolas Coolman
HKCU\SOFTWARE\ZoomUMX
HKCU\SOFTWARE\©BANDAI NAMCO Entertainment Inc.
HKCU\SOFTWARE\AppDataLow\Software  =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\Chromium  =>.Chromium
HKU\.DEFAULT\SOFTWARE\CyberLink  =>.CyberLink Corporation
HKU\.DEFAULT\SOFTWARE\Epic Games  =>.Epic Games
HKU\.DEFAULT\SOFTWARE\Google  =>.Google
HKU\.DEFAULT\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKU\.DEFAULT\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKU\.DEFAULT\SOFTWARE\Pingman Tools  =>.Pingman Tools
HKU\.DEFAULT\SOFTWARE\Razer  =>.Razer
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\3643b966-bc28-5bc8-95ff-3d47d66438db  =>Adware.CrossRider
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\3RVX
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\6 Eyes Studio
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\7-Zip  =>.Igor Pavlov
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Abrakam Entertainment SA
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Adobe  =>.Adobe
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Airship Syndicate
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Amazon  =>.Amazon
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\AMPLITUDE Studios  =>.Amplitude Studios
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Apowersoft  =>.Apowersoft
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\AppWork  =>.Appwork GmbH
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Awaken Realms
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Backup_IDM
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\BadMudStudio
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\BANDAI NAMCO Entertainment Inc.  =>.BANDAI NAMCO Entertainment Inc.
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\BitTorrentPersist
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Blizzard Entertainment  =>.Blizzard Entertainment
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\BraveSoftware  =>.Brave Software Inc.
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Breadcrumbs
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\BugSplat  =>.Bugsplat Game
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ByteDance
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\calibre  =>.Kovid Goyal
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Caphyon  =>.Caphyon
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Chromium  =>.Chromium
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Clover Bite
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\CRITICAL_VALUE
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\CyberLink  =>.CyberLink Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Daniel Mullins Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\DigitalSun
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\DirectShow  =>.Microsoft Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Discord  =>.SUP.Discord
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Double Stallion
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\EaseUS  =>.EaseUS Software
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ej-technologies  =>.ej-technologies
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\EmSoft  =>.EmSoft
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Enterbrain  =>.Enterbrain
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Epic Games  =>.Epic Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\epsxe  =>.ePSXe
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Ferdafs
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Foxit Software  =>.Foxit Software
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\FreeTime  =>.FreeTime Inc
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\GameHouse  =>.GameHouse
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Gavra Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Geek Uninstaller  =>.Geek Uninstaller
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\GOG.com  =>.GOG.com
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Google  =>.Google
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\guigugame
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Hasbro, Inc.
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\illusion  =>.Illusion
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\IM Providers  =>.IM Providers
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Indigo Rose  =>.Legitimate
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Intel  =>.Intel
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\JavaSoft  =>.JavaSoft
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Khronos  =>.Khronos
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\KoeiTecmo
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Landfall Games  =>.Landfall Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Leikir Studio
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Licenses  =>.Microsoft Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Logitech  =>.Logitech
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\MagicDesignStudio
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Magix  =>.MAGIX_Software_GmbH
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\MetaQuotes Software  =>.MetaQuotes Software
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Midgar Studio
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\miHoYo
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\miHoYoSDK
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\MOMENTUMGAMES
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Mozilla  =>.Mozilla
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Netscape  =>.Netscape
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\NewBlue  =>.NewBlue
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\NinjaTrader, LLC
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\NotGames
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\nwjs  =>.NW.js
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Obsidian Entertainment  =>.Obsidian Entertainment
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\oneoreight
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Opera Stable Offer  =>.Opera Software
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Pingman Tools  =>.Pingman Tools
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Piriform  =>.Piriform
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Power Struggle Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\proDAD  =>.proDAD GmbH
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\QtProject  =>.QtProject
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Razer  =>.Razer
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Riot Games  =>.Riot Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ROBLOX Corporation  =>.Roblox Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ruanniu
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Siangltiag
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Silver Dollar Games
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Softdeluxe  =>.Softdeluxe
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Something Something Studios
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Sony Creative Software  =>.Sony Creative Software
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Spotify  =>.Spotify
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\SQUARE ENIX, Inc.
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\SquareEnix  =>.SquareEnix
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\SuperMegaTeam
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Synaptics  =>.Synaptics
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\SYSTEM_APPLICATION
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\T0
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Team Cherry
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\TEAM R2R  =>.TEAM R2R
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\TelegramDesktop  =>.TelegramDesktop
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Tenorshare  =>.Tenorshare
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\TikGames  =>.TikGames
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\UberPie
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\UbiSoftCTU  =>.Ubisoft
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Unity  =>.Unity
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Valve  =>.Valve
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Viber  =>.Viber
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Vision Thing
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Wastelands Interactive
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\WildFire
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\WOW6432Node  =>.Microsoft Corporation
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Yandex  =>.Yandex
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Youda Games Holding B.V.
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ZHP  =>.Nicolas Coolman
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\ZoomUMX
HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\©BANDAI NAMCO Entertainment Inc.

---\\ Packages (5) - 0s
C:\Program Files (x86)\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.15.0_x86__13fcda18mhdz2 - (.Creative Technology Ltd..) [][Sound Blaster Connect]  =>Creative Technology Ltd.
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [][UDK Package]  =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe - (.Microsoft.) [][NcsiUwpApp]  =>Microsoft
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [][NVIDIA Control Panel]  =>nVidia Corporation
C:\Program Files (x86)\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj - (.Realtek Semiconductor Corp.) [][Realtek Audio Control]  =>Realtek Semiconductor Corp

---\\ Contents of the Common Files folders (380) - 17s
O43 - CFD: 14/06/2023 - [] D -- C:\Program Files\7-Zip  =>.Igor Pavlov
O43 - CFD: 27/02/2023 - [] D -- C:\Program Files\Adobe  =>.Adobe
O43 - CFD: 18/12/2022 - [] D -- C:\Program Files\Anki  =>.Damien Elmes
O43 - CFD: 04/09/2021 - [] D -- C:\Program Files\AutoHotkey  =>.Chicony Multimedia
O43 - CFD: 04/06/2021 - [] D -- C:\Program Files\Calibre2  =>.Kovid Goyal
O43 - CFD: 25/08/2023 - [] D -- C:\Program Files\Common Files  =>.Microsoft Corporation
O43 - CFD: 05/11/2021 - [] D -- C:\Program Files\CyberLink  =>.CyberLink Corporation
O43 - CFD: 01/12/2021 - [] D -- C:\Program Files\Google  =>.Google LLC?
O43 - CFD: 14/05/2022 - [] D -- C:\Program Files\Intel  =>.Intel Corporation
O43 - CFD: 21/08/2023 - [] D -- C:\Program Files\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 05/02/2023 - [] D -- C:\Program Files\Malwarebytes  =>.Malwarebytes
O43 - CFD: 25/08/2023 - [] D -- C:\Program Files\Microsoft Office  =>.Microsoft Corporation
O43 - CFD: 25/08/2023 - [] D -- C:\Program Files\Microsoft Office 15  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\Program Files\Microsoft Update Health Tools  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D -- C:\Program Files\ModifiableWindowsApps  =>.Microsoft Corporation
O43 - CFD: 29/09/2023 - [] D -- C:\Program Files\Mozilla Firefox  =>.Mozilla
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files\MSBuild  =>.Microsoft Corporation
O43 - CFD: 04/01/2022 - [0] D -- C:\Program Files\NewBlue  =>.NewBlue
O43 - CFD: 26/05/2022 - [] D -- C:\Program Files\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 27/02/2023 - [] D -- C:\Program Files\OmegaT [Unsigned]
O43 - CFD: 07/05/2022 - [] D -- C:\Program Files\PCHealthCheck  =>.Microsoft Corporation
O43 - CFD: 23/09/2023 - [0] D -- C:\Program Files\Razer  =>.Razer
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 30/12/2022 - [] D -- C:\Program Files\RUXIM  =>.Microsoft?
O43 - CFD: 04/05/2021 - [0] HD -- C:\Program Files\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 31/05/2021 - [0] D -- C:\Program Files\VideoLAN  =>.VideoLan Team
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection  =>.Microsoft Corporation
O43 - CFD: 22/04/2023 - [] D -- C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 21/07/2022 - [] D -- C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Multimedia Platform  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows NT  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Security  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] SHD -- C:\Program Files\Windows Sidebar  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] HD -- C:\Program Files\WindowsApps  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\WindowsPowerShell  =>.Microsoft Corporation
O43 - CFD: 03/11/2022 - [] D -- C:\Program Files (x86)\3RVX [Unsigned]
O43 - CFD: 21/05/2022 - [0] D -- C:\Program Files (x86)\Any eBook Converter
O43 - CFD: 24/06/2021 - [] D -- C:\Program Files (x86)\BraveSoftware  =>.Brave Software Inc.
O43 - CFD: 24/02/2023 - [] D -- C:\Program Files (x86)\Common Files  =>.Microsoft Corporation
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\docusign
O43 - CFD: 16/05/2022 - [0] D -- C:\Program Files (x86)\Epic Games  =>.Epic Games
O43 - CFD: 07/06/2021 - [] D -- C:\Program Files (x86)\FormatFactory [Unsigned]  =>.FormatFactory
O43 - CFD: 27/12/2022 - [0] D -- C:\Program Files (x86)\Garena  =>.Garena
O43 - CFD: 30/09/2023 - [] D -- C:\Program Files (x86)\Google  =>.Google LLC?
O43 - CFD: 09/08/2023 - [] D -- C:\Program Files (x86)\InstaTrader {04390A4C5F8906A1D7052C1768D45047}.
O43 - CFD: 08/05/2021 - [] D -- C:\Program Files (x86)\Intel  =>.Intel Corporation
O43 - CFD: 21/08/2023 - [] D -- C:\Program Files (x86)\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 06/05/2021 - [0] D -- C:\Program Files (x86)\Javascripts
O43 - CFD: 24/06/2021 - [] D -- C:\Program Files (x86)\MetaTrader - EXNESS  =>.MetaQuotes Ltd.?
O43 - CFD: 29/03/2023 - [] D -- C:\Program Files (x86)\MetaTrader 4 EXNESS {04390A4C5F8906A1D7052C1768D45047}.
O43 - CFD: 11/09/2023 - [] D -- C:\Program Files (x86)\Microsoft  =>.Microsoft Corporation
O43 - CFD: 04/08/2022 - [] D -- C:\Program Files (x86)\Microsoft XNA  =>.Microsoft Corporation
O43 - CFD: 25/08/2023 - [] D -- C:\Program Files (x86)\Microsoft.NET  =>.Microsoft Corporation
O43 - CFD: 29/09/2023 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service  =>.Mozilla
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files (x86)\MSBuild  =>.Microsoft Corporation
O43 - CFD: 04/01/2022 - [0] D -- C:\Program Files (x86)\NewBlue  =>.NewBlue
O43 - CFD: 14/05/2022 - [] D -- C:\Program Files (x86)\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 20/02/2023 - [] D -- C:\Program Files (x86)\PingPlotter 5 {0E355A7A3D83430980BE01EAF102FE83}.
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\plugins
O43 - CFD: 01/06/2022 - [] D -- C:\Program Files (x86)\Proton Technologies
O43 - CFD: 29/09/2023 - [] D -- C:\Program Files (x86)\Razer  =>.Razer
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files (x86)\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\Shell Extensions  =>.FOXIT SOFTWARE INC.?
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\skins
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\stamps
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\Start
O43 - CFD: 12/06/2023 - [] D -- C:\Program Files (x86)\ThinkMarkets MetaTrader 4 {04390A4C5F8906A1D7052C1768D45047}.
O43 - CFD: 06/05/2021 - [] D -- C:\Program Files (x86)\Tracker
O43 - CFD: 05/06/2021 - [] D -- C:\Program Files (x86)\VideoLAN  =>.VideoLan Team
O43 - CFD: 04/05/2021 - [] D -- C:\Program Files (x86)\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 22/04/2023 - [] D -- C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 21/07/2022 - [] D -- C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Windows NT  =>.Microsoft Corporation
O43 - CFD: 02/09/2022 - [] D -- C:\Program Files (x86)\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] SHD -- C:\Program Files (x86)\Windows Sidebar  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\WindowsPowerShell  =>.Microsoft Corporation
O43 - CFD: 03/11/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3RVX
O43 - CFD: 04/05/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip  =>.Igor Pavlov
O43 - CFD: 04/05/2021 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 04/09/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey  =>.Chicony Multimedia
O43 - CFD: 04/06/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management  =>.Kovid Goyal
O43 - CFD: 04/05/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cricket Revolution
O43 - CFD: 16/04/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Video Editor  =>.EaseUS Software
O43 - CFD: 23/05/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTMO MetaTrader 4
O43 - CFD: 06/01/2023 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena  =>.Garena
O43 - CFD: 11/08/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstaTrader
O43 - CFD: 07/12/2019 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 12/05/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader - EXNESS
O43 - CFD: 01/02/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 EXNESS
O43 - CFD: 25/08/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools  =>.Microsoft Corporation
O43 - CFD: 21/10/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NinjaTrader 8
O43 - CFD: 25/10/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio  =>.OBS Studio
O43 - CFD: 27/02/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OmegaT
O43 - CFD: 20/02/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5
O43 - CFD: 21/01/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
O43 - CFD: 23/09/2023 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer  =>.Razer
O43 - CFD: 06/07/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games  =>.Riot Games
O43 - CFD: 11/03/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify  =>.Spotify
O43 - CFD: 26/03/2023 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools  =>.Microsoft Corporation
O43 - CFD: 30/04/2021 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
O43 - CFD: 12/06/2023 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThinkMarkets MetaTrader 4
O43 - CFD: 31/05/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN  =>.VideoLan Team
O43 - CFD: 07/12/2019 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell  =>.Microsoft Corporation
O43 - CFD: 24/02/2023 - [] D -- C:\ProgramData\Adobe  =>.Adobe
O43 - CFD: 03/07/2021 - [] D -- C:\ProgramData\Age of Empires 3 DE
O43 - CFD: 04/05/2021 - [0] SHD -- C:\ProgramData\Application Data  =>.Microsoft Corporation
O43 - CFD: 14/10/2022 - [] D -- C:\ProgramData\Battle.net  =>.Games Software
O43 - CFD: 03/10/2022 - [] D -- C:\ProgramData\Blizzard Entertainment  =>.Blizzard Entertainment
O43 - CFD: 22/10/2022 - [] D -- C:\ProgramData\boost_interprocess  =>.boost.org
O43 - CFD: 20/07/2021 - [] D -- C:\ProgramData\CLSK  =>.CLSK
O43 - CFD: 05/11/2021 - [] HD -- C:\ProgramData\CyberLink  =>.CyberLink Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\ProgramData\Desktop  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\ProgramData\Documents  =>.Microsoft Corporation
O43 - CFD: 16/04/2023 - [] D -- C:\ProgramData\EaseUS  =>.EaseUS Software
O43 - CFD: 04/05/2021 - [] D -- C:\ProgramData\Emurasoft  =>.Emurasoft
O43 - CFD: 16/05/2022 - [] D -- C:\ProgramData\Epic  =>.Epic
O43 - CFD: 06/05/2021 - [] D -- C:\ProgramData\Foxit ContentPlatform  =>.Foxit Corporation
O43 - CFD: 06/05/2021 - [] D -- C:\ProgramData\Foxit Software  =>.Foxit Software
O43 - CFD: 20/07/2021 - [] D -- C:\ProgramData\GenArts  =>.GenArts
O43 - CFD: 10/07/2021 - [] D -- C:\ProgramData\GOG.com  =>.GOG.com
O43 - CFD: 05/11/2021 - [] D -- C:\ProgramData\install_clap  =>.Microsoft Corporation
O43 - CFD: 05/02/2023 - [] D -- C:\ProgramData\Intel  =>.Intel Corporation
O43 - CFD: 25/02/2023 - [] D -- C:\ProgramData\Magix  =>.MAGIX_Software_GmbH
O43 - CFD: 05/02/2023 - [] D -- C:\ProgramData\Malwarebytes  =>.Malwarebytes
O43 - CFD: 12/05/2021 - [] D -- C:\ProgramData\MetaQuotes
O43 - CFD: 11/09/2023 - [] SD -- C:\ProgramData\Microsoft  =>.Microsoft Corporation
O43 - CFD: 24/06/2022 - [] D -- C:\ProgramData\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 30/07/2021 - [] D -- C:\ProgramData\Monopoly Plus
O43 - CFD: 04/12/2022 - [] D -- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38  =>.Mozilla Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\ProgramData\NVIDIA  =>.nVidia Corporation
O43 - CFD: 15/05/2022 - [] D -- C:\ProgramData\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 25/10/2022 - [] D -- C:\ProgramData\obs-studio-hook
O43 - CFD: 04/05/2021 - [] D -- C:\ProgramData\Oracle  =>.Oracle
O43 - CFD: 17/05/2021 - [] D -- C:\ProgramData\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 24/02/2023 - [] D -- C:\ProgramData\Package Cache  =>.Microsoft Corporation
O43 - CFD: 25/06/2022 - [] D -- C:\ProgramData\Packages  =>.Microsoft Corporation
O43 - CFD: 20/02/2023 - [] D -- C:\ProgramData\PingPlotter 5
O43 - CFD: 23/09/2023 - [] D -- C:\ProgramData\Razer  =>.Razer
O43 - CFD: 30/09/2023 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\ProgramData\Riot Games  =>.Riot Games
O43 - CFD: 07/12/2019 - [0] D -- C:\ProgramData\SoftwareDistribution  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] D -- C:\ProgramData\ssh  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\ProgramData\Start Menu  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\ProgramData\Templates  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\ProgramData\USOPrivate  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\ProgramData\USOShared  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\ProgramData\WindowsHolographicDevices  =>.Microsoft Corporation
O43 - CFD: 27/02/2023 - [] D -- C:\Program Files (x86)\Common Files\Adobe  =>.Adobe
O43 - CFD: 24/06/2022 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER  =>.Designer
O43 - CFD: 03/08/2021 - [] D -- C:\Program Files (x86)\Common Files\Enterbrain  =>.Enterbrain
O43 - CFD: 25/08/2023 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared  =>.Microsoft Corporation
O43 - CFD: 20/07/2021 - [] D -- C:\Program Files (x86)\Common Files\NewBlue  =>.NewBlue
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Common Files\Services  =>.Microsoft Corporation
O43 - CFD: 16/05/2022 - [] D -- C:\Program Files (x86)\Common Files\Steam  =>.Steam Games
O43 - CFD: 05/02/2023 - [] D -- C:\Program Files (x86)\Common Files\System  =>.Microsoft Corporation
O43 - CFD: 01/07/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\2K Sports  =>.2K Sports
O43 - CFD: 03/11/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\3RVX
O43 - CFD: 13/03/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Adobe  =>.Adobe
O43 - CFD: 21/05/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\Amazon  =>.Amazon
O43 - CFD: 06/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Anki2
O43 - CFD: 06/07/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\AnyDesk  =>.philandro Software GmbH
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\audacity  =>.Audacity
O43 - CFD: 19/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\BrawlhallaAir  =>.Games Software
O43 - CFD: 21/05/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\calibre  =>.Kovid Goyal
O43 - CFD: 31/07/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Captain Tsubasa Rise of New Champions
O43 - CFD: 24/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\com.adobe.dunamis  =>.Adobe Inc.
O43 - CFD: 05/11/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\CyberLink  =>.CyberLink Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\discord
O43 - CFD: 20/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Downloaded Installations  =>.Microsoft Corporation
O43 - CFD: 16/04/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\EaseUS  =>.EaseUS Software
O43 - CFD: 15/01/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\EMPRESS
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Emurasoft  =>.Emurasoft
O43 - CFD: 23/06/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\FiraxisLive  =>.Firaxis
O43 - CFD: 19/08/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\FLT  =>.FLT Software
O43 - CFD: 28/05/2023 - [0] D -- C:\Users\Shahil\AppData\Roaming\fltk.org  =>.fltk.org
O43 - CFD: 06/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Foxit AgentInformation  =>.Foxit Corporation
O43 - CFD: 06/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Foxit Software  =>.Foxit Software
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Geek Uninstaller  =>.Geek Uninstaller
O43 - CFD: 11/06/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\GFP-1.20
O43 - CFD: 16/05/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Goldberg SteamEmu Saves
O43 - CFD: 25/01/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Goldberg UplayEmu Saves
O43 - CFD: 16/06/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\Loom
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\MAGIX  =>.MAGIX_Software_GmbH
O43 - CFD: 22/07/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\MetaQuotes
O43 - CFD: 26/08/2023 - [] SD -- C:\Users\Shahil\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 30/07/2021 - [0] D -- C:\Users\Shahil\AppData\Roaming\Monopoly Plus
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Mozilla  =>.Mozilla Corporation
O43 - CFD: 10/06/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Nippon Ichi Software, Inc
O43 - CFD: 18/01/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\NVIDIA  =>.nVidia Corporation
O43 - CFD: 16/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\obs-studio  =>.OBS-Studio
O43 - CFD: 27/09/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\OmegaT
O43 - CFD: 17/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 04/01/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\proDAD  =>.proDAD GmbH
O43 - CFD: 01/06/2022 - [0] D -- C:\Users\Shahil\AppData\Roaming\Proton Technologies AG  =>.Proton Technologies AG
O43 - CFD: 25/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\qBittorrent
O43 - CFD: 25/05/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\RenPy  =>.RenPy Games
O43 - CFD: 09/06/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\SaviorsOfSapphireWings
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Spotify  =>.Spotify
O43 - CFD: 09/09/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\Steam  =>.Steam Games
O43 - CFD: 09/06/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\StrangerOfSwordCity
O43 - CFD: 23/04/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\Subtitle Edit  =>.Nikse
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Telegram Desktop  =>.Telegram Messenger LLP
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\VEGAS  =>.VEGAS
O43 - CFD: 20/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\ViberPC  =>.Viber
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\vlc  =>.VideoLan Team
O43 - CFD: 03/07/2022 - [] D -- C:\Users\Shahil\AppData\Roaming\waffle
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 16/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Zoom  =>.ZOOM
O43 - CFD: 12/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Adaware  =>.adaware
O43 - CFD: 21/05/2022 - [0] D -- C:\Users\Shahil\AppData\Local\Amazon  =>.Amazon
O43 - CFD: 18/06/2021 - [] D -- C:\Users\Shahil\AppData\Local\Anki  =>.Damien Elmes
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Shahil\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 24/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\audacity  =>.Audacity
O43 - CFD: 11/09/2023 - [0] D -- C:\Users\Shahil\AppData\Local\AWSToolkit  =>.Amazon Corporation
O43 - CFD: 02/11/2021 - [] D -- C:\Users\Shahil\AppData\Local\BANDAI NAMCO Entertainment  =>.BANDAI NAMCO Entertainment
O43 - CFD: 12/11/2021 - [] D -- C:\Users\Shahil\AppData\Local\bifrost
O43 - CFD: 14/10/2022 - [] D -- C:\Users\Shahil\AppData\Local\Blizzard Entertainment  =>.Blizzard Entertainment
O43 - CFD: 24/06/2021 - [] D -- C:\Users\Shahil\AppData\Local\BraveSoftware  =>.Brave Software Inc.
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\cache  =>.Legitimate
O43 - CFD: 20/05/2022 - [] D -- C:\Users\Shahil\AppData\Local\calibre-cache  =>.Kovid Goyal
O43 - CFD: 04/06/2021 - [] D -- C:\Users\Shahil\AppData\Local\calibre-ebook.com
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\CEF  =>.CEF
O43 - CFD: 26/07/2021 - [] D -- C:\Users\Shahil\AppData\Local\Chess2
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Comms  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\ConnectedDevicesPlatform  =>.Microsoft Corporation
O43 - CFD: 21/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\CrashDumps  =>.Microsoft Corporation
O43 - CFD: 31/07/2021 - [] D -- C:\Users\Shahil\AppData\Local\CSD3_Foodtruck
O43 - CFD: 29/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\D3DSCache  =>.Legitimate
O43 - CFD: 23/07/2022 - [] D -- C:\Users\Shahil\AppData\Local\deathsgambit397
O43 - CFD: 21/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Diagnostics  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Discord
O43 - CFD: 16/04/2023 - [] D -- C:\Users\Shahil\AppData\Local\EaseUS  =>.EaseUS Software
O43 - CFD: 12/11/2021 - [0] D -- C:\Users\Shahil\AppData\Local\ElevatedDiagnostics  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Emurasoft  =>.Emurasoft
O43 - CFD: 17/05/2022 - [] D -- C:\Users\Shahil\AppData\Local\EpicGamesLauncher  =>.Epic Games
O43 - CFD: 07/06/2021 - [] D -- C:\Users\Shahil\AppData\Local\fontconfig  =>.Portable Apps
O43 - CFD: 29/08/2022 - [] D -- C:\Users\Shahil\AppData\Local\Foxit Reader  =>.Foxit Corporation
O43 - CFD: 26/07/2021 - [] D -- C:\Users\Shahil\AppData\Local\GameAnalytics
O43 - CFD: 01/12/2021 - [] D -- C:\Users\Shahil\AppData\Local\Google  =>.Google
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Shahil\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\HitPaw Software
O43 - CFD: 29/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Intel  =>.Intel Corporation
O43 - CFD: 21/12/2022 - [] D -- C:\Users\Shahil\AppData\Local\KADOKAWA  =>.KADOKAWA
O43 - CFD: 23/05/2022 - [] D -- C:\Users\Shahil\AppData\Local\loom-updater
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\MAGIX  =>.MAGIX_Software_GmbH
O43 - CFD: 13/06/2021 - [] D -- C:\Users\Shahil\AppData\Local\mbam  =>.Malwarebytes
O43 - CFD: 28/08/2023 - [] D -- C:\Users\Shahil\AppData\Local\Mega Limited  =>.MEGA Limited
O43 - CFD: 08/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 05/05/2021 - [0] D -- C:\Users\Shahil\AppData\Local\Microsoft Help  =>.Microsoft Corporation
O43 - CFD: 14/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\miHoYo
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Mozilla  =>.Mozilla Corporation
O43 - CFD: 31/07/2021 - [] D -- C:\Users\Shahil\AppData\Local\NBAPlaygrounds2
O43 - CFD: 15/11/2022 - [] D -- C:\Users\Shahil\AppData\Local\NVIDIA  =>.nVidia Corporation
O43 - CFD: 16/05/2022 - [] D -- C:\Users\Shahil\AppData\Local\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 08/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\nwjs
O43 - CFD: 17/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Package Cache  =>.Microsoft Corporation
O43 - CFD: 23/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Packages  =>.Microsoft Corporation
O43 - CFD: 05/05/2021 - [0] D -- C:\Users\Shahil\AppData\Local\PeerDistRepub  =>.Microsoft Corporation
O43 - CFD: 04/03/2023 - [] D -- C:\Users\Shahil\AppData\Local\Phoenix  =>.Phoenix
O43 - CFD: 20/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\PingPlotter 5
O43 - CFD: 11/08/2021 - [] D -- C:\Users\Shahil\AppData\Local\PlaceholderTileLogoFolder  =>.Microsoft Corporation
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\Plugin.MxOfxRotation
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\Plugin.ofx360Stabilizer
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\Plugin.OfxStitch
O43 - CFD: 21/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Publishers  =>.Microsoft Corporation
O43 - CFD: 27/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\qBittorrent
O43 - CFD: 06/07/2023 - [] D -- C:\Users\Shahil\AppData\Local\Riot Games  =>.Riot Games
O43 - CFD: 26/07/2021 - [] D -- C:\Users\Shahil\AppData\Local\Robot Entertainment  =>.Robot Entertainment
O43 - CFD: 26/05/2023 - [] D -- C:\Users\Shahil\AppData\Local\Sentry
O43 - CFD: 16/02/2022 - [] D -- C:\Users\Shahil\AppData\Local\Sifu
O43 - CFD: 29/09/2023 - [0] D -- C:\Users\Shahil\AppData\Local\Softdeluxe  =>.Softdeluxe
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\Sony  =>.Sony
O43 - CFD: 07/06/2021 - [] D -- C:\Users\Shahil\AppData\Local\speech  =>.Microsoft Corporation
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Spotify  =>.Spotify
O43 - CFD: 26/08/2023 - [] D -- C:\Users\Shahil\AppData\Local\SquirrelTemp  =>.Squirrels
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Shahil\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\Tenorshare  =>.Tenorshare
O43 - CFD: 01/06/2022 - [] D -- C:\Users\Shahil\AppData\Local\ToastNotificationManagerCompat
O43 - CFD: 04/03/2023 - [] D -- C:\Users\Shahil\AppData\Local\UnrealEngine  =>.Unreal Software
O43 - CFD: 01/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\User Data
O43 - CFD: 25/02/2023 - [] D -- C:\Users\Shahil\AppData\Local\VEGAS Pro
O43 - CFD: 28/08/2023 - [] D -- C:\Users\Shahil\AppData\Local\Viber  =>.Viber
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Viber Media S.à r.l  =>.Viber Media S.à r.l
O43 - CFD: 14/05/2022 - [] D -- C:\Users\Shahil\AppData\Local\VirtualStore  =>.Microsoft Corporation
O43 - CFD: 10/07/2021 - [] D -- C:\Users\Shahil\AppData\Local\WWEPlaygrounds
O43 - CFD: 30/09/2023 - [] D -- C:\Users\Shahil\AppData\Local\ZHP  =>.Nicolas Coolman
O43 - CFD: 20/05/2022 - [] D -- C:\Users\Shahil\AppData\Local\Zoom  =>.ZOOM
O43 - CFD: 04/05/2021 - [0] D -- C:\Users\Shahil\AppData\Local\Programs\Common  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Local\Programs\EmEditor
O43 - CFD: 14/06/2022 - [] D -- C:\Users\Shahil\AppData\Local\Programs\Loom
O43 - CFD: 01/01/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\6 Eyes Studio
O43 - CFD: 23/06/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Abrakam Entertainment SA
O43 - CFD: 31/08/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Airship Syndicate
O43 - CFD: 19/08/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\AMPLITUDE Studios  =>.Amplitude Studios
O43 - CFD: 09/06/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Awaken Realms
O43 - CFD: 11/02/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\BadMudStudio
O43 - CFD: 27/05/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\BitTorrent
O43 - CFD: 02/11/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Breadcrumbs
O43 - CFD: 25/08/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Clover Bite
O43 - CFD: 03/01/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Daniel Mullins Games
O43 - CFD: 21/04/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\DigitalSun
O43 - CFD: 26/05/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\Double Stallion
O43 - CFD: 15/01/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Ferdafs
O43 - CFD: 06/05/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Foxit
O43 - CFD: 21/03/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Gavra Games
O43 - CFD: 01/06/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\guigugame
O43 - CFD: 08/09/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Hasbro, Inc_
O43 - CFD: 07/11/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\illusion__HoneySelect2
O43 - CFD: 14/05/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Intel  =>.Intel Corporation
O43 - CFD: 09/01/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Landfall Games
O43 - CFD: 08/10/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Leikir Studio
O43 - CFD: 05/04/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\MagicDesignStudio
O43 - CFD: 21/10/2022 - [] SD -- C:\Users\Shahil\AppData\LocalLow\Microsoft  =>.Microsoft Corporation
O43 - CFD: 13/06/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Midgar Studio
O43 - CFD: 05/08/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\MOMENTUMGAMES
O43 - CFD: 29/09/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\Mozilla  =>.Mozilla Corporation
O43 - CFD: 04/08/2021 - [0] D -- C:\Users\Shahil\AppData\LocalLow\MSLiveStickerWhiteList
O43 - CFD: 29/01/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\NotGames
O43 - CFD: 07/01/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\Obsidian Entertainment  =>.Obsidian Entertainment
O43 - CFD: 09/08/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\oneoreight
O43 - CFD: 28/03/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\Power Struggle Games
O43 - CFD: 10/04/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\Riot Games  =>.Riot Games
O43 - CFD: 12/07/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Silver Dollar Games
O43 - CFD: 25/05/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\Something Something Studios
O43 - CFD: 16/05/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\SQUARE ENIX, Inc_
O43 - CFD: 11/06/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\SquareEnix
O43 - CFD: 04/12/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\SuperMegaTeam
O43 - CFD: 19/05/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\T0
O43 - CFD: 08/06/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Team Cherry
O43 - CFD: 30/09/2023 - [0] D -- C:\Users\Shahil\AppData\LocalLow\Temp  =>.Microsoft Corporation
O43 - CFD: 23/01/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\UberPie
O43 - CFD: 25/01/2023 - [] D -- C:\Users\Shahil\AppData\LocalLow\UbiSoftCTU  =>.Ubisoft
O43 - CFD: 22/11/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Wastelands Interactive
O43 - CFD: 15/07/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\WildFire
O43 - CFD: 11/09/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Youda Games Holding B.V_
O43 - CFD: 11/09/2021 - [] D -- C:\Users\Shahil\AppData\LocalLow\Youda Games Holding B_V_
O43 - CFD: 13/08/2022 - [] D -- C:\Users\Shahil\AppData\LocalLow\©BANDAI NAMCO Entertainment Inc_
O43 - CFD: 04/05/2021 - [] RD -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] RD -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] RD -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 21/05/2022 - [0] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Any eBook Converter
O43 - CFD: 28/02/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord
O43 - CFD: 07/06/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory  =>.FormatFactory
O43 - CFD: 07/12/2019 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 06/01/2023 - [0] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games  =>.Riot Games
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server  =>.RivaTuner
O43 - CFD: 03/05/2021 - [0] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games  =>.Rockstar Games
O43 - CFD: 28/08/2023 - [] RD -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] RD -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop  =>.Telegram Messenger LLP
O43 - CFD: 04/05/2021 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber  =>.Viber
O43 - CFD: 07/12/2019 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell  =>.Microsoft Corporation
O43 - CFD: 16/09/2023 - [] D -- C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom  =>.ZOOM
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Default\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 23/10/2021 - [] D -- C:\Users\Default\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D -- C:\Users\Default\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Default User\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 23/10/2021 - [] D -- C:\Users\Default User\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D -- C:\Users\Default User\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 04/05/2021 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 11/09/2023 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\AWSToolkit  =>.Amazon Corporation
O43 - CFD: 04/05/2021 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 11/09/2023 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 11/09/2023 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Razer  =>.Razer
O43 - CFD: 06/05/2021 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 11/09/2023 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Razer Inc  =>.Razer Inc

---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI:  [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll [Unsigned]  =>.Microsoft Corporation
O106 - SIOI:  [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll [Unsigned]  =>.Microsoft Corporation

---\\ Search Context Menu Handlers (SCMH) (31) - 2s
O108 - CMH1: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Igor Pavlov - 7-Zip Shell Extension.) -- C:\Program Files\7-Zip\7-zip.dll [Unsigned]  =>.Igor Pavlov
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll  =>.Microsoft?
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nv3dappshext.dll  =>.NVIDIA Corporation?
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nv3dappshext.dll  =>.NVIDIA Corporation?
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH3: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll  =>.Malwarebytes Inc.?
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH4: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Igor Pavlov - 7-Zip Shell Extension.) -- C:\Program Files\7-Zip\7-zip.dll [Unsigned]  =>.Igor Pavlov
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll  =>.Microsoft?
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nvshext.dll  =>.NVIDIA Corporation?
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH6: 7-Zip [64Bits] - {23170F69-40C1-278A-1000-000100020000} . (.Igor Pavlov - 7-Zip Shell Extension.) -- C:\Program Files\7-Zip\7-zip.dll [Unsigned]  =>.Igor Pavlov
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft?
O108 - CMH6: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll  =>.Malwarebytes Inc.?
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\System32\cscui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) -- C:\Windows\System32\appresolver.dll  =>.Microsoft?
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- C:\Program Files\Windows Defender\shellext.dll  =>.Microsoft?
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation

---\\ Image File Execution Options (10) - 0s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768]  =>.Microsoft?

---\\ System Drivers List (445) - 15s
O58 - SDL:2019/12/07 14:52:53 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) -- C:\WINDOWS\System32\drivers\1394ohci.sys   [266240] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys   [107320]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - ACPI Driver for NT.) -- C:\WINDOWS\System32\drivers\acpi.sys   [810320]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Microsoft Corporation - ACPI Devices Driver.) -- C:\WINDOWS\System32\drivers\AcpiDev.sys   [23040] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - ACPIEx Driver.) -- C:\WINDOWS\System32\drivers\acpiex.sys   [139792]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) -- C:\WINDOWS\System32\drivers\acpipagr.sys   [14336] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\WINDOWS\System32\drivers\acpipmi.sys   [18432] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - ACPI Wake Alarm.) -- C:\WINDOWS\System32\drivers\acpitime.sys   [16384] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/02/13 10:17:58 A . (.Microsoft Corporation - Audio KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\Acx01000.sys   [694272] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys   [1135416]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:57 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\afd.sys   [651648]  =>.Microsoft?
O58 - SDL:2022/08/26 20:01:15 A . (.Microsoft Corporation - AF_UNIX socket provider.) -- C:\WINDOWS\System32\drivers\afunix.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:05 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) -- C:\WINDOWS\System32\drivers\agilevpn.sys   [114688] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:19 A . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\WINDOWS\System32\drivers\ahcache.sys   [292352] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\amdgpio2.sys   [18432] [Unsigned]  =>.Advanced Micro Devices, Inc
O58 - SDL:2019/12/07 14:52:47 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\amdi2c.sys   [45568] [Unsigned]  =>.Advanced Micro Devices, Inc
O58 - SDL:2023/04/21 10:26:54 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\amdk8.sys   [210304]  =>.Microsoft?
O58 - SDL:2023/04/21 10:26:54 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\amdppm.sys   [214400]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys   [83256]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys   [259384]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys   [26936]  =>.Microsoft?
O58 - SDL:2023/04/21 10:27:24 A . (.Microsoft Corporation - AppID Driver.) -- C:\WINDOWS\System32\drivers\appid.sys   [213552]  =>.Microsoft?
O58 - SDL:2020/10/09 13:53:32 A . (.Apple Inc. - Apple Mobile Device USB Device.) -- C:\WINDOWS\System32\drivers\AppleLowerFilter.sys   [35976]  =>.WDKTestCert build,132303256403278908?
O58 - SDL:2023/04/21 10:27:24 A . (.Microsoft Corporation - Applocker Filter.) -- C:\WINDOWS\System32\drivers\applockerfltr.sys   [18432] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:40 A . (.Microsoft Corporation - Microsoft Application Virtualization Stream.) -- C:\WINDOWS\System32\drivers\AppVStrm.sys   [140160]  =>.Microsoft?
O58 - SDL:2023/08/21 13:54:40 A . (.Microsoft Corporation - Microsoft Application Virtualization VE Man.) -- C:\WINDOWS\System32\drivers\AppvVemgr.sys   [175432]  =>.Microsoft?
O58 - SDL:2023/08/21 13:54:40 A . (.Microsoft Corporation - Microsoft Application Virtualization VFS Fi.) -- C:\WINDOWS\System32\drivers\AppvVfs.sys   [155992]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys   [131896]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:07 A . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\WINDOWS\System32\drivers\asyncmac.sys   [31232] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys   [31064]  =>.Microsoft?
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\WINDOWS\System32\drivers\ataport.sys   [225104]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:41 A . (.Microsoft Corporation - BAM Kernel Driver.) -- C:\WINDOWS\System32\drivers\bam.sys   [78136]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Battery Class Driver.) -- C:\WINDOWS\System32\drivers\battc.sys   [41272]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:47 A . (. - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys   [9728] [Unsigned]  =>.Broadcom Corporation
O58 - SDL:2019/12/07 14:54:00 A . (.Microsoft Corporation - BEEP Driver.) -- C:\WINDOWS\System32\drivers\beep.sys   [10240] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/02/05 14:59:30 A . (.Microsoft Corporation - Windows Bind Filter Driver.) -- C:\WINDOWS\System32\drivers\bindflt.sys   [145760]  =>.Microsoft?
O58 - SDL:2022/03/22 23:00:12 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\WINDOWS\System32\drivers\bowser.sys   [117760] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:39 A . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\WINDOWS\System32\drivers\bridge.sys   [127488] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) -- C:\WINDOWS\System32\drivers\BtaMPM.sys   [36352] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:21 A . (.Microsoft Corporation - Bluetooth A2DP Driver.) -- C:\WINDOWS\System32\drivers\BthA2dp.sys   [282624] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/06/05 10:17:10 A . (.Microsoft Corporation - Bluetooth Bus Extender.) -- C:\WINDOWS\System32\drivers\bthenum.sys   [113664] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/07 12:21:25 A . (.Microsoft Corporation - Bluetooth Hands-free Audio Device Driver.) -- C:\WINDOWS\System32\drivers\BthHfAud.sys   [65536] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/07 12:21:25 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) -- C:\WINDOWS\System32\drivers\BthHfEnum.sys   [147968] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/06/05 10:17:10 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) -- C:\WINDOWS\System32\drivers\BthMini.SYS   [45568] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\WINDOWS\System32\drivers\bthmodem.sys   [76800] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:26:54 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) -- C:\WINDOWS\System32\drivers\bthpan.sys   [133632] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/06/05 10:17:10 A . (.Microsoft Corporation - Bluetooth Bus Driver.) -- C:\WINDOWS\System32\drivers\bthport.sys   [1565696] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/06/05 10:17:10 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) -- C:\WINDOWS\System32\drivers\BTHUSB.SYS   [110592] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - VHD BTT Filter Driver.) -- C:\WINDOWS\System32\drivers\bttflt.sys   [43832]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Button Converter Driver.) -- C:\WINDOWS\System32\drivers\buttonconverter.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys   [533816]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:47 A . (.Microsoft Corporation - Charge Arbiration Driver.) -- C:\WINDOWS\System32\drivers\CAD.sys   [66576]  =>.Microsoft?
O58 - SDL:2023/02/05 15:00:05 A . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\cdfs.sys   [100864] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/10/13 09:00:38 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\cdrom.sys   [175616] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/22 23:00:20 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) -- C:\WINDOWS\System32\drivers\CEA.sys   [82256]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys   [144184]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys   [319800]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vfx.sys   [28672] [Unsigned]  =>.Chelsio Communications
O58 - SDL:2019/12/07 14:52:54 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys   [1853752]  =>.Microsoft?
O58 - SDL:2023/04/21 10:27:22 A . (...) -- C:\WINDOWS\System32\drivers\cimfs.sys   [95232] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\WINDOWS\System32\drivers\circlass.sys   [52224] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:27:27 A . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\WINDOWS\System32\drivers\Classpnp.sys   [452656]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:25 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) -- C:\WINDOWS\System32\drivers\cldflt.sys   [498176] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:28 A . (.Microsoft Corporation - Common Log File System Driver.) -- C:\WINDOWS\System32\drivers\clfs.sys   [424832]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:34 A . (.Microsoft Corporation - CLIP Service.) -- C:\WINDOWS\System32\drivers\ClipSp.sys   [1105280]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\WINDOWS\System32\drivers\CmBatt.sys   [36864] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:44 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) -- C:\WINDOWS\System32\drivers\cmimcext.sys   [29000]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:53 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\WINDOWS\System32\drivers\cng.sys   [748008]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:37 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) -- C:\WINDOWS\System32\drivers\cnghwassist.sys   [40968]  =>.Microsoft?
O58 - SDL:2021/07/25 10:24:19 A . (.Microsoft Corporation - Console Driver.) -- C:\WINDOWS\System32\drivers\condrv.sys   [57144]  =>.Microsoft?
O58 - SDL:2022/09/15 09:04:25 A . (.Microsoft Corporation - Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\crashdmp.sys   [101736]  =>.Microsoft?
O58 - SDL:2022/09/15 09:04:43 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) -- C:\WINDOWS\System32\drivers\csc.sys   [581632] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/06/19 09:34:37 A . (.Microsoft Corporation - DAM Kernel Driver.) -- C:\WINDOWS\System32\drivers\dam.sys   [97096]  =>.Microsoft?
O58 - SDL:2022/03/22 23:00:06 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) -- C:\WINDOWS\System32\drivers\devauthe.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:27:29 A . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\dfsc.sys   [152064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - PnP Disk Driver.) -- C:\WINDOWS\System32\drivers\disk.sys   [106336]  =>.Microsoft?
O58 - SDL:2022/09/15 09:04:25 A . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\WINDOWS\System32\drivers\Diskdump.sys   [41312]  =>.Microsoft?
O58 - SDL:2022/09/15 09:04:25 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) -- C:\WINDOWS\System32\drivers\Dmpusbstor.sys   [20480] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:57 A . (.Microsoft Corporation - Dynamic Memory.) -- C:\WINDOWS\System32\drivers\dmvsc.sys   [59192]  =>.Microsoft?
O58 - SDL:2021/05/04 03:57:37 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\WINDOWS\System32\drivers\drmk.sys   [97792] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:37 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\WINDOWS\System32\drivers\drmkaud.sys   [16128]  =>.Microsoft?
O58 - SDL:2022/09/15 09:04:21 A . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\WINDOWS\System32\drivers\Dumpata.sys   [40784]  =>.Microsoft?
O58 - SDL:2023/09/30 16:05:09 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\WINDOWS\System32\drivers\dumpfve.sys   [95328]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:09 A . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\WINDOWS\System32\drivers\dumpsd.sys   [198504]  =>.Microsoft?
O58 - SDL:2022/07/21 15:49:38 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) -- C:\WINDOWS\System32\drivers\dumpsdport.sys   [32768] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 09:04:25 A . (.Microsoft Corporation - Storport Dump Driver.) -- C:\WINDOWS\System32\drivers\Dumpstorport.sys   [38232]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:10 A . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\WINDOWS\System32\drivers\dxgkrnl.sys   [3814360]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:10 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\WINDOWS\System32\drivers\dxgmms1.sys   [456152]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:10 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\WINDOWS\System32\drivers\dxgmms2.sys   [903144]  =>.Microsoft?
O58 - SDL:2021/05/14 10:08:52 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) -- C:\WINDOWS\System32\drivers\EhStorClass.sys   [95032]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) -- C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys   [124728]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Error Device Driver.) -- C:\WINDOWS\System32\drivers\errdev.sys   [15872] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys   [3418936]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:25 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\WINDOWS\System32\drivers\exfat.sys   [422784]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:25 A . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\WINDOWS\System32\drivers\fastfat.sys   [431936]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\WINDOWS\System32\drivers\fdc.sys   [34816] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) -- C:\WINDOWS\System32\drivers\filecrypt.sys   [59392] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:46 A . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\WINDOWS\System32\drivers\fileinfo.sys   [94736]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:46 A . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\WINDOWS\System32\drivers\filetrace.sys   [40448] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Floppy Driver.) -- C:\WINDOWS\System32\drivers\flpydisk.sys   [28672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:55 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) -- C:\WINDOWS\System32\drivers\fltMgr.sys   [429904]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:14 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) -- C:\WINDOWS\System32\drivers\fsdepends.sys   [71040]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\WINDOWS\System32\drivers\fs_rec.sys   [33592]  =>.Microsoft?
O58 - SDL:2023/09/30 16:05:09 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\WINDOWS\System32\drivers\fvevol.sys   [809944]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:28 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS   [503680]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:05 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys   [8704] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:21 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys   [138240] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:37 A . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\HdAudio.sys   [430080] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Hid Battery Driver.) -- C:\WINDOWS\System32\drivers\hidbatt.sys   [39440]  =>.Microsoft?
O58 - SDL:2021/05/04 03:57:38 A . (.Microsoft Corporation - Bluetooth Miniport Driver for HID Devices.) -- C:\WINDOWS\System32\drivers\hidbth.sys   [120320] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Hid Class Library.) -- C:\WINDOWS\System32\drivers\hidclass.sys   [233472] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - I2C HID Miniport Driver.) -- C:\WINDOWS\System32\drivers\hidi2c.sys   [57344] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) -- C:\WINDOWS\System32\drivers\hidinterrupt.sys   [55824]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\WINDOWS\System32\drivers\hidir.sys   [48640] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Hid Parsing Library.) -- C:\WINDOWS\System32\drivers\hidparse.sys   [46080] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - SPI HID Miniport Driver.) -- C:\WINDOWS\System32\drivers\hidspi.sys   [104448] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:47 A . (.Microsoft Corporation - HidSpi KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\HidSpiCx.sys   [98304] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\WINDOWS\System32\drivers\hidusb.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys   [64312]  =>.Microsoft?
O58 - SDL:2023/04/21 10:27:26 A . (.Microsoft Corporation - HTTP Protocol Stack.) -- C:\WINDOWS\System32\drivers\http.sys   [1578880]  =>.Microsoft?
O58 - SDL:2023/09/30 16:03:59 A . (.Microsoft Corporation - Hyper-V Crashdump.) -- C:\WINDOWS\System32\drivers\hvcrash.sys   [36224]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:42 A . (.Microsoft Corporation - Hypervisor Boot Driver.) -- C:\WINDOWS\System32\drivers\hvservice.sys   [96112]  =>.Microsoft?
O58 - SDL:2022/07/21 15:50:15 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) -- C:\WINDOWS\System32\drivers\hvsocket.sys   [149328]  =>.Microsoft?
O58 - SDL:2021/05/04 03:58:15 A . (.Microsoft Corporation - Hardware Policy Driver.) -- C:\WINDOWS\System32\drivers\hwpolicy.sys   [33096]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:57 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) -- C:\WINDOWS\System32\drivers\hyperkbd.sys   [27448]  =>.Microsoft?
O58 - SDL:2023/09/30 16:03:58 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) -- C:\WINDOWS\System32\drivers\HyperVideo.sys   [42968]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys   [118272] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys   [36352] [Unsigned]  =>.Intel(R) Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys   [91136] [Unsigned]  =>.Intel(R) Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys   [79360] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys   [93184] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys   [112128] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys   [96256] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys   [171520] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys   [175104] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys   [177152] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys   [177664] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys   [38128]  =>.Intel Corporation - Client Components Group?
O58 - SDL:2019/12/07 14:52:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys   [113152] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAVC.sys   [884752]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys   [412176]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys   [558904]  =>.Microsoft?
O58 - SDL:2018/06/04 04:08:22 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) -- C:\WINDOWS\System32\drivers\ICCWDT.sys   [39504]  =>.Intel(R) Embedded Subsystems and IP Blocks Group?
O58 - SDL:2021/05/04 03:58:05 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) -- C:\WINDOWS\System32\drivers\IndirectKmd.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\WINDOWS\System32\drivers\intelide.sys   [20816]  =>.Microsoft?
O58 - SDL:2021/10/13 09:00:38 A . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\WINDOWS\System32\drivers\intelpep.sys   [418800]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:47 A . (.Microsoft Corporation - Intel Power Limit Driver.) -- C:\WINDOWS\System32\drivers\intelpmax.sys   [30720] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:26:54 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\intelppm.sys   [233856]  =>.Microsoft?
O58 - SDL:2021/05/04 03:57:37 A . (.Microsoft Corporation - Intel Telemetry Driver.) -- C:\WINDOWS\System32\drivers\IntelTA.sys   [26608]  =>.Microsoft?
O58 - SDL:2021/06/19 09:34:26 A . (.Microsoft Corporation - I/O rate control Filter.) -- C:\WINDOWS\System32\drivers\iorate.sys   [57168]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:49 A . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\WINDOWS\System32\drivers\ipfltdrv.sys   [91648] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/06/19 09:34:24 A . (.Microsoft Corporation - WMI IPMI DRIVER.) -- C:\WINDOWS\System32\drivers\IPMIDrv.sys   [117584]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:46 A . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\ipnat.sys   [227840] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - IPT Driver.) -- C:\WINDOWS\System32\drivers\ipt.sys   [59704]  =>.Microsoft?
O58 - SDL:2021/09/29 08:29:15 A . (.Microsoft Corporation - PNP ISA Bus Driver.) -- C:\WINDOWS\System32\drivers\isapnp.sys   [22864]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\ItSas35i.sys   [172344]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Keyboard Class Driver.) -- C:\WINDOWS\System32\drivers\kbdclass.sys   [71480]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - HID Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\kbdhid.sys   [46592] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:59:14 A . (.Microsoft Corporation - Keyboard Lockdown Subsystem.) -- C:\WINDOWS\System32\drivers\kbldfltr.sys   [29000]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) -- C:\WINDOWS\System32\drivers\kdnic.sys   [33296]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:25 A . (.Microsoft Corporation - Network Power Dependency Broker.) -- C:\WINDOWS\System32\drivers\KNetPwrDepBroker.sys   [32256] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:31 A . (.Microsoft Corporation - Kernel CSA Library.) -- C:\WINDOWS\System32\drivers\ks.sys   [450048] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:28 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\drivers\ksecdd.sys   [149976]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:26 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\drivers\ksecpkg.sys   [181232]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:58 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) -- C:\WINDOWS\System32\drivers\ksthunk.sys   [29696] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:55 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\WINDOWS\System32\drivers\lltdio.sys   [72704] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys   [108856]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys   [124216]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys   [135992]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys   [82744]  =>.Microsoft?
O58 - SDL:2023/04/21 10:27:31 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) -- C:\WINDOWS\System32\drivers\luafv.sys   [143360] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) -- C:\WINDOWS\System32\drivers\mausbhost.sys   [537608]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - MA-USB IP Driver.) -- C:\WINDOWS\System32\drivers\mausbip.sys   [64016]  =>.Microsoft?
O58 - SDL:2023/02/05 15:13:26 A . (.Malwarebytes - Malwarebytes Anti-Exploit.) -- C:\WINDOWS\System32\drivers\mbae64.sys   [158640]  =>.Microsoft?
O58 - SDL:2023/02/05 15:13:12 A . (.Malwarebytes - Malwarebytes Early Launch Anti-Malware Driv.) -- C:\WINDOWS\System32\drivers\MbamElam.sys   [21480]  =>.Microsoft?
O58 - SDL:2023/02/05 15:13:55 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys   [239544]  =>.Microsoft?
O58 - SDL:2022/05/07 12:21:26 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) -- C:\WINDOWS\System32\drivers\MbbCx.sys   [386048] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/05/06 02:03:46 A . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\WINDOWS\System32\drivers\MBfilt64.sys   [43456]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:00 A . (.Microsoft Corporation - Medium changer class driver.) -- C:\WINDOWS\System32\drivers\mcd.sys   [25088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys   [59704]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys   [81720]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas35i.sys   [105480]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys   [575800]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:47 A . (.Microsoft Corporation - Microsoft Bluetooth Avrcp Transport Driver.) -- C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys   [65024] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:38 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) -- C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys   [106496] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys   [1131320]  =>.Microsoft?
O58 - SDL:2021/05/04 03:57:43 A . (.Microsoft Corporation - MMCSS Driver.) -- C:\WINDOWS\System32\drivers\mmcss.sys   [53248] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:59:00 A . (.Microsoft Corporation - Modem Device Driver.) -- C:\WINDOWS\System32\drivers\modem.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/14 10:54:25 A . (.Microsoft Corporation - Monitor Driver.) -- C:\WINDOWS\System32\drivers\monitor.sys   [83968] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Mouse Class Driver.) -- C:\WINDOWS\System32\drivers\mouclass.sys   [67600]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - HID Mouse Filter Driver.) -- C:\WINDOWS\System32\drivers\mouhid.sys   [35328] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - Mount Point Manager.) -- C:\WINDOWS\System32\drivers\mountmgr.sys   [110392]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:33 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\WINDOWS\System32\drivers\mpsdrv.sys   [80896] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/22 23:00:55 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\WINDOWS\System32\drivers\mrxdav.sys   [165888] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:58 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\mrxsmb.sys   [584064]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:28 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\WINDOWS\System32\drivers\mrxsmb20.sys   [263128]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - Mailslot driver.) -- C:\WINDOWS\System32\drivers\msfs.sys   [44048]  =>.Microsoft?
O58 - SDL:2021/05/04 03:57:55 A . (.Microsoft Corporation - GPIO Class Extension Driver.) -- C:\WINDOWS\System32\drivers\msgpioclx.sys   [183112]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - GPIO Button Driver.) -- C:\WINDOWS\System32\drivers\msgpiowin32.sys   [56120]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:36 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\WINDOWS\System32\drivers\mshidkmdf.sys   [8192] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:16 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) -- C:\WINDOWS\System32\drivers\mshidumdf.sys   [12288] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:36 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) -- C:\WINDOWS\System32\drivers\mshwnclx.sys   [30208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/29 08:29:15 A . (.Microsoft Corporation - ISA Driver.) -- C:\WINDOWS\System32\drivers\msisadrv.sys   [20280]  =>.Microsoft?
O58 - SDL:2023/06/05 10:17:10 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\WINDOWS\System32\drivers\msiscsi.sys   [294208]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:31 A . (.Microsoft Corporation - MS KS Server.) -- C:\WINDOWS\System32\drivers\mskssrv.sys   [45568] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:05 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) -- C:\WINDOWS\System32\drivers\mslldp.sys   [78848] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:58 A . (.Microsoft Corporation - MS Proxy Clock.) -- C:\WINDOWS\System32\drivers\mspclock.sys   [11264] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:58 A . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\WINDOWS\System32\drivers\mspqm.sys   [11264] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:13 A . (.Microsoft Corporation - Windows QUIC Driver.) -- C:\WINDOWS\System32\drivers\msquic.sys   [322376]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:28 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\WINDOWS\System32\drivers\msrpc.sys   [385408]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:24 A . (.Microsoft Corporation - Microsoft Security Core Boot Driver.) -- C:\WINDOWS\System32\drivers\msseccore.sys   [26496]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:24 A . (.Microsoft Corporation - Microsoft Security Events Component file sy.) -- C:\WINDOWS\System32\drivers\mssecflt.sys   [406848]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:24 A . (.Microsoft Corporation - Microsoft Security WFP Callout Driver.) -- C:\WINDOWS\System32\drivers\mssecwfp.sys   [66944]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\WINDOWS\System32\drivers\mssmbios.sys   [47928]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:58 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\WINDOWS\System32\drivers\mstee.sys   [12288] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) -- C:\WINDOWS\System32\drivers\MTConfig.sys   [17920] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/02/05 14:59:39 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) -- C:\WINDOWS\System32\drivers\mup.sys   [134480]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys   [63800]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys   [146232]  =>.Microsoft?
O58 - SDL:2022/02/12 13:33:24 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) -- C:\WINDOWS\System32\drivers\ndis.sys   [1476944]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:48 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) -- C:\WINDOWS\System32\drivers\ndiscap.sys   [54272] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:23 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) -- C:\WINDOWS\System32\drivers\NdisImPlatform.sys   [135168] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:25 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\WINDOWS\System32\drivers\ndistapi.sys   [28672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - NDIS User mode I/O driver.) -- C:\WINDOWS\System32\drivers\ndisuio.sys   [70656] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:05 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) -- C:\WINDOWS\System32\drivers\NdisVirtualBus.sys   [23040] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:27:34 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\WINDOWS\System32\drivers\ndiswan.sys   [208384] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:48 A . (.Microsoft Corporation - RDMA Sample Driver.) -- C:\WINDOWS\System32\drivers\NDKPing.sys   [72720]  =>.Microsoft?
O58 - SDL:2021/05/04 03:58:25 A . (.Microsoft Corporation - NDIS Proxy.) -- C:\WINDOWS\System32\drivers\ndproxy.sys   [93696] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:33 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) -- C:\WINDOWS\System32\drivers\Ndu.sys   [131584] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/07 12:21:39 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys   [210944] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:04 A . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\WINDOWS\System32\drivers\netbios.sys   [64312]  =>.Microsoft?
O58 - SDL:2021/05/04 03:58:23 A . (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netbt.sys   [341504] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:57 A . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\WINDOWS\System32\drivers\netio.sys   [619904]  =>.Microsoft?
O58 - SDL:2023/09/30 16:03:59 A . (.Microsoft Corporation - Virtual NDIS Miniport.) -- C:\WINDOWS\System32\drivers\netvsc.sys   [302568]  =>.Microsoft?
O58 - SDL:2022/08/15 21:34:32 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwtw08.sys   [8831064] {58B1C1C43E999C1CF7C694A1D776D0FE}.  =>.Intel Corporation
O58 - SDL:2023/09/30 16:04:27 A . (.Microsoft Corporation - NPFS Driver.) -- C:\WINDOWS\System32\drivers\npfs.sys   [88448]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Named pipe service triggers.) -- C:\WINDOWS\System32\drivers\npsvctrig.sys   [27648] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:15 A . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\drivers\nsiproxy.sys   [48640] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:27 A . (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys   [2844528]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:58 A . (.Microsoft Corporation - NTOS extension host driver.) -- C:\WINDOWS\System32\drivers\ntosext.sys   [20792]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - NULL Driver.) -- C:\WINDOWS\System32\drivers\null.sys   [7680] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - NVDIMM device driver.) -- C:\WINDOWS\System32\drivers\nvdimm.sys   [168464]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys   [150328]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys   [166200]  =>.Microsoft?
O58 - SDL:2022/02/12 13:33:03 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) -- C:\WINDOWS\System32\drivers\nwifi.sys   [757760] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:04 A . (.Microsoft Corporation - QoS Packet Scheduler.) -- C:\WINDOWS\System32\drivers\pacer.sys   [161608]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\parport.sys   [109056] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:57 A . (.Microsoft Corporation - Partition driver.) -- C:\WINDOWS\System32\drivers\partmgr.sys   [185216]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) -- C:\WINDOWS\System32\drivers\pci.sys   [478552]  =>.Microsoft?
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\drivers\pciide.sys   [17752]  =>.Microsoft?
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\WINDOWS\System32\drivers\pciidex.sys   [57680]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - PCMCIA Bus Driver.) -- C:\WINDOWS\System32\drivers\pcmcia.sys   [127800]  =>.Microsoft?
O58 - SDL:2022/07/21 15:49:44 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\WINDOWS\System32\drivers\pcw.sys   [60232]  =>.Microsoft?
O58 - SDL:2021/06/19 09:34:27 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\WINDOWS\System32\drivers\pdc.sys   [159056]  =>.Microsoft?
O58 - SDL:2023/06/05 10:17:11 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\WINDOWS\System32\drivers\PEAuth.sys   [825344] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys   [58680]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys   [68408]  =>.Microsoft?
O58 - SDL:2023/08/21 13:54:31 A . (.Microsoft Corporation - Packet Monitor Driver.) -- C:\WINDOWS\System32\drivers\PktMon.sys   [131392]  =>.Microsoft?
O58 - SDL:2022/09/15 09:04:12 A . (.Microsoft Corporation - Persistent memory driver.) -- C:\WINDOWS\System32\drivers\pmem.sys   [142176]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - Plug and Play Memory Driver.) -- C:\WINDOWS\System32\drivers\pnpmem.sys   [17408] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:36 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) -- C:\WINDOWS\System32\drivers\portcfg.sys   [27136] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:37 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\WINDOWS\System32\drivers\portcls.sys   [388608] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:26:54 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\processr.sys   [219504]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:33 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) -- C:\WINDOWS\System32\drivers\ProcLaunchMon.sys   [43448]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:05 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) -- C:\WINDOWS\System32\drivers\qwavedrv.sys   [53248] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - RAM Disk Driver.) -- C:\WINDOWS\System32\drivers\ramdisk.sys   [42296]  =>.Microsoft?
O58 - SDL:2021/05/04 03:58:24 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\WINDOWS\System32\drivers\rasacd.sys   [20480] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:32 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\rasl2tp.sys   [112128] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:33 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\raspppoe.sys   [89088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:27:34 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\WINDOWS\System32\drivers\raspptp.sys   [105984] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:05 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\WINDOWS\System32\drivers\rassstp.sys   [87552] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/07/21 15:49:47 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- C:\WINDOWS\System32\drivers\rdbss.sys   [457568]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\WINDOWS\System32\drivers\rdpbus.sys   [28672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:59:00 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys   [169984] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:30 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\WINDOWS\System32\drivers\rdpvideominiport.sys   [32624]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:54 A . (.Microsoft Corporation - ReadyBoost Driver.) -- C:\WINDOWS\System32\drivers\rdyboost.sys   [297784]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:24 A . (.Microsoft Corporation - NT ReFS FS Driver.) -- C:\WINDOWS\System32\drivers\refs.sys   [2011096]  =>.Microsoft?
O58 - SDL:2022/02/13 10:18:14 A . (.Microsoft Corporation - NT ReFS FS Driver.) -- C:\WINDOWS\System32\drivers\refsv1.sys   [990536]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\WINDOWS\System32\drivers\rfcomm.sys   [213504] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:38 A . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) -- C:\WINDOWS\System32\drivers\RfxVmt.sys   [8192] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) -- C:\WINDOWS\System32\drivers\rhproxy.sys   [115712] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:29 A . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\WINDOWS\System32\drivers\rmcast.sys   [164352] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:07 A . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\WINDOWS\System32\drivers\RNDISMP.sys   [37376] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:51 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\WINDOWS\System32\drivers\rootmdm.sys   [13824] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:55 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\WINDOWS\System32\drivers\rspndr.sys   [89088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/10/26 20:13:12 A . (.Realtek - Realtek 8125/8136/8168/8169 NDIS 6.40 64-bi.) -- C:\WINDOWS\System32\drivers\rt640x64.sys   [1210240]  =>.Realtek Semiconductor Corp.?
O58 - SDL:2019/12/07 14:53:09 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys   [48640] [Unsigned]  =>.Realtek
O58 - SDL:2019/05/06 02:39:40 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys   [6840408]  =>.Realtek Semiconductor Corp.?
O58 - SDL:2019/05/31 10:04:58 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\WINDOWS\System32\drivers\RtsPer.sys   [1012640]  =>.Realtek Semiconductor Corp.?
O58 - SDL:2022/08/18 17:06:06 N . (.Razer Inc - Razer Common Driver.) -- C:\WINDOWS\System32\drivers\RzCommon.sys   [64168] {0DCDADD13E8649F619040327F45A575F}.  =>.Razer Inc
O58 - SDL:2020/08/24 18:52:48 A . (.Razer Inc - Razer Device Driver.) -- C:\WINDOWS\System32\drivers\RzDev_0257.sys   [54152]  =>.Razer USA Ltd.?
O58 - SDL:2021/10/13 09:00:38 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\WINDOWS\System32\drivers\sbp2port.sys   [118088]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:59 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) -- C:\WINDOWS\System32\drivers\scfilter.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/02/13 10:17:54 A . (.Microsoft Corporation - Storage Class Memory Bus Driver.) -- C:\WINDOWS\System32\drivers\scmbus.sys   [158520]  =>.Microsoft?
O58 - SDL:2021/10/13 09:00:59 A . (.Microsoft Corporation - SCSI Port Driver.) -- C:\WINDOWS\System32\drivers\scsiport.sys   [188232]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:09 A . (.Microsoft Corporation - SecureDigital Bus Driver.) -- C:\WINDOWS\System32\drivers\sdbus.sys   [306520]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - SDF Reflector.) -- C:\WINDOWS\System32\drivers\SDFRd.sys   [35128]  =>.Microsoft?
O58 - SDL:2022/07/21 15:49:25 A . (.Microsoft Corporation - SD Host Controller Port Driver.) -- C:\WINDOWS\System32\drivers\sdport.sys   [106344]  =>.Microsoft?
O58 - SDL:2021/10/13 09:00:38 A . (.Microsoft Corporation - SD Storage Class Driver.) -- C:\WINDOWS\System32\drivers\sdstor.sys   [104264]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:36 A . (.Microsoft Corporation - Serial Class Extension.) -- C:\WINDOWS\System32\drivers\SerCx.sys   [86328]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:36 A . (.Microsoft Corporation - Serial Class Extension V2.) -- C:\WINDOWS\System32\drivers\SerCx2.sys   [173072]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\WINDOWS\System32\drivers\serenum.sys   [27648] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Serial Device Driver.) -- C:\WINDOWS\System32\drivers\serial.sys   [90624] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\WINDOWS\System32\drivers\sermouse.sys   [29184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\WINDOWS\System32\drivers\sfloppy.sys   [19456] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:54:33 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) -- C:\WINDOWS\System32\drivers\SgrmAgent.sys   [88080]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys   [44856]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys   [81720]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - Sleep Study Helper.) -- C:\WINDOWS\System32\drivers\SleepStudyHelper.sys   [38200]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) -- C:\WINDOWS\System32\drivers\SmartSAMD.sys   [209720]  =>.Microsoft?
O58 - SDL:2019/12/07 15:38:52 A . (.Microsoft Corporation - SMB Network Direct Driver.) -- C:\WINDOWS\System32\drivers\smbdirect.sys   [172544] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/06/06 18:30:16 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys   [48480]  =>.Synaptics Incorporated?
O58 - SDL:2019/06/06 18:30:16 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys   [48992]  =>.Synaptics Incorporated?
O58 - SDL:2019/12/07 14:54:09 A . (.Microsoft Corporation - Smart Card Driver Library.) -- C:\WINDOWS\System32\drivers\smclib.sys   [21504] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) -- C:\WINDOWS\System32\drivers\spacedump.sys   [219976]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:34 A . (.Microsoft Corporation - Storage Spaces Parser.) -- C:\WINDOWS\System32\drivers\spaceparser.sys   [26624] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\WINDOWS\System32\drivers\spaceport.sys   [682816]  =>.Microsoft?
O58 - SDL:2019/12/07 15:38:49 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) -- C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys   [90936]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:47 A . (.Microsoft Corporation - SPB Class Extension.) -- C:\WINDOWS\System32\drivers\SpbCx.sys   [96080]  =>.Microsoft?
O58 - SDL:2023/06/05 10:17:24 A . (.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\WINDOWS\System32\drivers\srv2.sys   [784896] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:58 A . (.Microsoft Corporation - Server Network driver.) -- C:\WINDOWS\System32\drivers\srvnet.sys   [322560] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/30 05:23:56 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus2.sys   [167440]  =>.Samsung Electronics CO., LTD.?
O58 - SDL:2022/09/30 05:24:08 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys   [174112]  =>.Samsung Electronics CO., LTD.?
O58 - SDL:2019/12/07 14:52:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys   [31032]  =>.Microsoft?
O58 - SDL:2022/08/26 20:00:56 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) -- C:\WINDOWS\System32\drivers\storahci.sys   [187240]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) -- C:\WINDOWS\System32\drivers\stornvme.sys   [165248]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:27 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\WINDOWS\System32\drivers\storport.sys   [725848]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:37 A . (.Microsoft Corporation - Storage QoS Filter.) -- C:\WINDOWS\System32\drivers\storqosflt.sys   [92984]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) -- C:\WINDOWS\System32\drivers\storufs.sys   [72560]  =>.Microsoft?
O58 - SDL:2023/09/30 16:03:58 A . (.Microsoft Corporation - Storage VSC Driver.) -- C:\WINDOWS\System32\drivers\storvsc.sys   [45528]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:00 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\WINDOWS\System32\drivers\stream.sys   [82432] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:38 A . (.Microsoft Corporation - Microsoft RemoteFX Synth3D Video VSC.) -- C:\WINDOWS\System32\drivers\Synth3dVsc.sys   [6656] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/06/06 18:30:24 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys   [766816]  =>.Synaptics Incorporated?
O58 - SDL:2019/12/07 14:54:00 A . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\WINDOWS\System32\drivers\tape.sys   [33280] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/04/01 13:11:41 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tapprotonvpn.sys   [49024]  =>.Microsoft?
O58 - SDL:2021/05/04 03:57:46 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) -- C:\WINDOWS\System32\drivers\tbs.sys   [31568]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:28 A . (.Microsoft Corporation - TCP/IP Driver.) -- C:\WINDOWS\System32\drivers\tcpip.sys   [3005296]  =>.Microsoft?
O58 - SDL:2023/08/21 13:54:03 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\WINDOWS\System32\drivers\tcpipreg.sys   [56832] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - TDI Wrapper.) -- C:\WINDOWS\System32\drivers\tdi.sys   [39736]  =>.Microsoft?
O58 - SDL:2021/09/29 08:29:45 A . (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys   [117584]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Terminal Server Input Driver.) -- C:\WINDOWS\System32\drivers\terminpt.sys   [41272]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:58 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) -- C:\WINDOWS\System32\drivers\tm.sys   [143744]  =>.Microsoft?
O58 - SDL:2023/04/21 10:26:55 A . (.Microsoft Corporation - TPM Device Driver.) -- C:\WINDOWS\System32\drivers\tpm.sys   [256384]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) -- C:\WINDOWS\System32\drivers\TsUsbFlt.sys   [66560] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/14 10:54:26 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) -- C:\WINDOWS\System32\drivers\TsUsbGD.sys   [37888] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/22 23:00:09 A . (.Microsoft Corporation - Remote Desktop USB Hub.) -- C:\WINDOWS\System32\drivers\tsusbhub.sys   [137728] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/02/05 14:59:46 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) -- C:\WINDOWS\System32\drivers\tunnel.sys   [129024] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 09:04:12 A . (.Microsoft Corporation - Microsoft Uasp Driver.) -- C:\WINDOWS\System32\drivers\uaspstor.sys   [83816]  =>.Microsoft?
O58 - SDL:2021/10/13 09:00:49 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\UcmCx.sys   [160256] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:37 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\UcmTcpciCx.sys   [188416] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) -- C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys   [36864] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:05 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\UcmUcsiCx.sys   [113152] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - USB Controller Extension.) -- C:\WINDOWS\System32\drivers\Ucx01000.sys   [259896]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:09 A . (.Microsoft Corporation - "udecx.DRIVER".) -- C:\WINDOWS\System32\drivers\Udecx.sys   [52736] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:32 A . (.Microsoft Corporation - UDF File System Driver.) -- C:\WINDOWS\System32\drivers\udfs.sys   [348672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/02/12 13:33:52 A . (.Microsoft Corporation - Microsoft User Experience Virtualization Ag.) -- C:\WINDOWS\System32\drivers\UevAgentDriver.sys   [41288]  =>.Microsoft?
O58 - SDL:2022/02/12 13:33:15 A . (.Microsoft Corporation - USB Function Driver Class Extension.) -- C:\WINDOWS\System32\drivers\ufx01000.sys   [324432]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:09 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) -- C:\WINDOWS\System32\drivers\ufxsynopsys.sys   [169344]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Generic pass-through driver.) -- C:\WINDOWS\System32\drivers\umpass.sys   [15360] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:37 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) -- C:\WINDOWS\System32\drivers\urscx01000.sys   [76304]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:07 A . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\WINDOWS\System32\drivers\usb8023.sys   [24064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:21 A . (.Microsoft Corporation - USB Audio Class Driver.) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys   [209920] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) -- C:\WINDOWS\System32\drivers\usbaudio2.sys   [260608] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:41 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\System32\drivers\USBCAMD2.sys   [40448] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/04/21 10:26:55 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\WINDOWS\System32\drivers\usbccgp.sys   [190336]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:50 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\WINDOWS\System32\drivers\usbcir.sys   [107520] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\WINDOWS\System32\drivers\usbd.sys   [34176]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\WINDOWS\System32\drivers\usbehci.sys   [87424]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\WINDOWS\System32\drivers\usbhub.sys   [529216]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - USB3 HUB Driver.) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS   [648560]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\WINDOWS\System32\drivers\usbohci.sys   [30208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:37 A . (...) -- C:\WINDOWS\System32\drivers\UsbPmApi.sys   [53248] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\WINDOWS\System32\drivers\usbport.sys   [474440]  =>.Microsoft?
O58 - SDL:2023/04/21 10:26:54 A . (.Microsoft Corporation - USB Printer driver.) -- C:\WINDOWS\System32\drivers\usbprint.sys   [42496] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/02/05 14:59:09 A . (.Microsoft Corporation - USB Serial Driver.) -- C:\WINDOWS\System32\drivers\usbser.sys   [81408] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 09:04:12 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS   [139624]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\WINDOWS\System32\drivers\usbuhci.sys   [39424] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/07/21 15:49:20 A . (.Microsoft Corporation - USB Video Class Driver.) -- C:\WINDOWS\System32\drivers\usbvideo.sys   [328040]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:22 A . (.Microsoft Corporation - USB XHCI Driver.) -- C:\WINDOWS\System32\drivers\USBXHCI.SYS   [620352]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) -- C:\WINDOWS\System32\drivers\vdrvroot.sys   [67384]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - Driver Verifier Extension.) -- C:\WINDOWS\System32\drivers\VerifierExt.sys   [347448]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:09 A . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\WINDOWS\System32\drivers\vhdmp.sys   [824144]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) -- C:\WINDOWS\System32\drivers\vhf.sys   [47616] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:03:58 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) -- C:\WINDOWS\System32\drivers\Vid.sys   [645488]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - Video Port Driver.) -- C:\WINDOWS\System32\drivers\videoprt.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:50 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) -- C:\WINDOWS\System32\drivers\vmbkmcl.sys   [118656]  =>.Microsoft?
O58 - SDL:2023/09/30 16:03:58 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) -- C:\WINDOWS\System32\drivers\vmbus.sys   [166896]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:57 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) -- C:\WINDOWS\System32\drivers\VMBusHID.sys   [36664]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:57 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) -- C:\WINDOWS\System32\drivers\vmgencounter.sys   [23864]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:57 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) -- C:\WINDOWS\System32\drivers\vmgid.sys   [19768]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:57 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) -- C:\WINDOWS\System32\drivers\vms3cap.sys   [18960]  =>.Microsoft?
O58 - SDL:2023/09/30 16:03:58 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\vmstorfl.sys   [55256]  =>.Microsoft?
O58 - SDL:2022/07/21 15:49:20 A . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\drivers\volmgr.sys   [92000]  =>.Microsoft?
O58 - SDL:2019/12/07 14:54:37 A . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\drivers\volmgrx.sys   [389432]  =>.Microsoft?
O58 - SDL:2023/08/21 13:54:06 A . (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys   [430928]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:53 A . (.Microsoft Corporation - Volume driver.) -- C:\WINDOWS\System32\drivers\volume.sys   [16696]  =>.Microsoft?
O58 - SDL:2023/04/21 10:26:55 A . (.Microsoft Corporation - Virtual PCI Bus.) -- C:\WINDOWS\System32\drivers\vpci.sys   [91520]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys   [166712]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS   [305464]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:13 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) -- C:\WINDOWS\System32\drivers\vwifibus.sys   [29184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/29 08:29:17 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\WINDOWS\System32\drivers\vwififlt.sys   [77824] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:13 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\WINDOWS\System32\drivers\vwifimp.sys   [50688] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:53 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) -- C:\WINDOWS\System32\drivers\wacompen.sys   [31232] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:58:25 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\WINDOWS\System32\drivers\wanarp.sys   [93184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/05/04 03:57:55 A . (.Microsoft Corporation - Watchdog Driver.) -- C:\WINDOWS\System32\drivers\watchdog.sys   [74752] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:20 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) -- C:\WINDOWS\System32\drivers\wcifs.sys   [209384]  =>.Microsoft?
O58 - SDL:2022/07/21 15:49:38 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) -- C:\WINDOWS\System32\drivers\wcnfs.sys   [93184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:15 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\WINDOWS\System32\drivers\WdBoot.sys   [46688]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:57 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\System32\drivers\Wdf01000.sys   [834944]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:15 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\WINDOWS\System32\drivers\WdFilter.sys   [350136]  =>.Microsoft?
O58 - SDL:2023/08/21 13:53:57 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\WINDOWS\System32\drivers\WdfLdr.sys   [60248]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:04 A . (.Microsoft Corporation - WDI Driver Framework Driver.) -- C:\WINDOWS\System32\drivers\WdiWiFi.sys   [967168] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:39 A . (.Microsoft Corporation - WDM Companion Filter.) -- C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys   [23560]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:16 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) -- C:\WINDOWS\System32\drivers\WdNisDrv.sys   [54200]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) -- C:\WINDOWS\System32\drivers\werkernel.sys   [52024]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:18 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\WINDOWS\System32\drivers\wfplwfs.sys   [181632]  =>.Microsoft?
O58 - SDL:2021/09/29 08:29:28 A . (.Microsoft Corporation - Wim file system Driver.) -- C:\WINDOWS\System32\drivers\wimmount.sys   [39760]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:37 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) -- C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys   [76984]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) -- C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys   [18920]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:50 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) -- C:\WINDOWS\System32\drivers\winhv.sys   [39896]  =>.Microsoft?
O58 - SDL:2023/09/30 16:04:42 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) -- C:\WINDOWS\System32\drivers\winhvr.sys   [98176]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys   [36152]  =>.Microsoft?
O58 - SDL:2022/03/22 23:00:11 A . (.Microsoft Corporation - Windows NAT Driver.) -- C:\WINDOWS\System32\drivers\winnat.sys   [261120] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/06/01 12:11:15 A . (.WireGuard LLC - Wintun Driver.) -- C:\WINDOWS\System32\drivers\wintun.sys   [29680]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:56 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) -- C:\WINDOWS\System32\drivers\winusb.sys   [107008] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:52:54 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys   [73016]  =>.Microsoft?
O58 - SDL:2022/06/01 12:12:23 A . (.WireGuard LLC - WireGuard Driver.) -- C:\WINDOWS\System32\drivers\wireguard.sys   [489368]  =>.Microsoft?
O58 - SDL:2019/12/07 14:52:54 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\WINDOWS\System32\drivers\wmiacpi.sys   [19456] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\WINDOWS\System32\drivers\wmilib.sys   [19472]  =>.Microsoft?
O58 - SDL:2023/02/05 14:59:35 A . (.Microsoft Corporation - Windows Overlay Filter.) -- C:\WINDOWS\System32\drivers\wof.sys   [235392]  =>.Microsoft?
O58 - SDL:2019/12/07 15:38:52 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) -- C:\WINDOWS\System32\drivers\WpdUpFltr.sys   [32568]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:49 A . (.Microsoft Corporation - WPP Trace Recorder.) -- C:\WINDOWS\System32\drivers\WppRecorder.sys   [43832]  =>.Microsoft?
O58 - SDL:2019/12/07 14:53:41 A . (.Microsoft Corporation - Winsock2 IFS Layer.) -- C:\WINDOWS\System32\drivers\ws2ifsl.sys   [25088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:02 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\System32\drivers\WUDFPf.sys   [136192] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:54:02 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\System32\drivers\WUDFRd.sys   [323072] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/22 23:00:06 A . (.Microsoft Corporation - Game Input Protocol Driver.) -- C:\WINDOWS\System32\drivers\xboxgip.sys   [332288] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/08/21 13:53:21 A . (.Microsoft Corporation - XINPUT filter driver for HID.) -- C:\WINDOWS\System32\drivers\xinputhid.sys   [58368] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/01/15 11:23:44 A . (.Intel Corporation - Intel(R) Acpi Control Driver.) -- C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys   [56024]  =>.Intel(R) Extreme Tuning Utility?
O58 - SDL:2019/12/07 14:52:47 A . (.Microsoft Corporation - Xbox 360 Common Controller for Windows Driv.) -- C:\WINDOWS\System32\drivers\xusb22.sys   [102400] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:19 A . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\WINDOWS\System32\win32k.sys   [598016] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:14 A . (.Microsoft Corporation - Base Win32k Kernel Driver.) -- C:\WINDOWS\System32\win32kbase.sys   [2912768] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:20 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) -- C:\WINDOWS\System32\win32kfull.sys   [3811840] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 14:53:34 A . (.Microsoft Corporation - Win32k non session driver.) -- C:\WINDOWS\System32\win32kns.sys   [30208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:37 A . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\WINDOWS\SysWOW64\win32k.sys   [330240] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2023/09/30 16:04:38 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) -- C:\WINDOWS\SysWOW64\win32kfull.sys   [2756608] [Unsigned]  =>.Microsoft Corporation

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe [Unsigned]  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe [Unsigned]  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  =>.Microsoft?
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe [Unsigned]  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S  =>.Default.Value

---\\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   =>.Mozilla Corporation?
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\Shell\open\Command] (.Google LLC - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   =>.Google LLC?
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   =>.Microsoft?
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe   =>.Microsoft?
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) -- C:\WINDOWS\System32\ie4ushowIE.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla Firefox> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) -- C:\WINDOWS\System32\ie4ushowIE.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  =>.Microsoft Corporation

---\\ Search Browser Infection (2) - 8s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/  =>.Bing.com

---\\ Search Svchost Services (52) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll   [221696] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [221696] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll   [304128] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll   [1342464] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [1053696] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [836608] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll   [32768] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll   [161280] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [112640] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll   [813056] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [243712] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [488448] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll   [542720] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports.) -- C:\Windows\System32\wercplsupport.dll   [134656] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll   [2465280] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll   [333824] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) -- C:\Windows\System32\MitigationClient.dll   [495616] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Provides infrastructure support for deployi.) -- C:\Windows\System32\LanguageOverlayServer.dll   [410112] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll   [223232] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll   [1291264] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll   [1131008] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows Management Service DLL.) -- C:\Windows\System32\Windows.Management.Service.dll   [852992] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll   [70656] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll   [1484288] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll   [329216] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll   [2247680] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll   [1522176] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll   [48640] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\Windows\System32\NaturalAuth.dll   [454656] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll   [111616] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [1009152] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [551936] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll   [77824] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [619008] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [316928] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll   [3447296] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll   [1481216] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll   [283136] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll   [58880] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\Windows\System32\flightsettings.dll   [941152]  =>.Microsoft?
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\Windows\System32\WpnService.dll   [245248] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll   [217600] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll   [1295360] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) -- C:\Windows\System32\usosvc.dll   [570368] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll   [72704] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll   [171520] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll   [1049600] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll   [288256] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll   [207360] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll   [556032] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll   [162136]  =>.Microsoft?
O83 - Search Svchost Services: DcSvc (DcSvc) . (.Microsoft Corporation - dcsvc.) -- C:\Windows\System32\dcsvc.dll   [787968] [Unsigned]  =>.Microsoft Corporation

---\\ Firewall Active Exception List (50) - 14s
O87 - FAEL: "{AADFD93D-FA98-4B3E-AD31-6A53874A96C5}" [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe  =>.Mozilla Corporation?
O87 - FAEL: "{05CEE27F-1165-4E1F-A0D1-4A6E01A248E8}" [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe  =>.Mozilla Corporation?
O87 - FAEL: "{2C3F8F90-B532-4E32-A807-38A2E63BA013}" [In-None-P17-TRUE] .(.Zoom Video Communications, Inc. - Zoom Meetings.) -- C:\Users\Shahil\AppData\Roaming\Zoom\bin\Zoom.exe {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.
O87 - FAEL: "{20E28800-5492-4C60-A9D5-D4CDA3755A37}" [In-None-P6-TRUE] .(.Zoom Video Communications, Inc. - AirHost.) -- C:\Users\Shahil\AppData\Roaming\Zoom\bin\airhost.exe {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.
O87 - FAEL: "{64881B98-7DD4-4F04-821C-8CC6B5A5AA21}" [In-None-P17-TRUE] .(.Zoom Video Communications, Inc. - AirHost.) -- C:\Users\Shahil\AppData\Roaming\Zoom\bin\airhost.exe {039CCFAB33EA417D56BF9798EF5AB797}.  =>.Zoom Video Communications, Inc.
O87 - FAEL: "TCP Query User{4B96D514-BDE6-4E52-AE01-4047FC4E7C0C}C:\program files\mozilla firefox\firefox.exe" [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe  =>.Mozilla Corporation?
O87 - FAEL: "UDP Query User{83E57E4E-28C4-4E88-8498-070CD1E653EE}C:\program files\mozilla firefox\firefox.exe" [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe  =>.Mozilla Corporation?
O87 - FAEL: "{96319734-85EF-4E48-B581-1C14EA34515E}" [In-None-P6-FALSE] .(.VideoLAN - VLC media player.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [Unsigned]  =>.VideoLAN
O87 - FAEL: "{0334EA4F-590E-45AF-A968-6C608FFFA0BE}" [In-None-P17-FALSE] .(.VideoLAN - VLC media player.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [Unsigned]  =>.VideoLAN
O87 - FAEL: "{4B9E50C2-D279-40A6-9511-BC498B37EF32}" [In-None-P17-TRUE] .(.Free Time Co., Ltd. - FormatFactory.) -- C:\Program Files (x86)\FormatFactory\FormatFactory.exe [Unsigned]  =>.Free Time Co., Ltd.
O87 - FAEL: "{9A9F5343-12E1-447A-A299-B92588D26867}" [In-None-P17-TRUE] .(.Free Time Co., Ltd. - Format Factory EBook Codec Online Installer.) -- C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe  =>.Free Time Co., Ltd.?
O87 - FAEL: "TCP Query User{59314A66-9BF8-4754-9F94-7800C3106D9E}D:\installation files\anydesk.exe" [In-None-P6-TRUE] .(.AnyDesk Software GmbH - AnyDesk.) -- D:\installation files\anydesk.exe  =>.philandro Software GmbH?
O87 - FAEL: "UDP Query User{CB881364-41B6-45B4-BF31-26E61AA26066}D:\installation files\anydesk.exe" [In-None-P17-TRUE] .(.AnyDesk Software GmbH - AnyDesk.) -- D:\installation files\anydesk.exe  =>.philandro Software GmbH?
O87 - FAEL: "TCP Query User{169F9253-524A-481E-BFF0-6C65BCC79A9F}F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe" [In-None-P6-TRUE] .(.2K Games, Inc. - WWE 2K Battlegrounds.) -- F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe [Unsigned]  =>.2K Games, Inc.
O87 - FAEL: "UDP Query User{3AF4FCEA-ED96-4768-A21A-2AFCE9F4BB7C}F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe" [In-None-P17-TRUE] .(.2K Games, Inc. - WWE 2K Battlegrounds.) -- F:\games\wwe 2k battlegrounds\wweplaygrounds\binaries\win64\wweplaygrounds-win64-shipping.exe [Unsigned]  =>.2K Games, Inc.
O87 - FAEL: "{8A5B76DC-5821-4F4F-AAB9-96C1D4F14028}" [In-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl?
O87 - FAEL: "{01CEACC9-2006-40FA-8E40-A0D4499AF050}" [Out-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl?
O87 - FAEL: "{734E2784-70CF-4C1B-8272-4580DC7E7D95}" [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl?
O87 - FAEL: "{A782FE41-1F56-43E2-BDBC-F4689638B7A5}" [Out-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl?
O87 - FAEL: "{C47CDC02-91DD-4A63-BCB2-699FF70CC2C9}" [In-None-P6-TRUE] .(.The qBittorrent Project - qBittorrent - A Bittorrent Client.) -- D:\Program Files\qBittorrent\qbittorrent.exe [Unsigned]  =>.The qBittorrent project
O87 - FAEL: "{AA89FF09-5833-46DA-BA2A-FACBDD3CFE19}" [In-None-P17-TRUE] .(.The qBittorrent Project - qBittorrent - A Bittorrent Client.) -- D:\Program Files\qBittorrent\qbittorrent.exe [Unsigned]  =>.The qBittorrent project
O87 - FAEL: "TCP Query User{2FCFF498-1FB2-4A44-9BA6-3E65A97A282D}C:\users\shahil\appdata\local\viber\viber.exe" [In-None-P6-TRUE] .(.Viber Media S.Ã  r.l. - Viber.) -- C:\users\shahil\appdata\local\viber\viber.exe {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O87 - FAEL: "UDP Query User{1B314992-5829-4100-BCB8-5CA3BF68D50B}C:\users\shahil\appdata\local\viber\viber.exe" [In-None-P17-TRUE] .(.Viber Media S.Ã  r.l. - Viber.) -- C:\users\shahil\appdata\local\viber\viber.exe {00DFDFC755A1AF216BAF45CFC5B5367E05}.
O87 - FAEL: "TCP Query User{A7AB01AB-F4A2-495E-8B74-E6FFA2F9D73D}C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe" [In-None-P6-TRUE] .(.Telegram FZ-LLC - Telegram Desktop.) -- C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O87 - FAEL: "UDP Query User{653BCE3C-17A5-475B-811C-DCAC96294559}C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe" [In-None-P17-TRUE] .(.Telegram FZ-LLC - Telegram Desktop.) -- C:\users\shahil\appdata\roaming\telegram desktop\telegram.exe {7AE2B5021371F092A904B6FA}.  =>.Telegram FZ-LLC
O87 - FAEL: "TCP Query User{5DD9581D-8065-41B2-A7D8-69D39CDB009C}D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe" [In-None-P6-TRUE] .(.NinjaTrader - NinjaTrader.) -- D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe [Unsigned]
O87 - FAEL: "UDP Query User{B8444062-37B3-4948-A21C-6B2D4CBF58A3}D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe" [In-None-P17-TRUE] .(.NinjaTrader - NinjaTrader.) -- D:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe [Unsigned]
O87 - FAEL: "TCP Query User{DEBCA4C4-FF46-4607-88F4-E0FF8BA0949A}E:\riot games\riot client\riotclientservices.exe" [In-None-P6-TRUE] .(.Riot Games, Inc. - Riot Client.) -- E:\riot games\riot client\riotclientservices.exe {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
O87 - FAEL: "UDP Query User{E9B73179-9653-4854-A969-A25440A42620}E:\riot games\riot client\riotclientservices.exe" [In-None-P17-TRUE] .(.Riot Games, Inc. - Riot Client.) -- E:\riot games\riot client\riotclientservices.exe {0CD1D038015129A43DA0AEE211859C8E}.  =>.Riot Games, Inc.
O87 - FAEL: "TCP Query User{65D30529-0236-4001-80AC-4BF2730BA3FA}E:\games\warm snow\warmsnow.exe" [In-None-P6-TRUE] .(...) -- E:\games\warm snow\warmsnow.exe [Unsigned]
O87 - FAEL: "UDP Query User{50BFCFA2-413F-417E-B9CB-77368B97BDC4}E:\games\warm snow\warmsnow.exe" [In-None-P17-TRUE] .(...) -- E:\games\warm snow\warmsnow.exe [Unsigned]
O87 - FAEL: "TCP Query User{C3238E6C-EC0A-47C7-A517-96A1366188E9}E:\games\warm snow\dlc\warmsnow.exe" [In-None-P6-TRUE] .(...) -- E:\games\warm snow\dlc\warmsnow.exe [Unsigned]
O87 - FAEL: "UDP Query User{20B48AE4-F3D5-4B90-AAEF-7E0B2B7C0FAA}E:\games\warm snow\dlc\warmsnow.exe" [In-None-P17-TRUE] .(...) -- E:\games\warm snow\dlc\warmsnow.exe [Unsigned]
O87 - FAEL: "{E9FA6CD9-7CCF-45B1-8CB0-B00BC59498F5}" [In-None-P6-TRUE] .(.Pingman Tools, LLC 1998-2021 - PingPlotter.) -- C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe {0E355A7A3D83430980BE01EAF102FE83}.
O87 - FAEL: "{05D54F84-1CD3-4F60-9FD8-EFAA32F02687}" [In-None-P6-TRUE] .(.Pingman Tools, LLC 1998-2021 - PingPlotter.) -- C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe {0E355A7A3D83430980BE01EAF102FE83}.
O87 - FAEL: "{68723E0E-A7B7-4CDD-A238-4F6D901F9D05}" [In-None-P6-TRUE] .(.HitPaw Co., Ltd. - HitPaw Watermark Remover.) -- D:\installation files\hitpaw-watermark-remover.exe {0EB092A37B0C6F6A2EF7705B96032406}.
O87 - FAEL: "{D4B30B1B-D146-4C61-A5E4-A92D9F4BF09B}" [In-None-P17-TRUE] .(.HitPaw Co., Ltd. - HitPaw Watermark Remover.) -- D:\installation files\hitpaw-watermark-remover.exe {0EB092A37B0C6F6A2EF7705B96032406}.
O87 - FAEL: "TCP Query User{5C323ED5-D469-4F5F-9444-A484175C2AD3}C:\users\shahil\appdata\roaming\spotify\spotify.exe" [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) -- C:\users\shahil\appdata\roaming\spotify\spotify.exe [Unsigned]  =>.Spotify Ltd
O87 - FAEL: "UDP Query User{819D6B04-800C-485D-80BB-CFF5C1C5AB39}C:\users\shahil\appdata\roaming\spotify\spotify.exe" [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) -- C:\users\shahil\appdata\roaming\spotify\spotify.exe [Unsigned]  =>.Spotify Ltd
O87 - FAEL: "{4187891B-D5EA-45B7-84FE-E7D4D3B53AEE}" [In-None-P17-TRUE] .(.EaseUS - EaseUS Video Editor.) -- e:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe [Unsigned]  =>.EaseUS
O87 - FAEL: "{FC2E15BA-5F0D-4921-9892-FED276DC4A42}" [Out-None-P17-TRUE] .(.EaseUS - EaseUS Video Editor.) -- e:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe [Unsigned]  =>.EaseUS
O87 - FAEL: "TCP Query User{BE0E2DD1-7D8E-4481-83D7-6CF8CAD6EF8B}E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe" [In-None-P6-TRUE] .(...) -- E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe {06090BC9266DA993F5EDE9404938D9E3}.
O87 - FAEL: "UDP Query User{D62A71C7-871B-435E-8050-3F54D7DFAE2E}E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe" [In-None-P17-TRUE] .(...) -- E:\games\final fantasy i-vi bundle pixel remaster\ff1\final fantasy.exe {06090BC9266DA993F5EDE9404938D9E3}.
O87 - FAEL: "TCP Query User{1A70594E-A75F-40A1-9CF3-A3319BDF88EA}E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe" [In-None-P6-TRUE] .(...) -- E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe {06090BC9266DA993F5EDE9404938D9E3}.
O87 - FAEL: "UDP Query User{7F1E8E08-58C5-40C3-AEC4-B83E4FBF2711}E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe" [In-None-P17-TRUE] .(...) -- E:\games\final fantasy i-vi bundle pixel remaster\ff2\final fantasy ii.exe {06090BC9266DA993F5EDE9404938D9E3}.
O87 - FAEL: "TCP Query User{8F296261-C121-4BE7-B391-42F5A96E93A8}E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe" [In-None-P6-TRUE] .(...) -- E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe {06090BC9266DA993F5EDE9404938D9E3}.
O87 - FAEL: "UDP Query User{B595B5C4-EFA9-4950-A08E-B1F94864C9EA}E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe" [In-None-P17-TRUE] .(...) -- E:\games\final fantasy i-vi bundle pixel remaster\ff3\final fantasy iii.exe {06090BC9266DA993F5EDE9404938D9E3}.
O87 - FAEL: "TCP Query User{AC255297-AF34-413C-B241-CDE9958620FE}F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe" [In-None-P6-TRUE] .(...) -- F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe [Unsigned]
O87 - FAEL: "UDP Query User{351FAB75-4CA7-42A3-B2FD-6582635DE997}F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe" [In-None-P17-TRUE] .(...) -- F:\games\ravenswatch.v0.14.01\ravenswatch\ravenswatch.exe [Unsigned]
O87 - FAEL: "{2D49A467-DBCE-41E5-8413-F6245E32F7DE}" [In-None-P17-TRUE] .(.Google LLC - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google LLC?

---\\ Product Upgrade Codes (41) - 1s
O90 - PUC: "00006109C80000000100000000F01FEC" [HKLM] . (.Office 16 Click-to-Run Extensibility Component.)  =>.Microsoft Corporation
O90 - PUC: "00006109E70000000100000000F01FEC" [HKLM] . (.Office 16 Click-to-Run Licensing Component.)  =>.Microsoft Corporation
O90 - PUC: "057E052AF3BD1C044806E87FC75728AD" [HKLM] . (.Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326.)  =>.Microsoft Corporation
O90 - PUC: "0700000000203301488C8B9DF53A8C3C" [HKLM] . (.Intel(R) Wireless Bluetooth(R).) -- C:\WINDOWS\Installer\{00000070-0200-1033-84C8-B8D95FA3C8C3}\IntelBluetooth.ico  =>.bl.org
O90 - PUC: "18498969FFE850E43A1884AFCAE692FC" [HKLM] . (.NinjaTrader 8.) -- C:\WINDOWS\Installer\{96989481-8EFF-4E05-A381-48FAAC6E29CF}\NinjaTrader.ico
O90 - PUC: "1926E8D15D0BCE53481466615F760A7F" [HKLM] . (.Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219.)  =>.bl.org
O90 - PUC: "1af2a8da7e60d0b429d7e6453b3d0182" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).)  =>.bl.org
O90 - PUC: "1B94F22C76F0CD744A098E4B6B55E89A" [HKLM] . (.Update for Windows 10 for x64-based Systems (KB5001716).)  =>.Microsoft Corporation
O90 - PUC: "1BAD2218D4DE6763BBA0AC63186945E3" [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664.)  =>.Microsoft Corporation
O90 - PUC: "1D5E3C0FEDA1E123187686FED06E995A" [HKLM] . (.Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.)  =>.bl.org
O90 - PUC: "381D4472ED9337444ADF6B0D69D1A021" [HKLM] . (.PingPlotter 5.) -- C:\WINDOWS\Installer\{2744D183-39DE-4473-A4FD-B6D0961D0A12}\ext.exe
O90 - PUC: "4158A0040445A0143B814460B17DEEE8" [HKLM] . (.3RVX.) -- C:\WINDOWS\Installer\{400A8514-5440-410A-B318-44061BD7EE8E}\icon.ico
O90 - PUC: "4396FC35D89A48D31964CFE4FDD36514" [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664.)  =>.Microsoft Corporation
O90 - PUC: "499C5C9F9B6F57D43B7EDA108B04379E" [HKLM] . (.Epic Games Launcher Prerequisites (x64).) -- C:\WINDOWS\Installer\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico  =>.Legitimate
O90 - PUC: "525EF9A5F8B810749A73F776544A9E7C" [HKLM] . (.RGSS-RTP Standard.) -- C:\WINDOWS\Installer\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}\_26e91eb.exe
O90 - PUC: "5BE42683D65380B438753CD3985A0C5C" [HKLM] . (.Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326.)  =>.Microsoft Corporation
O90 - PUC: "6138DFD21FE9012309C8C46B91161CCA" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.)  =>.bl.org
O90 - PUC: "67D6ECF5CD5FBA732B8B22BAC8DE1B4D" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523.)  =>.bl.org
O90 - PUC: "6E815EB96CCE9A53884E7857C57002F0" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523.)  =>.bl.org
O90 - PUC: "70916FFBD2AA62A36866899D656AA2CB" [HKLM] . (.Visual C++ 10.0 CRT (x64).)  =>.Microsoft Corporation
O90 - PUC: "7C9F8B73BF303523781852719CD9C700" [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135.)  =>.Microsoft Corporation
O90 - PUC: "804C89766362C844A86C4F3E1401D272" [HKLM] . (.Windows PC Health Check.) -- C:\WINDOWS\Installer\{6798C408-2636-448C-8AC6-F4E341102D27}\ArpIcon.ico
O90 - PUC: "AB297010A1550CA37AFEF0BA14653C28" [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664.)  =>.Microsoft Corporation
O90 - PUC: "AE14269C00998EF4583BE132D805D96F" [HKLM] . (.Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326.)  =>.Microsoft Corporation
O90 - PUC: "B76BE25EF5784EE42A4CD75893ED7EF9" [HKLM] . (.calibre 64bit.) -- C:\WINDOWS\Installer\{E52EB67B-875F-4EE4-A2C4-7D8539DEE79F}\main_icon  =>.Kovid Goyal
O90 - PUC: "B91E359219F994A42AB3E75279A09115" [HKLM] . (.Microsoft Update Health Tools.)  =>.Microsoft Corporation
O90 - PUC: "BDCC2C7440A7797399B28AD4E30952F8" [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x64).)  =>.Microsoft Corporation
O90 - PUC: "C025571B2A687A53689168CD7369889B" [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135.)  =>.Microsoft Corporation
O90 - PUC: "c1c4f01781cc94c4c8fb1542c0981a2a" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.)  =>.bl.org
O90 - PUC: "C3AEB2FCAE628F23AAB933F1E743AB79" [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135.)  =>.Microsoft Corporation
O90 - PUC: "D169104D02A37CA349B316935DDB94A0" [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664.)  =>.Microsoft Corporation
O90 - PUC: "D96A3E5C193D6A548ABF000BE1B210D0" [HKLM] . (.Microsoft Visual Basic/C++ Runtime (x86).)  =>.Microsoft Corporation
O90 - PUC: "DC8A59DBF9D1DA5389A1E3975220E6BB" [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135.)  =>.Microsoft Corporation
O90 - PUC: "E1857857DAD9D214A94A5814CFCBAC6F" [HKLM] . (.FANTECH X4S MACRO Gaming Mouse.) -- C:\WINDOWS\Installer\{7587581E-9DAD-412D-9AA4-8541FCBCCAF6}\ARPPRODUCTICON.exe
O90 - PUC: "EDE8C96D5CBBB634E8E05C6A3D11FCF4" [HKLM] . (.Microsoft XNA Framework Redistributable 4.0 Refresh.) -- C:\WINDOWS\Installer\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}\ProductIcon  =>.bl.org
O90 - PUC: "F2EBB725DEF1B8D319BCD40B8F836EE9" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.)  =>.bl.org
O90 - PUC: "F7E11E641E100D44BB686C37242D35DD" [HKLM] . (.Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326.)  =>.Microsoft Corporation
O90 - PUC: "1D33BD44C0C221949A86A2087860A3B3" [HKCU] . (.EmEditor (64-bit).) -- %APPDATA%\Microsoft\Installer\{44DB33D1-2C0C-4912-A968-2A8087063A3B}\emeditor_org.exe
O90 - PUC: "5A87071B0F898A6478970FC2635D22A5" [HKCU] . (.Viber.)  =>.Viber
O90 - PUC: "1D33BD44C0C221949A86A2087860A3B3" [HKU] . (.EmEditor (64-bit).) -- %APPDATA%\Microsoft\Installer\{44DB33D1-2C0C-4912-A968-2A8087063A3B}\emeditor_org.exe
O90 - PUC: "5A87071B0F898A6478970FC2635D22A5" [HKU] . (.Viber.)  =>.Viber

---\\ Windows Installer Scan (10) - 9s
[MD5.6EF858E8B8574159DE4FAFCD63A2CC61] [WIS][2022/06/09 22:47:44] (.Pingman Tools, LLC - PingPlotter 5.) -- C:\WINDOWS\Installer\3679531e.msi  [70052352]  =>.Pingman Tools, LLC
[MD5.6F86D858053FDA9B9F6D6ADC0BCBB681] [WIS][2022/06/05 00:49:49] (.FANTECH - FANTECH X4S MACRO Gaming Mouse.) -- C:\WINDOWS\Installer\38e3caf0.msi  [5741568]
[MD5.981FEBA06869ABE21D665ECA172191DD] [WIS][2022/11/03 22:22:18] (.Matthew Malensek - 3RVX.) -- C:\WINDOWS\Installer\40146093.msi  [2174976]
[MD5.C88F397AB00C200643534D53251E825F] [WIS][2005/08/30 23:00:00] (.Enterbrain.) -- C:\WINDOWS\Installer\461516f4.msi   [21741568]  =>.Enterbrain
[MD5.B91D97215E7B736B2EB4998951A1AF10] [WIS][2021/04/27 03:04:18] (.Viber Media S.a.r.l - Viber.) -- C:\WINDOWS\Installer\4f1830.msi  [98525184]  =>.Viber Media S.a.r.l
[MD5.29C8B4A4C98858C4B8B8D625C566552E] [WIS][2021/06/04 11:15:28] (.Kovid Goyal - calibre Installer.) -- C:\WINDOWS\Installer\8aa6cd9f.msi  [130818048]  =>.Kovid Goyal
[MD5.4D5C9A709F332236559D3BCB27BB81B1] [WIS][2020/06/18 11:28:42] (.Epic Games, Inc. - Epic Games Launcher Prerequisites (x64).) -- C:\WINDOWS\Installer\945fe967.msi  [11530240]  =>.Epic Games, Inc.
[MD5.71BF65A4BB658185BEE87836CA9C3B8A] [WIS][2021/05/04 13:53:10] (.Emurasoft, Inc. - EmEditor (64-bit).) -- C:\WINDOWS\Installer\c8c20d.msi  [21651968]  =>.Emurasoft, Inc.
[MD5.DCE704444EC1446C2335ADE20BA5E178] [WIS][2018/07/07 14:23:50] (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Patch/Audio .) -- C:\WINDOWS\Installer\dda95ba.msi  [16420864]  =>.Intel Corporation
[MD5.8926FF580576C5A5B58BE2644A05EEB3] [WIS][2020/09/08 11:10:26] (.NinjaTrader, LLC - NinjaTrader 8.) -- C:\WINDOWS\Installer\f350a1e6.msi  [54480896]

---\\ FEATURE CONTROL. (144) - 0s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:FoxitReader.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ninjatrader.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ninjatrader.vshost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:EaseUS Video Editor.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VSTOInstaller.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:VSTOInstaller.exe  =>.Legitimate

---\\ Observer Of Events (124) - 50s

Application.Warning: ESENT (5)
~Numéro: 76633
~Date: 09/30/2023 05:32:06 PM
~ID: 636
~Description: %1 (%2) %3Flush map file "%4" will be deleted. Reason: %5.
~Suggestion: Aucune

Application.Warning: AutoEnrollment (133)
~Numéro: 76628
~Date: 09/30/2023 05:30:50 PM
~ID: 64
~Description: local system7b 6a 92 43 8e 96 01 d7 a1 c5 9f e3 55 5e 5f 57 12 67 10 a4
~Suggestion: Installer le Kit de développement logiciel (SDK).

Application.Error: VSS (3)
~Numéro: 76594
~Date: 09/30/2023 05:25:11 PM
~ID: 8193
~Description: Volume Shadow Copy Service error: Unexpected error calling routine %1.  hr = %2. Operation:   Executing Asynchronous OperationContext:   Current State: DoSnapshotSet
~Suggestion: Utiliser la procédure de reconstruction du VSS

Application.Error: Firefox Default Browser Agent (1)
~Numéro: 76360
~Date: 09/30/2023 10:34:31 AM
~ID: 2
~Description: 0x80070002 in RegistryDeleteValue:320

Application.Error: Application Error (7)
~Numéro: 75666
~Date: 09/23/2023 06:17:33 PM
~ID: 1000
~Description: Faulting application name: %1, version: %2, time stamp: 0x64a6bfdd Faulting module name: %4, version: %5, time stamp: 0x64a6bfdd Exception code: 0xc0000005 Fault offset: 0x00029705 Faulting process id: 0xc3e0 Faulting application start time: 0x01d9ee
~Suggestion: Réparer ou réinstaller l'application.

Application.Error: .NET Runtime (1)
~Numéro: 75456
~Date: 09/21/2023 10:58:49 AM
~ID: 1026
~Description: Application: LeagueLobby.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.ObjectDisposedException   at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Contr
~Suggestion: Essayer d'installer la dernière version de l'application ou du dernier correctif

Application.Error: Razer Chroma SDK Service (1)
~Numéro: 74491
~Date: 09/11/2023 11:50:41 AM
~ID: 0
~Description: ControlService failed with error 109Razer Chroma SDK Service

Application.Error: Software Protection Platform Service (93)
~Numéro: 72994
~Date: 08/25/2023 12:17:19 PM
~ID: 8228
~Description: The rules engine failed to evaluate the rules. Reason:0x80070057 Stage:BUILD_FULL_MACHINE_STATE Additional Data: <none>

Application.Error: Windows Search Service (2)
~Numéro: 72509
~Date: 08/24/2023 09:52:08 AM
~ID: 7042
~Description: The Windows Search Service is being stopped because there is a problem with the indexer: %2.Context:  Application, SystemIndex CatalogDetails:    The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)

System.Warning: Microsoft-Windows-WHEA-Logger (3888)
~Numéro: 539975
~Date: 09/30/2023 05:42:12 PM
~ID: 17
~Description: A corrected hardware error has occurred.  Component:  Error Source: 4  Primary Bus:Device:Function: %9:%10: Secondary Bus:Device:Function: %13:%14: Primary Device Name:0x101 Secondary Device Name:0x10
~Suggestion: Assurez-vous que le pilote du chipset est à jour. Charger les valeurs BIOS par défaut.

System.Warning: DCOM (109)
~Numéro: 539971
~Date: 09/30/2023 05:32:41 PM
~ID: 10016
~Description: application-specificLocalLaunchWindows.SecurityCenter.WscDataProtectionUnavailableNT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
~Suggestion: Vérifier les autorisations pour l'accès DCOM

System.Error: Microsoft-Windows-WLAN-AutoConfig (6)
~Numéro: 539894
~Date: 09/30/2023 05:29:56 PM
~ID: 10003
~Description: WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll

System.Error: Service Control Manager (17)
~Numéro: 539874
~Date: 09/30/2023 05:25:10 PM
~ID: 7031
~Description: The %1 service terminated unexpectedly.  It has done this %2 time(s).  The following corrective action will be taken in %3 milliseconds: %5.

System.Error: BugCheck (1)
~Numéro: 539510
~Date: 09/30/2023 02:06:25 PM
~ID: 1001
~Description: 0x0000010e (0x000000000000001d, 0xffffa0023c589eb0, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP34e1b417-63ed-4a28-a2ba-0a131de0bb59

System.Error: volmgr (2)
~Numéro: 539455
~Date: 09/30/2023 02:05:43 PM
~ID: 161
~Description: Dump file creation failed due to error during dump creation.

System.Error: EventLog (1)
~Numéro: 539446
~Date: 09/30/2023 02:05:58 PM
~ID: 6008
~Description: The previous system shutdown at %1 on %2 was unexpected.

System.Warning: Microsoft-Windows-Time-Service (51)
~Numéro: 539421
~Date: 09/30/2023 01:46:37 PM
~ID: 134
~Description: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on '%3'. NtpClient will try again in %2 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
~Suggestion: Resynchroniser le client avec l'homologue de source de temps

System.Warning: Microsoft-Windows-DNS-Client (53)
~Numéro: 539420
~ID: 1014
~Description: Name resolution for the name %1 timed out after none of the configured DNS servers responded.
~Suggestion: https://social.technet.microsoft.com/wiki/contents/articles/3336.event-id-1014-microsoft-windows-dns-client.aspx

System.Error: PNRPSvc (1)
~Numéro: 538688
~Date: 09/29/2023 12:52:19 PM
~ID: 102
~Description: 0x80630203

System.Error: Microsoft-Windows-WindowsUpdateClient (1)
~Numéro: 538656
~Date: 09/29/2023 12:05:21 PM
~ID: 20
~Description: Installation Failure: Windows failed to install the following update with error %1: %2.
~Suggestion: http://kb.eventtracker.com/evtpass/evtpages/EventId_20_Microsoft-Windows-WindowsUpdateClient_63351.asp

System.Error: Microsoft-Windows-Kernel-Power (3)
~Numéro: 538536
~Date: 09/29/2023 11:42:15 AM
~ID: 137
~Description: 4

System.Warning: Display (1)
~Numéro: 535201
~Date: 09/23/2023 11:53:34 PM
~ID: 4101
~Description: Display driver %1 stopped responding and has successfully recovered.

System.Warning: HTTP (1)
~Numéro: 535015
~Date: 09/23/2023 06:17:34 PM
~ID: 15300
~Description: 0.0.0.0:54236

---\\ Additional Scan (O88) (365) - 22s
C:\Program Files (x86)\64BitMailAgent.exe  =>Heuristic.Suspect
C:\Program Files (x86)\FoxitReader.exe  =>Heuristic.Suspect
C:\Program Files (x86)\FoxitReaderUpdateService.exe  =>Heuristic.Suspect
C:\Program Files (x86)\FoxitUpdater.exe  =>Heuristic.Suspect
C:\Program Files (x86)\SendCrashReport.exe  =>Heuristic.Suspect
C:\Program Files (x86)\TrackReview.exe  =>Heuristic.Suspect
C:\Users\Shahil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord
C:\Users\Shahil\AppData\Local\Google\Chrome\User Data\Default\File System\000  =>.SUP.Temporary.Chrome
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:d:\Program Files\VideoLAN\VLC\vlc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:d:\Program Files\VideoLAN\VLC\vlc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\BitTorrent.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\BitTorrent.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\VideoLAN\VLC\vlc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\VideoLAN\VLC\vlc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\FIFA 19\FIFA19.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\FIFA 19\FIFA19.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\calibre.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\calibre.exe.ApplicationCompany =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-edit.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-edit.exe.ApplicationCompany =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-viewer.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-viewer.exe.ApplicationCompany =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Sekiro - Shadows Die Twice\sekiro.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Sekiro - Shadows Die Twice\sekiro.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\OmegaT\OmegaT.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Fire Emblem - Three Houses\yuzu.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\JDownloaderSetup.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\JDownloaderSetup.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\Memu-Installer_v3.72.63.091.74.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\disgaea 4 complete plus\disgaea4pc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\disgaea 4 complete plus\disgaea4pc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\games\disgaea 4 complete plus\disgaea4pc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\games\disgaea 4 complete plus\disgaea4pc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Edge of Eternity\EdgeOfEternity.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\MetaEditor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\MetaEditor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Anki\anki.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\roguebook\roguebook.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\age of empires iii - definitive edition\aoe3de_s.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\age of empires iii - definitive edition\aoe3de_s.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\age of empires iii - definitive edition\battleserver.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly plus\monopoly.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly plus\monopoly.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\cook, serve, delicious! 3\csd3.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\cook, serve, delicious! 3\csd3.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\saint games\wish paradise\wishparadise.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Hades\x64\Hades.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\Eastern Exorcist\Exorcist.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\GOG Games\Speed Brawl\SpeedBrawl.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AutoHotkey\AutoHotkey.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\GRIME\GRIME.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Monopoly by Parker Brothers\MonopolyPB.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Monopoly by Parker Brothers\MonopolyPB.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\ctrl m to enter - Copy.ahk.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\open notepad.ahk.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\ctrl m to enter.ahk.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\Steam\Steam.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\Steam\Steam.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Crack\Risk Factions.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\ris factions\risk factions\risk factions.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\lol\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\lol\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\One Finger Death Punch 2\One Finger Death Punch 2.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Garena\Garena\Garena.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Garena\Garena\Garena.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\NBA 2K Playgrounds 2\NBAPlaygrounds2.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\NBA 2K Playgrounds 2\NBAPlaygrounds2.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Fire Emblem - Three Houses\yuzu_ea.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Death's Gambit - Afterlife\deathsgambit397.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Death's Gambit - Afterlife\deathsgambit397.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\ao tennis 2\tennis2.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\garena\games\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\garena\games\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\yaga\yaga.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\games\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\games\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Games\32771\Game\League of Legends.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Games\32771\Game\League of Legends.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\garena\games\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\garena\games\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Aeon Must Die\AeonMustDie\Binaries\Win64\AeonMustDie-Win64-Shipping.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Aeon Must Die\AeonMustDie\Binaries\Win64\AeonMustDie-Win64-Shipping.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9003\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9003\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\RickAndMorty_v3_4-pc\UnityCrashHandler64.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Super Smash Bros. Ultimate\yuzu.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9004\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9004\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\SIFU\Sifu.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\SIFU\Sifu.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\GOG Games\Fell Seal Arbiter's Mark\Fell Seal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\MetaEditor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\MetaEditor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\HANJU Global Capital MT4 Terminal\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\HANJU Global Capital MT4 Terminal\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\infinite ctrl m loop.ahk.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9005\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9005\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\MetaQuotes\Terminal\DA3C92B1779898CC0CACD726A655BECB\MQL4\Files\Forex Simulator.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\MetaQuotes\Terminal\DA3C92B1779898CC0CACD726A655BECB\MQL4\Files\Forex Simulator.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\MetaEditor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\MetaEditor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\lost epic\lostepic.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\digimon survive\digimonsurvive.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9006\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9006\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\battle chasers - nightwar\bc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\overwatch\_retail_\overwatch.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\overwatch\_retail_\overwatch.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9007\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9007\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\HighRiseClimb-0.92a-pc\HighRiseClimb.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9008\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9008\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\garena\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\garena\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\riot games\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\riot games\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\Riot Games\League of Legends\Game\League of Legends.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\Riot Games\League of Legends\Game\League of Legends.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\uno\uno.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9010\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9010\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Install SanDisk Software for Windows.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Install SanDisk Software for Windows.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\PrivateAccess_win.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\PrivateAccess_win.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\PrivateAccess_win.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\PrivateAccess_win.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\Install SanDisk Software for Windows.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\Install SanDisk Software for Windows.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\The Knight Witch\TheKnightWitch.58.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\warm snow\warmsnow.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\warm snow\dlc\warmsnow.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9011\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9011\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\adobe audition 2023\Adobe Audition 2023\Adobe Audition.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\adobe audition 2023\Adobe Audition 2023\Adobe Audition.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Warm Snow\SmartSteamLoader_x64.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\the mageseeker - a league of legends story\the mageseeker.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\ff2 weapon mastery.ahk.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\MetaTrader\terminal64.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\MetaTrader\terminal64.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Sands of Salzaar\DesertLegend.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\CONVERGENCE - A LoL Story\Convergence.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Tale of Immortal\guigubahuang.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Warm Snow\DLC\SmartSteamLoader_x64.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Lust Theory - Season 1\LustTheoryS1.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\FANTECH X4S MACRO Gaming Mouse\GM_Management.exe.FriendlyAppName =>.Unsigned
C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe  =>.SUP.Discord
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe.FriendlyAppName =>.SUP.Discord
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe.ApplicationCompany =>.SUP.Discord
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:d:\Program Files\VideoLAN\VLC\vlc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:d:\Program Files\VideoLAN\VLC\vlc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\BitTorrent\BitTorrent.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\BitTorrent.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\BitTorrent.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\VideoLAN\VLC\vlc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\VideoLAN\VLC\vlc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\FIFA 19\FIFA19.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\FIFA 19\FIFA19.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\calibre.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\calibre.exe.ApplicationCompany =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-edit.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-edit.exe.ApplicationCompany =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-viewer.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Calibre2\ebook-viewer.exe.ApplicationCompany =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Sekiro - Shadows Die Twice\sekiro.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Sekiro - Shadows Die Twice\sekiro.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\OmegaT\OmegaT.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Fire Emblem - Three Houses\yuzu.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\JDownloaderSetup.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\JDownloaderSetup.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Downloads\Memu-Installer_v3.72.63.091.74.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\disgaea 4 complete plus\disgaea4pc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\disgaea 4 complete plus\disgaea4pc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\games\disgaea 4 complete plus\disgaea4pc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\games\disgaea 4 complete plus\disgaea4pc.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Edge of Eternity\EdgeOfEternity.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\MetaEditor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\MetaEditor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Anki\anki.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\roguebook\roguebook.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\age of empires iii - definitive edition\aoe3de_s.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\age of empires iii - definitive edition\aoe3de_s.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\age of empires iii - definitive edition\battleserver.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\orcs must die! 3\omd\binaries\win64\omd-win64-shipping.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly plus\monopoly.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\monopoly plus\monopoly plus\monopoly.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\captain tsubasa - rise of new champions\gamedata\captain tsubasa rise of new champions.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\cook, serve, delicious! 3\csd3.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\cook, serve, delicious! 3\csd3.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\saint games\wish paradise\wishparadise.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Hades\x64\Hades.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\Eastern Exorcist\Exorcist.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\GOG Games\Speed Brawl\SpeedBrawl.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AutoHotkey\AutoHotkey.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\GRIME\GRIME.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Monopoly by Parker Brothers\MonopolyPB.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Monopoly by Parker Brothers\MonopolyPB.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\ctrl m to enter - Copy.ahk.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\open notepad.ahk.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\ctrl m to enter.ahk.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\Steam\Steam.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\Steam\Steam.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Crack\Risk Factions.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\ris factions\risk factions\risk factions.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\lol\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\lol\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\One Finger Death Punch 2\One Finger Death Punch 2.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Garena\Garena\Garena.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Garena\Garena\Garena.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\NBA 2K Playgrounds 2\NBAPlaygrounds2.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\NBA 2K Playgrounds 2\NBAPlaygrounds2.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Fire Emblem - Three Houses\yuzu_ea.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Death's Gambit - Afterlife\deathsgambit397.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Death's Gambit - Afterlife\deathsgambit397.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\ps3 top spin\rpcs3-v0.0.18-12904-12efd291_win64\rpcs3.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\ao tennis 2\tennis2.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\garena\games\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\garena\games\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\yaga\yaga.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\games\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\games\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Games\32771\Game\League of Legends.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Garena\Games\32771\Game\League of Legends.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\epic games\ttaodkoneshotadventure\binaries\win32\tinytina.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\garena\games\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\garena\games\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Aeon Must Die\AeonMustDie\Binaries\Win64\AeonMustDie-Win64-Shipping.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Aeon Must Die\AeonMustDie\Binaries\Win64\AeonMustDie-Win64-Shipping.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9003\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9003\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\RickAndMorty_v3_4-pc\UnityCrashHandler64.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Super Smash Bros. Ultimate\yuzu.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9004\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9004\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\SIFU\Sifu.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\SIFU\Sifu.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\elden ring\artbookost\elden ring digital artbook & soundtrack.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\GOG Games\Fell Seal Arbiter's Mark\Fell Seal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\MetaEditor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FXCM MetaTrader4\MetaEditor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\HANJU Global Capital MT4 Terminal\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\HANJU Global Capital MT4 Terminal\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\infinite ctrl m loop.ahk.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9005\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9005\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\namaiki dark elf sisters ~cocky chicks craving creampies~\namaiki.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\MetaQuotes\Terminal\DA3C92B1779898CC0CACD726A655BECB\MQL4\Files\Forex Simulator.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Roaming\MetaQuotes\Terminal\DA3C92B1779898CC0CACD726A655BECB\MQL4\Files\Forex Simulator.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\MetaEditor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\MetaEditor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\lost epic\lostepic.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\digimon survive\digimonsurvive.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9006\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9006\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\games\battle chasers - nightwar\bc.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\overwatch\_retail_\overwatch.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\overwatch\_retail_\overwatch.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9007\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9007\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\HighRiseClimb-0.92a-pc\HighRiseClimb.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9008\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9008\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\garena\32771\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\garena\garena\32771\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\riot games\riot client\riotclientservices.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\riot games\riot client\riotclientservices.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\Riot Games\League of Legends\Game\League of Legends.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\league\Riot Games\League of Legends\Game\League of Legends.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\games\uno\uno.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9010\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9010\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Install SanDisk Software for Windows.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Install SanDisk Software for Windows.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\PrivateAccess_win.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\PrivateAccess_win.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\PrivateAccess_win.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\PrivateAccess_win.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\Install SanDisk Software for Windows.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\Install SanDisk Software for Windows.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:F:\Games\The Knight Witch\TheKnightWitch.58.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\warm snow\warmsnow.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\warm snow\dlc\warmsnow.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9011\Discord.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9011\Discord.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\adobe audition 2023\Adobe Audition 2023\Adobe Audition.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\adobe audition 2023\Adobe Audition 2023\Adobe Audition.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Warm Snow\SmartSteamLoader_x64.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\games\the mageseeker - a league of legends story\the mageseeker.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\Desktop\ff2 weapon mastery.ahk.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\MetaTrader\terminal64.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Program Files\MetaTrader\terminal64.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Sands of Salzaar\DesertLegend.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\CONVERGENCE - A LoL Story\Convergence.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Tale of Immortal\guigubahuang.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Games\Warm Snow\DLC\SmartSteamLoader_x64.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Games\Lust Theory - Season 1\LustTheoryS1.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:D:\Program Files (x86)\FANTECH X4S MACRO Gaming Mouse\GM_Management.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe.FriendlyAppName =>.SUP.Discord
[HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe.ApplicationCompany =>.SUP.Discord

---\\ Summary of the elements found (8) - 0s
https://nicolascoolman.eu/2022/09/05/zhpdiag-lanalyse-s-m-a-r-t-du-disque-systeme/  => SMART Information
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/  =>.SUP.Discord
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://nicolascoolman.eu/forum/Topic/warning-eventlogapp-evenement-dapplication/  =>Warning.EventLogApp
https://nicolascoolman.eu/forum/Topic/warning-eventlogsys-evenement-systeme/  =>Warning.EventLogSys
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/  =>.SUP.Orphan.MUICache

---\\ Serial Number
[00A657F778B31AE523D667131718D16EB2] [05/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [05/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [05/02/2023] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [29/09/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\IrisRePlugins\template_mbam_whats_new.2.0.17.x64.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [29/09/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [29/09/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [29/09/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [29/09/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [29/09/2023] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll  =>.Malwarebytes Inc.
[00A74246F26ADF987743017FED54891570] [11/08/2021] (.MetaQuotes Software Corp..) - C:\Program Files (x86)\InstaTrader\uninstall.exe  =>.MetaQuotes Software Corp.
[00C134B2A3AE7F9BD5A260DC5FCC04087C] [24/02/2023] (.Musecy SM Ltd..) - e:\Program Files\Audacity\unins000.exe  =>.Musecy SM Ltd.
[00C134B2A3AE7F9BD5A260DC5FCC04087C] [27/01/2023] (.Musecy SM Ltd..) - E:\Program Files\Audacity\Audacity.exe  =>.Musecy SM Ltd.
[00DFDFC755A1AF216BAF45CFC5B5367E05] [09/08/2023] (.Viber Media S.à r.l..) - C:\Users\Shahil\AppData\Local\Viber\Viber.exe  =>.Not verified
[016E03238CDF778275BB123A9C6ADA51] [11/06/2022] (.Loom, Inc..) - C:\Users\Shahil\AppData\Local\Programs\Loom\Loom.exe  =>.Not verified
[016E03238CDF778275BB123A9C6ADA51] [11/06/2022] (.Loom, Inc..) - C:\Users\Shahil\AppData\Local\Programs\Loom\Uninstall Loom.exe  =>.Not verified
[016E03238CDF778275BB123A9C6ADA51] [20/05/2022] (.Loom, Inc..) - D:\installation files\Loom Setup 0.130.0.exe  =>.Not verified
[01993E38970DE6088DE6B6CB39BBEE24] [26/09/2023] (.Cisco WebEx LLC.) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_voice-4\discord_voice\openh264-2.2.0-win32.dll  =>.Cisco WebEx LLC
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\Discord.exe  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\ffmpeg.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\libEGL.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\libGLESv2.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_hook-1\discord_hook\0eb52a70cd3fe5\discord_overlay_sdk_x64.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_hook-1\discord_hook\0eb52a70cd3fe5\discord_overlay_sdk_x86.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_hook-1\discord_hook\0eb52a70cd3fe5\DiscordHook.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_hook-1\discord_hook\0eb52a70cd3fe5\DiscordHook64.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_hook-1\discord_hook\0eb52a70cd3fe5\DiscordHookHelper.exe  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_hook-1\discord_hook\0eb52a70cd3fe5\DiscordHookHelper64.exe  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_modules-1\discord_modules\0eb52a70cd3fe5\discord_aegis_x64.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_modules-1\discord_modules\0eb52a70cd3fe5\discord_aegis_x86.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\vk_swiftshader.dll  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\vulkan-1.dll  =>.SUP.Discord
[028AA6E7B516C0D155F15D6290A430E3] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_modules-1\discord_modules\0eb52a70cd3fe5\2\discord_game_sdk_x64.dll  =>.SUP.Discord
[028AA6E7B516C0D155F15D6290A430E3] [19/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_modules-1\discord_modules\0eb52a70cd3fe5\2\discord_game_sdk_x86.dll  =>.SUP.Discord
[02D6AAEAB3924859805EBB529E314DE0] [13/02/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\Update.exe  =>.SUP.Discord
[02FA994D660DE659EE9037ECB437D766] [03/08/2020] (.Piriform Software Ltd.) - D:\Program Files\Speccy\Speccy64.exe  =>.Piriform Software Ltd
[02FA994D660DE659EE9037ECB437D766] [03/08/2020] (.Piriform Software Ltd.) - d:\Program Files\Speccy\uninst.exe  =>.Piriform Software Ltd
[039CCFAB33EA417D56BF9798EF5AB797] [16/09/2023] (.Zoom Video Communications, Inc..) - C:\Users\Shahil\AppData\Roaming\Zoom\bin\airhost.exe  =>.Not verified
[039CCFAB33EA417D56BF9798EF5AB797] [16/09/2023] (.Zoom Video Communications, Inc..) - C:\Users\Shahil\AppData\Roaming\Zoom\bin\Zoom.exe  =>.Not verified
[039CCFAB33EA417D56BF9798EF5AB797] [28/08/2023] (.Zoom Video Communications, Inc..) - C:\Users\Shahil\AppData\Roaming\Zoom\uninstall\Installer.exe  =>.Not verified
[03E9EB4DFF67D4F9A554A422D5ED86F3] [06/07/2021] (.philandro Software GmbH.) - D:\installation files\anydesk.exe  =>.philandro Software GmbH
[0407ABB64E9990180789EACB81F5F914] [10/05/2021] (.VideoLAN.) - C:\Program Files (x86)\VideoLAN\VLC - Copy\vlc.exe  =>.VideoLAN
[04390A4C5F8906A1D7052C1768D45047] [12/06/2023] (.MetaQuotes Ltd.) - C:\Program Files (x86)\ThinkMarkets MetaTrader 4\metaeditor.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [12/06/2023] (.MetaQuotes Ltd.) - C:\Program Files (x86)\ThinkMarkets MetaTrader 4\terminal.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [12/06/2023] (.MetaQuotes Ltd.) - c:\Program Files (x86)\ThinkMarkets MetaTrader 4\uninstall.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [13/07/2023] (.MetaQuotes Ltd.) - C:\Program Files (x86)\InstaTrader\metaeditor.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [13/07/2023] (.MetaQuotes Ltd.) - C:\Program Files (x86)\InstaTrader\terminal.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [23/05/2023] (.MetaQuotes Ltd.) - D:\Program Files (x86)\FTMO MetaTrader 4\terminal.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [29/03/2023] (.MetaQuotes Ltd.) - C:\Program Files (x86)\MetaTrader 4 EXNESS\metaeditor.exe  =>.Not verified
[04390A4C5F8906A1D7052C1768D45047] [29/03/2023] (.MetaQuotes Ltd.) - C:\Program Files (x86)\MetaTrader 4 EXNESS\terminal.exe  =>.Not verified
[04D8B9400BD80131DA22862E2C0F23B0] [04/05/2021] (.Viber Media S.à r.l..) - C:\Users\Shahil\AppData\Local\Package Cache\{1af53e16-204d-465f-b193-f3658e89febc}\ViberSetup.exe  =>.Viber Media S.à r.l.
[06090BC9266DA993F5EDE9404938D9E3] [08/05/2023] (.SQUARE ENIX CO., LTD..) - E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF1\FINAL FANTASY.exe  =>.Not verified
[06090BC9266DA993F5EDE9404938D9E3] [08/05/2023] (.SQUARE ENIX CO., LTD..) - E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF2\FINAL FANTASY II.exe  =>.Not verified
[06090BC9266DA993F5EDE9404938D9E3] [08/05/2023] (.SQUARE ENIX CO., LTD..) - E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF3\FINAL FANTASY III.exe  =>.Not verified
[06090BC9266DA993F5EDE9404938D9E3] [08/05/2023] (.SQUARE ENIX CO., LTD..) - E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF4\FINAL FANTASY IV.exe  =>.Not verified
[06090BC9266DA993F5EDE9404938D9E3] [08/05/2023] (.SQUARE ENIX CO., LTD..) - E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF5\FINAL FANTASY V.exe  =>.Not verified
[06090BC9266DA993F5EDE9404938D9E3] [08/05/2023] (.SQUARE ENIX CO., LTD..) - E:\Games\Final Fantasy I-VI Bundle Pixel Remaster\FF6\FINAL FANTASY VI.exe  =>.Not verified
[063D0C011B143C57893FE839779AFCD0] [06/05/2019] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys  =>.Realtek Semiconductor Corp.
[063D0C011B143C57893FE839779AFCD0] [06/05/2019] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\RtkAudUService64.exe  =>.Realtek Semiconductor Corp.
[063D0C011B143C57893FE839779AFCD0] [31/05/2019] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RtsPer.sys  =>.Realtek Semiconductor Corp.
[06680CEE465B856F613A3BDD20482E71] [30/09/2022] (.Samsung Electronics CO., LTD..) - C:\WINDOWS\System32\DRIVERS\ssudbus2.sys  =>.Samsung Electronics CO., LTD.
[06680CEE465B856F613A3BDD20482E71] [30/09/2022] (.Samsung Electronics CO., LTD..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys  =>.Samsung Electronics CO., LTD.
[06AEA76BAC46A9E8CFE6D29E45AAF033] [01/12/2021] (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google LLC
[06D41A66692153FFBE5DEFE873ADFF6A] [02/10/2022] (.Hugh Bailey.) - D:\Program Files\obs-studio\bin\64bit\obs64.exe  =>.Hugh Bailey
[072472F2386F4608A0790DA2BE8A48F7] [12/04/2021] (.FOXIT SOFTWARE INC..) - C:\Program Files (x86)\Shell Extensions\FoxitPreviewhost.exe  =>.FOXIT SOFTWARE INC.
[072472F2386F4608A0790DA2BE8A48F7] [20/04/2021] (.FOXIT SOFTWARE INC..) - C:\Program Files (x86)\FoxitReaderUpdateService.exe  =>.FOXIT SOFTWARE INC.
[0B52661134D01E613C3404033A87B77D] [26/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_voice-4\discord_voice\capture_helper.exe  =>.SUP.Discord
[0B52661134D01E613C3404033A87B77D] [26/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_voice-4\discord_voice\gpu_encoder_helper.exe  =>.SUP.Discord
[0B52661134D01E613C3404033A87B77D] [26/09/2023] (.Discord Inc..) - C:\Users\Shahil\AppData\Local\Discord\app-1.0.9018\modules\discord_voice-4\discord_voice\mediapipe.dll  =>.SUP.Discord
[0B8F52FAF64C421EABB2275AE148C519] [26/10/2022] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\rt640x64.sys  =>.Realtek Semiconductor Corp.
[0C1CD3EEA47EDDA7A032573B014D0AFD] [29/09/2023] (.Mozilla Corporation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe  =>.Mozilla Corporation
[0C1CD3EEA47EDDA7A032573B014D0AFD] [29/09/2023] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\firefox.exe  =>.Mozilla Corporation
[0C1CD3EEA47EDDA7A032573B014D0AFD] [29/09/2023] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
[0CD1D038015129A43DA0AEE211859C8E] [20/09/2023] (.Riot Games, Inc..) - E:\Riot Games\Riot Client\RiotClientServices.exe  =>.Not verified
[0DCDADD13E8649F619040327F45A575F] [18/08/2022] (.Razer USA Ltd..) - C:\WINDOWS\System32\drivers\RzCommon.sys  =>.Not verified
[0E355A7A3D83430980BE01EAF102FE83] [09/06/2022] (.Pingman Tools LLC.) - C:\Program Files (x86)\PingPlotter 5\PingPlotter ICMP Generator.exe  =>.Not verified
[0E355A7A3D83430980BE01EAF102FE83] [09/06/2022] (.Pingman Tools LLC.) - C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe  =>.Not verified
[0E4418E2DEDE36DD2974C3443AFB5CE5] [27/09/2023] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\117.0.5938.132\elevation_service.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [27/09/2023] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [29/09/2023] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [29/09/2023] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\setup.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [29/09/2023] (.Google LLC.) - C:\Users\Shahil\AppData\Local\Microsoft\EdgeCore\117.0.2045.47\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll  =>.Google LLC
[0EB092A37B0C6F6A2EF7705B96032406] [25/02/2023] (.Adoreshare Co.,Limited.) - D:\installation files\hitpaw-watermark-remover.exe  =>.Not verified
[112C3F3ACD305D62BA1D39BB64CF209A] [16/12/2022] (.Ankitects Pty Ltd.) - C:\Program Files\Anki\anki.exe  =>.Not verified
[112C3F3ACD305D62BA1D39BB64CF209A] [16/12/2022] (.Ankitects Pty Ltd.) - C:\Program Files\Anki\uninstall.exe  =>.Not verified
[14781BC862E8DC503A559346F5DCC518] [14/03/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe  =>.NVIDIA Corporation
[204D91BF90E39DB902F69184AA800093] [24/08/2020] (.Razer USA Ltd..) - C:\WINDOWS\System32\drivers\RzDev_0257.sys  =>.Razer USA Ltd.
[33000002198C0A9FB2162B10E6000000000219] [14/12/2021] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl
[37D55D25C7EAA680F0A0E7AE734D7BBF] [27/03/2021] (.Emurasoft, Inc..) - C:\Users\Shahil\AppData\Local\Programs\EmEditor\EmEditor.exe  =>.Not verified
[37D55D25C7EAA680F0A0E7AE734D7BBF] [27/03/2021] (.Emurasoft, Inc..) - C:\Users\Shahil\AppData\Local\Programs\EmEditor\emedtray.exe  =>.Not verified
[4BEC0B684E72D52DDAE99293A3758711] [03/05/2021] (.MetaQuotes Ltd..) - C:\Program Files (x86)\MetaTrader - EXNESS\uninstall.exe  =>.MetaQuotes Ltd.
[4BEC0B684E72D52DDAE99293A3758711] [18/07/2022] (.MetaQuotes Ltd..) - C:\Program Files (x86)\MetaTrader 4 EXNESS\uninstall.exe  =>.MetaQuotes Ltd.
[4BEC0B684E72D52DDAE99293A3758711] [23/06/2021] (.MetaQuotes Ltd..) - C:\Program Files (x86)\MetaTrader - EXNESS\metaeditor.exe  =>.MetaQuotes Ltd.
[4BEC0B684E72D52DDAE99293A3758711] [23/06/2021] (.MetaQuotes Ltd..) - C:\Program Files (x86)\MetaTrader - EXNESS\terminal.exe  =>.MetaQuotes Ltd.
[4BEC0B684E72D52DDAE99293A3758711] [28/07/2022] (.MetaQuotes Ltd..) - d:\Program Files (x86)\FTMO MetaTrader 4\uninstall.exe  =>.MetaQuotes Ltd.
[51029B3B9CB48FA076FA2DA87A91DB42] [11/11/2021] (.Epic Games Inc..) - C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe  =>.Epic Games Inc.
[56000001757376CD78AD000C9A000000000175] [04/06/2018] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\WINDOWS\System32\drivers\ICCWDT.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group
[560000025F8652ABC7283B361300000000025F] [15/01/2019] (.Intel(R) Extreme Tuning Utility.) - C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys  =>.Intel(R) Extreme Tuning Utility
[56000005DAB0988313DA8AB3E10000000005DA] [06/12/2019] (.Intel(R) pGFX.) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxCUIService.exe  =>.Intel(R) pGFX
[56000005DAB0988313DA8AB3E10000000005DA] [06/12/2019] (.Intel(R) pGFX.) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_389b656f32518320\igfxEM.exe  =>.Intel(R) pGFX
[56000005DAB0988313DA8AB3E10000000005DA] [06/12/2019] (.Intel(R) pGFX.) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\igdkmd64.sys  =>.Intel(R) pGFX
[56000005DAB0988313DA8AB3E10000000005DA] [06/12/2019] (.Intel(R) pGFX.) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHDCPSvc.exe  =>.Intel(R) pGFX
[56000005DAB0988313DA8AB3E10000000005DA] [06/12/2019] (.Intel(R) pGFX.) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7f5891e5a2fcfdad\IntelCpHeciSvc.exe  =>.Intel(R) pGFX
[560000082B1E36C56B00276A8A00000000082B] [17/04/2019] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group
[56000009788D2B77E1C77462D2000000000978] [19/04/2019] (.Intel(R) Software.) - C:\Windows\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_ca1148cff9a7eea6\HidEventFilter.sys  =>.Intel(R) Software
[62E745E92165213C971F5C490AEA12A5] [17/11/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\Display.NvContainer\NVDisplay.Container.exe  =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [17/11/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nv3dappshext.dll  =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [17/11/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nvlddmkm.sys  =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [17/11/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_3bfacd0d07055664\nvshext.dll  =>.NVIDIA Corporation
[6404DB61004532252326E3EE1DAB5AB2] [14/05/2016] (.Free Time Co., Ltd..) - C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe  =>.Free Time Co., Ltd.
[6E32622CCC5180193BCF00D0B86D134B] [06/06/2019] (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys  =>.Synaptics Incorporated
[6E32622CCC5180193BCF00D0B86D134B] [06/06/2019] (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys  =>.Synaptics Incorporated
[6E32622CCC5180193BCF00D0B86D134B] [06/06/2019] (.Synaptics Incorporated.) - C:\WINDOWS\System32\drivers\SynTP.sys  =>.Synaptics Incorporated
[6E32622CCC5180193BCF00D0B86D134B] [06/06/2019] (.Synaptics Incorporated.) - C:\WINDOWS\System32\SynTPEnhService.exe  =>.Synaptics Incorporated
[72F0C9305FD97A974DC024A6980E6886] [09/10/2020] (.WDKTestCert build,132303256403278908.) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys  =>.WDKTestCert build,132303256403278908
[7AE2B5021371F092A904B6FA] [30/09/2023] (.Telegram FZ-LLC.) - C:\Users\Shahil\AppData\Roaming\Telegram Desktop\Telegram.exe  =>.Not verified

~ Unselected Options:  O82,
~ End of the scan, 9958 items in 05mn34s (3027)(0)
 
#15
I am headed to work. Please do this scan while you wait.

Download Kaspersky Virus Removal Tool (KVRT)and save it to your Desktop.
Very important to save this to your desktop!!


Select the Windows Key and R Key together, the Run box should open.
Copy and paste the following into the run box.


C:\Users\Shahil\Desktop\KVRT.exe -dontencrypt
Click to expand...


Select „Ok“ in the Run box.
If the „Windows protected your PC“ window opens, select „More info“. A new windows will open, select „Run anyway“.
An EULA window from KVRT will open, tick all confirmation boxes then select "Accept".
A window from KVRT will open, select "Change Parameters".
In the new window ensure the following boxes are ticked:


  • System memory
  • Startup objects
  • Boot sectors
  • System drive
Then select "OK" and „Start scan“.
When completed: If entries are found, there will be options to choose. If "Cure" is offered, leave as it is. For any other options change to "Delete", then select "Continue".
Usually, your system needs a reboot to finish the removal process.
Logfiles can be found on your systemdrive (usually C: ), similar like this:


C:\KVRT2020_Data\Reports\report_<data>_<time>.klr


Right click direct onto those reports, select > open with > Notepad.
Save the files and attach them with your next reply.
 
  • Like
Reactions: maxim123
#17
Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code: 
start::
CreateRestorePoint:
CloseProcesses:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
C:\Users\Shahil\AppData\Roaming\Amazon 
DeleteKey: HKCU\SOFTWARE\Amazon 
DeleteKey: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\Amazon  
DeleteKey: HKCU\SOFTWARE\3643b966-bc28-5bc8-95ff-3d47d66438db
DeleteKey: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\3643b966-bc28-5bc8-95ff-3d47d66438db
DeleteKey: HKCU\SOFTWARE\nwjs
DeleteKey: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\nwjs
DeleteKey: HKCU\SOFTWARE\T0
DeleteKey: HKU\S-1-5-21-4291915333-2200026273-1243826419-1001\SOFTWARE\T0
C:\Users\Shahil\AppData\Local\Adaware
C:\Users\Shahil\AppData\Local\Amazon
C:\Users\Shahil\AppData\Local\nwjs
C:\Users\Shahil\AppData\LocalLow\T0
File: C:\Program Files (x86)\64BitMailAgent.exe
File: C:\Program Files (x86)\SendCrashReport.exe
File: C:\Program Files (x86)\TrackReview.exe
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::

Download RogueKiller and install the program.
Once downloaded and installed, right click and run as admin.
Click the check for updates button.
Go to scan setting then slide the MalPE option right to activate.
Then go to scan, then start a full scan on your machine.
Then click report when the scan completes.
Under Share my report click on open then select text file.
Copy it and paste the results here.
Make sure you do not remove anything detected until I see the log please.





Download Autologger to your desktop.
Disable your Anitivirus/Defender prior to running.

  • Unzip it there. -- If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
  • Right click Autologger and run as admin. (Xp user double click)
  • AVZ4 will open and scan your machine, allow this to complete.
  • Upload Collectionlog.zip to your next reply.
 
  • Like
Reactions: maxim123
#18
here are the KVRT logs
it found 1 malicious program which I clicked delete. but the log files don't have the recent scan. It only shows the log of yesterday's incomplete scan.
klr
Code: 
<Report>
    <Metadata Version="1" PCID="{FD210BA0-4E3C-341C-4615-CF142017925E}" LastModification="2023.09.30 18:41:33.685" />
    <EventBlocks>
        <Block0 Type="Scan" Processed="312187" Found="0" Neutralized="0">
            <Event0 Action="Scan" Time="133405506691873200" Object="" Info="Started" />
            <Event1 Action="Scan" Time="133405521838387082" Object="" Info="Finished" />
        </Block0>
    </EventBlocks>
</Report>

klr. enc1 log

Code: 
咏姛€潧砚逑舷嫌泿嫀泿瞎姖渾€佉娃拖楷Λ彝敥捱呗郦墁萝坜圪挹卢┺圯咿刂葳獟拖湜媶墕寧泦€佉洼咻芰捱吝尴掭哲苷谮磷苒拖姥忮舷舷营檴仜瓋€寗溠忮舷舷舷舷迎儉寗呦粬煀彝紝巵拖繚€寠湝妺彝鬃拶蒉拖﹢殎嬕娃拖殯潕儐晩嬕娃脱忮舷舷舷舷舷舷营檴仜呦畬泦€佉图寧佂匣唫娨娃苘圻俎拶肿谪俎茇谕蠣崊妼浺屯夕亯€彝紱帩泭嬐侠砚逑舷舷舷舷舷嫌獧妬涋袭寷唨佉瞳姏妼浲匣唫娨娃苘圻俎谵刂葚众纵谕蠣崊妼浺同粘竼亱€槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝寗粈€兞竼佡哿あ籍殯€翈屚侠砚逑舷舷舷舷舷嫌獧妬涊袭寷唨佉图寧佂匣唫娨娃苘圻俎谥字周捃拶弁蠣崊妼浺屯夕亯€彝﹩亞渿妺拖姥忮舷舷舷舷舷舷营檴仜芟畬泦€佉图妰妼浵帉泦€佂匣唫娨娃苘圻俎仝葙挹僮挹尥蠣崊妼浺同粘竼亱€槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝珚儕泭拖姥忮舷舷舷舷舷舷营檴仜巯畬泦€佉瞳啘唩墛寷唨佂匣唫娨娃苘圻俎仝葙挹僮挹尥蠣崊妼浺屯夕亯€彝紱帩泭嬐侠砚逑舷舷舷舷舷嫌獧妬涄袭寷唨佉途殠潕仜唩妺拖粏倞彝捃苒哔拶谳俎谥走儋拖爫厞寷彝掣唩媭槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝拖姥忮舷舷舷舷舷舷营檴仜傧畬泦€佉瞳妰姏妺拖粏倞彝捃苒哔拶谳俎谥走儋拖爫厞寷彝掣唩媭槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝拖姥忮舷舷舷舷舷舷营檴仜叵畬泦€佉瞳啘唩墛寷唨佂匣唫娨娃苘圻俎仝葙坜众棕赝蠣崊妼浺屯夕亯€彝﹩亞渿妺拖姥忮舷舷舷舷永瓋€寗哐忮舷舷永獧妬洯儉寗溠忮永綂焵潧砚?
 
#19
here are the KVRT logs
it found 1 malicious program which I clicked delete. but the log files don't have the recent scan. It only shows the log of yesterday's incomplete scan.
klr
Code: 
<Report>
    <Metadata Version="1" PCID="{FD210BA0-4E3C-341C-4615-CF142017925E}" LastModification="2023.09.30 18:41:33.685" />
    <EventBlocks>
        <Block0 Type="Scan" Processed="312187" Found="0" Neutralized="0">
            <Event0 Action="Scan" Time="133405506691873200" Object="" Info="Started" />
            <Event1 Action="Scan" Time="133405521838387082" Object="" Info="Finished" />
        </Block0>
    </EventBlocks>
</Report>

klr. enc1 log

Code: 
咏姛€潧砚逑舷嫌泿嫀泿瞎姖渾€佉娃拖楷Λ彝敥捱呗郦墁萝坜圪挹卢┺圯咿刂葳獟拖湜媶墕寧泦€佉洼咻芰捱吝尴掭哲苷谮磷苒拖姥忮舷舷营檴仜瓋€寗溠忮舷舷舷舷迎儉寗呦粬煀彝紝巵拖繚€寠湝妺彝鬃拶蒉拖﹢殎嬕娃拖殯潕儐晩嬕娃脱忮舷舷舷舷舷舷营檴仜呦畬泦€佉图寧佂匣唫娨娃苘圻俎拶肿谪俎茇谕蠣崊妼浺屯夕亯€彝紱帩泭嬐侠砚逑舷舷舷舷舷嫌獧妬涋袭寷唨佉瞳姏妼浲匣唫娨娃苘圻俎谵刂葚众纵谕蠣崊妼浺同粘竼亱€槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝寗粈€兞竼佡哿あ籍殯€翈屚侠砚逑舷舷舷舷舷嫌獧妬涊袭寷唨佉图寧佂匣唫娨娃苘圻俎谥字周捃拶弁蠣崊妼浺屯夕亯€彝﹩亞渿妺拖姥忮舷舷舷舷舷舷营檴仜芟畬泦€佉图妰妼浵帉泦€佂匣唫娨娃苘圻俎仝葙挹僮挹尥蠣崊妼浺同粘竼亱€槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝珚儕泭拖姥忮舷舷舷舷舷舷营檴仜巯畬泦€佉瞳啘唩墛寷唨佂匣唫娨娃苘圻俎仝葙挹僮挹尥蠣崊妼浺屯夕亯€彝紱帩泭嬐侠砚逑舷舷舷舷舷嫌獧妬涄袭寷唨佉途殠潕仜唩妺拖粏倞彝捃苒哔拶谳俎谥走儋拖爫厞寷彝掣唩媭槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝拖姥忮舷舷舷舷舷舷营檴仜傧畬泦€佉瞳妰姏妺拖粏倞彝捃苒哔拶谳俎谥走儋拖爫厞寷彝掣唩媭槣臣枩泭傑莩紵煪棝瑎偁崊€劻媰兺夕亯€彝拖姥忮舷舷舷舷舷舷营檴仜叵畬泦€佉瞳啘唩墛寷唨佂匣唫娨娃苘圻俎仝葙坜众棕赝蠣崊妼浺屯夕亯€彝﹩亞渿妺拖姥忮舷舷舷舷永瓋€寗哐忮舷舷永獧妬洯儉寗溠忮永綂焵潧砚?
 
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu