Solved high memory usage, suspect i have malware

Malnutrition · Oct 5, 2022

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"

If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

Accept the default whitelist options,
If the additions.txt options box is not checked please select it.
Then select Scan

Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

Please Copy and Paste the contents of these logs in your next post for review by our Security Team

Rum Ham · Oct 5, 2022

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022 (ATTENTION: ====> FRST version is 35 days old and could be outdated)

Code:

Ran by satch (administrator) on DESKTOP-Q1JOHSV (Micro-Star International Co., Ltd. MS-7B98) (04-10-2022 23:12:34)
Running from C:\Users\satch\Downloads
Loaded Profiles: satch
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4235112 2022-09-27] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [utweb] => "C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (No File)
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.91\Installer\chrmstp.exe [2022-09-30] (Google LLC -> Google LLC)
Startup: C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-07-21]
ShortcutTarget: MEGAsync.lnk -> C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03BC766E-FF4F-4F0D-B5AA-70F448A320FF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
Task: {0BBCBDB2-4EC0-4A4E-BC06-2F69516ED05D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3795020384-2431542903-1114512080-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165520 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F398CB2-E47C-4BCF-A928-3A75AF6191AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon (No File)
Task: {429D6965-94B3-4773-8B25-9E751F9FDCDF} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d48e0e1996 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc -> Google LLC)
Task: {453049D4-92BF-464E-9A53-604EF7C327D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {45BF6774-BD06-45C8-98AB-B7783CF65336} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4DF561F2-C353-4EB6-B967-689FA0F5942C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {57C406CA-F622-47E2-8E4A-AF6B10D2AD95} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86F281AD-8751-4B46-ACC7-B45E97C13508} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8792C639-94C0-4C4D-BC9D-14B9BF9E10D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc -> Google LLC)
Task: {99B33E36-4322-4E02-8FC6-1588A2806B1A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165520 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5465FD6-0785-479A-9925-B54C7FD44F30} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly (No File)
Task: {D2502FE5-D3D1-4CB8-B6AE-78AAA488AC3B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D2A5CE68-6AF4-40A7-BAA1-CB507D41D648} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DD35A470-D9B6-485E-9568-49C2CB9BA2E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E6FB9684-EB51-4D1E-8CDE-1D7AE7E37FD8} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {E94BF4D7-B29C-4DAA-B4C7-ACE62A28CFA1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E94E0A61-AF0A-4944-921C-643F7A819A3B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe)
Task: {EBFAE3F5-44E7-49F6-A8E0-6A99F6B91C41} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3795020384-2431542903-1114512080-1003 => C:\Users\satch\AppData\Local\MEGAsync\MEGAupdater.exe [1776816 2022-07-25] (Mega Limited -> )
Task: {EFD9E021-6178-4E60-991A-017D1AA11581} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
Task: {F24249F4-E475-4C30-B841-3462B928358A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F527426C-9F2B-43D5-80F2-EE98572EBA05} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc -> Google LLC)
Task: {F6199833-EE37-4676-879D-FDD52AF35F45} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d48e0f7839 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-05] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{40366314-3e71-403a-b06c-66834be56760}: [DhcpNameServer] 10.0.1.1 10.0.1.3
Tcpip\..\Interfaces\{b0f5eb1c-46cb-427d-a445-cd5b51dfb206}: [DhcpNameServer] 209.18.47.62 209.18.47.61

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\satch\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-04]
Edge Notifications: Default -> hxxps://maximus-time.com

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default [2022-10-04]
CHR Notifications: Default -> hxxps://advnottech.com; hxxps://captchatopsource.com; hxxps://centralheat.net; hxxps://computeradsglobal.com; hxxps://mediaforyour.com; hxxps://nice-day.co.uk; hxxps://pcgamestorrents.com; hxxps://play.pokemonshowdown.com; hxxps://pushnotstudio.com; hxxps://time4news.net; hxxps://www.g2a.com; hxxps://www.paramountplus.com; hxxps://www.wish.com; hxxps://www81.eloypatrick.pro
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-08-23]
CHR Extension: (Google Docs Offline) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\satch\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-21]
CHR Profile: C:\Users\satch\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2700648 2022-07-17] (HIGH MORALE DEVELOPMENTS LIMITED -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-06-09] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-27] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncHelper.exe [3383688 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-08-31] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.191.0911.0001\OneDriveUpdaterService.exe [3804032 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-25] (Rockstar Games, Inc. -> Rockstar Games)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [267088 2022-06-23] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1868832 2022-09-23] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [772656 2022-09-23] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-08-24] (AVAST Software s.r.o. -> The OpenVPN Project)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208176 2021-11-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2021-11-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2021-11-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287744 2022-05-13] (Microsoft Corporation) [File not signed]
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2018-04-30] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [17864 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [36168 2019-10-18] (McAfee, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-14] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-04 23:12 - 2022-10-04 23:12 - 000022201 _____ C:\Users\satch\Downloads\FRST.txt
2022-10-04 23:11 - 2022-10-04 23:12 - 000000000 ____D C:\FRST
2022-10-04 23:09 - 2022-10-04 23:09 - 002371072 _____ (Farbar) C:\Users\satch\Downloads\FRST64.exe
2022-09-28 23:00 - 2022-09-28 23:00 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-09-28 22:58 - 2022-09-23 18:52 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-09-28 22:39 - 2022-09-23 21:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-28 22:39 - 2022-09-23 21:35 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-28 22:39 - 2022-09-23 21:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-28 22:39 - 2022-09-23 21:34 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-28 22:39 - 2022-09-23 21:34 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-28 22:39 - 2022-09-23 21:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-28 22:39 - 2022-09-23 21:34 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-28 22:39 - 2022-09-23 21:34 - 001213440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-28 22:39 - 2022-09-23 21:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-28 22:39 - 2022-09-23 21:34 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-28 22:39 - 2022-09-23 21:31 - 001536488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-28 22:39 - 2022-09-23 21:31 - 001182696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-28 22:39 - 2022-09-23 21:31 - 000865768 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-28 22:39 - 2022-09-23 21:31 - 000771560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-28 22:39 - 2022-09-23 21:31 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-28 22:39 - 2022-09-23 21:31 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 010270184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 008803816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 001059304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 000845288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-28 22:39 - 2022-09-23 21:30 - 000456168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-28 22:39 - 2022-09-23 21:29 - 005751304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-28 22:39 - 2022-09-23 21:29 - 005362664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-28 22:39 - 2022-09-23 21:29 - 003066856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-28 22:39 - 2022-09-23 21:28 - 000852968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-28 22:39 - 2022-09-23 21:27 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-28 22:39 - 2022-09-21 20:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-23 21:20 - 2022-09-23 21:21 - 000000000 ____D C:\Users\satch\AppData\Roaming\Guild Wars 2
2022-09-23 20:25 - 2022-09-23 20:26 - 075628656 _____ C:\Users\satch\Downloads\mkopenborv1100.rar
2022-09-23 20:13 - 2022-09-23 20:15 - 023153789 _____ C:\Users\satch\Downloads\OpenHeroSelect.7z
2022-09-23 19:29 - 2022-09-23 19:29 - 000000000 __SHD C:\WINDOWS\ftpcache
2022-09-23 19:29 - 2022-09-23 19:29 - 000000000 ____D C:\Users\satch\AppData\Roaming\Macromedia
2022-09-23 19:24 - 2022-09-23 19:24 - 000000296 _____ C:\WINDOWS\game.ini
2022-09-23 19:24 - 2022-09-23 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2022-09-23 19:23 - 2022-09-23 19:23 - 000000000 ____D C:\Program Files (x86)\Activision
2022-09-23 19:09 - 2022-09-23 19:21 - 4290215936 _____ C:\Users\satch\Downloads\RAVEN-MUA.iso
2022-09-15 18:17 - 2022-09-15 18:17 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-15 18:17 - 2022-09-15 18:17 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-15 18:17 - 2022-09-15 18:17 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-15 18:17 - 2022-09-15 18:17 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-15 18:17 - 2022-09-15 18:17 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-15 18:13 - 2022-09-15 18:13 - 000000000 ___HD C:\$WinREAgent
2022-09-11 17:50 - 2022-09-11 17:50 - 000000000 ____D C:\Users\satch\AppData\Roaming\AY std
2022-09-11 17:50 - 2022-09-11 17:50 - 000000000 ____D C:\Users\satch\AppData\LocalLow\AYstd

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-04 23:11 - 2019-07-05 17:42 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-04 23:07 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-04 22:57 - 2021-02-19 18:51 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-04 22:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-04 22:57 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-04 22:52 - 2019-07-05 17:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-04 22:52 - 2019-03-30 13:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-04 22:51 - 2022-04-16 12:36 - 000001169 _____ C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2022-10-04 22:51 - 2022-04-14 19:55 - 000000000 ____D C:\Program Files (x86)\TotalAV
2022-10-04 22:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-04 22:51 - 2019-07-05 17:37 - 000000000 ___RD C:\Users\satch\OneDrive
2022-10-04 22:50 - 2021-02-19 18:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-04 22:50 - 2021-02-19 18:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-04 22:50 - 2021-02-19 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-04 21:58 - 2022-04-14 20:00 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-04 17:51 - 2021-02-19 18:47 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A7B07889-1C55-4ACA-90E3-1EED713D1468}
2022-10-03 18:15 - 2021-12-11 11:09 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3795020384-2431542903-1114512080-1003
2022-10-03 18:15 - 2021-09-07 18:50 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-03 18:15 - 2021-02-19 18:47 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-10-03 18:15 - 2020-07-22 07:45 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-30 17:41 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-30 17:14 - 2019-07-05 17:41 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-28 23:35 - 2019-03-30 13:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-09-28 23:20 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-28 23:19 - 2022-07-07 18:52 - 000001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-09-28 23:05 - 2019-07-26 07:11 - 000000000 ____D C:\Users\satch\AppData\Local\CrashDumps
2022-09-28 23:01 - 2021-02-19 18:47 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2021-02-19 18:47 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2021-02-19 18:47 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2021-02-19 18:47 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:01 - 2019-03-30 13:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-09-28 23:01 - 2019-03-30 13:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-28 23:00 - 2021-02-19 18:47 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:00 - 2021-02-19 18:47 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-09-28 23:00 - 2019-12-18 00:50 - 000000000 ____D C:\Users\satch\AppData\Local\NVIDIA
2022-09-27 18:07 - 2020-03-13 14:52 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-26 16:01 - 2019-07-05 17:36 - 000000000 ____D C:\Users\satch\AppData\Local\Packages
2022-09-25 12:35 - 2019-12-07 08:41 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-09-23 21:27 - 2021-01-29 20:52 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-23 19:29 - 2019-03-30 11:59 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-23 19:22 - 2019-01-08 18:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-23 18:52 - 2021-01-29 20:52 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-23 18:19 - 2022-07-17 22:46 - 000000000 ____D C:\ProgramData\AntiCheatExpert
2022-09-23 17:41 - 2022-07-17 22:47 - 001868832 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys
2022-09-23 17:41 - 2022-07-17 22:47 - 000772656 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-GAME.sys
2022-09-23 06:11 - 2019-07-11 10:34 - 000000000 ____D C:\Users\satch\AppData\Local\D3DSCache
2022-09-20 21:25 - 2019-07-05 17:37 - 000000000 ____D C:\Users\satch\AppData\Local\PlaceholderTileLogoFolder
2022-09-18 17:29 - 2021-10-18 21:59 - 000000000 ____D C:\Users\satch\AppData\Local\Epic Games
2022-09-18 17:29 - 2020-05-22 09:03 - 000000000 ____D C:\Users\satch\AppData\Local\EpicGamesLauncher
2022-09-18 17:28 - 2022-07-10 15:35 - 000000000 ____D C:\Users\satch\OneDrive\Documents\My Games
2022-09-18 17:28 - 2020-05-22 09:03 - 000000000 ____D C:\ProgramData\Epic
2022-09-18 17:28 - 2020-05-22 09:03 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-09-18 17:28 - 2019-09-29 16:44 - 000000000 ____D C:\Users\satch\AppData\Roaming\alderon-games-launcher
2022-09-16 18:53 - 2021-02-19 01:22 - 000000000 ___DC C:\WINDOWS\Panther
2022-09-16 06:22 - 2021-02-19 18:42 - 000267496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-16 06:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-15 18:18 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-15 18:17 - 2021-02-19 18:46 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-15 18:12 - 2019-07-06 15:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-15 18:11 - 2019-07-06 15:30 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 20:02 - 2021-01-14 18:44 - 000000000 ____D C:\Users\satch\AppData\Roaming\Origin
2022-09-14 20:02 - 2021-01-14 18:44 - 000000000 ____D C:\ProgramData\Origin
2022-09-14 19:58 - 2022-06-26 18:02 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-09-14 19:58 - 2019-07-22 22:08 - 000000000 ____D C:\Users\satch\AppData\Local\Origin
2022-09-13 06:22 - 2019-07-06 05:06 - 000000000 ____D C:\Users\satch\AppData\Roaming\Discord
2022-09-13 05:54 - 2019-07-06 05:06 - 000000000 ____D C:\Users\satch\AppData\Local\Discord
2022-09-12 01:07 - 2020-09-08 01:00 - 002884648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-09-12 01:07 - 2020-09-08 01:00 - 002220072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-09-12 01:07 - 2020-09-08 01:00 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-09-11 14:37 - 2021-02-19 18:43 - 000000000 ____D C:\Users\satch
2022-09-11 14:36 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-07 10:56 - 2020-11-15 09:10 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-09-07 10:56 - 2020-11-15 09:10 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll

==================== Files in the root of some directories ========

2022-07-17 22:32 - 2022-07-17 22:32 - 000001000 _____ () C:\Users\satch\AppData\Roaming\wxsh_launcher.reg
2019-07-16 16:57 - 2019-07-16 16:57 - 000000055 _____ () C:\Users\satch\AppData\Roaming\~SiMPLEX.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by satch (04-10-2022 23:13:40)
Running from C:\Users\satch\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-02-19 22:47:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3795020384-2431542903-1114512080-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3795020384-2431542903-1114512080-503 - Limited - Disabled)
Guest (S-1-5-21-3795020384-2431542903-1114512080-501 - Limited - Disabled)
satch (S-1-5-21-3795020384-2431542903-1114512080-1003 - Administrator - Enabled) => C:\Users\satch
WDAGUtilityAccount (S-1-5-21-3795020384-2431542903-1114512080-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Alderon Games Launcher 1.1.71 (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71) (Version: 1.1.71 - Alderon Games Pty Ltd)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
Discord (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dokan Library 1.4.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project) Hidden
Dokan Library 1.4.0.1000 Bundle (HKLM-x32\...\{97cfdb6c-2faa-43ba-afbc-469e01845e99}) (Version: 1.4.0.1000 - Dokany Project)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Eclipse Temurin JDK with Hotspot 17+35 (x64) (HKLM\...\{D669C4CD-053E-4C32-853C-9FC53FA35FED}) (Version: 17.0.0.35 - Eclipse Foundation)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.91 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{A6D99F91-2039-4560-A476-1E8B954E0C70}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BF1D4FDD-6613-4F36-AE24-EDE3D7E30CF4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{50DC6FA9-9221-495B-B9BF-EF39D7BC4FDE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Marvel(TM) - Ultimate Alliance (HKLM-x32\...\InstallShield_{932FB3F3-594D-4600-ABFA-F2DE80A14214}) (Version: 1.00.0000 - Activision)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Core Host - 3.1.8 (x64) (HKLM\...\{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM\...\{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM\...\{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.53 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.53 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.191.0911.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{484EF395-8BDF-417B-AF02-35777C5AFC32}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C79060C7-3052-431F-92F9-609B83317A77}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM\...\{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Python 3.8.7 (64-bit) (HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\{a32da68d-eab0-48d8-947e-8187f9630441}) (Version: 3.8.7150.0 - Python Software Foundation)
Python 3.8.7 Core Interpreter (64-bit) (HKLM\...\{103C9234-4C33-47A7-BA73-0182EFAEE1AE}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Development Libraries (64-bit) (HKLM\...\{2B5CFC34-DF9D-46E1-B74A-A4D756AA27B8}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Documentation (64-bit) (HKLM\...\{AB51D764-256F-4FFC-9F00-FD97EE8D4AE4}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Executables (64-bit) (HKLM\...\{E9451150-5D78-4B5B-A7F7-2C1DE01EAA87}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 pip Bootstrap (64-bit) (HKLM\...\{408439E9-1A19-4C26-B5DD-EE7C39ADF749}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Standard Library (64-bit) (HKLM\...\{4FAEBB7B-E3A6-4E85-8D3C-8DD3C53C7A4E}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Tcl/Tk Support (64-bit) (HKLM\...\{4D4E250E-7002-4B30-ADCD-4FCEBBCC015B}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Test Suite (64-bit) (HKLM\...\{4D1D56DE-8FA6-4309-941F-F4B41BA36AA1}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Utility Scripts (64-bit) (HKLM\...\{555B15D5-5D22-4AD4-AD91-D2D8085D198F}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{978F3F47-FE6A-4CA8-B412-2A48C0DB05AE}) (Version: 3.8.7294.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.45.416 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
TotalAV 5.17.470 (HKLM-x32\...\TotalAV) (Version: 5.17.470 - TotalAV) <==== ATTENTION
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
UE Prerequisites (x64) (HKLM\...\{7916CFE9-D85D-4E68-891E-D5A3C887B73A}) (Version: 1.0.15.0 - Epic Games, Inc.) Hidden
UE Prerequisites (x64) (HKLM-x32\...\{284a69a5-9805-4ad5-98ac-173e9f776e0f}) (Version: 1.0.15.0 - Epic Games, Inc.) Hidden
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.7 - Black Tree Gaming Ltd.)
Windows Driver Package - libusbK Nintendo Switch (APX mode) (04/27/2014 3.0.7.0) (HKLM\...\C474C3AC0A427B4CF35173FC250E5E8C9C284DE1) (Version: 04/27/2014 3.0.7.0 - libusbK)
Windows Driver Package - libusbK Nintendo Switch (Homebrew mode) (04/27/2014 3.0.7.0) (HKLM\...\6D6BF0768F9873437C984F0DC0E4C569A45227BF) (Version: 04/27/2014 3.0.7.0 - libusbK)
Windows Driver Package - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7.0) (HKLM\...\5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB) (Version: 04/27/2014 3.0.7.0 - libusbK)
Windows Driver Package - libusbK Tinfoil (04/27/2014 3.0.7.0) (HKLM\...\B707C9FC2B732FAAB247365A5AC8FF929DCBE334) (Version: 04/27/2014 3.0.7.0 - libusbK)
Windows Driver Package - Realtek Semiconductor Corp. (RtkBtFilter) Bluetooth  (12/12/2019 1.6.1015.3010) (HKLM\...\A251C507301C79B85C3E1CEEAA1B04A16B62832B) (Version: 12/12/2019 1.6.1015.3010 - Realtek Semiconductor Corp.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-07-05] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.15629.20156.0_x86__8wekyb3d8bbwe [2022-09-30] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-28] (NVIDIA Corp.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-09-20] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-28] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-10] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-31] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-25] (Mega Limited -> )
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvshext.dll [2022-09-23] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-31] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\satch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2022-02-07 21:10 - 2022-02-07 21:10 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-02-07 21:10 - 2022-02-07 21:10 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-02-07 21:10 - 2022-02-07 21:10 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-11 17:07 - 2022-02-07 21:10 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-11 17:07 - 2022-02-07 21:10 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-11 17:07 - 2022-02-07 21:10 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-11 17:07 - 2022-02-07 21:10 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-11 17:07 - 2022-02-07 21:10 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-11 17:07 - 2022-02-07 21:10 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 -> DefaultScope {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 -> {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 03:31 - 2019-12-28 05:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-12-07 08:41 - 2022-09-25 12:35 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Foundation\jdk-17.0.0.35-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 209.18.47.62 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7B770B6C-1DCC-480C-B5F0-160854436719}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{E2A41CC3-3EE8-4B76-ABF5-571E3CDF603A}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{BDAA3302-15DD-4C10-8F8A-D4BB36E6AC69}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{AB1565DF-FE75-4A2A-AB5E-2EF6A201D5EE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{AB5EFFFD-28CF-4C99-A5B8-FD4DE04A24C3}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [TCP Query User{29F5D4CF-4F93-4807-8E10-04A196C9EC2D}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [UDP Query User{44C69867-565E-4875-BD60-FACC0DC41928}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe => No File
FirewallRules: [TCP Query User{8BA9D230-6483-4596-9C02-F95670E032B1}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe => No File
FirewallRules: [UDP Query User{BB70D444-7BE4-4509-B14C-A85443FD65C1}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{BA68F78D-D535-422E-89BC-8097A2F82715}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{050A4E06-B333-448C-8CC1-06903C05567A}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
FirewallRules: [TCP Query User{68676177-777E-41A6-96ED-448E47C2364C}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
FirewallRules: [UDP Query User{092D9332-2E48-4675-A2B9-453C0277F869}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{0319F2A3-5307-4E62-AFB7-810141C77750}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{034F593B-10B1-45CC-AE9D-CD90281549FE}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [TCP Query User{A8D1F84E-5332-44FD-890C-3004C73AA033}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [UDP Query User{6FDFF054-C31F-4AE5-BA61-E3DCCCFA74C9}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
FirewallRules: [TCP Query User{96BE7E36-6EE6-4EF0-94A9-6CBD938A14C5}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
FirewallRules: [{6E37B903-1990-45E8-8B9B-9B4F14887C7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{180B0F10-47B1-4803-A848-212EC712A26E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{816B8128-95A7-4D6C-B6CE-FF1F25C05C2B}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [TCP Query User{6DCC1FD3-3D41-4F88-90C0-D380047EE548}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [UDP Query User{12FA77F6-97E1-45C7-BD30-041983A5087B}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe => No File
FirewallRules: [TCP Query User{42D53B9F-11A8-44ED-B6A6-094DF82730FB}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe => No File
FirewallRules: [UDP Query User{C92408D1-B04C-44A9-B99B-9983DA5760C7}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [TCP Query User{644A5139-23AD-4EA0-AA08-619DB543CBBD}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0386548A-12AC-47D2-9BEA-5EBBB6D16A9A}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5A78F558-031F-479E-9696-F0BDD96065F6}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
FirewallRules: [{DF57DF54-B162-46D9-AE83-D32CC9C8381C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A4AA41BE-1CD4-4C90-B2BE-AF9A89FC0D5B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7B96F598-0900-4C46-AFC8-77993225C4C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A295EB33-FCC4-4863-8BCA-87864E1299A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{D73C2AFF-CF08-40A9-86FE-80367A389144}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CC5B77AA-F6D6-4ED8-9A58-800509A42EA8}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [TCP Query User{8EFA607B-7BDF-45A7-A8A5-118ED78AFC32}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [UDP Query User{AB910DF9-1417-4BAD-971B-7D8FAD90F8DE}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [{77F5D1C0-4222-486F-B47E-43C4423A6AA4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2974298D-457C-4D13-AECA-6AADAACDF824}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{82DC041A-B2F9-4357-ACA0-89BDDE132174}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{EA1AF87C-F801-41D8-9121-9F45635DD9CE}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{7FEDA863-2B6A-4C51-A16E-BF8AC74C31E8}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
FirewallRules: [UDP Query User{9B602C86-7FC2-4F23-9A7B-A0B9834B577F}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
FirewallRules: [TCP Query User{F3F91828-04B4-40F2-8322-1A7BCF166335}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
FirewallRules: [UDP Query User{21B1969D-71BB-42AB-A2B9-A73E7F205869}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
FirewallRules: [TCP Query User{60184965-5FC1-4D5D-9634-7B8BD3529CC6}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe] => (Allow) C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe (Alderon Games Canada Corporation -> Alderon Games Pty Ltd)
FirewallRules: [UDP Query User{BFD59198-8D4A-41AB-B376-5E45A38A6B48}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe] => (Allow) C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe (Alderon Games Canada Corporation -> Alderon Games Pty Ltd)
FirewallRules: [TCP Query User{DF345B06-8C16-4D35-AA72-E7987186995C}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [UDP Query User{11BF7C4D-01F0-4FC1-BB52-3BE505CF62B4}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [TCP Query User{3B83EFC8-0CBB-483A-8DF1-7DB8FCD312B4}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{A4A547BD-FF90-44DE-AA71-56B380A59D8B}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{73612BAF-0812-4CDB-BDBD-DE5F7C7EA3D5}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
FirewallRules: [UDP Query User{975413B2-02BC-44DE-BFAA-A3D7D5E0F056}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
FirewallRules: [TCP Query User{2B5598EA-A334-4D14-A0C6-26B5A22AED29}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{A3CA4C29-8599-457C-881E-D07434CF8CFA}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{6660084E-A98F-43DE-9A66-17159679861D}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{029684B2-58A9-4189-A3E1-E3C8916B929E}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{B5B3E607-1103-4A87-ADD5-C4A36965EA87}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{CB889081-1F91-4807-AF4C-86B6217DEC34}] => (Allow) C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe (Rockstar Games, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{C1D1D203-BA80-42C5-A7FE-77C67DC46574}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
FirewallRules: [UDP Query User{CB3DB246-879A-486B-B230-53505C8D0410}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
FirewallRules: [TCP Query User{7337DBB1-CD45-4D39-93FE-83A6AB77F22F}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
FirewallRules: [UDP Query User{4DA77076-239C-4760-98EB-E5B11C06B055}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
FirewallRules: [TCP Query User{3B8C6209-5BFB-43DD-968A-2ACC5383EC76}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [UDP Query User{ABFC92A7-AB7C-4CEF-9ACA-0B18426BD7AF}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [TCP Query User{83197F3A-7590-43F9-B0F7-56EA65DF201D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{861ABC38-2C97-4280-89B5-04342011EE8D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [{1F48A2ED-4CD9-4E2D-B743-55531BA73F27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{CDC17333-2257-42D0-82A4-0422D118A264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{EB2A34BB-359B-490F-A57C-EA32D21A05C9}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
FirewallRules: [UDP Query User{D8E6962B-B85C-4A8D-81F1-8D69855FDA57}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{208FA2FC-51B9-42CA-BE99-B56F40A6CEEC}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
FirewallRules: [UDP Query User{5C540BEE-DA17-4EF8-81B6-9D8D54B47224}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
FirewallRules: [TCP Query User{FD6DB533-F2C2-4A1F-82A5-6156E1B805C7}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [UDP Query User{2620784C-22E0-40FC-A584-511B99ABF987}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [{B86B12A5-DB44-486F-8182-7C002C1AC2E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{E4CB1534-1338-4591-AE54-57AB67039E53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{3D8A4A90-A71D-4DC8-A759-C7CA7742E173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{13808498-7FAB-4F4F-8203-1DEC16638678}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{4F330D3C-E0BE-4232-9164-7A4B3F7C9D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B32A6AC5-72FA-43AF-AFC4-0BC75F5C4FAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{720BE36B-2681-48FA-83F9-1EA6624E5ED2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{347B0AF5-9315-402B-A155-7CB03E2A4619}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4DBAD25F-3515-4AD0-84C1-BB65640AE2D6}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{7FDEF80D-1C95-4AF4-A84D-478F38465E0F}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [{51BADCFD-1524-4518-BCCB-69D995A1D84F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{8CFAA129-AAFE-4A76-9B4D-2DEA4C8BA803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{682F4526-223F-4FC9-8719-283C43AB8B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{15EFA912-F759-4408-981D-6C48184C0F4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{02B17D0C-183C-4340-823A-E50770CD1F91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{8BDAFFD8-17BC-47B9-B3BB-174DB92BC0C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{FA819B75-6D39-46AB-AB08-F066B9807149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe () [File not signed]
FirewallRules: [{EC087305-3C3C-4488-9195-E619082AD093}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe () [File not signed]
FirewallRules: [{5EECE9BE-67AA-4277-B987-3E8F231D0717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{47457C44-C99A-427B-98FD-55040C6BEE4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]
FirewallRules: [{1A4536A8-A61F-4EF5-BE27-B060B6BB9E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{DD40E265-7F5C-41A1-B01B-E5794436B351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{A5C02843-87BF-487B-BDE5-76E91196E836}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe (Frontier Developments) [File not signed]
FirewallRules: [{0EA75AAF-9E68-4FC1-9465-D706535FB032}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe (Frontier Developments) [File not signed]
FirewallRules: [{BE517293-7031-44FD-B805-3B97D75291FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [File not signed]
FirewallRules: [{6913F13B-21A9-4358-9D22-69B13A5988D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [File not signed]
FirewallRules: [TCP Query User{428567E3-DCF1-43E0-823F-43E66C1172D4}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{EDD270BD-33A4-4D23-8911-54889952116D}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{C8317C52-81E8-4FD5-B32D-C14944E1E3E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe () [File not signed]
FirewallRules: [{64496028-9971-4762-8A14-C32157367B0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe () [File not signed]
FirewallRules: [{6015F536-33A1-403C-930F-BF55A56D18D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let's Build a Zoo\LetsBuildAZoo.exe () [File not signed]
FirewallRules: [{DFA76206-F250-4D5C-9F49-0A553A618194}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let's Build a Zoo\LetsBuildAZoo.exe () [File not signed]
FirewallRules: [{10D3F82E-CEED-43F4-9766-2ADC6D195A48}] => (Allow) C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{62AFA97B-3BB9-4F2D-97B9-02E3E3490107}] => (Allow) C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{93245947-A952-4E51-9D65-9ABB3938F054}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{DF332FDA-9AB0-4BC4-A268-023C44463508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{AD711615-7501-4B5E-9A27-3A27DFD9D3E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed]
FirewallRules: [{D1313D8E-590F-4F4F-AA41-103FFFF5AED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed]
FirewallRules: [{936FC9E1-B2C1-4E30-AE6E-6CBFACE67DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe () [File not signed]
FirewallRules: [{529E0360-BABF-4472-BAFF-0F07128BD640}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe () [File not signed]
FirewallRules: [{19CAC17B-DE11-4410-BED6-BD2693AA9235}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBB3C681-C329-402C-B61A-9F92B54A3A67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF9B3869-5C23-4DC0-908B-1AA54B3346AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C832D1B-A319-4A29-B3FB-AF6BACC689E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{162DC214-A4CF-4268-8E97-C339A62CAD04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1488A539-BC86-4980-9DD2-4D7294A3390D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{4AC8966A-CFAA-4EA9-9F86-87970367A3EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6D110F9D-BFE2-47E6-9EFC-59C7F2326541}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F7B7BBCC-A44E-47BA-BEDC-6A824943BC65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C9EC734E-CDD4-407F-8A52-80DA012430BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3A4F53BB-DCDA-4AB8-B7AB-CFB294379710}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BFD872B8-8DBD-4BFA-86B2-5CC0384850B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0AD633F6-50DF-469D-B9D5-2BF84E4D019B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe (ArenaNet, LLc -> ArenaNet)
FirewallRules: [{0ADECEC3-2C6A-4FB8-A6D2-FC4DF229D2EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe (ArenaNet, LLc -> ArenaNet)
FirewallRules: [{8F191ED7-C474-4016-9ADD-813C4079DA1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{048ADAD1-EBF7-4451-87D5-58A42902BD7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{38CD2E10-BC28-4970-81B4-33376D6681D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22F3941D-13D8-4824-9B47-208497D94795}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3ACFB0D-778A-438F-9FFF-46EB54557503}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{490BB848-5BBA-419A-B5B2-BD411176AFCB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{800BB005-B0C0-424A-8EE6-FB9110D191C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{541F2FD1-8AED-45DF-960C-F459F745C86F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15889E70-0598-4D48-943A-BB6F6ABF9048}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EDE2F5F5-BDBC-4A4C-95E5-12C3B608A9D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B0A1F3D1-1D3E-4D69-A1DE-615737AE6711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{15C0EBE3-9C00-479B-AB2D-3A7220E7763E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9623E8D7-BE2D-430A-BDD7-BED32CE62CA0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7533ECE6-4D8C-4F56-B17B-985B8890989E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Intel(R) Wireless Bluetooth(R)
Description: Intel(R) Wireless Bluetooth(R)
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/04/2022 09:55:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4700

Start Time: 01d8d85c361f7079

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 857305fa-557f-49ca-a1da-df415a03d0a8

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (10/04/2022 09:13:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 34a0

Start Time: 01d8d792bf68edf0

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: c6ffadc4-5804-4ae6-8705-d1e9373e8c4d

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Navigation

Error: (10/03/2022 09:07:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: a28

Start Time: 01d8d76b08a2e8d2

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 0be71fd8-1c71-45ee-bf5e-03f7e9c78876

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Navigation

Error: (10/02/2022 08:09:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.1949 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1968

Start Time: 01d8d666c39d95a4

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 512e57fd-1f66-40d5-ac42-556f01a5a7da

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Navigation

Error: (10/02/2022 02:28:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecurityService.exe, version: 5.17.470.0, time stamp: 0x609c79ed
Faulting module name: coreclr.dll, version: 4.700.21.26205, time stamp: 0x609c3176
Exception code: 0xc0000005
Fault offset: 0x001b17ff
Faulting process id: 0x4774
Faulting application start time: 0x01d8d5c100e1b8ab
Faulting application path: C:\Program Files (x86)\TotalAV\SecurityService.exe
Faulting module path: C:\Program Files (x86)\TotalAV\coreclr.dll
Report Id: 1df10e6c-e656-45e1-bc5d-6ed04721daae
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2022 02:28:01 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: SecurityService.exe
CoreCLR Version: 4.700.21.26205
.NET Core Version: 3.1.16
Description: The process was terminated due to an internal error in the .NET Runtime at IP 73A917FF (738E0000) with exit code c0000005.

Error: (10/01/2022 02:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecurityService.exe, version: 5.17.470.0, time stamp: 0x609c79ed
Faulting module name: coreclr.dll, version: 4.700.21.26205, time stamp: 0x609c3176
Exception code: 0xc0000005
Fault offset: 0x001b17ff
Faulting process id: 0x1aa4
Faulting application start time: 0x01d8d5094a81e410
Faulting application path: C:\Program Files (x86)\TotalAV\SecurityService.exe
Faulting module path: C:\Program Files (x86)\TotalAV\coreclr.dll
Report Id: 674b889c-2294-47e7-b147-699b00f6c573
Faulting package full name:
Faulting package-relative application ID:

Error: (10/01/2022 02:07:17 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: SecurityService.exe
CoreCLR Version: 4.700.21.26205
.NET Core Version: 3.1.16
Description: The process was terminated due to an internal error in the .NET Runtime at IP 73A917FF (738E0000) with exit code c0000005.


System errors:
=============
Error: (10/04/2022 10:50:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.

Error: (10/04/2022 10:50:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:55:58 PM on ‎10/‎4/‎2022 was unexpected.

Error: (10/04/2022 10:50:35 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (10/03/2022 10:11:28 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/01/2022 08:03:06 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-Q1JOHSV)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_b7409c with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (10/01/2022 08:03:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GameDVR and Broadcast User Service_b7409c service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/01/2022 08:03:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the GameDVR and Broadcast User Service_b7409c service to connect.

Error: (09/30/2022 08:22:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-Q1JOHSV)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.


CodeIntegrity:
===============
Date: 2022-10-04 22:51:12
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\TotalAV\wscf.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.30 11/13/2018
Motherboard: Micro-Star International Co., Ltd. Z390-A PRO (MS-7B98)
Processor: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 16322.22 MB
Available physical RAM: 10595.92 MB
Total Virtual: 23746.22 MB
Available Virtual: 16038.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.91 GB) (Free:281.88 GB) (Model: WDC  WDS100T2B0A-00SM50) NTFS
Drive e: () (Removable) (Total:59.45 GB) (Free:59.25 GB) exFAT

\\?\Volume{ed66a517-4258-426b-a50e-03cd01dd91fa}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{04c32886-782f-41e9-aaf8-130ee3064fc7}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70ADC483)

Partition: GPT.

==========================================================
Disk: 2 (Size: 59.5 GB) (Disk ID: D9CD6FA1)
Partition 1: (Not Active) - (Size=59.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Malnutrition · Oct 5, 2022

I’ll have a look at the FRST logs when I get off work today.

Adware Cleaner

Download AdwCleaner and save it to your Desktop
Right-click on AdwCleaner.exeand select

Run as Administrator
Accept the EULA (I accept), then click on Scan Now
Let the scan complete
Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
Close all other open windows and allow it to restart
After the restart, Notepad will open with the AdwCleaner cleaning log
Please Attach the contents of that log into your next reply to me

Make sure and disable your antivirus/defender prior to the scan.

Download ESET Online Scanner from hereand save it to your Desktop.
Right click the esetonlinescanner.exe file you downloaded and select Run as administrator.
Click Get started.
In the Terms of use screen, click Accept if you agree to the Terms of use.
Click Get started in the welcome screen.
Select your preference for the Customer Experience Improvement Program and the Detection feedback system.Click Continue.
Click Computer scan, in the Welcome back screen.
Choose Full scan on the next screen.
Select Enable ESET to detect and quarantine potentially unwanted applications.Then click Start scan
When the scan is finished click Save scan log and save it to your Desktop as ESETScan.txt. Click Continue.
ESET Online Scanner will now ask if you wish to turn on the Periodic Scan feature.Click Continue
You will now be offered a trial version of ESET Internet Security.Click continue
On the next screen, you can leave feedback about the program if you wish.
Select Delete application's data on closing, if you are short of disk space or do not wish to retain the program for future use.
If you left feedback, click Submit and continue. If not, Close without feedback.
Copy and paste the contents of the ESETScan.txt file in your next reply.

Rum Ham · Oct 5, 2022

OK the AdwCleaner removed my TotalAV for some odd reason, but I can just activate it again with my account info for it, that log you requested is posted below followed by the ESET Online Scanner log.

Code:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-08-22.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-05-2022
# Duration: 00:00:08
# OS:       Windows 10 (Build 19043.2006)
# Cleaned:  19
# Awaiting reboot:3
# Failed:   0


***** [ Services ] *****

Deleted       SecurityService
Deleted       webshieldfilter

***** [ Folders ] *****

Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\Users\satch\AppData\Roaming\Tencent
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
Needs Reboot  C:\Program Files (x86)\TotalAV
Needs Reboot  C:\ProgramData\TotalAV

***** [ Files ] *****

Deleted       C:\END
Deleted       C:\Users\Public\Desktop\TotalAV.lnk
Deleted       C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
Needs Reboot  C:\Windows\System32\drivers\webshieldfilter.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\SSProtect
Deleted       HKLM\SOFTWARE\Classes\*\shell\TotalAV
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\Software\Classes\totalav
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed   C:\Program Files (x86)\TotalAV
Cleaning failed   C:\ProgramData\TotalAV

*************************
***** [ Files ] *****

Cleaning failed   C:\Windows\System32\drivers\webshieldfilter.sys

*************************

AdwCleaner[S00].txt - [2808 octets] - [05/10/2022 16:35:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


10/5/2022 17:47:21 PM
Files scanned: 655312
Detected files: 0
Cleaned files: 0
Total scan time: 00:28:20
Scan status: Finished

Malnutrition · Oct 6, 2022

Total AV is a known to be a scam, and is not recommended. I suggest removing it and just running windows defender, at least for the duration of your time here and the fixes we perform. You can always reinstall it at a later time if you wish.

FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.

ZHP Diag Scan Click here to download.
Save to your desktop.
Right Click Run as Admin.
Click the Options button.
Click on Check All
Then click close.
Click the Scanner button.
When complete please push the report button.
A notepad will open... attach the report in your next reply.

Rum Ham · Oct 6, 2022

My Windows Defender will no longer turn on, I effectively have no antivirus, the last time I tried to as of this typing I got a message about IT administrator has not allowed me to use this page or something of that nature.

Anyways here is the next 3 reports requested:

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2022

Ran by satch (06-10-2022 05:16:35) Run:1
Running from C:\Users\satch\OneDrive\Desktop
Loaded Profiles: satch
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 -> DefaultScope {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
SearchScopes: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003 -> {DCD4E047-FB67-439A-9FD5-732F5B759F32} URL =
FirewallRules: [UDP Query User{7B770B6C-1DCC-480C-B5F0-160854436719}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{E2A41CC3-3EE8-4B76-ABF5-571E3CDF603A}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{BDAA3302-15DD-4C10-8F8A-D4BB36E6AC69}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{AB1565DF-FE75-4A2A-AB5E-2EF6A201D5EE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{AB5EFFFD-28CF-4C99-A5B8-FD4DE04A24C3}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [TCP Query User{29F5D4CF-4F93-4807-8E10-04A196C9EC2D}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [UDP Query User{44C69867-565E-4875-BD60-FACC0DC41928}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe => No File
FirewallRules: [TCP Query User{8BA9D230-6483-4596-9C02-F95670E032B1}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe] => (Allow) C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe => No File
FirewallRules: [UDP Query User{BB70D444-7BE4-4509-B14C-A85443FD65C1}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{BA68F78D-D535-422E-89BC-8097A2F82715}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{050A4E06-B333-448C-8CC1-06903C05567A}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
FirewallRules: [TCP Query User{68676177-777E-41A6-96ED-448E47C2364C}C:\gog games\wasteland 3\wl3.exe] => (Allow) C:\gog games\wasteland 3\wl3.exe => No File
FirewallRules: [UDP Query User{092D9332-2E48-4675-A2B9-453C0277F869}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{0319F2A3-5307-4E62-AFB7-810141C77750}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{034F593B-10B1-45CC-AE9D-CD90281549FE}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [TCP Query User{A8D1F84E-5332-44FD-890C-3004C73AA033}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [UDP Query User{6FDFF054-C31F-4AE5-BA61-E3DCCCFA74C9}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
FirewallRules: [TCP Query User{96BE7E36-6EE6-4EF0-94A9-6CBD938A14C5}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe => No File
FirewallRules: [UDP Query User{816B8128-95A7-4D6C-B6CE-FF1F25C05C2B}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [TCP Query User{6DCC1FD3-3D41-4F88-90C0-D380047EE548}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [UDP Query User{12FA77F6-97E1-45C7-BD30-041983A5087B}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe => No File
FirewallRules: [TCP Query User{42D53B9F-11A8-44ED-B6A6-094DF82730FB}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe => No File
FirewallRules: [UDP Query User{C92408D1-B04C-44A9-B99B-9983DA5760C7}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [TCP Query User{644A5139-23AD-4EA0-AA08-619DB543CBBD}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe] => (Allow) C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0386548A-12AC-47D2-9BEA-5EBBB6D16A9A}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5A78F558-031F-479E-9696-F0BDD96065F6}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe => No File
FirewallRules: [{7B96F598-0900-4C46-AFC8-77993225C4C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A295EB33-FCC4-4863-8BCA-87864E1299A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{D73C2AFF-CF08-40A9-86FE-80367A389144}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CC5B77AA-F6D6-4ED8-9A58-800509A42EA8}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe => No File
FirewallRules: [TCP Query User{8EFA607B-7BDF-45A7-A8A5-118ED78AFC32}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [UDP Query User{AB910DF9-1417-4BAD-971B-7D8FAD90F8DE}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [TCP Query User{82DC041A-B2F9-4357-ACA0-89BDDE132174}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{EA1AF87C-F801-41D8-9121-9F45635DD9CE}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{7FEDA863-2B6A-4C51-A16E-BF8AC74C31E8}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
FirewallRules: [UDP Query User{9B602C86-7FC2-4F23-9A7B-A0B9834B577F}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe => No File
FirewallRules: [TCP Query User{F3F91828-04B4-40F2-8322-1A7BCF166335}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
FirewallRules: [UDP Query User{21B1969D-71BB-42AB-A2B9-A73E7F205869}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe] => (Allow) C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe => No File
FirewallRules: [TCP Query User{DF345B06-8C16-4D35-AA72-E7987186995C}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [UDP Query User{11BF7C4D-01F0-4FC1-BB52-3BE505CF62B4}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [TCP Query User{3B83EFC8-0CBB-483A-8DF1-7DB8FCD312B4}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{A4A547BD-FF90-44DE-AA71-56B380A59D8B}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{73612BAF-0812-4CDB-BDBD-DE5F7C7EA3D5}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
FirewallRules: [UDP Query User{975413B2-02BC-44DE-BFAA-A3D7D5E0F056}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe => No File
FirewallRules: [TCP Query User{2B5598EA-A334-4D14-A0C6-26B5A22AED29}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{A3CA4C29-8599-457C-881E-D07434CF8CFA}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [TCP Query User{C1D1D203-BA80-42C5-A7FE-77C67DC46574}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
FirewallRules: [UDP Query User{CB3DB246-879A-486B-B230-53505C8D0410}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe] => (Block) C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe => No File
FirewallRules: [TCP Query User{7337DBB1-CD45-4D39-93FE-83A6AB77F22F}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
FirewallRules: [UDP Query User{4DA77076-239C-4760-98EB-E5B11C06B055}C:\users\satch\downloads\nut.exe] => (Allow) C:\users\satch\downloads\nut.exe => No File
FirewallRules: [TCP Query User{3B8C6209-5BFB-43DD-968A-2ACC5383EC76}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [UDP Query User{ABFC92A7-AB7C-4CEF-9ACA-0B18426BD7AF}C:\users\satch\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [TCP Query User{83197F3A-7590-43F9-B0F7-56EA65DF201D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{861ABC38-2C97-4280-89B5-04342011EE8D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\satch\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{EB2A34BB-359B-490F-A57C-EA32D21A05C9}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
FirewallRules: [UDP Query User{D8E6962B-B85C-4A8D-81F1-8D69855FDA57}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{208FA2FC-51B9-42CA-BE99-B56F40A6CEEC}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
FirewallRules: [UDP Query User{5C540BEE-DA17-4EF8-81B6-9D8D54B47224}C:\program files\avast software\secureline vpn\vpn.exe] => (Allow) C:\program files\avast software\secureline vpn\vpn.exe => No File
FirewallRules: [TCP Query User{FD6DB533-F2C2-4A1F-82A5-6156E1B805C7}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [UDP Query User{2620784C-22E0-40FC-A584-511B99ABF987}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe] => (Allow) C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe => No File
FirewallRules: [TCP Query User{4DBAD25F-3515-4AD0-84C1-BB65640AE2D6}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{7FDEF80D-1C95-4AF4-A84D-478F38465E0F}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [{1A4536A8-A61F-4EF5-BE27-B060B6BB9E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{DD40E265-7F5C-41A1-B01B-E5794436B351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{162DC214-A4CF-4268-8E97-C339A62CAD04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1488A539-BC86-4980-9DD2-4D7294A3390D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{4AC8966A-CFAA-4EA9-9F86-87970367A3EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6D110F9D-BFE2-47E6-9EFC-59C7F2326541}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F7B7BBCC-A44E-47BA-BEDC-6A824943BC65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C9EC734E-CDD4-407F-8A52-80DA012430BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3A4F53BB-DCDA-4AB8-B7AB-CFB294379710}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BFD872B8-8DBD-4BFA-86B2-5CC0384850B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [utweb] => "C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (No File)
Task: {03BC766E-FF4F-4F0D-B5AA-70F448A320FF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
Task: {1F398CB2-E47C-4BCF-A928-3A75AF6191AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon (No File)
Task: {C5465FD6-0785-479A-9925-B54C7FD44F30} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\ProgramHKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [utweb] => "C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (No File)
Task: {EFD9E021-6178-4E60-991A-017D1AA11581} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\...\Run: [utweb] => "C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

CMD: sc stop WSearch
CMD: sc config WSearch start= disabled
CMD: sc stop lfsvc
CMD: sc config lfsvc start= disabled
CMD: del /s /q %ProgramData%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
CMD: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
CMD: reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::
*****************

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DCD4E047-FB67-439A-9FD5-732F5B759F32} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B770B6C-1DCC-480C-B5F0-160854436719}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E2A41CC3-3EE8-4B76-ABF5-571E3CDF603A}C:\program files (x86)\the sims 4 snowy escape\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BDAA3302-15DD-4C10-8F8A-D4BB36E6AC69}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AB1565DF-FE75-4A2A-AB5E-2EF6A201D5EE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB5EFFFD-28CF-4C99-A5B8-FD4DE04A24C3}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{29F5D4CF-4F93-4807-8E10-04A196C9EC2D}C:\programdata\alderon games\path of titans-demo\windowsnoeditor\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{44C69867-565E-4875-BD60-FACC0DC41928}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8BA9D230-6483-4596-9C02-F95670E032B1}C:\users\satch\desktop\wasteland.3.meat.maker.marinade\wasteland 3\wl3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BB70D444-7BE4-4509-B14C-A85443FD65C1}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BA68F78D-D535-422E-89BC-8097A2F82715}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{050A4E06-B333-448C-8CC1-06903C05567A}C:\gog games\wasteland 3\wl3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68676177-777E-41A6-96ED-448E47C2364C}C:\gog games\wasteland 3\wl3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{092D9332-2E48-4675-A2B9-453C0277F869}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0319F2A3-5307-4E62-AFB7-810141C77750}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{034F593B-10B1-45CC-AE9D-CD90281549FE}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A8D1F84E-5332-44FD-890C-3004C73AA033}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6FDFF054-C31F-4AE5-BA61-E3DCCCFA74C9}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{96BE7E36-6EE6-4EF0-94A9-6CBD938A14C5}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{816B8128-95A7-4D6C-B6CE-FF1F25C05C2B}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6DCC1FD3-3D41-4F88-90C0-D380047EE548}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12FA77F6-97E1-45C7-BD30-041983A5087B}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{42D53B9F-11A8-44ED-B6A6-094DF82730FB}C:\program files (x86)\steam\steamapps\common\beastsofbermuda\beastsofbermuda\binaries\win64\beastsofbermuda.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C92408D1-B04C-44A9-B99B-9983DA5760C7}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{644A5139-23AD-4EA0-AA08-619DB543CBBD}C:\programdata\alderon games\path of titans-demo\pathoftitans\binaries\win64\pathoftitans-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0386548A-12AC-47D2-9BEA-5EBBB6D16A9A}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5A78F558-031F-479E-9696-F0BDD96065F6}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisleclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B96F598-0900-4C46-AFC8-77993225C4C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A295EB33-FCC4-4863-8BCA-87864E1299A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D73C2AFF-CF08-40A9-86FE-80367A389144}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CC5B77AA-F6D6-4ED8-9A58-800509A42EA8}C:\program files (x86)\steam\steamapps\common\the isle\theisle\binaries\win64\theisle-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8EFA607B-7BDF-45A7-A8A5-118ED78AFC32}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB910DF9-1417-4BAD-971B-7D8FAD90F8DE}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{82DC041A-B2F9-4357-ACA0-89BDDE132174}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EA1AF87C-F801-41D8-9121-9F45635DD9CE}C:\program files (x86)\the sims 4 island living\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7FEDA863-2B6A-4C51-A16E-BF8AC74C31E8}C:\gog games\age of wonders iii\aow3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9B602C86-7FC2-4F23-9A7B-A0B9834B577F}C:\gog games\age of wonders iii\aow3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F3F91828-04B4-40F2-8322-1A7BCF166335}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{21B1969D-71BB-42AB-A2B9-A73E7F205869}C:\program files (x86)\ni no kuni wrath of the white witch remastered\ninokuni_wotww_remastered.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DF345B06-8C16-4D35-AA72-E7987186995C}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{11BF7C4D-01F0-4FC1-BB52-3BE505CF62B4}C:\program files (x86)\borderlands 3\oakgame\binaries\win64\borderlands3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3B83EFC8-0CBB-483A-8DF1-7DB8FCD312B4}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A4A547BD-FF90-44DE-AA71-56B380A59D8B}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73612BAF-0812-4CDB-BDBD-DE5F7C7EA3D5}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{975413B2-02BC-44DE-BFAA-A3D7D5E0F056}C:\users\satch\appdata\local\citra\nightly-mingw\citra-qt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B5598EA-A334-4D14-A0C6-26B5A22AED29}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3CA4C29-8599-457C-881E-D07434CF8CFA}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C1D1D203-BA80-42C5-A7FE-77C67DC46574}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CB3DB246-879A-486B-B230-53505C8D0410}C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7337DBB1-CD45-4D39-93FE-83A6AB77F22F}C:\users\satch\downloads\nut.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4DA77076-239C-4760-98EB-E5B11C06B055}C:\users\satch\downloads\nut.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3B8C6209-5BFB-43DD-968A-2ACC5383EC76}C:\users\satch\desktop\nut for tinfoil\nut.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ABFC92A7-AB7C-4CEF-9ACA-0B18426BD7AF}C:\users\satch\desktop\nut for tinfoil\nut.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{83197F3A-7590-43F9-B0F7-56EA65DF201D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{861ABC38-2C97-4280-89B5-04342011EE8D}C:\users\satch\appdata\roaming\utorrent web\utweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EB2A34BB-359B-490F-A57C-EA32D21A05C9}C:\program files\genshin impact\genshin impact game\genshinimpact.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D8E6962B-B85C-4A8D-81F1-8D69855FDA57}C:\program files\genshin impact\genshin impact game\genshinimpact.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{208FA2FC-51B9-42CA-BE99-B56F40A6CEEC}C:\program files\avast software\secureline vpn\vpn.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C540BEE-DA17-4EF8-81B6-9D8D54B47224}C:\program files\avast software\secureline vpn\vpn.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD6DB533-F2C2-4A1F-82A5-6156E1B805C7}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2620784C-22E0-40FC-A584-511B99ABF987}C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4DBAD25F-3515-4AD0-84C1-BB65640AE2D6}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7FDEF80D-1C95-4AF4-A84D-478F38465E0F}C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A4536A8-A61F-4EF5-BE27-B060B6BB9E27}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD40E265-7F5C-41A1-B01B-E5794436B351}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{162DC214-A4CF-4268-8E97-C339A62CAD04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1488A539-BC86-4980-9DD2-4D7294A3390D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4AC8966A-CFAA-4EA9-9F86-87970367A3EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D110F9D-BFE2-47E6-9EFC-59C7F2326541}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7B7BBCC-A44E-47BA-BEDC-6A824943BC65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9EC734E-CDD4-407F-8A52-80DA012430BD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A4F53BB-DCDA-4AB8-B7AB-CFB294379710}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFD872B8-8DBD-4BFA-86B2-5CC0384850B9}" => removed successfully
"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Microsoft\Windows\CurrentVersion\Run\\utweb" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03BC766E-FF4F-4F0D-B5AA-70F448A320FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03BC766E-FF4F-4F0D-B5AA-70F448A320FF}" => removed successfully
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F398CB2-E47C-4BCF-A928-3A75AF6191AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F398CB2-E47C-4BCF-A928-3A75AF6191AE}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5465FD6-0785-479A-9925-B54C7FD44F30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5465FD6-0785-479A-9925-B54C7FD44F30}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EFD9E021-6178-4E60-991A-017D1AA11581}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFD9E021-6178-4E60-991A-017D1AA11581}" => removed successfully
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Microsoft\Windows\CurrentVersion\Run\\utweb" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully

========= sc stop WSearch =========

SERVICE_NAME: WSearch
TYPE : 10 WIN32_OWN_PROCESS
STATE : 3 STOP_PENDING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x1
WAIT_HINT : 0x7530

========= End of CMD: =========

========= sc config WSearch start= disabled =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========

========= sc stop lfsvc =========

SERVICE_NAME: lfsvc
TYPE : 30 WIN32
STATE : 3 STOP_PENDING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x2
WAIT_HINT : 0x2710

========= End of CMD: =========

========= sc config lfsvc start= disabled =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========

========= del /s /q %ProgramData%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl =========

Could Not Find C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl

========= End of CMD: =========

========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF =========

The operation completed successfully.

========= End of CMD: =========

========= reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF =========

The operation completed successfully.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\9a0c0cdc-4be1-405e-a7f4-ccc145fa6894.tmp => moved successfully
C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\wct107D.tmp => moved successfully
C:\Windows\Temp\wct1287.tmp => moved successfully
C:\Windows\Temp\wct15AE.tmp => moved successfully
C:\Windows\Temp\wct1680.tmp => moved successfully
C:\Windows\Temp\wct27FC.tmp => moved successfully
C:\Windows\Temp\wct28FC.tmp => moved successfully
C:\Windows\Temp\wct2BB6.tmp => moved successfully
C:\Windows\Temp\wct2D05.tmp => moved successfully
C:\Windows\Temp\wct37E8.tmp => moved successfully
C:\Windows\Temp\wct41FB.tmp => moved successfully
C:\Windows\Temp\wct44EF.tmp => moved successfully
C:\Windows\Temp\wct478C.tmp => moved successfully
C:\Windows\Temp\wct4A84.tmp => moved successfully
C:\Windows\Temp\wct4C01.tmp => moved successfully
C:\Windows\Temp\wct53EC.tmp => moved successfully
C:\Windows\Temp\wct5425.tmp => moved successfully
C:\Windows\Temp\wct56CB.tmp => moved successfully
C:\Windows\Temp\wct57A7.tmp => moved successfully
C:\Windows\Temp\wct5ABD.tmp => moved successfully
C:\Windows\Temp\wct5D07.tmp => moved successfully
C:\Windows\Temp\wct5FC8.tmp => moved successfully
C:\Windows\Temp\wct619D.tmp => moved successfully
C:\Windows\Temp\wct652D.tmp => moved successfully
C:\Windows\Temp\wct6935.tmp => moved successfully
C:\Windows\Temp\wct6AFB.tmp => moved successfully
C:\Windows\Temp\wct7510.tmp => moved successfully
C:\Windows\Temp\wct752D.tmp => moved successfully
C:\Windows\Temp\wct7A53.tmp => moved successfully
C:\Windows\Temp\wct7D13.tmp => moved successfully
C:\Windows\Temp\wct7F26.tmp => moved successfully
C:\Windows\Temp\wct80F2.tmp => moved successfully
C:\Windows\Temp\wct85F6.tmp => moved successfully
C:\Windows\Temp\wct8661.tmp => moved successfully
C:\Windows\Temp\wct8C22.tmp => moved successfully
C:\Windows\Temp\wct92F2.tmp => moved successfully
C:\Windows\Temp\wct967D.tmp => moved successfully
C:\Windows\Temp\wct9A3D.tmp => moved successfully
C:\Windows\Temp\wct9E93.tmp => moved successfully
C:\Windows\Temp\wctA545.tmp => moved successfully
C:\Windows\Temp\wctA96D.tmp => moved successfully
C:\Windows\Temp\wctABD4.tmp => moved successfully
C:\Windows\Temp\wctAEE2.tmp => moved successfully
C:\Windows\Temp\wctAFAE.tmp => moved successfully
C:\Windows\Temp\wctB0DA.tmp => moved successfully
C:\Windows\Temp\wctC2E2.tmp => moved successfully
C:\Windows\Temp\wctC5B5.tmp => moved successfully
C:\Windows\Temp\wctC739.tmp => moved successfully
C:\Windows\Temp\wctD51E.tmp => moved successfully
C:\Windows\Temp\wctD936.tmp => moved successfully
C:\Windows\Temp\wctDAB6.tmp => moved successfully
C:\Windows\Temp\wctDC2B.tmp => moved successfully
C:\Windows\Temp\wctDE4A.tmp => moved successfully
C:\Windows\Temp\wctDE9D.tmp => moved successfully
C:\Windows\Temp\wctDFC7.tmp => moved successfully
C:\Windows\Temp\wctE1EA.tmp => moved successfully
C:\Windows\Temp\wctE39A.tmp => moved successfully
C:\Windows\Temp\wctEAEC.tmp => moved successfully
C:\Windows\Temp\wctEF62.tmp => moved successfully
C:\Windows\Temp\wctF5E3.tmp => moved successfully
C:\Windows\Temp\wctF65A.tmp => moved successfully
C:\Windows\Temp\wctFACB.tmp => moved successfully
C:\Windows\Temp\wctFB86.tmp => moved successfully
C:\Windows\Temp\wctFEF3.tmp => moved successfully
C:\Windows\Temp\wctFFDD.tmp => moved successfully

========= End -> "C:\Windows\Temp\*.*" ========

=========== "C:\WINDOWS\system32\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\system32\*.tmp" ========

=========== "C:\WINDOWS\syswow64\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\syswow64\*.tmp" ========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43359435 B
Java, Discord, Steam htmlcache => 1139460478 B
Windows/system/drivers => 2859 B
Edge => 1317614 B
Chrome => 2287296426 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 116342948 B
systemprofile32 => 196084576 B
LocalService => 197948398 B
NetworkService => 197948398 B
satch => 268447524 B

RecycleBin => 0 B
EmptyTemp: => 4.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 05:24:13 ====

Code:

~ ZHPCleaner v2022.10.4.79 by Nicolas Coolman (2022/10/04)
~ Run by satch (Administrator)  (06/10/2022 16:43:17)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\satch\OneDrive\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 19043)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (1)
DELETED task: [Adobe Flash Player PPAPI Notifier] [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe]  =>Riskware.FlashPlayer


---\\  Explorer ( File, Folder) (12)
MOVED file: C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Users\satch\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe [Copyright (C) 2022 Pixel. All Rights Reserved. - Chimeraland downloader]  =>AdwareÂ¨Pirrit
MOVED file: C:\Windows\Prefetch\TOTALAV.EXE-775A7881.pf    =>SUP.Optional.TotalAV
MOVED folder: C:\Users\satch\AppData\Local\ChimeralandMiniLoader  =>AdwareÂ¨Pirrit
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChimeralandMiniLoader  =>AdwareÂ¨Pirrit
MOVED folder: C:\Program Files (x86)\TotalAV  =>SUP.Optional.TotalAV
MOVED folder: C:\ProgramData\TotalAV  =>SUP.Optional.TotalAV
MOVED folder: C:\Users\satch\OneDrive\Documents\TotalAV  =>SUP.Optional.TotalAV
MOVED folder: C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord
MOVED folder: C:\Documents and Settings\satch\Application Data\Microsoft\Windows\Start Menu\Programs\Discord Inc  =>.SUP.Discord
MOVED folder: C:\ProgramData\SecuritySuite  =>SUP.Optional.ScanGuard


---\\  Registry ( Key, Value, Data) (17)
DELETED key*: [X64] HKLM\SOFTWARE\57979c68-f490-55b8-8fed-8b017a5af2fe []  =>Adware.CrossRider
DELETED key*: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 576]  =>.SUP.FirefoxRestriction
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Discord []  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\Discord [URL:Discord Protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-349134787773988865 [URL:Run game 349134787773988865 protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-413081698159296512 [URL:Run game 413081698159296512 protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-431033176782012416 [URL:Run game 431033176782012416 protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-452029545843785730 [URL:Run game 452029545843785730 protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-538196365122076713 [URL:Run game 538196365122076713 protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-582873364562182145 [URL:Run game 582873364562182145 protocol]  =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Classes\discord-808398272078675989 [URL:Run game 808398272078675989 protocol]  =>.SUP.Discord
DELETED key**: HKCU\Software\Discord []  =>.SUP.Discord
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.]  =>.SUP.Discord
DELETED key*: [X64] HKLM\SOFTWARE\Classes\totalav [URL:Total AV Protocol]  =>SUP.Optional.TotalAV
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier []  =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater []  =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI [Adobe]  =>Riskware.FlashPlayer


---\\  Summary of the elements found (8)
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/  =>Riskware.FlashPlayer
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>AdwareÂ¨Pirrit
https://nicolascoolman.eu/2017/10/30/sup-totalav/  =>SUP.Optional.TotalAV
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/  =>.SUP.Discord
https://nicolascoolman.eu/2017/12/21/sup-scanguard/  =>SUP.Optional.ScanGuard
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.FirefoxRestriction


---\\  Other deletions. (7)
~ Registry Keys Tracing deleted (7)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Internet Explorer OK
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 1142
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed





~ End of clean in 00h00mn33s

---\\  Reports (2)
ZHPCleaner--06102022-16_41_45.txt
ZHPCleaner-[R]-06102022-16_43_50.txt




~ ZHPDiag v2022.10.4.79 By Nicolas Coolman (2022/10/04)
~ Run by satch (Administrator)  (2022/10/06 16:51:29)
~ Assistance: https://forum.nicolascoolman.eu/
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\satch\OneDrive\Desktop\ZHPDiag.txt
~ Report: C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 19043)  =>.Microsoft Corporation

---\\ Internet Browsers (3) - 0s
~ GCIE: Google Chrome v106.0.5249.103
~ MSIE: Internet Explorer v11.789.19041.0
~ OBIE: Microsoft Edge v106.0.1370.34

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (2) - 1s
Windows Defender W10 (Activate) (Protection)
Malwarebytes version 4.5.14.210 v4.5.14.210 (Protection)

---\\ Informations on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 158 Stepping 12, GenuineIntel
~ Operating System:  64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16713.956 MB (78% free) : OK  =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 303 GB (31%) free of 953 GB : OK  =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-Q1JOHSV
~ User Name: satch
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 303 GB free of 953 GB  (System)
~ Drive E: has 60 GB free of 60 GB

---\\ SYSTEM DISK MAIN FEATURES (33) - 8s
~ Model: WDC WDS100T2B0A-00SM50 v401000WD  (953 Gb )
~ Media Type: SSD Fixed Disk   ( Bus: SATA)

---\\ SYSTEM DISK GENERAL ATTRIBUTES
OK - N0 - Indicateur d'usure du périphérique de stockage (Storage Device Wear Indicator) (%):  0
OK - N1 - Temps de latence maximal de vidage (Maximum Flash latency) (ms): 0.254
OK - N2 - Temps de latence maximal d'écriture (Maximum write latency) (ms): 2.056
RE - N3 - Temps de latence maximal de lecture (Maximum read latency) (ms): 4.019
OK - N4 - Vitesse de rotation (Spindle Speed) (RPM): 0


---\\ S.M.A.R.T. PARAMETERS    -     [Flag][Value][Worst]  [Threshold][Raw Value]
OK - 05 - Nombre de secteurs réalloués (Reallocated Sector Count) - [50][100][100]   [0][0]  
OK - 09 - Heures de fonctionnement (Power-On Hours Count (POH) - [50][100][100]   [0][20671]  
OK - 0C - Nombre de cycles en fonctionnement (Power Cycles Count) - [50][100][100]   [0][693]  
OK - A5 - Nombre de Blocs effacés (SLC) (Block Erase Count (SLC) ) - [50][100][100]   [0][1292]  
OK - A6 - Minimum de cycles P/E (Minimum P/E Cycles) - [50][100][100]   [0][2]  
OK - A7 - Maximum de blocs défectueux /puce (Maximum Bad Blocks per die) - [50][100][100]   [0][30]  
OK - A8 - Maximum de cycles P/E (Maximum P/E Cycles) - [50][100][100]   [0][28]  
RE - A9 - Nombre total de blocs défectueux (Total Bad Blocks) - [50][100][100]   [0][476]  
OK - AA - Nombre de blocs réservés utilisés (Used Reserved Block Count) - [50][100][100]   [0][0]  
OK - AB - Taux d'Echec du Programme (SSD Program Fail Count) - [50][100][100]   [0][0]  
OK - AC - Taux d'Echec d'effacement (Erase Fail Count) - [50][100][100]   [0][0]  
OK - AD - Nombre de blocs effacés (Average Block-Erase Count) - [50][100][100]   [0][17]  
OK - AE - Nombre inattendu de perte de puissance (Unexpected Power Off Count) - [50][100][100]   [0][34]  
OK - B8 - Nombre d'erreur de correction (Incorrectable Error Count) - [50][100][100]   [0][0]  
OK - BB - Nombre d'erreurs incorrigibles (Reported Uncorrectable Errors) - [50][100][100]   [0][0]  
OK - BC - Spécifique Constructeur - [50][100][100]   [0][6]  
OK - C2 - Température interne actuelle (Temperature) - [34][68][54]   [0][32]  
OK - C7 - Nombre d'erreurs CRC Ultra-DMA (CRC Error Count) - [50][100][100]   [0][0]  
OK - E6 - Indicateur d’usure des supports (Media Wearout Indicator) - [50][2][2]   [0][570]  
OK - E8 - Espace de réserve disponible (Available reserved Space) - [51][100][100]   [4][100]  
OK - E9 - NAND GB Ecriture (NAND GB Written) - [50][100][100]   [0][17885]  
OK - EA - Durée de vie d'écriture NAND (Lifetime NAND Writes) - [50][100][100]   [0][30749]  

---\\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (25) - 0s
[MD5.662F4F92FDE3557E86D110526BB578D5] - 15/09/2022 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [5141208]  =>.Microsoft®
[MD5.EF3179D498793BF4234F708D3BE28633] - 19/02/2021 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [71680] [Unsigned]  =>.Microsoft Corporation
[MD5.3588C1AC44DCE86A043310B07679C508] - 12/04/2022 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [420472] [Unsigned]  =>.Microsoft Corporation
[MD5.11F7419009AF2874C4B0E4505D185D79] - 08/03/2022 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [5038592] [Unsigned]  =>.Microsoft Corporation
[MD5.F8B41A1B3E569E7E6F990567F21DCE97] - 10/08/2022 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [906240] [Unsigned]  =>.Microsoft Corporation
[MD5.E6C31BCDFB65E2DB98AD082E5DABD164] - 10/08/2022 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [316416] [Unsigned]  =>.Microsoft Corporation
[MD5.C34BA7E91B599463DA4E7B6FA5207BE7] - 10/08/2022 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [821272]  =>.Microsoft®
[MD5.1849E5C84B6EB6EB56EEB842D8CD467E] - 10/08/2022 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [583144]  =>.Microsoft®
[MD5.BA569B43EEFFB0BBB38AE2B82A2DD05B] - 15/09/2022 - (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\System32\wuaueng.dll [3405312] [Unsigned]  =>.Microsoft Corporation
[MD5.AADECAAEE10B5A45E75A9E4DACB49259] - 16/06/2022 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [651104] [Unsigned]  =>.Microsoft Corporation
[MD5.B2C716CEBC11930E3C1E38C3B6B9DDED] - 10/08/2022 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [31064] [Unsigned]  =>.Microsoft Corporation
[MD5.764FE2149251A246F6B047A0F09F5F0B] - 07/12/2019 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [100864] [Unsigned]  =>.Microsoft Corporation
[MD5.054ABC6C64AE969D033B7876C04D52B4] - 13/10/2021 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [175616] [Unsigned]  =>.Microsoft Corporation
[MD5.E3A2D15717A96F83723D6AA731B553CB] - 15/09/2022 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [152064] [Unsigned]  =>.Microsoft Corporation
[MD5.4F39254C6E087D4789D2C3EBD3C7F744] - 08/03/2022 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [134656] [Unsigned]  =>.Microsoft Corporation
[MD5.E4B36C6EAAAB703CBFECB92EE590FB31] - 07/12/2019 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [118272] [Unsigned]  =>.Microsoft Corporation
[MD5.7DAAF580A2C442BF7542C5CD43205AE8] - 10/08/2022 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [230400] [Unsigned]  =>.Microsoft Corporation
[MD5.3D1E941BD603AE4BE39215E9F30C3DF3] - 10/08/2022 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [586592] [Unsigned]  =>.Microsoft Corporation
[MD5.49F7DE6F689C47B64A2C2D46CD98E327] - 19/02/2021 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [341504] [Unsigned]  =>.Microsoft Corporation
[MD5.893E5000EBDDF2C6C1EEF28238AC1029] - 15/09/2022 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2846552] [Unsigned]  =>.Microsoft Corporation
[MD5.138FDB1EBCB61287A645BD3B06DBED5E] - 07/12/2019 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [109056] [Unsigned]  =>.Microsoft Corporation
[MD5.28CF6FF4491D57F4DD00682C157BAD40] - 14/07/2022 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [110080] [Unsigned]  =>.Microsoft Corporation
[MD5.64991B36F0BD38026F7589572C98E3D6] - 13/04/2021 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [169984] [Unsigned]  =>.Microsoft Corporation
[MD5.2A8B28579A4964AA7EA8CEB1AC121243] - 15/09/2021 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [117584] [Unsigned]  =>.Microsoft Corporation
[MD5.988A7A685BB51BAC62F4E176BE5432AC] - 19/02/2021 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [429880] [Unsigned]  =>.Microsoft Corporation

---\\ No disabled Windows Services (67) - 2s
O23 - Service: C:\WINDOWS\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\WINDOWS\System32\AudioEndpointBuilder.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\WINDOWS\System32\Audiosrv.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\WINDOWS\System32\bfe.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) - C:\WINDOWS\System32\qmgr.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\WINDOWS\System32\psmsrv.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R) CDP User Components.) - C:\WINDOWS\System32\CDPUserSvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Connected Devices Platform User Service_90283 (CDPUserSvc_90283) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll  =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\WINDOWS\System32\cryptsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\das.dll (DeviceAssociationService) . (.Microsoft Corporation - Device Association Service.) - C:\WINDOWS\System32\das.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\diagtrack.dll (DiagTrack) . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) - C:\WINDOWS\System32\diagtrack.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktop Display Broker.) - C:\WINDOWS\System32\DispBroker.Desktop.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\WINDOWS\System32\dnsrslvr.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dosvc.dll (DoSvc) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Data Usage Service.) - C:\WINDOWS\System32\dusmsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Microsoft Edge Update Service (edgeupdate) (edgeupdate) . (.Microsoft Corporation - Microsoft Edge Update.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe  =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Event Logging Service.) - C:\WINDOWS\System32\wevtsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows Font Cache Service.) - C:\WINDOWS\System32\FntCache.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Group Policy Client.) - C:\WINDOWS\System32\gpsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google LLC - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
O23 - Service: C:\WINDOWS\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - IKE extension.) - C:\WINDOWS\System32\ikeext.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe {3BCEA6A75123B821E309D6399265C7BD}.  =>.Intel(R) Corporation
O23 - Service: C:\WINDOWS\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) - C:\WINDOWS\System32\iphlpsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O23 - Service: C:\WINDOWS\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\WINDOWS\System32\srvsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\WINDOWS\System32\wkssvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe {0ADE8114D7679B066F2DB2DFD2F67AC2}.  =>.Intel Corporation
O23 - Service: C:\WINDOWS\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\WINDOWS\System32\lsm.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Downloaded Maps Manager.) - C:\WINDOWS\System32\moshost.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\WINDOWS\System32\mpssvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\WINDOWS\System32\nlasvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\WINDOWS\System32\nsisvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation®
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe  =>.Nvidia Corporation®
O23 - Service: C:\WINDOWS\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\WINDOWS\System32\APHostService.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Sync Host_90283 (OneSyncSvc_90283) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft®
O23 - Service: Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts - OriginWebHelperService.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe {0751A21B29586708685BB12FFCC97D05}.  =>.Electronic Arts
O23 - Service: C:\WINDOWS\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\WINDOWS\System32\umpo.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\WINDOWS\System32\profsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Remote Access Connection Manager.) - C:\WINDOWS\System32\rasmans.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\WINDOWS\System32\RpcEpMap.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\WINDOWS\System32\rpcss.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe  =>.Realtek Semiconductor Corp.®
O23 - Service: Realtek Bluetooth Device Manager Service (RtkBtManServ) . (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Appl.) - C:\Windows\RtkBtManServ.exe  =>.Realtek Semiconductor Corp.®
O23 - Service: C:\WINDOWS\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Task Scheduler Service.) - C:\WINDOWS\System32\schedsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\WINDOWS\System32\sens.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SgrmBroker.exe,-100 (SgrmBroker) . (.Microsoft Corporation - System Guard Runtime Monitor Broker Service.) - C:\WINDOWS\System32\SgrmBroker.exe [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) - C:\Windows\System32\shsvcs.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spooler SubSystem App.) - C:\WINDOWS\System32\spoolsv.exe [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\WINDOWS\System32\sppsvc.exe [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Still Image Devices Service.) - C:\WINDOWS\System32\wiaservc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Storage Services.) - C:\WINDOWS\System32\storsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - SysMain Service Host.) - C:\WINDOWS\System32\sysmain.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\WINDOWS\System32\SystemEventsBrokerServer.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\WINDOWS\System32\themeservice.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\WINDOWS\System32\usermgr.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usosvc.dll (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) - C:\WINDOWS\System32\usosvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\WINDOWS\System32\wcmsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe  =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\WINDOWS\System32\wbem\WMIsvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - Windows WLAN AutoConfig Service DLL.) - C:\WINDOWS\System32\wlansvc.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) - C:\WINDOWS\System32\WpnService.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Windows Push Notification User Service.) - C:\WINDOWS\System32\WpnUserService.dll [Unsigned]  =>.Microsoft Corporation
O23 - Service: Windows Push Notifications User Service_90283 (WpnUserService_90283) . (.Microsoft Corporation - Host Process for Windows Services.) - C:\Windows\System32\svchost.exe  =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\WINDOWS\System32\wscsvc.dll [Unsigned]  =>.Microsoft Corporation

---\\ Services not Microsoft (SR=Run, SS=Stop) (106) - 6s
SR - Boot   [07/12/2019] [  107320]   (3ware) . (.LSI.) - C:\WINDOWS\System32\drivers\3ware.sys  =>.Microsoft®
SR - Demand [23/09/2022] [ 1868832]  ACE-BASE (ACE-BASE) . (.ANTICHEATEXPERT.COM.) - C:\WINDOWS\system32\drivers\ACE-BASE.sys {0F316A214F60D59DC921AEB9685136CC}.
SR - Demand [23/09/2022] [  772656]  ACE-GAME (ACE-GAME) . (.ANTICHEATEXPERT.COM.) - C:\WINDOWS\system32\drivers\ACE-GAME.sys {0F316A214F60D59DC921AEB9685136CC}.
SS - Demand [09/06/2020] [  335416]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Inc.®
SR - Boot   [07/12/2019] [ 1135416]   (ADP80XX) . (.PMC-Sierra.) - C:\WINDOWS\System32\drivers\ADP80XX.SYS  =>.Microsoft®
SR - Demand [07/12/2019] [   18432]  AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio2.sys [Unsigned]  =>.Advanced Micro Devices, Inc
SR - Demand [07/12/2019] [   45568]  AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdi2c.sys [Unsigned]  =>.Advanced Micro Devices, Inc
SR - Boot   [07/12/2019] [   83256]   (amdsata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdsata.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  259384]   (amdsbs) . (.AMD Technologies Inc..) - C:\WINDOWS\System32\drivers\amdsbs.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   26936]   (amdxata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdxata.sys  =>.Microsoft®
SS - Demand [17/07/2022] [ 2700648]  AntiCheatExpert Service (AntiCheatExpert Service) . (.© AntiCheatExpert.com Limited. All Rights Reserved..) - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe {0F316A214F60D59DC921AEB9685136CC}.
SR - Boot   [07/12/2019] [  131896]  Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\WINDOWS\System32\drivers\arcsas.sys  =>.Microsoft®
SR - Demand [24/08/2021] [   53904]  avast! SecureLine TAP Adapte (aswTap) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\aswTap.sys  =>.AVAST Software s.r.o.®
SR - Auto   [09/11/2021] [  208176]  avgntflt (avgntflt) . (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avgntflt.sys  =>.Avira Operations GmbH & Co. KG®
SR - System [09/11/2021] [  197176]  avipbb (avipbb) . (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys  =>.Avira Operations GmbH & Co. KG®
SR - System [09/11/2021] [   46704]  avkmgr (avkmgr) . (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avkmgr.sys  =>.Avira Operations GmbH & Co. KG®
SR - Boot   [07/12/2019] [  533816]  QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\bxvbda.sys  =>.Microsoft®
SR - Demand [07/12/2019] [    9728]  bcmfn2 Service (bcmfn2) . (...) - C:\WINDOWS\System32\drivers\bcmfn2.sys [Unsigned]  =>.Broadcom Corporation
SS - Demand [09/06/2021] [ 8901968]  BattlEye Service (BEService) . (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe  =>.BattlEye Innovations e.K.®
SR - Boot   [07/12/2019] [  319800]   (cht4iscsi) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4sx64.sys  =>.Microsoft®
SR - Demand [07/12/2019] [ 1853752]  Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4vx64.sys  =>.Microsoft®
SR - System [01/06/2020] [  140280]  dokan1 (dokan1) . (.Dokan Project.) - C:\WINDOWS\System32\DRIVERS\dokan1.sys {05B9E5C73998821D2E591A368995B191}.  =>.Dokan Project
SR - Demand [24/04/2020] [  599928]  Intel(R) PRO/1000  (e1dexpress) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_f6c146a8872514f7\e1d68x64.sys  =>.Intel(R) INTELND1820®
SS - Demand [27/02/2022] [  584680]  Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) . (.Epic Games, Inc..) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe  =>.EasyAntiCheat Oy®
SR - Boot   [07/12/2019] [ 3418936]  QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\evbda.sys  =>.Microsoft®
SS - Demand [11/07/2022] [  934352]  Epic Online Services (EpicOnlineServices) . (.Epic Games, Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe  =>.Epic Games Inc.®
SS - Demand [07/09/2022] [  401960]  NVIDIA FrameView SDK service (FvSvc) . (.NVIDIA.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe  =>.Nvidia Corporation®
SS - Demand [05/10/2022] [ 1675544]  Google Chrome Elevation Service (GoogleChromeElevationServi (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\elevation_service.exe  =>.Google LLC®
SR - Auto   [05/07/2019] [  154920]  Google Update Service (gupdate) (gupdate) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [05/07/2019] [  154920]  Google Update Service (gupdatem) (gupdatem) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SR - Boot   [07/12/2019] [   64312]   (HpSAMD) . (.Hewlett-Packard Company.) - C:\WINDOWS\System32\drivers\HpSAMD.sys  =>.Microsoft®
SR - Demand [07/12/2019] [   36352]  Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iagpio.sys [Unsigned]  =>.Intel(R) Corporation
SR - Demand [07/12/2019] [   91136]  Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iai2c.sys [Unsigned]  =>.Intel(R) Corporation
SR - Demand [07/12/2019] [   79360]  Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [   93184]  In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  112128]  Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [   96256]  Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  171520]  Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  175104]  Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  177152]  Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [  177664]  Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned]  =>.Intel Corporation
SR - Demand [07/12/2019] [   38128]  Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys  =>.Intel Corporation - Client Components Group®
SR - Demand [07/12/2019] [  113152]  Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [Unsigned]  =>.Intel Corporation
SR - Boot   [07/12/2019] [  884752]  Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorAVC.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  412176]  Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorV.sys  =>.Microsoft®
SR - Demand [07/12/2019] [  558904]  Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ibbus.sys  =>.Microsoft®
SR - Demand [10/07/2020] [  230176]  Intel(R) Wireless Bluetooth (ibtusb) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4d9e3f3539995c76\ibtusb.sys  =>.Intel(R) Wireless Connectivity Solutions®
SR - Demand [04/06/2018] [   39504]  Intel(R) Watchdog Timer Driver ( (ICCWDT) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\ICCWDT.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
SS - Demand [14/11/2005] [   69632]  InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [Unsigned]  =>.Macrovision Corporation
SR - Demand [12/09/2019] [ 6994520]  Service for Realtek HD Audio (WDM) (IntcAzAudAddService) . (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys  =>.Realtek Semiconductor Corp.®
SS - Demand [15/09/2021] [  785240]  Intel(R) Capability Lice (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe {3BCEA6A75123B821E309D6399265C7BD}.  =>.Intel(R) Corporation
SR - Auto   [15/09/2021] [  729944]  Intel(R) TPM Provis (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe {3BCEA6A75123B821E309D6399265C7BD}.  =>.Intel(R) Corporation
SR - Boot   [07/12/2019] [  172344]   (ItSas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\ItSas35i.sys  =>.Microsoft®
SR - Auto   [16/06/2021] [  628616]  Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
SR - Demand [30/04/2018] [   47928]  libusbK USB Driver 11/01/2021 - 3.1.0.0 (libusbK) . (.http://libusb-win32.sourceforge.net.) - C:\WINDOWS\System32\drivers\libusbK.sys  =>.Travis Lee Robinson®
SR - Auto   [02/09/2021] [ 4064384]  Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe {0ADE8114D7679B066F2DB2DFD2F67AC2}.  =>.Intel Corporation
SR - Boot   [07/12/2019] [  108856]   (LSI_SAS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  124216]   (LSI_SAS2i) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  135992]   (LSI_SAS3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   82744]   (LSI_SSS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sss.sys  =>.Microsoft®
SR - Boot   [31/08/2022] [   21480]  MbamElam (MbamElam) . (.Malwarebytes.) - C:\WINDOWS\System32\DRIVERS\MbamElam.sys  =>.Microsoft®
SS - Demand [31/08/2022] [ 8765464]  Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe  =>.Malwarebytes Inc.®
SR - Demand [04/10/2022] [  239544]  MBAMSwissArmy (MBAMSwissArmy) . (.Malwarebytes.) - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   59704]   (megasas) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   81720]   (megasas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\MegaSas2i.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  105480]   (megasas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\megasas35i.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  575800]   (megasr) . (.LSI Corporation, Inc..) - C:\WINDOWS\System32\drivers\megasr.sys  =>.Microsoft®
SR - Demand [15/10/2020] [  308656]  Intel(R) Management Engine Interfa (MEIx64) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_6557ea4289534d04\x64\TeeDriverW10x64.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
SR - Demand [07/12/2019] [ 1131320]  Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\mlx4_bus.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   63800]   (mvumis) . (.Marvell Semiconductor, Inc..) - C:\WINDOWS\System32\drivers\mvumis.sys  =>.Microsoft®
SR - Demand [07/12/2019] [  146232]  NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ndfltr.sys  =>.Microsoft®
SR - Demand [18/09/2020] [ 8651624]  ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit (Netwtw04) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\Netwtw04.sys  =>.Intel®
SR - Auto   [01/03/2022] [ 1003128]  NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation®
SR - Auto   [23/09/2022] [ 1014784]  NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe  =>.Nvidia Corporation®
SR - Demand [23/09/2022] [  129576]  Service for NVIDIA High Definiti (NVHDA) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys  =>.Nvidia Corporation®
SR - Demand [23/09/2022] [43769336]   (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvlddmkm.sys  =>.Nvidia Corporation®
SR - Demand [13/07/2022] [   45656]  NvModuleTracker (NvModuleTracker) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys  =>.Nvidia Corporation®
SR - Boot   [07/12/2019] [  150328]   (nvraid) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvraid.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  166200]   (nvstor) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstor.sys  =>.Microsoft®
SR - Demand [18/03/2019] [  486184]  NVIDIA Stereoscopic 3D USB driver (NvStUSB) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstusb.sys  =>.NVIDIA Corporation®
SR - Demand [15/07/2022] [   59368]  NVIDIA Virtual Au (nvvad_WaveExtensible) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys  =>.Nvidia Corporation®
SR - Demand [21/06/2021] [   67464]  NVVHCI Enumerator Service (nvvhci) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys  =>.NVIDIA Corporation®
SS - Demand [09/08/2022] [ 2579272]  Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe {0751A21B29586708685BB12FFCC97D05}.  =>.Electronic Arts
SR - Auto   [09/08/2022] [ 3497808]  Origin Web Helper Service (Origin Web Helper Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe {0751A21B29586708685BB12FFCC97D05}.  =>.Electronic Arts
SR - Boot   [07/12/2019] [   58680]   (percsas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas2i.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   68408]   (percsas3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas3i.sys  =>.Microsoft®
SR - Boot   [23/06/2022] [   17864]   (ProtectedELAM) . (.Microsoft.) - C:\WINDOWS\System32\drivers\protected_elam.sys  =>.Microsoft®
SR - Boot   [29/05/2019] [   19152]  pwdrvio (pwdrvio) . (.MiniTool Solution Ltd.) - C:\WINDOWS\System32\pwdrvio.sys  =>.MiniTool Solution Ltd®
SR - Demand [29/05/2019] [   12504]  pwdspio (pwdspio) . (.MiniTool Solution Ltd.) - C:\Windows\system32\pwdspio.sys  =>.MiniTool Solution Ltd®
SS - Demand [25/11/2021] [ 2017072]  Rockstar Game Library Service (Rockstar Service) . (.Rockstar Games.) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe  =>.Rockstar Games, Inc.®
SR - Auto   [27/09/2021] [ 1361000]  Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor.) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe  =>.Realtek Semiconductor Corp.®
SR - Demand [01/04/2021] [  795448]  Realtek Bluetooth Filter Driver (RtkBtFilter) . (.Realtek Semiconductor Corporation.) - C:\WINDOWS\System32\drivers\RtkBtfilter.sys  =>.Realtek Semiconductor Corp.®
SR - Auto   [01/04/2021] [  735544]  Realtek Bluetooth Device  (RtkBtManServ) . (.Realtek Semiconductor Corp..) - C:\Windows\RtkBtManServ.exe  =>.Realtek Semiconductor Corp.®
SR - Boot   [07/12/2019] [   44856]   (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\WINDOWS\System32\drivers\SiSRaid2.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [   81720]   (SiSRaid4) . (.Silicon Integrated Systems.) - C:\WINDOWS\System32\drivers\sisraid4.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  209720]   (SmartSAMD) . (.Microsemi Corportation.) - C:\WINDOWS\System32\drivers\SmartSAMD.sys  =>.Microsoft®
SR - Demand [11/11/2020] [  167280]  SAMSUNG  Mobile USB Modem Dr (ssudmdm) . (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys  =>.Samsung Electronics Co., Ltd.®
SS - Demand [27/09/2022] [ 2663784]  Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe  =>.Valve Corp.®
SR - Boot   [07/12/2019] [   31032]   (stexstor) . (.Promise Technology, Inc..) - C:\WINDOWS\System32\drivers\stexstor.sys  =>.Microsoft®
SR - Demand [18/10/2019] [   36168]  TAP-Windows Adapter V9 (tap0901) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tap0901.sys  =>.McAfee, Inc.®
SR - Demand [03/12/2020] [  707824]  NVIDIA USB Type-C PPC S (UcmCxUcsiNvppc) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys  =>.NVIDIA Corporation®
SR - Boot   [07/12/2019] [  166712]   (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\WINDOWS\System32\drivers\vsmraid.sys  =>.Microsoft®
SR - Boot   [07/12/2019] [  305464]  VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\WINDOWS\System32\drivers\vstxraid.sys  =>.Microsoft®
SR - System [09/11/2021] [   96264]  webshieldfilter (webshieldfilter) . (.Microsoft.) - C:\WINDOWS\System32\drivers\webshieldfilter.sys  =>.Microsoft®
SR - Demand [07/12/2019] [   36152]  WinMad Service (WinMad) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winmad.sys  =>.Microsoft®
SR - Demand [07/12/2019] [   73016]  WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winverbs.sys  =>.Microsoft®

---\\ Task Planned Automatically (Register) (32) - 4s
O38 - TASK: {429D6965-94B3-4773-8B25-9E751F9FDCDF} [64Bits][\GoogleUpdateTaskMachineCore1d57d48e0e1996] - (.Google LLC - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [154920]   =>.Google LLC
O38 - TASK: {453049D4-92BF-464E-9A53-604EF7C327D8} [64Bits][\Adobe Flash Player Updater] - (.Adobe - Adobe® Flash® Player Update Service 32.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  [335416]   =>.Adobe
O38 - TASK: {45BF6774-BD06-45C8-98AB-B7783CF65336} [64Bits][\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  [1655336]   =>.NVIDIA Corporation
O38 - TASK: {4DF561F2-C353-4EB6-B967-689FA0F5942C} [64Bits][\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  [1655336]   =>.NVIDIA Corporation
O38 - TASK: {57C406CA-F622-47E2-8E4A-AF6B10D2AD95} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  [1003128]   =>.NVIDIA Corporation
O38 - TASK: {86F281AD-8751-4B46-ACC7-B45E97C13508} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  [908328]   =>.NVIDIA Corporation
O38 - TASK: {8792C639-94C0-4C4D-BC9D-14B9BF9E10D6} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google LLC - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [154920]   =>.Google LLC
O38 - TASK: {D2502FE5-D3D1-4CB8-B6AE-78AAA488AC3B} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) -- C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe  [3342376]   =>.NVIDIA Corporation
O38 - TASK: {D2A5CE68-6AF4-40A7-BAA1-CB507D41D648} [64Bits][\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  [1655336]   =>.NVIDIA Corporation
O38 - TASK: {DD35A470-D9B6-485E-9568-49C2CB9BA2E8} [64Bits][\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  [1655336]   =>.NVIDIA Corporation
O38 - TASK: {E6FB9684-EB51-4D1E-8CDE-1D7AE7E37FD8} [64Bits][\Intel PTT EK Recertification] - (.Intel(R) Corporation - Intel(R)PTT EK Recertification Service.) -- C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe  [818008]   =>.Intel(R) Corporation
O38 - TASK: {E94BF4D7-B29C-4DAA-B4C7-ACE62A28CFA1} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe  [649256]   =>.NVIDIA Corporation
O38 - TASK: {EBFAE3F5-44E7-49F6-A8E0-6A99F6B91C41} [64Bits][\MEGA\MEGAsync Update Task S-1-5-21-3795020384-2431542903-1114512080-1003] - (.MEGA Limited - .) -- C:\Users\satch\AppData\Local\MEGAsync\MEGAupdater.exe  [1776816]   =>.MEGA Limited
O38 - TASK: {F24249F4-E475-4C30-B841-3462B928358A} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  [908328]   =>.NVIDIA Corporation
O38 - TASK: {F527426C-9F2B-43D5-80F2-EE98572EBA05} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google LLC - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [154920]   =>.Google LLC
O38 - TASK: {F6199833-EE37-4676-879D-FDD52AF35F45} [64Bits][\GoogleUpdateTaskMachineUA1d57d48e0f7839] - (.Google LLC - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [154920]   =>.Google LLC
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d48e0e1996 - (.Google LLC.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [/c]   =>.Google LLC
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater - (.Adobe.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  []   =>.Adobe
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  [-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContain]   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google LLC.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [/ua ./ua]   =>.Google LLC
C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification - (.Intel(R) Corporation.) -- C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe  []   =>.Intel(R) Corporation
C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe  [--launcher=TaskScheduler]   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3795020384-2431542903-1114512080-1003 - (.MEGA Limited.) -- C:\Users\satch\AppData\Local\MEGAsync\MEGAupdater.exe  []   =>.MEGA Limited
C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe  []   =>.NVIDIA Corporation
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google LLC.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [/c]   =>.Google LLC
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d48e0f7839 - (.Google LLC.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  [/ua ./ua]   =>.Google LLC

---\\ Auto loading programs from Registry and folders (16) - 1s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) -- C:\WINDOWS\system32\SecurityHealthSystray.exe [Unsigned]  =>.Microsoft Corporation
O4 - HKLM\..\Run: [RtkAudUService] . (.Realtek Semiconductor - Realtek HD Audio Universal Service.) -- C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe  =>.Realtek Semiconductor Corp.®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Program Files\Microsoft OneDrive\OneDrive.exe  =>.Microsoft®
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe  =>.Valve Corp.®
O4 - HKCU\..\Run: [EpicGamesLauncher] . (.Epic Games, Inc. - EpicGamesLauncher.) -- C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe  =>.Epic Games Inc.®
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD] . (...) -- . [Unsigned]
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [amd_dc_opt] . (.AMD - AMD Dual-Core Optimizer.) -- C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [Unsigned]  =>.AMD
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle America, Inc.®
O4 - HKUS\S-1-5-19\..\StartupApproved\Run: [OneDriveSetup] . (. - .) -- 0x020000000000000000000000  =>.SUP.Orphan
O4 - HKUS\S-1-5-20\..\StartupApproved\Run: [OneDriveSetup] . (. - .) -- 0x020000000000000000000000  =>.SUP.Orphan
O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Program Files\Microsoft OneDrive\OneDrive.exe  =>.Microsoft®
O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe  =>.Valve Corp.®
O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003\..\Run: [EpicGamesLauncher] . (.Epic Games, Inc. - EpicGamesLauncher.) -- C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe  =>.Epic Games Inc.®
O4 - HKUS\S-1-5-21-3795020384-2431542903-1114512080-1003\..\Run: [MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD] . (...) -- . [Unsigned]

---\\ Process running (40) - 4s
[MD5.3CC6ECEB4EE0C8DB89269FB7735C4DDD] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe [1014784] [PID.2220]  =>.Nvidia Corporation®
[MD5.3CC6ECEB4EE0C8DB89269FB7735C4DDD] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe [1014784] [PID.3008]  =>.Nvidia Corporation®
[MD5.C81140F89105F1911C87CCC8D5F8116B] - (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Appl.) -- C:\Windows\RtkBtManServ.exe [735544] [PID.4348]  =>.Realtek Semiconductor Corp.®
[MD5.45E63493AA5450B19C91ECCCF46859A6] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128] [PID.4356]  =>.Nvidia Corporation®
[MD5.885425C76F3062A6BD2F78AB7B35D71A] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) -- C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000] [PID.4364]  =>.Realtek Semiconductor Corp.®
[MD5.D70F69E18869625F9D1E58CD34CCB3A7] - (.Electronic Arts - OriginWebHelperService.) -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808] [PID.4632] {0751A21B29586708685BB12FFCC97D05}.  =>.Electronic Arts
[MD5.B51AE7EE399283B472F9D861FD3B99A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [628616] [PID.4836]  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
[MD5.45E63493AA5450B19C91ECCCF46859A6] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128] [PID.6220]  =>.Nvidia Corporation®
[MD5.F7338EA60FA504628BAC104BDEE8105E] - (.Node.js - NVIDIA Web Helper Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [29446696] [PID.7692]  =>.Nvidia Corporation®
[MD5.5CDDF06A40E89358807A2B9506F064D9] - (...) -- C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [793416] [PID.2276]  =>.Microsoft®
[MD5.381C22092074255A291F4C9946A5C28F] - (.Google LLC - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe [309720] [PID.9412]  =>.Google LLC®
[MD5.F1DE10A8B9909A4AF635112C8866D534] - (.Google LLC - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe [408536] [PID.9432]  =>.Google LLC®
[MD5.885425C76F3062A6BD2F78AB7B35D71A] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) -- C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000] [PID.6424]  =>.Realtek Semiconductor Corp.®
[MD5.0AC601FA0A439831BC879D401DE54D1B] - (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe [4235112] [PID.11376]  =>.Valve Corp.®
[MD5.9E74A33DFFCFB6B492FAF5D72D3225D8] - (.Epic Games, Inc. - EpicGamesLauncher.) -- C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080] [PID.11428]  =>.Epic Games Inc.®
[MD5.08DC03BE5C28DDA3839A6BC4696EFECF] - (.Mega Limited - MEGAsync.) -- C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe [61203632] [PID.11820]  =>.Mega Limited®
[MD5.F137632705A22B84FB980E4C2A6A4963] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328] [PID.11888]  =>.Oracle America, Inc.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.4408]  =>.Valve Corp.®
[MD5.FFCEC9459D97BB1CC8BE0EC198FE4B41] - (.Epic Games, Inc. - EpicWebHelper.) -- C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [3614160] [PID.11800]  =>.Epic Games Inc.®
[MD5.21F5FE3A96BC977E4D598A8DE8A6C888] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2663784] [PID.11692]  =>.Valve Corp.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.6568]  =>.Valve Corp.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.4500]  =>.Valve Corp.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.12512]  =>.Valve Corp.®
[MD5.FFCEC9459D97BB1CC8BE0EC198FE4B41] - (.Epic Games, Inc. - EpicWebHelper.) -- C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [3614160] [PID.13308]  =>.Epic Games Inc.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.13164]  =>.Valve Corp.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.13156]  =>.Valve Corp.®
[MD5.EB0ADF5E08567B5C9BF776EE51D8745D] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [6330216] [PID.6412]  =>.Valve Corp.®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.13060]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.8708]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.12144]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.12260]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.6956]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.10700]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.13508]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.14200]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.13356]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.2264]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.11992]  =>.Google LLC®
[MD5.9B5F22EE5F776D06A482C98E796C9B23] - (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2900760] [PID.9844]  =>.Google LLC®
[MD5.B026CE833592C42C8839BD784EA92463] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\satch\Downloads\ZHPDiag3.exe [3310792] [PID.3520] [Unsigned]  =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (5) - 0s
G2 - GCE: Preference [satch][User Data\Default\Extensions] [eofcbnmajmjmplflapaojjnihcjkigck] Avast  =>.Avast Software s.r.o
G2 - GCE: Preference [satch][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]   =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [satch][User Data\Default\Extensions] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security & Privacy  =>.Avast Software s.r.o
G2 - GCE: Preference [satch][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda]   =>.Google Inc. {Wallet}
G2 - GCE: Preference [satch][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi]   =>.Google Inc. {Docs hors connexion}

---\\ Internet Explorer Extensions, Start, Search (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com  =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/  =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://oem17win10.msn.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons  =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk  =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.19041.1806 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll  =>.Microsoft Corporation

---\\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)

---\\ Microsoft Edge,Plugins,Start,Search,Extensions (1) - 0s
E2 - GCE: Preference [satch][User Data\Default\Local Extension Settings] [jdiccldimpdaibmpdkjnbmckianbfold]   =>.Microsoft Corporation

---\\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0  =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1  =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []  =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: IEToEdge BHO [64Bits] - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} . (.Microsoft Corporation - IEToEdge BHO.) -- C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.34\BHO\ie_to_edge_bho_64.dll  =>.Microsoft®

---\\ Global shortcuts Startup (75) - 5s
O4 - GS\Desktop [Administrator]: Documents.lnk . (...) C:\Users\satch\OneDrive\Documents   [Unsigned]
O4 - GS\Desktop [Administrator]: Downloads.lnk . (...) C:\Users\satch\Downloads   [Unsigned]
O4 - GS\Desktop [Administrator]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Administrator]: Game saves and files.lnk . (...) C:\Users\satch\AppData   [Unsigned]
O4 - GS\Desktop [Administrator]: jwe.lnk . (...) C:\Program Files (x86)\Steam\userdata\70653771\760\remote\1244460\screenshots   [Unsigned]
O4 - GS\Desktop [Administrator]: Steam Games.lnk . (...) C:\Program Files (x86)\Steam\steamapps\common   [Unsigned]  =>.Steam Games
O4 - GS\Desktop [Administrator]: USB Drive (E) - Shortcut.lnk . (...) E:\   [Unsigned]
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner.exe   [Unsigned]  =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag3.exe   [Unsigned]  =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe    =>.Google LLC®
O4 - GS\Quicklaunch [Administrator]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe    =>.Microsoft®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo  [Unsigned]  =>.Microsoft Corporation
O4 - GS\Startup [Administrator]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe    =>.Mega Limited®
O4 - GS\Programs [Administrator]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe   {03AE8F49A5CF5213A20ED85DA16310B9}.
O4 - GS\Programs [Administrator]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Programs [Administrator]: uTorrent Web.lnk . (...) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe   [Unsigned]
O4 - GS\Desktop [Guest]: Documents.lnk . (...) C:\Users\satch\OneDrive\Documents   [Unsigned]
O4 - GS\Desktop [Guest]: Downloads.lnk . (...) C:\Users\satch\Downloads   [Unsigned]
O4 - GS\Desktop [Guest]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Guest]: Game saves and files.lnk . (...) C:\Users\satch\AppData   [Unsigned]
O4 - GS\Desktop [Guest]: jwe.lnk . (...) C:\Program Files (x86)\Steam\userdata\70653771\760\remote\1244460\screenshots   [Unsigned]
O4 - GS\Desktop [Guest]: Steam Games.lnk . (...) C:\Program Files (x86)\Steam\steamapps\common   [Unsigned]  =>.Steam Games
O4 - GS\Desktop [Guest]: USB Drive (E) - Shortcut.lnk . (...) E:\   [Unsigned]
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner.exe   [Unsigned]  =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag3.exe   [Unsigned]  =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe    =>.Google LLC®
O4 - GS\Quicklaunch [Guest]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe    =>.Microsoft®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo  [Unsigned]  =>.Microsoft Corporation
O4 - GS\Startup [Guest]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe    =>.Mega Limited®
O4 - GS\Programs [Guest]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe   {03AE8F49A5CF5213A20ED85DA16310B9}.
O4 - GS\Programs [Guest]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Programs [Guest]: uTorrent Web.lnk . (...) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe   [Unsigned]
O4 - GS\Desktop [satch]: Documents.lnk . (...) C:\Users\satch\OneDrive\Documents   [Unsigned]
O4 - GS\Desktop [satch]: Downloads.lnk . (...) C:\Users\satch\Downloads   [Unsigned]
O4 - GS\Desktop [satch]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Desktop [satch]: Game saves and files.lnk . (...) C:\Users\satch\AppData   [Unsigned]
O4 - GS\Desktop [satch]: jwe.lnk . (...) C:\Program Files (x86)\Steam\userdata\70653771\760\remote\1244460\screenshots   [Unsigned]
O4 - GS\Desktop [satch]: Steam Games.lnk . (...) C:\Program Files (x86)\Steam\steamapps\common   [Unsigned]  =>.Steam Games
O4 - GS\Desktop [satch]: USB Drive (E) - Shortcut.lnk . (...) E:\   [Unsigned]
O4 - GS\Desktop [satch]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\satch\AppData\Roaming\ZHP\ZHPCleaner.exe   [Unsigned]  =>.Nicolas Coolman
O4 - GS\Desktop [satch]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\satch\AppData\Roaming\ZHP\ZHPDiag3.exe   [Unsigned]  =>.Nicolas Coolman
O4 - GS\Quicklaunch [satch]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe    =>.Google LLC®
O4 - GS\Quicklaunch [satch]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe    =>.Microsoft®
O4 - GS\sendTo [satch]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Transfers files between device.) C:\Windows\System32\fsquirt.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\sendTo [satch]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo  [Unsigned]  =>.Microsoft Corporation
O4 - GS\Startup [satch]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe    =>.Mega Limited®
O4 - GS\Programs [satch]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe   {03AE8F49A5CF5213A20ED85DA16310B9}.
O4 - GS\Programs [satch]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Programs [satch]: uTorrent Web.lnk . (...) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe   [Unsigned]
O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - .) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe   [Unsigned]  =>.NVIDIA Corporation
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe   [Unsigned]  =>.Malwarebytes
O4 - GS\Programs [Public]: Alderon Games Launcher.lnk . (.Alderon Games Pty Ltd - Alderon Games Launcher.) C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe   {03AE8F49A5CF5213A20ED85DA16310B9}.
O4 - GS\Programs [Public]: ESET Online Scanner.lnk . (.ESET - ESET Online Scanner.) C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe    =>.ESET, spol. s r.o.®
O4 - GS\Programs [Public]: uTorrent Web.lnk . (...) C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe   [Unsigned]
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe    =>.Microsoft®
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1  [Unsigned]  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncherProxy.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe    =>.Epic Games Inc.®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe    =>.Google LLC®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Malwarebytes.lnk . (.Malwarebytes - .) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe   [Unsigned]  =>.Malwarebytes
O4 - GS\ProgramsCommon [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe    =>.Microsoft®
O4 - GS\ProgramsCommon [Public]: OneDrive.lnk . (.Microsoft Corporation - Keep your most important files.) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe   [Unsigned]  =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PC Health Check.lnk . (...) C:\Program Files (x86)\PCHealthCheck\PCHealthCheck.exe   [Unsigned]  =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.62 209.18.47.61  =>.USA Rochester Time Warner Cable Internet LlC
O17 - HKLM\System\CCS\Services\Tcpip\..\{40366314-3e71-403a-b06c-66834be56760}: DhcpNameServer = 10.0.1.1 10.0.1.3  =>.Private IP (10.0.0.0 - 10.255.255.255)  =>.Private IP
O17 - HKLM\System\CCS\Services\Tcpip\..\{b0f5eb1c-46cb-427d-a445-cd5b51dfb206}: DhcpNameServer = 209.18.47.62 209.18.47.61  =>.USA Rochester Time Warner Cable Internet LlC

---\\ Extra protocols (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [Unsigned]  =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [Unsigned]  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [Unsigned]  =>.Microsoft Corporation

---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe  =>.Microsoft Corporation

---\\ List of key exploring StartupApproved (26) - 0s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDriveSetup  =>.Microsoft Corporation
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive  =>.Microsoft Corporation
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Steam  =>.Valve
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Discord  =>.SUP.Discord
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:DAEMON Tools Lite Automount  =>.Disc Soft Ltd
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:EpicGamesLauncher  =>.Epic Games
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:utweb
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MEGAsync.lnk  =>.MegaSystems
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDriveSetup  =>.Microsoft Corporation
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive  =>.Microsoft Corporation
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Steam  =>.Valve
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Discord  =>.SUP.Discord
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:DAEMON Tools Lite Automount  =>.Disc Soft Ltd
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:EpicGamesLauncher  =>.Epic Games
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:utweb
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:MicrosoftEdgeAutoLaunch_CC9D8EB2FBC785840A3D6875881197CD
[HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MEGAsync.lnk  =>.MegaSystems
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SecurityHealth  =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AvastUI.exe  =>.Avast Software s.r.o
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RtkAudUService  =>.Realtek Semiconductor Corp.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:RTHDVCPL  =>.Realtek Semiconductor Corp.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:SunJavaUpdateSched  =>.Oracle
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:amd_dc_opt
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:McAfee Security Scan Plus.lnk  =>.McAfee Inc.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Avast SecureLine VPN.lnk

---\\ ASIC (ActiveSetup Installed Components) (7) - 1s
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utilit.) -- C:\Windows\System32\unregmp2.exe [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [Unsigned]  =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll  =>.Microsoft®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe  =>.Google LLC®
O40 - ASIC: Microsoft Edge [64Bits] - {9459C573-B17A-45AE-9F64-1857B5D58CEE} . (.Microsoft Corporation - Microsoft Edge Installer.) -- C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.34\Installer\setup.exe  =>.Microsoft®

---\\ Software installed (141) - 19s
O42 - Logiciel: Alderon Games Launcher 1.1.71 - (.Alderon Games Pty Ltd.) [HKCU][64Bits] -- d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71 {03AE8F49A5CF5213A20ED85DA16310B9}.
O42 - Logiciel: Chimeraland - (.Pixel soft.) [HKLM][64Bits] -- Steam App 1913730  =>.Valve Corp.®
O42 - Logiciel: Core Temp 1.17.1 - (.ALCPU.) [HKLM][64Bits] -- {086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1 [Unsigned]  =>.Alcpu
O42 - Logiciel: Dokan Library 1.4.0.1000 (x64) - (.Dokany Project.) [HKLM][64Bits] -- {65A3A964-3DC3-0104-0000-200601191219} [Unsigned]  =>.Dokany Project (Hidden)
O42 - Logiciel: Dokan Library 1.4.0.1000 Bundle - (.Dokany Project.) [HKLM][64Bits] -- {97cfdb6c-2faa-43ba-afbc-469e01845e99} {05B9E5C73998821D2E591A368995B191}.  =>.Dokany Project
O42 - Logiciel: Dual-Core Optimizer - (.AMD.) [HKLM][64Bits] -- {9FD6F1A8-5550-46AF-8509-271DF0E768B5} [Unsigned]  =>.AMD
O42 - Logiciel: Eclipse Temurin JDK with Hotspot 17+35 (x64) - (.Eclipse Foundation.) [HKLM][64Bits] -- {D669C4CD-053E-4C32-853C-9FC53FA35FED} [Unsigned]  =>.Eclipse Foundation
O42 - Logiciel: Epic Games Launcher - (.Epic Games, Inc..) [HKLM][64Bits] -- {1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6} [Unsigned]  =>.Epic Games, Inc.
O42 - Logiciel: Epic Online Services - (.Epic Games, Inc..) [HKLM][64Bits] -- {19695986-25CE-41AC-9C6F-54794653EDBA} [Unsigned]  =>.Epic Games, Inc.
O42 - Logiciel: Force of Nature 2 - (.A.Y.std.) [HKLM][64Bits] -- Steam App 1316230  =>.Valve Corp.®
O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] -- Google Chrome  =>.Google LLC®
O42 - Logiciel: Guild Wars 2 - (.ArenaNet®.) [HKLM][64Bits] -- Steam App 1284210  =>.Valve Corp.®
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {C844CC39-BC28-46CA-8239-3F37D8FE2A59} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM][64Bits] -- {55d73ea7-6354-42db-8831-02d048ae57f8}  =>.Intel(R) Software and Firmware Products® (Hidden)
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {A6D99F91-2039-4560-A476-1E8B954E0C70} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {BF1D4FDD-6613-4F36-AE24-EDE3D7E30CF4} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Intel(R) Management Engine Driver - (.Intel Corporation.) [HKLM][64Bits] -- {50DC6FA9-9221-495B-B9BF-EF39D7BC4FDE} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Intel(R) Trusted Connect Service Client x64 - (.Intel Corporation.) [HKLM][64Bits] -- {C9552825-7BF2-4344-BA91-D3CD46F4C442} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Intel(R) Trusted Connect Service Client x86 - (.Intel Corporation.) [HKLM][64Bits] -- {C9552825-7BF2-4344-BA91-D3CD46F4C441} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Intel(R) Trusted Connect Services Client - (.Intel Corporation.) [HKLM][64Bits] -- {66129f84-d3f0-4884-ac54-369ae6fc2cf6}  =>.Intel(R) Trust Services® (Hidden)
O42 - Logiciel: Java 8 Update 341 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180341F0} [Unsigned]  =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} [Unsigned]  =>.Oracle Corporation (Hidden)
O42 - Logiciel: Jurassic World Evolution 2 - (.Frontier Developments.) [HKLM][64Bits] -- Steam App 1244460  =>.Valve Corp.®
O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] -- {c6c5a357-c7ca-4a5f-9789-3bb1af579253}  =>.Epic Games Inc.® (Hidden)
O42 - Logiciel: LEGO® MARVEL Super Heroes 2 - (.TT Games.) [HKLM][64Bits] -- Steam App 647830  =>.Valve Corp.®
O42 - Logiciel: LEGO® Star Wars™: The Skywalker Saga - (.TT Games.) [HKLM][64Bits] -- Steam App 920210  =>.Valve Corp.®
O42 - Logiciel: Let's Build a Zoo - (.Springloaded.) [HKLM][64Bits] -- Steam App 1547890  =>.Valve Corp.®
O42 - Logiciel: Malwarebytes version 4.5.14.210 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1  =>.Malwarebytes Inc.®
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM][64Bits] -- MEGAsync  =>.Mega Limited®
O42 - Logiciel: Microsoft .NET Core Host - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D375EE6D-18EF-4EC9-8260-555DEB0EE4EC} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {907E0A78-B4DF-4E35-9878-FEE2F22B6852} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Core Runtime - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {912B84A5-61CC-4308-B244-5C34C2C02899} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Edge - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Edge  =>.Microsoft®
O42 - Logiciel: Microsoft Edge Update - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Edge Update [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Edge WebView2 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft EdgeWebView  =>.Microsoft®
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKLM][64Bits] -- OneDriveSetup.exe  =>.Microsoft®
O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] -- {7B1FCD52-8F6B-4F12-A143-361EA39F5E7C} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft VC++ redistributables repacked. - (.Intel Corporation.) [HKLM][64Bits] -- {484EF395-8BDF-417B-AF02-35777C5AFC32} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Microsoft VC++ redistributables repacked. - (.Intel Corporation.) [HKLM][64Bits] -- {C79060C7-3052-431F-92F9-609B83317A77} [Unsigned]  =>.Intel Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8220EEFE-38CD-377E-8595-13398D740ACE} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}  =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}  =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {37B8F9C7-03FB-3253-8781-2517C99D7C00} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B175520C-86A2-35A7-8619-86DC379688B9} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] -- {050d4fc8-5d48-4b8f-8972-47c82c46020f}  =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] -- {f65db027-aff3-4070-886a-0d87064aabb1}  =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {929FBD26-9020-399B-9A7A-751D61F0B942} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] -- {b2d0f752-adc5-496e-8f70-8669de01f746}  =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] -- {57a73df6-4ba9-4c1d-bbbb-517289ff6c13}  =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] -- {14C49FC8-3E9B-4F29-8526-26629B5CF30B} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] -- {0D01A812-82A1-481F-8546-8E28E976F8DF} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DB765A8-05AF-49A1-A71D-6F645EE3CE41} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] -- {662A0088-6FCD-45DD-9EA7-68674058AED5} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}  =>.Microsoft®
O42 - Logiciel: Microsoft Windows Desktop Runtime - 3.1.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F3871724-6A58-425C-8E4C-4A54935AA68F} [Unsigned]  =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Minecraft Launcher - (.Mojang.) [HKLM][64Bits] -- {911FBC64-4C64-4B8F-A637-B34832638C86} [Unsigned]  =>.Mojang
O42 - Logiciel: MONSTER HUNTER RISE - (.CAPCOM Co., Ltd..) [HKLM][64Bits] -- Steam App 1446780  =>.Valve Corp.®
O42 - Logiciel: Monster Hunter Stories 2: Wings of Ruin - (.CAPCOM Co., Ltd..) [HKLM][64Bits] -- Steam App 1277400  =>.Valve Corp.®
O42 - Logiciel: Monster Sanctuary - (.moi rai games.) [HKLM][64Bits] -- Steam App 814370  =>.Valve Corp.®
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA FrameView SDK 1.3.8107.31782123 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 3.26.0.131 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GPX Common OSS binaries (POCO, OpenSSL, libprotobuf) - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GpxCommon.Oss [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Graphics Driver 517.48 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.39.14 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NVAPI Monitor plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NvModuleTracker - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Optimus Update 39.4.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX System Software 9.21.0713 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ShadowPlay 3.26.0.131 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update 39.4.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA USBC Driver 1.46.831.832 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC [Unsigned]  =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Audio 4.45.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog [Unsigned]  =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM][64Bits] -- OpenAL  =>.Creative Labs Inc®
O42 - Logiciel: OpenIV - (..black/OpenIV Team.) [HKCU][64Bits] -- OpenIV [Unsigned]  =>..black/OpenIV Team
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin {0751A21B29586708685BB12FFCC97D05}.  =>.Electronic Arts, Inc.
O42 - Logiciel: Paradox Launcher v2 - (.Paradox Interactive.) [HKLM][64Bits] -- {F0072197-FCF6-41BF-9D38-832B145922DC} [Unsigned]  =>.Paradox Interactive
O42 - Logiciel: Pathfinder: Wrath of the Righteous - (.Owlcat Games.) [HKLM][64Bits] -- Steam App 1184370  =>.Valve Corp.®
O42 - Logiciel: Python 3.8.7 (64-bit) - (.Python Software Foundation.) [HKCU][64Bits] -- {a32da68d-eab0-48d8-947e-8187f9630441}  =>.Python Software Foundation®
O42 - Logiciel: Python 3.8.7 Core Interpreter (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {103C9234-4C33-47A7-BA73-0182EFAEE1AE} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Development Libraries (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {2B5CFC34-DF9D-46E1-B74A-A4D756AA27B8} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Documentation (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {AB51D764-256F-4FFC-9F00-FD97EE8D4AE4} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Executables (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {E9451150-5D78-4B5B-A7F7-2C1DE01EAA87} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 pip Bootstrap (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {408439E9-1A19-4C26-B5DD-EE7C39ADF749} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Standard Library (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {4FAEBB7B-E3A6-4E85-8D3C-8DD3C53C7A4E} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Tcl/Tk Support (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {4D4E250E-7002-4B30-ADCD-4FCEBBCC015B} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Test Suite (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {4D1D56DE-8FA6-4309-941F-F4B41BA36AA1} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python 3.8.7 Utility Scripts (64-bit) - (.Python Software Foundation.) [HKLM][64Bits] -- {555B15D5-5D22-4AD4-AD91-D2D8085D198F} [Unsigned]  =>.Python Software Foundation (Hidden)
O42 - Logiciel: Python Launcher - (.Python Software Foundation.) [HKLM][64Bits] -- {978F3F47-FE6A-4CA8-B412-2A48C0DB05AE} [Unsigned]  =>.Python Software Foundation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}  =>.Realtek Semiconductor Corp.®
O42 - Logiciel: Rockstar Games Launcher - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Launcher  =>.Rockstar Games, Inc.®
O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Social Club  =>.Rockstar Games, Inc.®
O42 - Logiciel: Saints Row IV - (.Deep Silver Volition.) [HKLM][64Bits] -- Steam App 206420  =>.Valve Corp.®
O42 - Logiciel: South Park The Fractured But Whole - (.Ubisoft San Francisco.) [HKLM][64Bits] -- Steam App 488790  =>.Valve Corp.®
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam  =>.Valve®
O42 - Logiciel: Subnautica - (.Unknown Worlds Entertainment.) [HKLM][64Bits] -- Steam App 264710  =>.Valve Corp.®
O42 - Logiciel: Tales of Arise - (.Bandai Namco Studios Inc..) [HKLM][64Bits] -- Steam App 740130  =>.Valve Corp.®
O42 - Logiciel: Teenage Mutant Ninja Turtles: Shredder's Revenge - (.Tribute Games Inc..) [HKLM][64Bits] -- Steam App 1361510  =>.Valve Corp.®
O42 - Logiciel: The Elder Scrolls Online - (.Zenimax Online Studios.) [HKLM][64Bits] -- The Elder Scrolls Online [Unsigned]  =>.Zenimax Online Studios
O42 - Logiciel: The Elder Scrolls V: Skyrim Special Edition - (.Bethesda Game Studios.) [HKLM][64Bits] -- Steam App 489830  =>.Valve Corp.®
O42 - Logiciel: The Sims™ 4 - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {48EBEBBF-B9F8-4520-A3CF-89A730721917} [Unsigned]  =>.Electronic Arts, Inc.
O42 - Logiciel: The Sims™ 4 - (.Maxis.) [HKLM][64Bits] -- Steam App 1222670  =>.Valve Corp.®
O42 - Logiciel: Ubisoft Connect - (.Ubisoft.) [HKLM][64Bits] -- Uplay  =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: UE Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] -- {284a69a5-9805-4ad5-98ac-173e9f776e0f}  =>.Epic Games Inc.® (Hidden)
O42 - Logiciel: UE Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] -- {7916CFE9-D85D-4E68-891E-D5A3C887B73A} [Unsigned]  =>.Epic Games, Inc. (Hidden)
O42 - Logiciel: Vortex - (.Black Tree Gaming Ltd..) [HKLM][64Bits] -- 57979c68-f490-55b8-8fed-8b017a5af2fe {00C079D009476C5C4C}.
O42 - Logiciel: Windows Driver Package - libusbK Nintendo Switch (APX mode) (04/27/2014 3.0 - (.libusbK.) [HKLM][64Bits] -- C474C3AC0A427B4CF35173FC250E5E8C9C284DE1  =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - libusbK Nintendo Switch (Homebrew mode) (04/27/201 - (.libusbK.) [HKLM][64Bits] -- 6D6BF0768F9873437C984F0DC0E4C569A45227BF  =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7 - (.libusbK.) [HKLM][64Bits] -- 5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB  =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - libusbK Tinfoil (04/27/2014 3.0.7.0) - (.libusbK.) [HKLM][64Bits] -- B707C9FC2B732FAAB247365A5AC8FF929DCBE334  =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Realtek Semiconductor Corp. (RtkBtFilter) Bluetoot - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- A251C507301C79B85C3E1CEEAA1B04A16B62832B  =>.Microsoft Windows Hardware Compatibility Publisher®
O42 - Logiciel: Windows PC Health Check - (.Microsoft Corporation.) [HKLM][64Bits] -- {6798C408-2636-448C-8AC6-F4E341102D27} [Unsigned]  =>.Microsoft Corporation
O42 - Logiciel: WinRAR 5.91 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver  =>.win.rar GmbH®

---\\ HKCU & HKLM Software Keys (260) - 19s
HKLM\SOFTWARE\AGEIA Technologies  =>.AGEIA Technologies
HKLM\SOFTWARE\Apple Inc.  =>.Apple Inc.
HKLM\SOFTWARE\AVAST Software  =>.AVAST Software
HKLM\SOFTWARE\CVSM  =>.Legitimate
HKLM\SOFTWARE\DefaultUserEnvironment  =>.Microsoft Corporation
HKLM\SOFTWARE\Disc Soft  =>.Disc Soft
HKLM\SOFTWARE\Dolby  =>.Dolby
HKLM\SOFTWARE\dotnet
HKLM\SOFTWARE\DRWNewFree  =>.EaseUS Software
HKLM\SOFTWARE\DRWNewTrial
HKLM\SOFTWARE\DTS  =>.Creative Technology
HKLM\SOFTWARE\EA Games  =>.EA Games
HKLM\SOFTWARE\EASEUS  =>.EaseUS Software
HKLM\SOFTWARE\Eclipse Foundation  =>.Eclipse Foundation
HKLM\SOFTWARE\Fortemedia  =>.Lugert Europe
HKLM\SOFTWARE\Futuremark  =>.Futuremark
HKLM\SOFTWARE\Google  =>.Google
HKLM\SOFTWARE\GREATIS  =>.Greatis Software
HKLM\SOFTWARE\Intel  =>.Intel
HKLM\SOFTWARE\Khronos  =>.Khronos
HKLM\SOFTWARE\Knowles  =>.Knowles Electronics
HKLM\SOFTWARE\Macromedia  =>.Macromedia
HKLM\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKLM\SOFTWARE\Maxis  =>.Maxis
HKLM\SOFTWARE\Mozilla  =>.Mozilla
HKLM\SOFTWARE\Nahimic  =>.Nahimic
HKLM\SOFTWARE\Nuance  =>.Nuance
HKLM\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKLM\SOFTWARE\ODBC  =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM  =>.OEM
HKLM\SOFTWARE\OpenSSH  =>.OpenBSD
HKLM\SOFTWARE\Partner  =>.Google Inc.
HKLM\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKLM\SOFTWARE\Rockstar Games  =>.Rockstar Games
HKLM\SOFTWARE\SonicFocus  =>.Sonic Focus
HKLM\SOFTWARE\SoundResearch  =>.Sound Research
HKLM\SOFTWARE\SRS Labs  =>.SRS Labs
HKLM\SOFTWARE\Windows  =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR  =>.WinRAR
HKLM\SOFTWARE\WOW6432Node  =>.Microsoft Corporation
HKLM\SOFTWARE\Yamaha APO  =>.Yamaha Corp.
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies  =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\AMD  =>.AMD
HKLM\SOFTWARE\WOW6432Node\ArenaNet  =>.ArenaNet
HKLM\SOFTWARE\WOW6432Node\Avast Software  =>.AVAST Software
HKLM\SOFTWARE\WOW6432Node\bethesda softworks  =>.Bethesda Softworks
HKLM\SOFTWARE\WOW6432Node\BioWare  =>.BioWare
HKLM\SOFTWARE\WOW6432Node\CleverFiles  =>.CleverFiles
HKLM\SOFTWARE\WOW6432Node\dotnet
HKLM\SOFTWARE\WOW6432Node\EA Games  =>.EA Games
HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat_EOS  =>.EasyAntiCheat
HKLM\SOFTWARE\WOW6432Node\Electronic Arts  =>.Electronic Arts
HKLM\SOFTWARE\WOW6432Node\Epic Games  =>.Epic Games
HKLM\SOFTWARE\WOW6432Node\EpicGames  =>.Epic Games
HKLM\SOFTWARE\WOW6432Node\Eset  =>.ESET
HKLM\SOFTWARE\WOW6432Node\GOG.com  =>.GOG.com
HKLM\SOFTWARE\WOW6432Node\Google  =>.Google
HKLM\SOFTWARE\WOW6432Node\Greatis  =>.Greatis Software
HKLM\SOFTWARE\WOW6432Node\iMyfone  =>.iMyFone
HKLM\SOFTWARE\WOW6432Node\InstallShield  =>.InstallShield
HKLM\SOFTWARE\WOW6432Node\Intel  =>.Intel
HKLM\SOFTWARE\WOW6432Node\JavaSoft  =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JreMetrics  =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\Khronos  =>.Khronos
HKLM\SOFTWARE\WOW6432Node\Macromedia  =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\Maxis  =>.Maxis
HKLM\SOFTWARE\WOW6432Node\McAfee  =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\mcafeeupdater  =>.McAfee Inc.
HKLM\SOFTWARE\WOW6432Node\Mozilla  =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins  =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\Mr DJ  =>.Mr DJ
HKLM\SOFTWARE\WOW6432Node\Nuance  =>.Nuance
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation  =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC  =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\OpenAL  =>.Open Audio Library
HKLM\SOFTWARE\WOW6432Node\Oracle  =>.Oracle
HKLM\SOFTWARE\WOW6432Node\Origin  =>.Electronic Arts, Inc.
HKLM\SOFTWARE\WOW6432Node\Origin Games  =>.Electronic Arts, Inc.
HKLM\SOFTWARE\WOW6432Node\Paradox Interactive  =>.Paradox Interactive
HKLM\SOFTWARE\WOW6432Node\Python  =>.Python
HKLM\SOFTWARE\WOW6432Node\Realtek  =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Realtek Semiconductor Corp.  =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\WOW6432Node\Rockstar Games  =>.Rockstar Games
HKLM\SOFTWARE\WOW6432Node\SRS Labs  =>.SRS Labs
HKLM\SOFTWARE\WOW6432Node\Stardock  =>.Stardock
HKLM\SOFTWARE\WOW6432Node\Tencent  =>.Tencent
HKLM\SOFTWARE\WOW6432Node\Ubisoft  =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Valve  =>.Valve
HKLM\SOFTWARE\WOW6432Node\Zenimax_Online  =>.ZeniMax Online Studios
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications  =>.Microsoft Corporation
HKCU\SOFTWARE\6 Eyes Studio
HKCU\SOFTWARE\Aidis
HKCU\SOFTWARE\Akeo Consulting  =>.Akeo Consulting
HKCU\SOFTWARE\AMPLITUDE Studios  =>.Amplitude Studios
HKCU\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKCU\SOFTWARE\Arcupion Art
HKCU\SOFTWARE\ASProtect  =>.ASPack Software
HKCU\SOFTWARE\Avast Software  =>.AVAST Software
HKCU\SOFTWARE\AYstd
HKCU\SOFTWARE\BANDAI NAMCO Entertainment  =>.BANDAI NAMCO Entertainment
HKCU\SOFTWARE\Blue Meridian
HKCU\SOFTWARE\Browser Cleanup  =>.Avast Software s.r.o
HKCU\SOFTWARE\BugSplat  =>.Bugsplat Game
HKCU\SOFTWARE\Chromium  =>.Chromium
HKCU\SOFTWARE\CleverFiles  =>.CleverFiles
HKCU\SOFTWARE\Cryptic  =>.Cryptic Studios
HKCU\SOFTWARE\Crystal Dynamics  =>.Crystal Dynamics
HKCU\SOFTWARE\Crytivo Games Inc.
HKCU\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71  =>Adware.CrossRider
HKCU\SOFTWARE\Disc Soft  =>.Disc Soft
HKCU\SOFTWARE\Dog Hoggler
HKCU\SOFTWARE\Dragons
HKCU\SOFTWARE\EA GAMES  =>.EA Games
HKCU\SOFTWARE\eduweb
HKCU\SOFTWARE\Elder Game
HKCU\SOFTWARE\Enterbrain  =>.Enterbrain
HKCU\SOFTWARE\Epic Games  =>.Epic Games
HKCU\SOFTWARE\ESET  =>.ESET
HKCU\SOFTWARE\Gearbox Software  =>.Gearbox Software
HKCU\SOFTWARE\GOG.com  =>.GOG.com
HKCU\SOFTWARE\Google  =>.Google
HKCU\SOFTWARE\Greatis  =>.Greatis Software
HKCU\SOFTWARE\Imagination Technologies  =>.Imagination Technologies
HKCU\SOFTWARE\InxileEntertainment
HKCU\SOFTWARE\JavaSoft  =>.JavaSoft
HKCU\SOFTWARE\JEDI-VCL  =>.JEDI Project
HKCU\SOFTWARE\Khronos  =>.Khronos
HKCU\SOFTWARE\Larian Studios  =>.Larian Studios
HKCU\SOFTWARE\Ludeon Studios  =>.Ludeon Studios
HKCU\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKCU\SOFTWARE\McAfee  =>.McAfee Inc.
HKCU\SOFTWARE\MDickie
HKCU\SOFTWARE\miHoYo
HKCU\SOFTWARE\miHoYoSDK
HKCU\SOFTWARE\MiniTool Software Limited  =>.MiniTool Software Limited
HKCU\SOFTWARE\moi rai games
HKCU\SOFTWARE\Mojang  =>.Mojang
HKCU\SOFTWARE\NewTechnologyStudio  =>.New Technology Studio
HKCU\SOFTWARE\Nine Dots Studio
HKCU\SOFTWARE\NTSCorp  =>.NTSCorp Ltd
HKCU\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKCU\SOFTWARE\Obsidian Entertainment  =>.Obsidian Entertainment
HKCU\SOFTWARE\OldBlood Productions
HKCU\SOFTWARE\Owlcat Games
HKCU\SOFTWARE\Paradox Interactive  =>.Paradox Interactive
HKCU\SOFTWARE\Python  =>.Python
HKCU\SOFTWARE\QtProject  =>.QtProject
HKCU\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKCU\SOFTWARE\Regrun  =>.Greatis Software
HKCU\SOFTWARE\Respawn Entertainment  =>.Respawn Entertainment
HKCU\SOFTWARE\Rockstar Games  =>.Rockstar Games
HKCU\SOFTWARE\ScriptHookV
HKCU\SOFTWARE\spikechunsoft
HKCU\SOFTWARE\Stardock  =>.Stardock
HKCU\SOFTWARE\Streets of Rogue
HKCU\SOFTWARE\SyncEngines  =>.Microsoft Corporation
HKCU\SOFTWARE\Tequila
HKCU\SOFTWARE\Ubisoft  =>.Ubisoft
HKCU\SOFTWARE\Unity  =>.Unity
HKCU\SOFTWARE\UnityModManager
HKCU\SOFTWARE\Unknown Worlds  =>.Unknown Worlds
HKCU\SOFTWARE\Urvogel Games
HKCU\SOFTWARE\Valve  =>.Valve
HKCU\SOFTWARE\VDimension
HKCU\SOFTWARE\Warner Bros. Interactive Entertainment  =>.Warner Bros. Interactive Entertainment
HKCU\SOFTWARE\Washbear
HKCU\SOFTWARE\WinRAR  =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX  =>.RarLab
HKCU\SOFTWARE\Wow6432Node  =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP  =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software  =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\AVAST Software  =>.AVAST Software
HKU\.DEFAULT\SOFTWARE\Epic Games  =>.Epic Games
HKU\.DEFAULT\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKU\.DEFAULT\SOFTWARE\Nahimic  =>.Nahimic
HKU\.DEFAULT\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\6 Eyes Studio
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Aidis
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Akeo Consulting  =>.Akeo Consulting
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\AMPLITUDE Studios  =>.Amplitude Studios
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\AppDataLow  =>.Microsoft Corporation
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Arcupion Art
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ASProtect  =>.ASPack Software
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Avast Software  =>.AVAST Software
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\AYstd
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\BANDAI NAMCO Entertainment  =>.BANDAI NAMCO Entertainment
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Blue Meridian
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Browser Cleanup  =>.Avast Software s.r.o
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\BugSplat  =>.Bugsplat Game
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Chromium  =>.Chromium
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\CleverFiles  =>.CleverFiles
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Cryptic  =>.Cryptic Studios
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Crystal Dynamics  =>.Crystal Dynamics
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Crytivo Games Inc.
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71  =>Adware.CrossRider
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Disc Soft  =>.Disc Soft
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Dog Hoggler
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Dragons
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\EA GAMES  =>.EA Games
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\eduweb
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Elder Game
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Enterbrain  =>.Enterbrain
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Epic Games  =>.Epic Games
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ESET  =>.ESET
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Gearbox Software  =>.Gearbox Software
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\GOG.com  =>.GOG.com
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Google  =>.Google
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Greatis  =>.Greatis Software
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Imagination Technologies  =>.Imagination Technologies
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\InxileEntertainment
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\JavaSoft  =>.JavaSoft
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\JEDI-VCL  =>.JEDI Project
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Khronos  =>.Khronos
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Larian Studios  =>.Larian Studios
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Ludeon Studios  =>.Ludeon Studios
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Malwarebytes  =>.Malwarebytes
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\McAfee  =>.McAfee Inc.
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\MDickie
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\miHoYo
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\miHoYoSDK
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\MiniTool Software Limited  =>.MiniTool Software Limited
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\moi rai games
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Mojang  =>.Mojang
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\NewTechnologyStudio  =>.New Technology Studio
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Nine Dots Studio
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\NTSCorp  =>.NTSCorp Ltd
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\NVIDIA Corporation  =>.nVidia Corporation
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Obsidian Entertainment  =>.Obsidian Entertainment
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\OldBlood Productions
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Owlcat Games
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Paradox Interactive  =>.Paradox Interactive
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Python  =>.Python
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\QtProject  =>.QtProject
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Realtek  =>.Realtek Semiconductor Corp.
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\RegisteredApplications  =>.Microsoft Corporation
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Regrun  =>.Greatis Software
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Respawn Entertainment  =>.Respawn Entertainment
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Rockstar Games  =>.Rockstar Games
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ScriptHookV
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\spikechunsoft
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Stardock  =>.Stardock
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Streets of Rogue
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\SyncEngines  =>.Microsoft Corporation
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Tequila
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Ubisoft  =>.Ubisoft
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Unity  =>.Unity
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\UnityModManager
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Unknown Worlds  =>.Unknown Worlds
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Urvogel Games
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Valve  =>.Valve
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\VDimension
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Warner Bros. Interactive Entertainment  =>.Warner Bros. Interactive Entertainment
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Washbear
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\WinRAR  =>.WinRAR
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\WinRAR SFX  =>.RarLab
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Wow6432Node  =>.Microsoft Corporation
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\ZHP  =>.Nicolas Coolman

---\\ Packages (5) - 0s
C:\Program Files (x86)\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy - (.LinkedIn.) [][LinkedIn]  =>LinkedIn
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [][UDK Package]  =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe - (.Microsoft.) [][NcsiUwpApp]  =>Microsoft
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [][NVIDIA Control Panel]  =>nVidia Corporation
C:\Program Files (x86)\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj - (.Realtek Semiconductor Corp.) [][Realtek Audio Control]  =>Realtek Semiconductor Corp

---\\ Contents of the Common Files folders (348) - 9s
O43 - CFD: 17/07/2022 - [] D -- C:\Program Files\AntiCheatExpert {0F316A214F60D59DC921AEB9685136CC}.
O43 - CFD: 11/01/2021 - [] D -- C:\Program Files\Black Tree Gaming Ltd  =>.Black Tree Gaming Ltd
O43 - CFD: 26/06/2022 - [] D -- C:\Program Files\Common Files  =>.Microsoft Corporation
O43 - CFD: 03/05/2021 - [] D -- C:\Program Files\Core Temp  =>.Legitimate
O43 - CFD: 09/11/2021 - [] D -- C:\Program Files\DIFX  =>.Microsoft Corporation
O43 - CFD: 24/12/2020 - [] D -- C:\Program Files\Dokan {05B9E5C73998821D2E591A368995B191}.
O43 - CFD: 06/10/2020 - [] D -- C:\Program Files\dotnet  =>.Microsoft®
O43 - CFD: 24/12/2020 - [] D -- C:\Program Files\EaseUS  =>.EaseUS Software
O43 - CFD: 03/10/2021 - [] D -- C:\Program Files\Eclipse Foundation {034A447570D970982409EBB3DA98B69D}.  =>.Eclipse Foundation
O43 - CFD: 19/06/2022 - [] D -- C:\Program Files\Epic Games  =>.Epic Games
O43 - CFD: 31/08/2022 - [] D -- C:\Program Files\Google  =>.Google
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files\Intel  =>.Intel Corporation
O43 - CFD: 09/03/2022 - [] D -- C:\Program Files\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 31/08/2022 - [] D -- C:\Program Files\Malwarebytes  =>.Malwarebytes
O43 - CFD: 03/10/2022 - [] D -- C:\Program Files\Microsoft OneDrive  =>.Microsoft Corporation
O43 - CFD: 11/04/2022 - [] D -- C:\Program Files\Microsoft Update Health Tools  =>.Microsoft Corporation
O43 - CFD: 07/07/2022 - [] D -- C:\Program Files\MiniTool Partition Wizard 11  =>.MiniTool Solution Ltd
O43 - CFD: 07/12/2019 - [0] D -- C:\Program Files\ModifiableWindowsApps  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files\MSBuild  =>.Microsoft Corporation
O43 - CFD: 28/09/2022 - [] D -- C:\Program Files\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 23/04/2022 - [] D -- C:\Program Files\PCHealthCheck  =>.Microsoft®
O43 - CFD: 11/05/2020 - [] D -- C:\Program Files\Realtek  =>.Realtek
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 25/11/2021 - [] D -- C:\Program Files\Rockstar Games  =>.Rockstar Games, Inc.®
O43 - CFD: 08/01/2019 - [0] HD -- C:\Program Files\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 23/02/2022 - [] D -- C:\Program Files\UNP  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 13/05/2022 - [] D -- C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 16/07/2022 - [] D -- C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Multimedia Platform  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows NT  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Security  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] SHD -- C:\Program Files\Windows Sidebar  =>.Microsoft Corporation
O43 - CFD: 05/10/2022 - [] HD -- C:\Program Files\WindowsApps  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\WindowsPowerShell  =>.Microsoft Corporation
O43 - CFD: 02/08/2020 - [] D -- C:\Program Files\WinRAR  =>.win.rar GmbH®
O43 - CFD: 26/03/2022 - [] D -- C:\Program Files (x86)\AMD [Unsigned]  =>.AMD
O43 - CFD: 30/11/2019 - [] D -- C:\Program Files (x86)\AVAST Software  =>.AVAST Software
O43 - CFD: 23/09/2022 - [] D -- C:\Program Files (x86)\Common Files  =>.Microsoft Corporation
O43 - CFD: 18/10/2021 - [] D -- C:\Program Files (x86)\EasyAntiCheat_EOS  =>.EasyAntiCheat
O43 - CFD: 15/02/2022 - [] D -- C:\Program Files (x86)\Electronic Arts  =>.Electronic Arts
O43 - CFD: 18/09/2022 - [] D -- C:\Program Files (x86)\Epic Games  =>.Epic Games
O43 - CFD: 06/10/2022 - [] D -- C:\Program Files (x86)\Google  =>.Google Inc®
O43 - CFD: 10/10/2021 - [] D -- C:\Program Files (x86)\imyfone_down  =>.iMyFone
O43 - CFD: 06/10/2022 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information  =>.InstallShield
O43 - CFD: 08/11/2021 - [] D -- C:\Program Files (x86)\Intel  =>.Intel Corporation
O43 - CFD: 09/03/2022 - [] D -- C:\Program Files (x86)\Internet Explorer  =>.Microsoft Corporation
O43 - CFD: 22/07/2022 - [] D -- C:\Program Files (x86)\Java  =>.Oracle
O43 - CFD: 03/08/2022 - [] D -- C:\Program Files (x86)\Microsoft  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Microsoft.NET  =>.Microsoft Corporation
O43 - CFD: 16/05/2021 - [] D -- C:\Program Files (x86)\Minecraft Launcher  =>.Mojang
O43 - CFD: 16/04/2022 - [0] D -- C:\Program Files (x86)\Mr DJ  =>.Mr DJ
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files (x86)\MSBuild  =>.Microsoft Corporation
O43 - CFD: 28/09/2022 - [] D -- C:\Program Files (x86)\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 05/07/2019 - [] D -- C:\Program Files (x86)\OpenAL  =>.Open Audio Library
O43 - CFD: 11/08/2022 - [] D -- C:\Program Files (x86)\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 14/09/2022 - [0] D -- C:\Program Files (x86)\Origin Games  =>.Electronic Arts, Inc.
O43 - CFD: 30/03/2019 - [] D -- C:\Program Files (x86)\Realtek  =>.Realtek
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files (x86)\Reference Assemblies  =>.Microsoft Corporation
O43 - CFD: 25/11/2021 - [] D -- C:\Program Files (x86)\Rockstar Games  =>.Rockstar Games, Inc.®
O43 - CFD: 06/10/2022 - [] D -- C:\Program Files (x86)\Steam  =>.Steam Games
O43 - CFD: 30/03/2019 - [0] HD -- C:\Program Files (x86)\Temp  =>.Microsoft Corporation
O43 - CFD: 03/12/2020 - [] D -- C:\Program Files (x86)\Ubisoft  =>.Ubisoft
O43 - CFD: 05/06/2022 - [] D -- C:\Program Files (x86)\UnHackMe  =>.Greatis
O43 - CFD: 11/05/2020 - [0] HD -- C:\Program Files (x86)\Uninstall Information  =>.Microsoft Corporation
O43 - CFD: 27/02/2021 - [] D -- C:\Program Files (x86)\VulkanRT  =>.LunarG, Inc
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files (x86)\Windows Defender  =>.Microsoft Corporation
O43 - CFD: 13/05/2022 - [] D -- C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 16/07/2022 - [] D -- C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Windows NT  =>.Microsoft Corporation
O43 - CFD: 10/08/2022 - [] D -- C:\Program Files (x86)\Windows Photo Viewer  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Windows Portable Devices  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] SHD -- C:\Program Files (x86)\Windows Sidebar  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\WindowsPowerShell  =>.Microsoft Corporation
O43 - CFD: 17/02/2022 - [] D -- C:\Program Files (x86)\Zenimax Online [Unsigned]
O43 - CFD: 20/02/2020 - [] HD -- C:\Program Files (x86)\Zero G Registry  =>.Flexera
O43 - CFD: 19/02/2021 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility  =>.Microsoft Corporation
O43 - CFD: 16/09/2022 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 13/10/2021 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Wonders III [GOG.com]
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd  =>.Black Tree Gaming Ltd
O43 - CFD: 03/05/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp  =>.Legitimate
O43 - CFD: 22/07/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java  =>.Oracle
O43 - CFD: 07/12/2019 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 03/04/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher  =>.Mojang
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 14/04/2022 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam  =>.Steam Games
O43 - CFD: 15/09/2021 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 26/06/2022 - [] D -- C:\ProgramData\Alderon Games
O43 - CFD: 23/09/2022 - [] D -- C:\ProgramData\AntiCheatExpert
O43 - CFD: 19/02/2021 - [0] SHD -- C:\ProgramData\Application Data  =>.Microsoft Corporation
O43 - CFD: 11/05/2020 - [] D -- C:\ProgramData\Audyssey Labs  =>.Audyssey Labs
O43 - CFD: 14/04/2022 - [] D -- C:\ProgramData\AVAST Software  =>.AVAST Software
O43 - CFD: 24/12/2020 - [] D -- C:\ProgramData\CleverFiles  =>.CleverFiles
O43 - CFD: 07/01/2021 - [] D -- C:\ProgramData\DAEMON Tools Lite  =>.DAEMON Tools
O43 - CFD: 19/02/2021 - [0] SHD -- C:\ProgramData\Desktop  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\ProgramData\Documents  =>.Microsoft Corporation
O43 - CFD: 21/02/2020 - [] D -- C:\ProgramData\Elder Scrolls Online
O43 - CFD: 07/02/2022 - [] D -- C:\ProgramData\Electronic Arts  =>.Electronic Arts
O43 - CFD: 18/09/2022 - [] D -- C:\ProgramData\Epic  =>.Epic
O43 - CFD: 09/11/2021 - [] D -- C:\ProgramData\Frontier Developments  =>.Frontier Developments
O43 - CFD: 13/09/2019 - [] D -- C:\ProgramData\GOG.com  =>.GOG.com
O43 - CFD: 30/03/2019 - [] D -- C:\ProgramData\Intel  =>.Intel Corporation
O43 - CFD: 19/07/2022 - [0] D -- C:\ProgramData\INTL
O43 - CFD: 31/08/2022 - [] D -- C:\ProgramData\Malwarebytes  =>.Malwarebytes
O43 - CFD: 02/01/2020 - [] D -- C:\ProgramData\McAfee  =>.McAfee
O43 - CFD: 19/02/2021 - [] SD -- C:\ProgramData\Microsoft  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\Microsoft OneDrive  =>.Microsoft Corporation
O43 - CFD: 06/10/2022 - [] D -- C:\ProgramData\NVIDIA  =>.nVidia Corporation
O43 - CFD: 28/09/2022 - [] D -- C:\ProgramData\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 11/02/2020 - [] D -- C:\ProgramData\Oracle  =>.Oracle
O43 - CFD: 14/09/2022 - [] D -- C:\ProgramData\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 17/07/2022 - [] D -- C:\ProgramData\Package Cache  =>.Microsoft Corporation
O43 - CFD: 24/06/2022 - [] D -- C:\ProgramData\Packages  =>.Microsoft Corporation
O43 - CFD: 09/11/2021 - [] D -- C:\ProgramData\Realtek  =>.Realtek
O43 - CFD: 06/10/2022 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft  =>.Microsoft Corporation
O43 - CFD: 18/01/2020 - [] D -- C:\ProgramData\Rockstar Games  =>.Rockstar Games
O43 - CFD: 07/12/2019 - [0] D -- C:\ProgramData\SoftwareDistribution  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] D -- C:\ProgramData\ssh  =>.Microsoft Corporation
O43 - CFD: 13/09/2019 - [] D -- C:\ProgramData\Stardock  =>.Stardock
O43 - CFD: 19/02/2021 - [0] SHD -- C:\ProgramData\Start Menu  =>.Microsoft Corporation
O43 - CFD: 24/12/2020 - [] D -- C:\ProgramData\SystemAcCrux
O43 - CFD: 19/02/2021 - [0] SHD -- C:\ProgramData\Templates  =>.Microsoft Corporation
O43 - CFD: 03/12/2020 - [] D -- C:\ProgramData\Ubisoft  =>.Ubisoft
O43 - CFD: 29/12/2021 - [] D -- C:\ProgramData\Unknown Worlds
O43 - CFD: 19/02/2021 - [] D -- C:\ProgramData\USOPrivate  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\ProgramData\USOShared  =>.Microsoft Corporation
O43 - CFD: 31/05/2020 - [] D -- C:\ProgramData\Vortex
O43 - CFD: 07/12/2019 - [] D -- C:\ProgramData\WindowsHolographicDevices  =>.Microsoft Corporation
O43 - CFD: 05/01/2022 - [] D -- C:\Program Files (x86)\Common Files\BattlEye  =>.BattlEye
O43 - CFD: 26/06/2022 - [] D -- C:\Program Files (x86)\Common Files\BioWare  =>.BioWare
O43 - CFD: 23/09/2022 - [] D -- C:\Program Files (x86)\Common Files\InstallShield  =>.InstallShield
O43 - CFD: 22/07/2022 - [] D -- C:\Program Files (x86)\Common Files\Java  =>.Oracle
O43 - CFD: 19/02/2021 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared  =>.Microsoft Corporation
O43 - CFD: 22/07/2022 - [] D -- C:\Program Files (x86)\Common Files\Oracle  =>.Oracle
O43 - CFD: 30/03/2019 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files (x86)\Common Files\Services  =>.Microsoft Corporation
O43 - CFD: 06/10/2022 - [] D -- C:\Program Files (x86)\Common Files\Steam  =>.Steam Games
O43 - CFD: 13/05/2022 - [] D -- C:\Program Files (x86)\Common Files\System  =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [] D -- C:\Users\satch\AppData\Roaming\.minecraft  =>.Microsoft Corporation
O43 - CFD: 06/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\.mono  =>.Legitimate
O43 - CFD: 05/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\Adobe  =>.Adobe
O43 - CFD: 29/09/2019 - [] D -- C:\Users\satch\AppData\Roaming\Alderon Games Launcher
O43 - CFD: 18/09/2022 - [] D -- C:\Users\satch\AppData\Roaming\alderon-games-launcher
O43 - CFD: 11/09/2022 - [] D -- C:\Users\satch\AppData\Roaming\AY std
O43 - CFD: 17/07/2022 - [] D -- C:\Users\satch\AppData\Roaming\ChimeralandGlobal
O43 - CFD: 01/09/2020 - [] D -- C:\Users\satch\AppData\Roaming\Crystal Dynamics  =>.Crystal Dynamics
O43 - CFD: 07/01/2021 - [0] D -- C:\Users\satch\AppData\Roaming\DAEMON Tools Lite  =>.DAEMON Tools
O43 - CFD: 13/09/2022 - [] D -- C:\Users\satch\AppData\Roaming\Discord
O43 - CFD: 27/02/2022 - [] D -- C:\Users\satch\AppData\Roaming\EasyAntiCheat  =>.EasyAntiCheat
O43 - CFD: 27/02/2022 - [] D -- C:\Users\satch\AppData\Roaming\EldenRing
O43 - CFD: 09/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\FiraxisLive  =>.Firaxis
O43 - CFD: 07/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\Frontier Developments  =>.Frontier Developments
O43 - CFD: 17/07/2022 - [] D -- C:\Users\satch\AppData\Roaming\GMEGLOBAL
O43 - CFD: 24/09/2019 - [] D -- C:\Users\satch\AppData\Roaming\Goldberg SteamEmu Saves
O43 - CFD: 23/09/2022 - [] D -- C:\Users\satch\AppData\Roaming\Guild Wars 2  =>.NCsoft Corporation, Ltd.
O43 - CFD: 09/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\HelloGames  =>.HelloGames
O43 - CFD: 05/08/2020 - [] D -- C:\Users\satch\AppData\Roaming\HOODLUM  =>.Hoodlum
O43 - CFD: 07/08/2020 - [] D -- C:\Users\satch\AppData\Roaming\launcher-main
O43 - CFD: 23/09/2022 - [] D -- C:\Users\satch\AppData\Roaming\Macromedia  =>.Macromedia
O43 - CFD: 26/03/2022 - [] SD -- C:\Users\satch\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 09/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\ModLauncherWPF  =>.Games Software
O43 - CFD: 24/08/2019 - [] D -- C:\Users\satch\AppData\Roaming\Nippon Ichi Software, Inc
O43 - CFD: 03/11/2020 - [] D -- C:\Users\satch\AppData\Roaming\NVIDIA  =>.nVidia Corporation
O43 - CFD: 14/09/2022 - [] D -- C:\Users\satch\AppData\Roaming\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 29/07/2020 - [] D -- C:\Users\satch\AppData\Roaming\Paradox Interactive  =>.Paradox Interactive
O43 - CFD: 07/08/2020 - [] D -- C:\Users\satch\AppData\Roaming\Paradox Launcher
O43 - CFD: 14/05/2022 - [] D -- C:\Users\satch\AppData\Roaming\paradox-launcher-v2
O43 - CFD: 18/11/2020 - [] D -- C:\Users\satch\AppData\Roaming\Sega  =>.SEGA
O43 - CFD: 09/07/2020 - [] D -- C:\Users\satch\AppData\Roaming\Skype  =>.Skype
O43 - CFD: 03/04/2021 - [] D -- C:\Users\satch\AppData\Roaming\Sun  =>.Oracle
O43 - CFD: 30/03/2022 - [] D -- C:\Users\satch\AppData\Roaming\Vortex
O43 - CFD: 09/04/2022 - [] D -- C:\Users\satch\AppData\Roaming\Warner Bros. Interactive Entertainment  =>.Warner Bros. Interactive Entertainment
O43 - CFD: 16/07/2019 - [] D -- C:\Users\satch\AppData\Roaming\WinRAR  =>.WinRAR
O43 - CFD: 21/07/2022 - [] D -- C:\Users\satch\AppData\Roaming\wxsh_launcher
O43 - CFD: 06/10/2022 - [] D -- C:\Users\satch\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 31/12/2019 - [0] D -- C:\Users\satch\AppData\Local\Adobe  =>.Adobe
O43 - CFD: 07/12/2019 - [] D -- C:\Users\satch\AppData\Local\alderon-games-launcher-updater
O43 - CFD: 10/10/2021 - [] D -- C:\Users\satch\AppData\Local\AnyRecover
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\satch\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - [] D -- C:\Users\satch\AppData\Local\AVAST Software  =>.AVAST Software
O43 - CFD: 29/05/2022 - [] D -- C:\Users\satch\AppData\Local\BANDAI NAMCO Entertainment  =>.BANDAI NAMCO Entertainment
O43 - CFD: 28/08/2020 - [] D -- C:\Users\satch\AppData\Local\BattlEye  =>.BattlEye
O43 - CFD: 23/08/2021 - [] D -- C:\Users\satch\AppData\Local\BitTorrentHelper
O43 - CFD: 24/08/2021 - [] D -- C:\Users\satch\AppData\Local\cache  =>.Legitimate
O43 - CFD: 14/12/2020 - [] D -- C:\Users\satch\AppData\Local\CD Projekt Red  =>.CD Projekt RED
O43 - CFD: 05/07/2019 - [] D -- C:\Users\satch\AppData\Local\CEF  =>.CEF
O43 - CFD: 25/12/2020 - [] D -- C:\Users\satch\AppData\Local\CleverFiles  =>.CleverFiles
O43 - CFD: 12/05/2020 - [] D -- C:\Users\satch\AppData\Local\Comms  =>.Microsoft Corporation
O43 - CFD: 06/07/2019 - [] D -- C:\Users\satch\AppData\Local\ConnectedDevicesPlatform  =>.Microsoft Corporation
O43 - CFD: 05/10/2022 - [] D -- C:\Users\satch\AppData\Local\CrashDumps  =>.Microsoft Corporation
O43 - CFD: 12/05/2020 - [] D -- C:\Users\satch\AppData\Local\CrashReportClient
O43 - CFD: 14/10/2019 - [] D -- C:\Users\satch\AppData\Local\CrashRpt
O43 - CFD: 23/09/2022 - [] D -- C:\Users\satch\AppData\Local\D3DSCache  =>.Legitimate
O43 - CFD: 21/09/2020 - [] D -- C:\Users\satch\AppData\Local\Daybreak Game Company  =>.Daybreak Game Company
O43 - CFD: 18/07/2019 - [0] D -- C:\Users\satch\AppData\Local\DBG  =>.DBG
O43 - CFD: 05/08/2020 - [] D -- C:\Users\satch\AppData\Local\DH
O43 - CFD: 11/09/2022 - [] D -- C:\Users\satch\AppData\Local\Diagnostics  =>.Microsoft Corporation
O43 - CFD: 13/09/2022 - [] D -- C:\Users\satch\AppData\Local\Discord
O43 - CFD: 16/07/2019 - [] D -- C:\Users\satch\AppData\Local\Disc_Soft_Ltd  =>.Disc Soft Ltd
O43 - CFD: 25/12/2020 - [] D -- C:\Users\satch\AppData\Local\DiskDrill  =>.Clever Software
O43 - CFD: 26/03/2022 - [] D -- C:\Users\satch\AppData\Local\Downloaded Installations  =>.Microsoft Corporation
O43 - CFD: 14/03/2022 - [] D -- C:\Users\satch\AppData\Local\Elder Scrolls Online
O43 - CFD: 14/12/2021 - [0] D -- C:\Users\satch\AppData\Local\ElevatedDiagnostics  =>.Microsoft Corporation
O43 - CFD: 18/09/2022 - [] D -- C:\Users\satch\AppData\Local\Epic Games  =>.Epic Games
O43 - CFD: 18/09/2022 - [] D -- C:\Users\satch\AppData\Local\EpicGamesLauncher  =>.Epic Games
O43 - CFD: 05/10/2022 - [] D -- C:\Users\satch\AppData\Local\ESET  =>.ESET
O43 - CFD: 09/11/2021 - [] D -- C:\Users\satch\AppData\Local\Frontier Developments  =>.Frontier Developments
O43 - CFD: 21/10/2020 - [] D -- C:\Users\satch\AppData\Local\GameAnalytics
O43 - CFD: 14/12/2020 - [] D -- C:\Users\satch\AppData\Local\GOG.com  =>.GOG.com
O43 - CFD: 07/07/2019 - [] D -- C:\Users\satch\AppData\Local\Google  =>.Google
O43 - CFD: 14/04/2022 - [] D -- C:\Users\satch\AppData\Local\GUI
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\satch\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 25/10/2019 - [] D -- C:\Users\satch\AppData\Local\Indiana
O43 - CFD: 07/07/2019 - [] D -- C:\Users\satch\AppData\Local\Injustice2
O43 - CFD: 17/07/2022 - [] D -- C:\Users\satch\AppData\Local\IsolatedStorage  =>.id Software
O43 - CFD: 28/11/2020 - [] D -- C:\Users\satch\AppData\Local\LarianLauncher
O43 - CFD: 06/10/2020 - [] D -- C:\Users\satch\AppData\Local\LarianStudios
O43 - CFD: 12/01/2021 - [] D -- C:\Users\satch\AppData\Local\LOOT
O43 - CFD: 22/05/2020 - [] D -- C:\Users\satch\AppData\Local\Maneater
O43 - CFD: 11/11/2019 - [] D -- C:\Users\satch\AppData\Local\mbam  =>.Malwarebytes
O43 - CFD: 11/11/2019 - [] D -- C:\Users\satch\AppData\Local\mbamtray  =>.Malwarebytes
O43 - CFD: 21/07/2019 - [] D -- C:\Users\satch\AppData\Local\Mega Limited  =>.MEGA Limited
O43 - CFD: 25/07/2022 - [] D -- C:\Users\satch\AppData\Local\MEGAsync  =>.MegaSystems
O43 - CFD: 14/04/2022 - [] D -- C:\Users\satch\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 05/07/2019 - [] D -- C:\Users\satch\AppData\Local\MicrosoftEdge  =>.Microsoft Corporation
O43 - CFD: 31/08/2021 - [] D -- C:\Users\satch\AppData\Local\miHoYo
O43 - CFD: 03/09/2020 - [] D -- C:\Users\satch\AppData\Local\MK11
O43 - CFD: 20/03/2021 - [] D -- C:\Users\satch\AppData\Local\NCSoft  =>.NCSOFT
O43 - CFD: 29/12/2020 - [] D -- C:\Users\satch\AppData\Local\New Technology Studio  =>.New Technology Studio
O43 - CFD: 28/09/2022 - [] D -- C:\Users\satch\AppData\Local\NVIDIA  =>.nVidia Corporation
O43 - CFD: 28/05/2022 - [] D -- C:\Users\satch\AppData\Local\NVIDIA Corporation  =>.nVidia Corporation
O43 - CFD: 07/07/2019 - [] D -- C:\Users\satch\AppData\Local\OneDrive  =>.Microsoft Corporation
O43 - CFD: 14/09/2022 - [] D -- C:\Users\satch\AppData\Local\Origin  =>.Electronic Arts, Inc.
O43 - CFD: 10/11/2020 - [] D -- C:\Users\satch\AppData\Local\OsirisExtender
O43 - CFD: 17/02/2021 - [] D -- C:\Users\satch\AppData\Local\Package Cache  =>.Microsoft Corporation
O43 - CFD: 26/09/2022 - [] D -- C:\Users\satch\AppData\Local\Packages  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] D -- C:\Users\satch\AppData\Local\PackageStaging  =>.Apcera
O43 - CFD: 07/08/2020 - [] D -- C:\Users\satch\AppData\Local\Paradox Interactive  =>.Paradox Interactive
O43 - CFD: 24/01/2022 - [] D -- C:\Users\satch\AppData\Local\PathOfTitans
O43 - CFD: 17/02/2021 - [] D -- C:\Users\satch\AppData\Local\pip  =>.Python
O43 - CFD: 20/09/2022 - [] D -- C:\Users\satch\AppData\Local\PlaceholderTileLogoFolder  =>.Microsoft Corporation
O43 - CFD: 17/02/2021 - [] D -- C:\Users\satch\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 05/07/2019 - [] D -- C:\Users\satch\AppData\Local\Publishers  =>.Microsoft Corporation
O43 - CFD: 17/07/2022 - [] D -- C:\Users\satch\AppData\Local\RailCrashReport
O43 - CFD: 14/12/2020 - [] D -- C:\Users\satch\AppData\Local\REDEngine
O43 - CFD: 29/12/2020 - [] D -- C:\Users\satch\AppData\Local\Rockstar Games  =>.Rockstar Games
O43 - CFD: 21/09/2020 - [] D -- C:\Users\satch\AppData\Local\SCE  =>.SCE
O43 - CFD: 18/11/2020 - [] D -- C:\Users\satch\AppData\Local\SEGA  =>.SEGA
O43 - CFD: 27/03/2022 - [] D -- C:\Users\satch\AppData\Local\Skyrim Special Edition  =>.Nogenious Skyrim Game
O43 - CFD: 20/07/2022 - [] D -- C:\Users\satch\AppData\Local\speech  =>.Microsoft Corporation
O43 - CFD: 06/07/2019 - [] D -- C:\Users\satch\AppData\Local\SquirrelTemp  =>.Squirrels
O43 - CFD: 07/02/2022 - [0] D -- C:\Users\satch\AppData\Local\STAR WARS Battlefront II
O43 - CFD: 17/03/2021 - [] D -- C:\Users\satch\AppData\Local\StarTradersFrontiers
O43 - CFD: 05/07/2019 - [] D -- C:\Users\satch\AppData\Local\Steam  =>.Steam Games
O43 - CFD: 20/11/2019 - [] D -- C:\Users\satch\AppData\Local\SwGame
O43 - CFD: 15/02/2022 - [] D -- C:\Users\satch\AppData\Local\SWTORPerf  =>.Electronic Arts, Inc.
O43 - CFD: 06/10/2022 - [] D -- C:\Users\satch\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\satch\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 05/07/2019 - [] D -- C:\Users\satch\AppData\Local\TheIsle
O43 - CFD: 19/06/2022 - [] D -- C:\Users\satch\AppData\Local\Tiny Tina's Wonderlands
O43 - CFD: 06/02/2022 - [] D -- C:\Users\satch\AppData\Local\Ubisoft Game Launcher  =>.Ubisoft
O43 - CFD: 29/09/2021 - [] D -- C:\Users\satch\AppData\Local\UnityModManagerNet
O43 - CFD: 19/04/2022 - [] D -- C:\Users\satch\AppData\Local\UnrealEngine  =>.Unreal Software
O43 - CFD: 22/05/2020 - [] D -- C:\Users\satch\AppData\Local\UnrealEngineLauncher  =>.Unreal Software
O43 - CFD: 01/09/2020 - [] D -- C:\Users\satch\AppData\Local\Urvogel Games
O43 - CFD: 13/04/2022 - [] D -- C:\Users\satch\AppData\Local\VirtualStore  =>.Microsoft Corporation
O43 - CFD: 09/06/2020 - [] D -- C:\Users\satch\AppData\Local\Vortex
O43 - CFD: 27/03/2022 - [] D -- C:\Users\satch\AppData\Local\vortex-updater
O43 - CFD: 18/10/2019 - [] D -- C:\Users\satch\AppData\Local\Western Digital  =>.Western Digital
O43 - CFD: 06/10/2022 - [] D -- C:\Users\satch\AppData\Local\ZHP  =>.Nicolas Coolman
O43 - CFD: 10/05/2022 - [] D -- C:\Users\satch\AppData\Local\Programs\alderon-games-launcher
O43 - CFD: 06/07/2019 - [0] D -- C:\Users\satch\AppData\Local\Programs\Common  =>.Microsoft Corporation
O43 - CFD: 14/05/2022 - [] D -- C:\Users\satch\AppData\Local\Programs\Paradox Interactive  =>.Paradox Interactive
O43 - CFD: 17/02/2021 - [] D -- C:\Users\satch\AppData\Local\Programs\Python  =>.Python
O43 - CFD: 27/06/2020 - [] D -- C:\Users\satch\AppData\LocalLow\6 Eyes Studio
O43 - CFD: 01/09/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Aidis
O43 - CFD: 19/04/2022 - [] D -- C:\Users\satch\AppData\LocalLow\Arcupion Art
O43 - CFD: 11/09/2022 - [] D -- C:\Users\satch\AppData\LocalLow\AYstd
O43 - CFD: 16/03/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Blue Meridian
O43 - CFD: 19/06/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Crytivo Games Inc_
O43 - CFD: 21/09/2020 - [] D -- C:\Users\satch\AppData\LocalLow\Daybreak Game Company  =>.Daybreak Game Company
O43 - CFD: 13/06/2020 - [] D -- C:\Users\satch\AppData\LocalLow\Dog Hoggler
O43 - CFD: 29/06/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Dragons
O43 - CFD: 23/10/2020 - [] D -- C:\Users\satch\AppData\LocalLow\Elder Game
O43 - CFD: 09/12/2020 - [] D -- C:\Users\satch\AppData\LocalLow\InxileEntertainment
O43 - CFD: 06/08/2019 - [] D -- C:\Users\satch\AppData\LocalLow\Ludeon Studios
O43 - CFD: 14/07/2021 - [] D -- C:\Users\satch\AppData\LocalLow\MDickie
O43 - CFD: 05/07/2019 - [] SD -- C:\Users\satch\AppData\LocalLow\Microsoft  =>.Microsoft Corporation
O43 - CFD: 29/08/2021 - [] D -- C:\Users\satch\AppData\LocalLow\miHoYo
O43 - CFD: 09/12/2020 - [] D -- C:\Users\satch\AppData\LocalLow\moi rai games
O43 - CFD: 23/12/2020 - [] D -- C:\Users\satch\AppData\LocalLow\Nine Dots Studio
O43 - CFD: 23/10/2019 - [] D -- C:\Users\satch\AppData\LocalLow\Obsidian Entertainment  =>.Obsidian Entertainment
O43 - CFD: 01/03/2021 - [] D -- C:\Users\satch\AppData\LocalLow\OldBlood Productions
O43 - CFD: 02/09/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Owlcat Games
O43 - CFD: 04/09/2019 - [] D -- C:\Users\satch\AppData\LocalLow\spikechunsoft
O43 - CFD: 03/04/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Sun  =>.Oracle
O43 - CFD: 02/09/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Unity  =>.Unity
O43 - CFD: 29/12/2021 - [] D -- C:\Users\satch\AppData\LocalLow\Unknown Worlds
O43 - CFD: 01/09/2020 - [] D -- C:\Users\satch\AppData\LocalLow\Urvogel Games
O43 - CFD: 13/06/2020 - [] D -- C:\Users\satch\AppData\LocalLow\VDimension
O43 - CFD: 26/12/2019 - [] D -- C:\Users\satch\AppData\LocalLow\Washbear
O43 - CFD: 06/10/2022 - [] AD -- C:\Users\satch\OneDrive\Desktop\FRST-OlderVersion
O43 - CFD: 26/09/2022 - [] AD -- C:\Users\satch\OneDrive\Desktop\Game  =>.Game
O43 - CFD: 19/02/2021 - [] RD -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] RD -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] RD -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.Administrative Tools
O43 - CFD: 07/12/2019 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync  =>.MegaSystems
O43 - CFD: 19/02/2021 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8  =>.Python
O43 - CFD: 19/02/2021 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games  =>.Rockstar Games
O43 - CFD: 19/02/2021 - [] RD -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [] RD -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools  =>.Microsoft Corporation
O43 - CFD: 17/02/2022 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
O43 - CFD: 19/02/2021 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft  =>.Ubisoft
O43 - CFD: 19/02/2021 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [] D -- C:\Users\satch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.WinRAR
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\Default\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 25/10/2021 - [] D -- C:\Users\Default\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D -- C:\Users\Default\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\Default User\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 25/10/2021 - [] D -- C:\Users\Default User\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D -- C:\Users\Default User\AppData\Local\Temp  =>.Microsoft Corporation
O43 - CFD: 19/02/2021 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Application Data  =>.Microsoft Corporation
O43 - CFD: 05/10/2022 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\CrashDumps  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Desktop  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DevelopmentFiles
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Documents  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Favorites  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\History  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft  =>.Microsoft Corporation
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\ProgramData
O43 - CFD: 23/09/2022 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Programs  =>.Microsoft Corporation
O43 - CFD: 14/04/2022 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\SecurityService
O43 - CFD: 23/09/2022 - [0]  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Temporary Internet Files  =>.Microsoft Corporation
O43 - CFD: 27/02/2022 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\EasyAntiCheat  =>.EasyAntiCheat
O43 - CFD: 23/09/2022 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft  =>.Microsoft Corporation
O43 - CFD: 07/02/2022 - []  -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Origin  =>.Electronic Arts, Inc.

---\\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
O106 - SIOI:  MEGA (Pending) [ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O106 - SIOI:  MEGA (Synced) [ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O106 - SIOI:  MEGA (Syncing) [ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O106 - SIOI:  [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll [Unsigned]  =>.Microsoft Corporation

---\\ Search Context Menu Handlers (SCMH) (37) - 1s
O108 - CMH1:  FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll  =>.Microsoft®
O108 - CMH1: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll  =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH2:  FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll  =>.Microsoft®
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nv3dappshext.dll  =>.Nvidia Corporation®
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nv3dappshext.dll  =>.Nvidia Corporation®
O108 - CMH2: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll  =>.win.rar GmbH®
O108 - CMH2: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH3: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll  =>.Malwarebytes Inc.®
O108 - CMH3: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH4:  FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll  =>.Microsoft®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH4: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH5:  FileSyncEx [64Bits] - {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} . (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Program Files\Microsoft OneDrive\22.191.0911.0001\FileSyncShell64.dll  =>.Microsoft®
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvshext.dll  =>.Nvidia Corporation®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Work Folders Shell Extension.) -- C:\Windows\System32\WorkfoldersShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll  =>.Microsoft®
O108 - CMH6: MBAMShlExt [64Bits] - {57CE581A-0CB6-4266-9CA0-19364C90A0B3} . (.Malwarebytes - Malwarebytes.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll  =>.Malwarebytes Inc.®
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App Resolver.) -- C:\Windows\System32\appresolver.dll  =>.Microsoft®
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll  =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.) [Unsigned]
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll [Unsigned]  =>.Microsoft Corporation
O108 - CMH7: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll [Unsigned]  =>.Microsoft Corporation

---\\ Image File Execution Options (10) - 0s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] [Unsigned]  =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768]  =>.Microsoft®

---\\ System Drivers List (444) - 10s
O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) -- C:\WINDOWS\System32\drivers\1394ohci.sys   [266240] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys   [107320]  =>.Microsoft®
O58 - SDL:2022/09/23 17:41:44 A . (.ANTICHEATEXPERT.COM - ACE-BASE64 NT Driver.) -- C:\WINDOWS\System32\drivers\ACE-BASE.sys   [1868832] {0F316A214F60D59DC921AEB9685136CC}.
O58 - SDL:2022/09/23 17:41:45 A . (.ANTICHEATEXPERT.COM - ACE-GAME64 NT Driver.) -- C:\WINDOWS\System32\drivers\ACE-GAME.sys   [772656] {0F316A214F60D59DC921AEB9685136CC}.
O58 - SDL:2022/06/16 19:20:03 A . (.Microsoft Corporation - ACPI Driver for NT.) -- C:\WINDOWS\System32\drivers\acpi.sys   [810344]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - ACPI Devices Driver.) -- C:\WINDOWS\System32\drivers\AcpiDev.sys   [23040] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - ACPIEx Driver.) -- C:\WINDOWS\System32\drivers\acpiex.sys   [139792]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) -- C:\WINDOWS\System32\drivers\acpipagr.sys   [14336] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\WINDOWS\System32\drivers\acpipmi.sys   [18432] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - ACPI Wake Alarm.) -- C:\WINDOWS\System32\drivers\acpitime.sys   [16384] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/02/10 22:09:56 A . (.Microsoft Corporation - Audio KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\Acx01000.sys   [694272] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys   [1135416]  =>.Microsoft®
O58 - SDL:2022/06/16 19:20:15 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\afd.sys   [651104]  =>.Microsoft®
O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - AF_UNIX socket provider.) -- C:\WINDOWS\System32\drivers\afunix.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:41 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) -- C:\WINDOWS\System32\drivers\agilevpn.sys   [114176] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:42 A . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\WINDOWS\System32\drivers\ahcache.sys   [292352] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\amdgpio2.sys   [18432] [Unsigned]  =>.Advanced Micro Devices, Inc
O58 - SDL:2019/12/07 05:07:47 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\amdi2c.sys   [45568] [Unsigned]  =>.Advanced Micro Devices, Inc
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\amdk8.sys   [209760]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\amdppm.sys   [213856]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys   [83256]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys   [259384]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys   [26936]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - AppID Driver.) -- C:\WINDOWS\System32\drivers\appid.sys   [212320]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - Applocker Filter.) -- C:\WINDOWS\System32\drivers\applockerfltr.sys   [18432] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys   [131896]  =>.Microsoft®
O58 - SDL:2021/08/24 09:55:35 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\aswTap.sys   [53904]  =>.AVAST Software s.r.o.®
O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\WINDOWS\System32\drivers\asyncmac.sys   [31232] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys   [31064]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\WINDOWS\System32\drivers\ataport.sys   [225104]  =>.Microsoft®
O58 - SDL:2021/11/09 12:51:06 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys   [208176]  =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2021/11/09 12:51:06 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\WINDOWS\System32\drivers\avipbb.sys   [197176]  =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2021/11/09 12:51:06 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\WINDOWS\System32\drivers\avkmgr.sys   [46704]  =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2019/12/07 05:08:41 A . (.Microsoft Corporation - BAM Kernel Driver.) -- C:\WINDOWS\System32\drivers\bam.sys   [78136]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Battery Class Driver.) -- C:\WINDOWS\System32\drivers\battc.sys   [41272]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:47 A . (. - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys   [9728] [Unsigned]  =>.Broadcom Corporation
O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - BEEP Driver.) -- C:\WINDOWS\System32\drivers\beep.sys   [10240] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/06/16 19:20:11 A . (.Microsoft Corporation - Windows Bind Filter Driver.) -- C:\WINDOWS\System32\drivers\bindflt.sys   [145768]  =>.Microsoft®
O58 - SDL:2022/03/08 21:50:16 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\WINDOWS\System32\drivers\bowser.sys   [117760] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:39 A . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\WINDOWS\System32\drivers\bridge.sys   [127488] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) -- C:\WINDOWS\System32\drivers\BtaMPM.sys   [36352] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/13 17:28:20 N . (.Microsoft Corporation - Bluetooth A2DP Driver.) -- C:\WINDOWS\System32\drivers\BthA2dp.sys   [287744] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Bus Extender.) -- C:\WINDOWS\System32\drivers\bthenum.sys   [113664] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/04/12 23:04:42 A . (.Microsoft Corporation - Bluetooth Hands-free Audio Device Driver.) -- C:\WINDOWS\System32\drivers\BthHfAud.sys   [65536] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/04/12 23:04:42 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) -- C:\WINDOWS\System32\drivers\BthHfEnum.sys   [147968] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) -- C:\WINDOWS\System32\drivers\BthMini.SYS   [45568] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\WINDOWS\System32\drivers\bthmodem.sys   [76800] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) -- C:\WINDOWS\System32\drivers\bthpan.sys   [133632] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Bus Driver.) -- C:\WINDOWS\System32\drivers\bthport.sys   [1560064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) -- C:\WINDOWS\System32\drivers\BTHUSB.SYS   [110592] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - VHD BTT Filter Driver.) -- C:\WINDOWS\System32\drivers\bttflt.sys   [43832]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Button Converter Driver.) -- C:\WINDOWS\System32\drivers\buttonconverter.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys   [533816]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Charge Arbiration Driver.) -- C:\WINDOWS\System32\drivers\CAD.sys   [66576]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:37 A . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\cdfs.sys   [100864] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\cdrom.sys   [175616] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/08 21:50:21 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) -- C:\WINDOWS\System32\drivers\CEA.sys   [82256]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys   [144184]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys   [319800]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vfx.sys   [28672] [Unsigned]  =>.Chelsio Communications
O58 - SDL:2019/12/07 05:07:54 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys   [1853752]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:34 A . (...) -- C:\WINDOWS\System32\drivers\cimfs.sys   [98816] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\WINDOWS\System32\drivers\circlass.sys   [52224] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:02 A . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\WINDOWS\System32\drivers\Classpnp.sys   [432472]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:36 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) -- C:\WINDOWS\System32\drivers\cldflt.sys   [496640] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Common Log File System Driver.) -- C:\WINDOWS\System32\drivers\clfs.sys   [415568]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - CLIP Service.) -- C:\WINDOWS\System32\drivers\ClipSp.sys   [1104216]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\WINDOWS\System32\drivers\CmBatt.sys   [36864] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:28 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) -- C:\WINDOWS\System32\drivers\cmimcext.sys   [29000]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:36 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\WINDOWS\System32\drivers\cng.sys   [747472]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) -- C:\WINDOWS\System32\drivers\cnghwassist.sys   [40968]  =>.Microsoft®
O58 - SDL:2021/07/16 19:40:29 A . (.Microsoft Corporation - Console Driver.) -- C:\WINDOWS\System32\drivers\condrv.sys   [57144]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\crashdmp.sys   [101736]  =>.Microsoft®
O58 - SDL:2021/06/10 16:30:04 A . (.Microsoft Corporation - DAM Kernel Driver.) -- C:\WINDOWS\System32\drivers\dam.sys   [97096]  =>.Microsoft®
O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) -- C:\WINDOWS\System32\drivers\devauthe.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\dfsc.sys   [152064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - PnP Disk Driver.) -- C:\WINDOWS\System32\drivers\disk.sys   [106336]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\WINDOWS\System32\drivers\Diskdump.sys   [41312]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) -- C:\WINDOWS\System32\drivers\Dmpusbstor.sys   [20480] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Dynamic Memory.) -- C:\WINDOWS\System32\drivers\dmvsc.sys   [59192]  =>.Microsoft®
O58 - SDL:2020/06/01 20:48:58 A . (.Dokan Project - Dokan Driver.) -- C:\WINDOWS\System32\drivers\dokan1.sys   [140280] {05B9E5C73998821D2E591A368995B191}.  =>.Dokan Project
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\WINDOWS\System32\drivers\drmk.sys   [97792] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\WINDOWS\System32\drivers\drmkaud.sys   [16128]  =>.Microsoft®
O58 - SDL:2019/07/16 13:45:24 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\WINDOWS\System32\drivers\dtlitescsibus.sys   [42256]  =>.AVB Disc Soft, SIA®
O58 - SDL:2019/07/16 13:45:24 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver.) -- C:\WINDOWS\System32\drivers\dtliteusbbus.sys   [59360]  =>.AVB Disc Soft, SIA®
O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\WINDOWS\System32\drivers\Dumpata.sys   [40784]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:58 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\WINDOWS\System32\drivers\dumpfve.sys   [95176]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\WINDOWS\System32\drivers\dumpsd.sys   [198496]  =>.Microsoft®
O58 - SDL:2022/06/16 19:20:11 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) -- C:\WINDOWS\System32\drivers\dumpsdport.sys   [32768] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Storport Dump Driver.) -- C:\WINDOWS\System32\drivers\Dumpstorport.sys   [38232]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\WINDOWS\System32\drivers\dxgkrnl.sys   [3814744]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\WINDOWS\System32\drivers\dxgmms1.sys   [456024]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:57 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\WINDOWS\System32\drivers\dxgmms2.sys   [904024]  =>.Microsoft®
O58 - SDL:2021/05/14 02:20:59 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) -- C:\WINDOWS\System32\drivers\EhStorClass.sys   [95032]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) -- C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys   [124728]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Error Device Driver.) -- C:\WINDOWS\System32\drivers\errdev.sys   [15872] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys   [3418936]  =>.Microsoft®
O58 - SDL:2022/03/08 21:50:16 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\WINDOWS\System32\drivers\exfat.sys   [418648]  =>.Microsoft®
O58 - SDL:2022/07/14 22:42:44 A . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\WINDOWS\System32\drivers\fastfat.sys   [426320]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\WINDOWS\System32\drivers\fdc.sys   [34816] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) -- C:\WINDOWS\System32\drivers\filecrypt.sys   [59392] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:46 A . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\WINDOWS\System32\drivers\fileinfo.sys   [94736]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:46 A . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\WINDOWS\System32\drivers\filetrace.sys   [40448] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Floppy Driver.) -- C:\WINDOWS\System32\drivers\flpydisk.sys   [28672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/07/14 22:42:52 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) -- C:\WINDOWS\System32\drivers\fltMgr.sys   [429928]  =>.Microsoft®
O58 - SDL:2021/04/13 17:14:28 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) -- C:\WINDOWS\System32\drivers\fsdepends.sys   [69968]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\WINDOWS\System32\drivers\fs_rec.sys   [33592]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:58 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\WINDOWS\System32\drivers\fvevol.sys   [802624]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS   [503632]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:05 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys   [8704] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys   [134656] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\HdAudio.sys   [430080] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Hid Battery Driver.) -- C:\WINDOWS\System32\drivers\hidbatt.sys   [39440]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Bluetooth Miniport Driver for HID Devices.) -- C:\WINDOWS\System32\drivers\hidbth.sys   [120320] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:26 A . (.Microsoft Corporation - Hid Class Library.) -- C:\WINDOWS\System32\drivers\hidclass.sys   [225792] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - I2C HID Miniport Driver.) -- C:\WINDOWS\System32\drivers\hidi2c.sys   [57344] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) -- C:\WINDOWS\System32\drivers\hidinterrupt.sys   [55824]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\WINDOWS\System32\drivers\hidir.sys   [48640] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:26 A . (.Microsoft Corporation - Hid Parsing Library.) -- C:\WINDOWS\System32\drivers\hidparse.sys   [46080] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - SPI HID Miniport Driver.) -- C:\WINDOWS\System32\drivers\hidspi.sys   [66560] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:26 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\WINDOWS\System32\drivers\hidusb.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys   [64312]  =>.Microsoft®
O58 - SDL:2022/08/10 05:18:02 A . (.Microsoft Corporation - HTTP Protocol Stack.) -- C:\WINDOWS\System32\drivers\http.sys   [1577320]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Hyper-V Crashdump.) -- C:\WINDOWS\System32\drivers\hvcrash.sys   [35128]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:44 A . (.Microsoft Corporation - Hypervisor Boot Driver.) -- C:\WINDOWS\System32\drivers\hvservice.sys   [96112]  =>.Microsoft®
O58 - SDL:2022/05/13 17:28:42 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) -- C:\WINDOWS\System32\drivers\hvsocket.sys   [149328]  =>.Microsoft®
O58 - SDL:2021/02/19 21:37:09 A . (.Microsoft Corporation - Hardware Policy Driver.) -- C:\WINDOWS\System32\drivers\hwpolicy.sys   [33096]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) -- C:\WINDOWS\System32\drivers\hyperkbd.sys   [27448]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) -- C:\WINDOWS\System32\drivers\HyperVideo.sys   [41784]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys   [118272] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys   [36352] [Unsigned]  =>.Intel(R) Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys   [91136] [Unsigned]  =>.Intel(R) Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys   [79360] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys   [93184] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys   [112128] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys   [96256] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys   [171520] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys   [175104] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys   [177152] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys   [177664] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys   [38128]  =>.Intel Corporation - Client Components Group®
O58 - SDL:2019/12/07 05:07:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys   [113152] [Unsigned]  =>.Intel Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAVC.sys   [884752]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys   [412176]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys   [558904]  =>.Microsoft®
O58 - SDL:2019/01/24 13:07:44 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) -- C:\WINDOWS\System32\drivers\ibtusb.sys   [191480]  =>.Intel(R) Wireless Connectivity Solutions®
O58 - SDL:2018/06/04 04:08:22 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) -- C:\WINDOWS\System32\drivers\ICCWDT.sys   [39504]  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2021/02/19 21:37:03 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) -- C:\WINDOWS\System32\drivers\IndirectKmd.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\WINDOWS\System32\drivers\intelide.sys   [20816]  =>.Microsoft®
O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\WINDOWS\System32\drivers\intelpep.sys   [418800]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Intel Power Limit Driver.) -- C:\WINDOWS\System32\drivers\intelpmax.sys   [30720] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\intelppm.sys   [234344]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Intel Telemetry Driver.) -- C:\WINDOWS\System32\drivers\IntelTA.sys   [26608]  =>.Microsoft®
O58 - SDL:2021/06/10 16:29:54 A . (.Microsoft Corporation - I/O rate control Filter.) -- C:\WINDOWS\System32\drivers\iorate.sys   [57168]  =>.Microsoft®
O58 - SDL:2022/06/16 19:20:19 A . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\WINDOWS\System32\drivers\ipfltdrv.sys   [95232] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/06/10 16:29:53 A . (.Microsoft Corporation - WMI IPMI DRIVER.) -- C:\WINDOWS\System32\drivers\IPMIDrv.sys   [117584]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:59 A . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\ipnat.sys   [230400] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - IPT Driver.) -- C:\WINDOWS\System32\drivers\ipt.sys   [59704]  =>.Microsoft®
O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - PNP ISA Bus Driver.) -- C:\WINDOWS\System32\drivers\isapnp.sys   [22864]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\ItSas35i.sys   [172344]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Keyboard Class Driver.) -- C:\WINDOWS\System32\drivers\kbdclass.sys   [71480]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - HID Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\kbdhid.sys   [46592] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) -- C:\WINDOWS\System32\drivers\kdnic.sys   [33296]  =>.Microsoft®
O58 - SDL:2022/04/12 23:04:43 A . (.Microsoft Corporation - Network Power Dependency Broker.) -- C:\WINDOWS\System32\drivers\KNetPwrDepBroker.sys   [32256] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:11 A . (.Microsoft Corporation - Kernel CSA Library.) -- C:\WINDOWS\System32\drivers\ks.sys   [449024] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/08 21:50:28 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\drivers\ksecdd.sys   [148312]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:36 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\drivers\ksecpkg.sys   [181096]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) -- C:\WINDOWS\System32\drivers\ksthunk.sys   [29696] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2018/04/30 08:53:14 A . (.http://libusb-win32.sourceforge.net - libusbK(lusbk) WDF USB Driver.) -- C:\WINDOWS\System32\drivers\libusbK.sys   [47928]  =>.Travis Lee Robinson®
O58 - SDL:2019/12/07 05:08:55 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\WINDOWS\System32\drivers\lltdio.sys   [72704] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/12/25 13:45:00 A . (...) -- C:\WINDOWS\System32\drivers\lpsport.sys   [61304]  =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys   [108856]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys   [124216]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys   [135992]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys   [82744]  =>.Microsoft®
O58 - SDL:2021/03/12 12:42:31 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) -- C:\WINDOWS\System32\drivers\luafv.sys   [140800] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) -- C:\WINDOWS\System32\drivers\mausbhost.sys   [537608]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - MA-USB IP Driver.) -- C:\WINDOWS\System32\drivers\mausbip.sys   [64016]  =>.Microsoft®
O58 - SDL:2022/08/31 20:23:06 A . (.Malwarebytes - Malwarebytes Anti-Exploit.) -- C:\WINDOWS\System32\drivers\mbae64.sys   [158640]  =>.Microsoft®
O58 - SDL:2022/08/31 20:23:01 A . (.Malwarebytes - Malwarebytes Early Launch Anti-Malware Driv.) -- C:\WINDOWS\System32\drivers\MbamElam.sys   [21480]  =>.Microsoft®
O58 - SDL:2022/10/04 21:58:02 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys   [239544]  =>.Microsoft®
O58 - SDL:2022/04/12 23:04:43 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) -- C:\WINDOWS\System32\drivers\MbbCx.sys   [386048] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - Medium changer class driver.) -- C:\WINDOWS\System32\drivers\mcd.sys   [25088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys   [59704]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys   [81720]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas35i.sys   [105480]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys   [575800]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Avrcp Transport Driver.) -- C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys   [65024] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) -- C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys   [106496] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys   [1131320]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:50 A . (.Microsoft Corporation - MMCSS Driver.) -- C:\WINDOWS\System32\drivers\mmcss.sys   [53248] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:34 A . (.Microsoft Corporation - Modem Device Driver.) -- C:\WINDOWS\System32\drivers\modem.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/08/13 00:10:51 A . (.Microsoft Corporation - Monitor Driver.) -- C:\WINDOWS\System32\drivers\monitor.sys   [83968] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Mouse Class Driver.) -- C:\WINDOWS\System32\drivers\mouclass.sys   [67600]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - HID Mouse Filter Driver.) -- C:\WINDOWS\System32\drivers\mouhid.sys   [35328] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Mount Point Manager.) -- C:\WINDOWS\System32\drivers\mountmgr.sys   [110392]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:33 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\WINDOWS\System32\drivers\mpsdrv.sys   [80896] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/08 21:50:44 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\WINDOWS\System32\drivers\mrxdav.sys   [165888] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:03 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\mrxsmb.sys   [586592]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\WINDOWS\System32\drivers\mrxsmb20.sys   [268632]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Mailslot driver.) -- C:\WINDOWS\System32\drivers\msfs.sys   [44048]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:57 A . (.Microsoft Corporation - GPIO Class Extension Driver.) -- C:\WINDOWS\System32\drivers\msgpioclx.sys   [183112]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - GPIO Button Driver.) -- C:\WINDOWS\System32\drivers\msgpiowin32.sys   [56120]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\WINDOWS\System32\drivers\mshidkmdf.sys   [8192] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:16 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) -- C:\WINDOWS\System32\drivers\mshidumdf.sys   [12288] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) -- C:\WINDOWS\System32\drivers\mshwnclx.sys   [30208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - ISA Driver.) -- C:\WINDOWS\System32\drivers\msisadrv.sys   [20280]  =>.Microsoft®
O58 - SDL:2021/08/13 00:10:51 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\WINDOWS\System32\drivers\msiscsi.sys   [293176]  =>.Microsoft®
O58 - SDL:2021/02/19 21:37:11 A . (.Microsoft Corporation - MS KS Server.) -- C:\WINDOWS\System32\drivers\mskssrv.sys   [34816] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:05 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) -- C:\WINDOWS\System32\drivers\mslldp.sys   [78848] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - MS Proxy Clock.) -- C:\WINDOWS\System32\drivers\mspclock.sys   [11264] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\WINDOWS\System32\drivers\mspqm.sys   [11264] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:08 A . (.Microsoft Corporation - Windows QUIC Driver.) -- C:\WINDOWS\System32\drivers\msquic.sys   [322376]  =>.Microsoft®
O58 - SDL:2022/05/13 17:28:30 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\WINDOWS\System32\drivers\msrpc.sys   [376688]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\WINDOWS\System32\drivers\mssmbios.sys   [47928]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\WINDOWS\System32\drivers\mstee.sys   [12288] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) -- C:\WINDOWS\System32\drivers\MTConfig.sys   [17920] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/03/12 12:42:31 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) -- C:\WINDOWS\System32\drivers\mup.sys   [132920]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys   [63800]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys   [146232]  =>.Microsoft®
O58 - SDL:2021/12/15 22:39:19 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) -- C:\WINDOWS\System32\drivers\ndis.sys   [1476944]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:48 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) -- C:\WINDOWS\System32\drivers\ndiscap.sys   [54272] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:13 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) -- C:\WINDOWS\System32\drivers\NdisImPlatform.sys   [135168] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\WINDOWS\System32\drivers\ndistapi.sys   [28672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - NDIS User mode I/O driver.) -- C:\WINDOWS\System32\drivers\ndisuio.sys   [70656] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:05 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) -- C:\WINDOWS\System32\drivers\NdisVirtualBus.sys   [23040] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/13 17:28:31 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\WINDOWS\System32\drivers\ndiswan.sys   [208384] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:48 A . (.Microsoft Corporation - RDMA Sample Driver.) -- C:\WINDOWS\System32\drivers\NDKPing.sys   [72720]  =>.Microsoft®
O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - NDIS Proxy.) -- C:\WINDOWS\System32\drivers\ndproxy.sys   [93696] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:33 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) -- C:\WINDOWS\System32\drivers\Ndu.sys   [131584] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/04/12 23:04:56 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys   [210944] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:04 A . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\WINDOWS\System32\drivers\netbios.sys   [64312]  =>.Microsoft®
O58 - SDL:2021/02/19 21:37:13 A . (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netbt.sys   [341504] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/13 17:28:30 A . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\WINDOWS\System32\drivers\netio.sys   [601944]  =>.Microsoft®
O58 - SDL:2022/06/16 19:20:03 A . (.Microsoft Corporation - Virtual NDIS Miniport.) -- C:\WINDOWS\System32\drivers\netvsc.sys   [252264]  =>.Microsoft®
O58 - SDL:2020/09/18 20:56:44 N . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwtw04.sys   [8651624]  =>.Intel®
O58 - SDL:2022/02/10 22:10:09 A . (.Microsoft Corporation - NPFS Driver.) -- C:\WINDOWS\System32\drivers\npfs.sys   [87368]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Named pipe service triggers.) -- C:\WINDOWS\System32\drivers\npsvctrig.sys   [27648] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:09 A . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\drivers\nsiproxy.sys   [48640] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys   [2846552]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:58 A . (.Microsoft Corporation - NTOS extension host driver.) -- C:\WINDOWS\System32\drivers\ntosext.sys   [20792]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - NULL Driver.) -- C:\WINDOWS\System32\drivers\null.sys   [7680] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - NVDIMM device driver.) -- C:\WINDOWS\System32\drivers\nvdimm.sys   [168464]  =>.Microsoft®
O58 - SDL:2022/09/23 18:52:39 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\WINDOWS\System32\drivers\nvhda64v.sys   [129576]  =>.Nvidia Corporation®
O58 - SDL:2021/04/12 20:03:32 A . (.NVIDIA Corporation - Process and module monitoring driver.) -- C:\WINDOWS\System32\drivers\NvModuleTracker.sys   [43416]  =>.NVIDIA Corporation®
O58 - SDL:2019/12/07 05:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys   [150328]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys   [166200]  =>.Microsoft®
O58 - SDL:2019/03/18 14:32:25 A . (.NVIDIA Corporation - Stereoscopic 3D USB controller driver.) -- C:\WINDOWS\System32\drivers\nvstusb.sys   [486184]  =>.NVIDIA Corporation®
O58 - SDL:2022/07/15 12:59:26 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys   [59368]  =>.Nvidia Corporation®
O58 - SDL:2021/06/21 04:43:08 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) -- C:\WINDOWS\System32\drivers\nvvhci.sys   [67464]  =>.NVIDIA Corporation®
O58 - SDL:2021/12/15 22:39:09 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) -- C:\WINDOWS\System32\drivers\nwifi.sys   [757760] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:02 A . (.Microsoft Corporation - QoS Packet Scheduler.) -- C:\WINDOWS\System32\drivers\pacer.sys   [161608]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\parport.sys   [109056] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:02 A . (.Microsoft Corporation - Partition driver.) -- C:\WINDOWS\System32\drivers\partmgr.sys   [186728]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) -- C:\WINDOWS\System32\drivers\pci.sys   [473424]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\drivers\pciide.sys   [17752]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\WINDOWS\System32\drivers\pciidex.sys   [57680]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - PCMCIA Bus Driver.) -- C:\WINDOWS\System32\drivers\pcmcia.sys   [127800]  =>.Microsoft®
O58 - SDL:2022/07/14 22:42:52 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\WINDOWS\System32\drivers\pcw.sys   [60232]  =>.Microsoft®
O58 - SDL:2021/06/10 16:29:55 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\WINDOWS\System32\drivers\pdc.sys   [159056]  =>.Microsoft®
O58 - SDL:2022/05/13 17:28:21 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\WINDOWS\System32\drivers\PEAuth.sys   [825344] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys   [58680]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys   [68408]  =>.Microsoft®
O58 - SDL:2022/05/13 17:28:41 A . (.Microsoft Corporation - Packet Monitor Driver.) -- C:\WINDOWS\System32\drivers\PktMon.sys   [131424]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Persistent memory driver.) -- C:\WINDOWS\System32\drivers\pmem.sys   [142176]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Plug and Play Memory Driver.) -- C:\WINDOWS\System32\drivers\pnpmem.sys   [17408] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) -- C:\WINDOWS\System32\drivers\portcfg.sys   [27136] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\WINDOWS\System32\drivers\portcls.sys   [388608] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\WINDOWS\System32\drivers\processr.sys   [218464]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:33 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) -- C:\WINDOWS\System32\drivers\ProcLaunchMon.sys   [43448]  =>.Microsoft®
O58 - SDL:2022/06/23 09:03:04 A . (. - TODO: <File description>.) -- C:\WINDOWS\System32\drivers\protected_elam.sys   [17864]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:05 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) -- C:\WINDOWS\System32\drivers\qwavedrv.sys   [53248] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - RAM Disk Driver.) -- C:\WINDOWS\System32\drivers\ramdisk.sys   [42296]  =>.Microsoft®
O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\WINDOWS\System32\drivers\rasacd.sys   [20480] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/07/14 22:42:57 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\rasl2tp.sys   [110080] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\raspppoe.sys   [87552] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/13 17:28:31 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\WINDOWS\System32\drivers\raspptp.sys   [102400] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\WINDOWS\System32\drivers\rassstp.sys   [86528] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/07/14 22:42:53 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- C:\WINDOWS\System32\drivers\rdbss.sys   [457568]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\WINDOWS\System32\drivers\rdpbus.sys   [28672] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:52 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys   [169984] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:48 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\WINDOWS\System32\drivers\rdpvideominiport.sys   [32600]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:54 A . (.Microsoft Corporation - ReadyBoost Driver.) -- C:\WINDOWS\System32\drivers\rdyboost.sys   [297784]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:35 A . (.Microsoft Corporation - NT ReFS FS Driver.) -- C:\WINDOWS\System32\drivers\refs.sys   [2010464]  =>.Microsoft®
O58 - SDL:2022/01/14 23:10:47 A . (.Microsoft Corporation - NT ReFS FS Driver.) -- C:\WINDOWS\System32\drivers\refsv1.sys   [990536]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\WINDOWS\System32\drivers\rfcomm.sys   [213504] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:27 A . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) -- C:\WINDOWS\System32\drivers\RfxVmt.sys   [8192] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) -- C:\WINDOWS\System32\drivers\rhproxy.sys   [115712] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:41 A . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\WINDOWS\System32\drivers\rmcast.sys   [158208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\WINDOWS\System32\drivers\RNDISMP.sys   [37376] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\WINDOWS\System32\drivers\rndismp6.sys   [41472] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:51 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\WINDOWS\System32\drivers\rootmdm.sys   [13824] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:55 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\WINDOWS\System32\drivers\rspndr.sys   [89088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:09 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys   [48640] [Unsigned]  =>.Realtek
O58 - SDL:2021/04/01 03:32:56 A . (.Realtek Semiconductor Corporation - Realtek Bluetooth Filter Driver.) -- C:\WINDOWS\System32\drivers\RtkBtfilter.sys   [795448]  =>.Realtek Semiconductor Corp.®
O58 - SDL:2019/09/12 00:27:14 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys   [6994520]  =>.Realtek Semiconductor Corp.®
O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\WINDOWS\System32\drivers\sbp2port.sys   [118088]  =>.Microsoft®
O58 - SDL:2021/03/12 12:42:35 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) -- C:\WINDOWS\System32\drivers\scfilter.sys   [44032] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/02/10 22:09:55 A . (.Microsoft Corporation - Storage Class Memory Bus Driver.) -- C:\WINDOWS\System32\drivers\scmbus.sys   [158520]  =>.Microsoft®
O58 - SDL:2021/10/13 02:41:43 A . (.Microsoft Corporation - SCSI Port Driver.) -- C:\WINDOWS\System32\drivers\scsiport.sys   [188232]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - SecureDigital Bus Driver.) -- C:\WINDOWS\System32\drivers\sdbus.sys   [306536]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - SDF Reflector.) -- C:\WINDOWS\System32\drivers\SDFRd.sys   [35128]  =>.Microsoft®
O58 - SDL:2022/06/16 19:20:04 A . (.Microsoft Corporation - SD Host Controller Port Driver.) -- C:\WINDOWS\System32\drivers\sdport.sys   [106344]  =>.Microsoft®
O58 - SDL:2021/10/13 02:41:29 A . (.Microsoft Corporation - SD Storage Class Driver.) -- C:\WINDOWS\System32\drivers\sdstor.sys   [104264]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Serial Class Extension.) -- C:\WINDOWS\System32\drivers\SerCx.sys   [86328]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:36 A . (.Microsoft Corporation - Serial Class Extension V2.) -- C:\WINDOWS\System32\drivers\SerCx2.sys   [173072]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\WINDOWS\System32\drivers\serenum.sys   [27648] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Serial Device Driver.) -- C:\WINDOWS\System32\drivers\serial.sys   [90624] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\WINDOWS\System32\drivers\sermouse.sys   [29184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\WINDOWS\System32\drivers\sfloppy.sys   [19456] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:33 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) -- C:\WINDOWS\System32\drivers\SgrmAgent.sys   [88080]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys   [44856]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys   [81720]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Sleep Study Helper.) -- C:\WINDOWS\System32\drivers\SleepStudyHelper.sys   [38200]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) -- C:\WINDOWS\System32\drivers\SmartSAMD.sys   [209720]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:09 A . (.Microsoft Corporation - Smart Card Driver Library.) -- C:\WINDOWS\System32\drivers\smclib.sys   [21504] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) -- C:\WINDOWS\System32\drivers\spacedump.sys   [219984]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:34 A . (.Microsoft Corporation - Storage Spaces Parser.) -- C:\WINDOWS\System32\drivers\spaceparser.sys   [26624] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\WINDOWS\System32\drivers\spaceport.sys   [687440]  =>.Microsoft®
O58 - SDL:2019/12/07 05:52:37 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) -- C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys   [90936]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - SPB Class Extension.) -- C:\WINDOWS\System32\drivers\SpbCx.sys   [87352]  =>.Microsoft®
O58 - SDL:2022/08/10 05:18:03 A . (.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\WINDOWS\System32\drivers\srv2.sys   [787968] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:03 A . (.Microsoft Corporation - Server Network driver.) -- C:\WINDOWS\System32\drivers\srvnet.sys   [318976] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2020/11/11 03:54:38 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys   [167280]  =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2019/12/07 05:07:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys   [31032]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) -- C:\WINDOWS\System32\drivers\storahci.sys   [187240]  =>.Microsoft®
O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) -- C:\WINDOWS\System32\drivers\stornvme.sys   [162128]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:31 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\WINDOWS\System32\drivers\storport.sys   [727376]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - Storage QoS Filter.) -- C:\WINDOWS\System32\drivers\storqosflt.sys   [92984]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) -- C:\WINDOWS\System32\drivers\storufs.sys   [64856]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Storage VSC Driver.) -- C:\WINDOWS\System32\drivers\storvsc.sys   [44048]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\WINDOWS\System32\drivers\stream.sys   [82432] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:27 A . (.Microsoft Corporation - Microsoft RemoteFX Synth3D Video VSC.) -- C:\WINDOWS\System32\drivers\Synth3dVsc.sys   [6656] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/10/18 05:51:50 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys   [36168]  =>.McAfee, Inc.®
O58 - SDL:2019/12/07 05:09:00 A . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\WINDOWS\System32\drivers\tape.sys   [33280] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:28 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) -- C:\WINDOWS\System32\drivers\tbs.sys   [31568]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:37 A . (.Microsoft Corporation - TCP/IP Driver.) -- C:\WINDOWS\System32\drivers\tcpip.sys   [2991952]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:04 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\WINDOWS\System32\drivers\tcpipreg.sys   [54784] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - TDI Wrapper.) -- C:\WINDOWS\System32\drivers\tdi.sys   [39736]  =>.Microsoft®
O58 - SDL:2021/09/15 02:14:10 A . (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys   [117584]  =>.Microsoft®
O58 - SDL:2018/01/31 21:50:50 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys   [227456]  =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Terminal Server Input Driver.) -- C:\WINDOWS\System32\drivers\terminpt.sys   [41272]  =>.Microsoft®
O58 - SDL:2021/09/15 02:14:01 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) -- C:\WINDOWS\System32\drivers\tm.sys   [142136]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:49 A . (.Microsoft Corporation - TPM Device Driver.) -- C:\WINDOWS\System32\drivers\tpm.sys   [255288]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) -- C:\WINDOWS\System32\drivers\TsUsbFlt.sys   [66560] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/08/13 00:10:51 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) -- C:\WINDOWS\System32\drivers\TsUsbGD.sys   [37888] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:04 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) -- C:\WINDOWS\System32\drivers\tunnel.sys   [129024] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Microsoft Uasp Driver.) -- C:\WINDOWS\System32\drivers\uaspstor.sys   [83816]  =>.Microsoft®
O58 - SDL:2021/10/13 02:41:37 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\UcmCx.sys   [160256] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\UcmTcpciCx.sys   [188416] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) -- C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys   [36864] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:03 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) -- C:\WINDOWS\System32\drivers\UcmUcsiCx.sys   [113152] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - USB Controller Extension.) -- C:\WINDOWS\System32\drivers\Ucx01000.sys   [259896]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:09 A . (.Microsoft Corporation - "udecx.DRIVER".) -- C:\WINDOWS\System32\drivers\Udecx.sys   [52736] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:09:51 A . (.Microsoft Corporation - UDF File System Driver.) -- C:\WINDOWS\System32\drivers\udfs.sys   [344064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/11/08 20:18:23 A . (.Microsoft Corporation - USB Function Driver Class Extension.) -- C:\WINDOWS\System32\drivers\ufx01000.sys   [324432]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) -- C:\WINDOWS\System32\drivers\ufxsynopsys.sys   [168264]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Generic pass-through driver.) -- C:\WINDOWS\System32\drivers\umpass.sys   [15360] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) -- C:\WINDOWS\System32\drivers\urscx01000.sys   [76304]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:07 A . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\WINDOWS\System32\drivers\usb8023.sys   [24064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:36:48 A . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\WINDOWS\System32\drivers\usb80236.sys   [24064] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/05/13 17:28:20 A . (.Microsoft Corporation - USB Audio Class Driver.) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys   [205312] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) -- C:\WINDOWS\System32\drivers\usbaudio2.sys   [260608] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:41 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\System32\drivers\USBCAMD2.sys   [40448] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\WINDOWS\System32\drivers\usbccgp.sys   [190800]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:50 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\WINDOWS\System32\drivers\usbcir.sys   [107520] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\WINDOWS\System32\drivers\usbd.sys   [33080]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\WINDOWS\System32\drivers\usbehci.sys   [86544]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\WINDOWS\System32\drivers\usbhub.sys   [528184]  =>.Microsoft®
O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - USB3 HUB Driver.) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS   [648016]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\WINDOWS\System32\drivers\usbohci.sys   [30208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:37 A . (...) -- C:\WINDOWS\System32\drivers\UsbPmApi.sys   [53248] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\WINDOWS\System32\drivers\usbport.sys   [473400]  =>.Microsoft®
O58 - SDL:2022/07/14 22:42:42 A . (.Microsoft Corporation - USB Printer driver.) -- C:\WINDOWS\System32\drivers\usbprint.sys   [43008] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/15 02:13:49 A . (.Microsoft Corporation - USB Serial Driver.) -- C:\WINDOWS\System32\drivers\usbser.sys   [81408] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS   [139624]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\WINDOWS\System32\drivers\usbuhci.sys   [39424] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/07/14 22:42:42 A . (.Microsoft Corporation - USB XHCI Driver.) -- C:\WINDOWS\System32\drivers\USBXHCI.SYS   [624984]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) -- C:\WINDOWS\System32\drivers\vdrvroot.sys   [67384]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Driver Verifier Extension.) -- C:\WINDOWS\System32\drivers\VerifierExt.sys   [347448]  =>.Microsoft®
O58 - SDL:2022/08/10 05:17:52 A . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\WINDOWS\System32\drivers\vhdmp.sys   [822096]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) -- C:\WINDOWS\System32\drivers\vhf.sys   [47616] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/01/14 23:10:43 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) -- C:\WINDOWS\System32\drivers\Vid.sys   [641352]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Video Port Driver.) -- C:\WINDOWS\System32\drivers\videoprt.sys   [47104] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:13 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) -- C:\WINDOWS\System32\drivers\vmbkmcl.sys   [120168]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) -- C:\WINDOWS\System32\drivers\vmbus.sys   [162128]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) -- C:\WINDOWS\System32\drivers\VMBusHID.sys   [36664]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) -- C:\WINDOWS\System32\drivers\vmgencounter.sys   [23864]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) -- C:\WINDOWS\System32\drivers\vmgid.sys   [19768]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:57 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) -- C:\WINDOWS\System32\drivers\vms3cap.sys   [18960]  =>.Microsoft®
O58 - SDL:2021/05/14 02:20:17 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\vmstorfl.sys   [54080]  =>.Microsoft®
O58 - SDL:2022/07/14 22:42:42 A . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\drivers\volmgr.sys   [92000]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:37 A . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\drivers\volmgrx.sys   [389432]  =>.Microsoft®
O58 - SDL:2021/02/19 21:36:54 A . (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys   [429880]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - Volume driver.) -- C:\WINDOWS\System32\drivers\volume.sys   [16696]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:30 A . (.Microsoft Corporation - Virtual PCI Bus.) -- C:\WINDOWS\System32\drivers\vpci.sys   [95576]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys   [166712]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS   [305464]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:13 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) -- C:\WINDOWS\System32\drivers\vwifibus.sys   [29184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/09/15 02:13:50 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\WINDOWS\System32\drivers\vwififlt.sys   [77824] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:13 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\WINDOWS\System32\drivers\vwifimp.sys   [50688] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:53 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) -- C:\WINDOWS\System32\drivers\wacompen.sys   [31232] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/02/19 21:37:14 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\WINDOWS\System32\drivers\wanarp.sys   [93184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/04/13 17:14:31 A . (.Microsoft Corporation - Watchdog Driver.) -- C:\WINDOWS\System32\drivers\watchdog.sys   [74752] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/11/09 18:05:46 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) -- C:\WINDOWS\System32\drivers\wcifs.sys   [202568]  =>.Microsoft®
O58 - SDL:2022/06/16 19:20:11 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) -- C:\WINDOWS\System32\drivers\wcnfs.sys   [93184] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:15 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\WINDOWS\System32\drivers\WdBoot.sys   [46688]  =>.Microsoft®
O58 - SDL:2022/03/08 21:50:28 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\System32\drivers\Wdf01000.sys   [828240]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:15 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\WINDOWS\System32\drivers\WdFilter.sys   [350136]  =>.Microsoft®
O58 - SDL:2021/08/13 00:11:04 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\WINDOWS\System32\drivers\WdfLdr.sys   [59192]  =>.Microsoft®
O58 - SDL:2022/07/14 22:42:44 A . (.Microsoft Corporation - WDI Driver Framework Driver.) -- C:\WINDOWS\System32\drivers\WdiWiFi.sys   [967168] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:39 A . (.Microsoft Corporation - WDM Companion Filter.) -- C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys   [23560]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:16 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) -- C:\WINDOWS\System32\drivers\WdNisDrv.sys   [54200]  =>.Microsoft®
O58 - SDL:2021/11/09 12:51:04 A . (. - WebShield WFP Driver (WPP).) -- C:\WINDOWS\System32\drivers\webshieldfilter.sys   [96264]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) -- C:\WINDOWS\System32\drivers\werkernel.sys   [52024]  =>.Microsoft®
O58 - SDL:2022/09/15 18:17:34 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\WINDOWS\System32\drivers\wfplwfs.sys   [181584]  =>.Microsoft®
O58 - SDL:2021/09/15 02:13:59 A . (.Microsoft Corporation - Wim file system Driver.) -- C:\WINDOWS\System32\drivers\wimmount.sys   [39760]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:37 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) -- C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys   [76984]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) -- C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys   [18920]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:51 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) -- C:\WINDOWS\System32\drivers\winhv.sys   [32784]  =>.Microsoft®
O58 - SDL:2019/12/07 05:09:33 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) -- C:\WINDOWS\System32\drivers\winhvr.sys   [96056]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys   [36152]  =>.Microsoft®
O58 - SDL:2022/03/08 21:50:16 A . (.Microsoft Corporation - Windows NAT Driver.) -- C:\WINDOWS\System32\drivers\winnat.sys   [261120] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:56 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) -- C:\WINDOWS\System32\drivers\winusb.sys   [107008] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:54 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys   [73016]  =>.Microsoft®
O58 - SDL:2019/12/07 05:07:54 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\WINDOWS\System32\drivers\wmiacpi.sys   [19456] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\WINDOWS\System32\drivers\wmilib.sys   [19472]  =>.Microsoft®
O58 - SDL:2021/04/13 17:14:37 A . (.Microsoft Corporation - Windows Overlay Filter.) -- C:\WINDOWS\System32\drivers\wof.sys   [234296]  =>.Microsoft®
O58 - SDL:2019/12/07 05:52:38 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) -- C:\WINDOWS\System32\drivers\WpdUpFltr.sys   [32568]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:49 A . (.Microsoft Corporation - WPP Trace Recorder.) -- C:\WINDOWS\System32\drivers\WppRecorder.sys   [43832]  =>.Microsoft®
O58 - SDL:2019/12/07 05:08:41 A . (.Microsoft Corporation - Winsock2 IFS Layer.) -- C:\WINDOWS\System32\drivers\ws2ifsl.sys   [25088] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\System32\drivers\WUDFPf.sys   [136192] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/08/10 05:18:04 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\System32\drivers\WUDFRd.sys   [315392] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/03/08 21:50:14 A . (.Microsoft Corporation - Game Input Protocol Driver.) -- C:\WINDOWS\System32\drivers\xboxgip.sys   [332288] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2021/12/15 22:39:08 A . (.Microsoft Corporation - XINPUT filter driver for HID.) -- C:\WINDOWS\System32\drivers\xinputhid.sys   [51712] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:07:47 A . (.Microsoft Corporation - Xbox 360 Common Controller for Windows Driv.) -- C:\WINDOWS\System32\drivers\xusb22.sys   [102400] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/05/29 14:20:16 A . (...) -- C:\WINDOWS\System32\pwdrvio.sys   [19152]  =>.MiniTool Solution Ltd®
O58 - SDL:2019/05/29 14:20:16 A . (...) -- C:\WINDOWS\System32\pwdspio.sys   [12504]  =>.MiniTool Solution Ltd®
O58 - SDL:2022/09/15 18:17:34 A . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\WINDOWS\System32\win32k.sys   [596992] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:32 A . (.Microsoft Corporation - Base Win32k Kernel Driver.) -- C:\WINDOWS\System32\win32kbase.sys   [2892800] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:34 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) -- C:\WINDOWS\System32\win32kfull.sys   [3813376] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2019/12/07 05:08:34 A . (.Microsoft Corporation - Win32k non session driver.) -- C:\WINDOWS\System32\win32kns.sys   [30208] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:42 A . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\WINDOWS\SysWOW64\win32k.sys   [329728] [Unsigned]  =>.Microsoft Corporation
O58 - SDL:2022/09/15 18:17:42 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) -- C:\WINDOWS\SysWOW64\win32kfull.sys   [2752512] [Unsigned]  =>.Microsoft Corporation

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe [Unsigned]  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe [Unsigned]  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  =>.Microsoft®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe "%1" %*  =>.Default.Value
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe [Unsigned]  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S  =>.Default.Value

---\\ Start Menu Internet (12) - 1s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\Shell\open\Command] (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   =>.Google LLC®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   =>.Microsoft®
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe   =>.Microsoft®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) -- C:\WINDOWS\System32\ie4ushowIE.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) -- C:\WINDOWS\System32\ie4ushowIE.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Microsoft Edge> <Microsoft Edge> [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Microsoft Edge.) -- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  =>.Microsoft Corporation

---\\ Search Browser Infection (3) - 0s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/  =>.Bing.com
O69 - SBI: SearchScopes [HKLM] [64Bits]{DCD4E047-FB67-439A-9FD5-732F5B759F32} [DefaultScope] - (Bing) - http://www.bing.com/  =>.Bing.com

---\\ Search Svchost Services (49) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll   [196608] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [196608] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll   [302592] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll   [1335296] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [1054720] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [836608] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll   [37376] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll   [160768] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [112640] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll   [814592] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [243712] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [487424] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll   [515072] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports.) -- C:\Windows\System32\wercplsupport.dll   [128000] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll   [2429440] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll   [333824] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) -- C:\Windows\System32\MitigationClient.dll   [487936] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Provides infrastructure support for deployi.) -- C:\Windows\System32\LanguageOverlayServer.dll   [436736] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll   [223232] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll   [1291264] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll   [1015808] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows Management Service DLL.) -- C:\Windows\System32\Windows.Management.Service.dll   [854528] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll   [70656] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll   [1483264] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll   [329216] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll   [2244608] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll   [1522176] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll   [48640] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\Windows\System32\NaturalAuth.dll   [454656] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll   [111616] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [1053184] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [551936] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll   [77824] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [619008] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [316928] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll   [3405312] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll   [1481216] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll   [283136] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll   [58880] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\Windows\System32\flightsettings.dll   [940480]  =>.Microsoft®
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\Windows\System32\WpnService.dll   [245248] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll   [217600] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll   [1295360] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) -- C:\Windows\System32\usosvc.dll   [570368] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll   [72704] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll   [171520] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll   [1049088] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll   [288256] [Unsigned]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll   [559616] [Unsigned]  =>.Microsoft Corporation

---\\ Firewall Active Exception List (69) - 16s
O87 - FAEL: "{6E37B903-1990-45E8-8B9B-9B4F14887C7F}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation®
O87 - FAEL: "{180B0F10-47B1-4803-A848-212EC712A26E}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation®
O87 - FAEL: "{DF57DF54-B162-46D9-AE83-D32CC9C8381C}" [In-None-P6-TRUE] .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe  =>.Valve Corp.®
O87 - FAEL: "{A4AA41BE-1CD4-4C90-B2BE-AF9A89FC0D5B}" [In-None-P17-TRUE] .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe  =>.Valve Corp.®
O87 - FAEL: "{77F5D1C0-4222-486F-B47E-43C4423A6AA4}" [In-None-P6-TRUE] .(.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe  =>.Valve Corp.®
O87 - FAEL: "{2974298D-457C-4D13-AECA-6AADAACDF824}" [In-None-P17-TRUE] .(.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe  =>.Valve Corp.®
O87 - FAEL: "TCP Query User{60184965-5FC1-4D5D-9634-7B8BD3529CC6}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe" [In-None-P6-TRUE] .(.Alderon Games Pty Ltd - Alderon Games Launcher.) -- C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
O87 - FAEL: "UDP Query User{BFD59198-8D4A-41AB-B376-5E45A38A6B48}C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe" [In-None-P17-TRUE] .(.Alderon Games Pty Ltd - Alderon Games Launcher.) -- C:\users\satch\appdata\local\programs\alderon-games-launcher\alderon games launcher.exe {03AE8F49A5CF5213A20ED85DA16310B9}.
O87 - FAEL: "{6660084E-A98F-43DE-9A66-17159679861D}" [In-None-P6-TRUE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) -- C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe  =>.Rockstar Games, Inc.®
O87 - FAEL: "{029684B2-58A9-4189-A3E1-E3C8916B929E}" [In-None-P17-TRUE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) -- C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe  =>.Rockstar Games, Inc.®
O87 - FAEL: "{B5B3E607-1103-4A87-ADD5-C4A36965EA87}" [In-None-P6-FALSE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) -- C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe  =>.Rockstar Games, Inc.®
O87 - FAEL: "{CB889081-1F91-4807-AF4C-86B6217DEC34}" [In-None-P17-FALSE] .(.Take-Two Interactive Software, Inc. - Rockstar Games.) -- C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe  =>.Rockstar Games, Inc.®
O87 - FAEL: "{1F48A2ED-4CD9-4E2D-B743-55531BA73F27}" [In-None-P6-TRUE] .(.CAPCOM CO., LTD. - MONSTER HUNTER STORIES 2: WINGS OF RUIN.) -- C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe  =>.CAPCOM CO., LTD.®
O87 - FAEL: "{CDC17333-2257-42D0-82A4-0422D118A264}" [In-None-P17-TRUE] .(.CAPCOM CO., LTD. - MONSTER HUNTER STORIES 2: WINGS OF RUIN.) -- C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe  =>.CAPCOM CO., LTD.®
O87 - FAEL: "{B86B12A5-DB44-486F-8182-7C002C1AC2E6}" [In-None-P6-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® MARVEL Super Heroes 2.) -- C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe  =>.Travellers Tales (UK) Limited®
O87 - FAEL: "{E4CB1534-1338-4591-AE54-57AB67039E53}" [In-None-P17-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® MARVEL Super Heroes 2.) -- C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe  =>.Travellers Tales (UK) Limited®
O87 - FAEL: "{3D8A4A90-A71D-4DC8-A759-C7CA7742E173}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{13808498-7FAB-4F4F-8203-1DEC16638678}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{4F330D3C-E0BE-4232-9164-7A4B3F7C9D63}" [In-None-P6-TRUE] .(.Ubisoft - South Park TFBW.) -- C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe  =>.UBISOFT ENTERTAINMENT INC.®
O87 - FAEL: "{B32A6AC5-72FA-43AF-AFC4-0BC75F5C4FAE}" [In-None-P17-TRUE] .(.Ubisoft - South Park TFBW.) -- C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe  =>.UBISOFT ENTERTAINMENT INC.®
O87 - FAEL: "TCP Query User{720BE36B-2681-48FA-83F9-1EA6624E5ED2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" [In-None-P6-TRUE] .(.Epic Games, Inc. - EpicWebHelper.) -- C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe  =>.Epic Games Inc.®
O87 - FAEL: "UDP Query User{347B0AF5-9315-402B-A155-7CB03E2A4619}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" [In-None-P17-TRUE] .(.Epic Games, Inc. - EpicWebHelper.) -- C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe  =>.Epic Games Inc.®
O87 - FAEL: "{51BADCFD-1524-4518-BCCB-69D995A1D84F}" [In-None-P6-TRUE] .(.Bethesda Softworks - The Elder Scrolls V: Skyrim Special Edition.) -- C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe [Unsigned]  =>.Bethesda Softworks
O87 - FAEL: "{8CFAA129-AAFE-4A76-9B4D-2DEA4C8BA803}" [In-None-P17-TRUE] .(.Bethesda Softworks - The Elder Scrolls V: Skyrim Special Edition.) -- C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe [Unsigned]  =>.Bethesda Softworks
O87 - FAEL: "{682F4526-223F-4FC9-8719-283C43AB8B5F}" [In-None-P6-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® Star Wars™: The Skywalker Saga.) -- C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe {00A921C2866BA4737D}.  =>.Warner Bros. Interactive Entertainment
O87 - FAEL: "{15EFA912-F759-4408-981D-6C48184C0F4C}" [In-None-P17-TRUE] .(.Warner Bros. Interactive Entertainment - LEGO® Star Wars™: The Skywalker Saga.) -- C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe {00A921C2866BA4737D}.  =>.Warner Bros. Interactive Entertainment
O87 - FAEL: "{02B17D0C-183C-4340-823A-E50770CD1F91}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe  =>.CAPCOM CO., LTD.®
O87 - FAEL: "{8BDAFFD8-17BC-47B9-B3BB-174DB92BC0C2}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe  =>.CAPCOM CO., LTD.®
O87 - FAEL: "{FA819B75-6D39-46AB-AB08-F066B9807149}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{EC087305-3C3C-4488-9195-E619082AD093}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{5EECE9BE-67AA-4277-B987-3E8F231D0717}" [In-None-P6-TRUE] .(.BANDAI NAMCO Entertainment Inc. - Tales of Arise.) -- C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe [Unsigned]  =>.BANDAI NAMCO Entertainment Inc.
O87 - FAEL: "{47457C44-C99A-427B-98FD-55040C6BEE4E}" [In-None-P17-TRUE] .(.BANDAI NAMCO Entertainment Inc. - Tales of Arise.) -- C:\Program Files (x86)\Steam\steamapps\common\Tales of Arise\Arise\Binaries\Win64\Tales of Arise.exe [Unsigned]  =>.BANDAI NAMCO Entertainment Inc.
O87 - FAEL: "{A5C02843-87BF-487B-BDE5-76E91196E836}" [In-None-P6-TRUE] .(.Frontier Developments - Jurassic World Evolution 2.) -- C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe [Unsigned]  =>.Frontier Developments
O87 - FAEL: "{0EA75AAF-9E68-4FC1-9465-D706535FB032}" [In-None-P17-TRUE] .(.Frontier Developments - Jurassic World Evolution 2.) -- C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution 2\JWE2.exe [Unsigned]  =>.Frontier Developments
O87 - FAEL: "{BE517293-7031-44FD-B805-3B97D75291FA}" [In-None-P6-TRUE] .(.Tribute Games - Teenage Mutant Ninja Turtles: Shredder's Re.) -- C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe [Unsigned]  =>.Tribute Games
O87 - FAEL: "{6913F13B-21A9-4358-9D22-69B13A5988D1}" [In-None-P17-TRUE] .(.Tribute Games - Teenage Mutant Ninja Turtles: Shredder's Re.) -- C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe [Unsigned]  =>.Tribute Games
O87 - FAEL: "TCP Query User{428567E3-DCF1-43E0-823F-43E66C1172D4}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe" [In-None-P6-TRUE] .(.Gearbox - Tiny Tina's Wonderlands.) -- C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe {0960B84A46DE76DF04471DCD32C20C1A}.
O87 - FAEL: "UDP Query User{EDD270BD-33A4-4D23-8911-54889952116D}C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe" [In-None-P17-TRUE] .(.Gearbox - Tiny Tina's Wonderlands.) -- C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe {0960B84A46DE76DF04471DCD32C20C1A}.
O87 - FAEL: "{C8317C52-81E8-4FD5-B32D-C14944E1E3E1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{64496028-9971-4762-8A14-C32157367B0E}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Monster Sanctuary\Monster Sanctuary.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{6015F536-33A1-403C-930F-BF55A56D18D1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Let's Build a Zoo\LetsBuildAZoo.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{DFA76206-F250-4D5C-9F49-0A553A618194}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Let's Build a Zoo\LetsBuildAZoo.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{10D3F82E-CEED-43F4-9766-2ADC6D195A48}" [In-None-P6-TRUE] .(...) -- C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe [Unsigned] (.not file.)  =>.SUP.Orphan
O87 - FAEL: "{62AFA97B-3BB9-4F2D-97B9-02E3E3490107}" [In-None-P17-TRUE] .(...) -- C:\Users\satch\AppData\Local\ChimeralandMiniLoader\ChimeralandMiniLoader.exe [Unsigned] (.not file.)  =>.SUP.Orphan
O87 - FAEL: "{93245947-A952-4E51-9D65-9ABB3938F054}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe {0D601DC6F2239F4FDDC08DB90E9578AC}.  =>.Steam Games
O87 - FAEL: "{DF332FDA-9AB0-4BC4-A268-023C44463508}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe {0D601DC6F2239F4FDDC08DB90E9578AC}.  =>.Steam Games
O87 - FAEL: "{AD711615-7501-4B5E-9A27-3A27DFD9D3E5}" [In-None-P6-TRUE] .(.Koch Media GmbH - Saints Row IV.) -- C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe [Unsigned]  =>.Koch Media GmbH
O87 - FAEL: "{D1313D8E-590F-4F4F-AA41-103FFFF5AED5}" [In-None-P17-TRUE] .(.Koch Media GmbH - Saints Row IV.) -- C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe [Unsigned]  =>.Koch Media GmbH
O87 - FAEL: "{936FC9E1-B2C1-4E30-AE6E-6CBFACE67DFA}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{529E0360-BABF-4472-BAFF-0F07128BD640}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\Force of Nature 2\ForceOfNature.exe [Unsigned]  =>.Steam Games
O87 - FAEL: "{19CAC17B-DE11-4410-BED6-BD2693AA9235}" [In-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl®
O87 - FAEL: "{BBB3C681-C329-402C-B61A-9F92B54A3A67}" [Out-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl®
O87 - FAEL: "{DF9B3869-5C23-4DC0-908B-1AA54B3346AA}" [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl®
O87 - FAEL: "{1C832D1B-A319-4A29-B3FB-AF6BACC689E2}" [Out-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl®
O87 - FAEL: "{0AD633F6-50DF-469D-B9D5-2BF84E4D019B}" [In-None-P6-TRUE] .(.ArenaNet - Guild Wars 2 Game Client.) -- C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe  =>.ArenaNet, LLc®
O87 - FAEL: "{0ADECEC3-2C6A-4FB8-A6D2-FC4DF229D2EC}" [In-None-P17-TRUE] .(.ArenaNet - Guild Wars 2 Game Client.) -- C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe  =>.ArenaNet, LLc®
O87 - FAEL: "{8F191ED7-C474-4016-9ADD-813C4079DA1D}" [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{048ADAD1-EBF7-4451-87D5-58A42902BD7F}" [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{38CD2E10-BC28-4970-81B4-33376D6681D0}" [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{22F3941D-13D8-4824-9B47-208497D94795}" [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{E3ACFB0D-778A-438F-9FFF-46EB54557503}" [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{490BB848-5BBA-419A-B5B2-BD411176AFCB}" [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{800BB005-B0C0-424A-8EE6-FB9110D191C5}" [Out-None-P6-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{541F2FD1-8AED-45DF-960C-F459F745C86F}" [Out-None-P17-TRUE] .(.Spotify Ltd - Spotify.) -- C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB®
O87 - FAEL: "{15889E70-0598-4D48-943A-BB6F6ABF9048}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation®
O87 - FAEL: "{EDE2F5F5-BDBC-4A4C-95E5-12C3B608A9D5}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation®
O87 - FAEL: "{B0A1F3D1-1D3E-4D69-A1DE-615737AE6711}" [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe  =>.Nvidia Corporation®
O87 - FAEL: "{15C0EBE3-9C00-479B-AB2D-3A7220E7763E}" [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe  =>.Nvidia Corporation®
O87 - FAEL: "{A0B6171D-FEE5-4D38-B1DE-AC2604078574}" [In-None-P17-TRUE] .(.Google LLC - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google LLC®

---\\ Product Upgrade Codes (65) - 1s
O90 - PUC: "1926E8D15D0BCE53481466615F760A7F" [HKLM] . (.Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219.)  =>.bl.org
O90 - PUC: "19F99D6A930206544A67E1B859E4C007" [HKLM] . (.Intel(R) Management Engine Components.)  =>.Intel Corporation
O90 - PUC: "1af2a8da7e60d0b429d7e6453b3d0182" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).)  =>.bl.org
O90 - PUC: "1D5E3C0FEDA1E123187686FED06E995A" [HKLM] . (.Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.)  =>.bl.org
O90 - PUC: "218A10D01A28F1845864E8829E678FFD" [HKLM] . (.Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334.)  =>.Microsoft Corporation
O90 - PUC: "21EE4A31AE32173319EEFE3BD6FDFFE3" [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.)  =>.Microsoft Corporation
O90 - PUC: "22BEFC8F7E2A1793E9ADB411DEFE1C58" [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.)  =>.Microsoft Corporation
O90 - PUC: "25DCF1B7B6F821F41A3463E13AF9E5C7" [HKLM] . (.Microsoft Update Health Tools.)  =>.Microsoft Corporation
O90 - PUC: "4271783F85A6C524E8C4A44539A56AF8" [HKLM] . (.Microsoft Windows Desktop Runtime - 3.1.8 (x64).)  =>.Microsoft Corporation
O90 - PUC: "469A3A563CD340100000026010912191" [HKLM] . (.Dokan Library 1.4.0.1000 (x64).) -- C:\WINDOWS\Installer\{65A3A964-3DC3-0104-0000-200601191219}\DokanIcon
O90 - PUC: "46CBF11946C4F8B46A733B842336C868" [HKLM] . (.Minecraft Launcher.) -- C:\WINDOWS\Installer\{911FBC64-4C64-4B8F-A637-B34832638C86}\minecraft.ico  =>.Microsoft Corporation
O90 - PUC: "4EA42A62D9304AC4784BF2238130140F" [HKLM] . (.Java 8 Update 341.) -- C:\Program Files (x86)\Java\jre1.8.0_341\\bin\javaws.exe  =>.Sun Microsystems
O90 - PUC: "5282559C2FB74434AB193DDC644F4C14" [HKLM] . (.Intel(R) Trusted Connect Service Client x86.)  =>.Intel Corporation
O90 - PUC: "5282559C2FB74434AB193DDC644F4C24" [HKLM] . (.Intel(R) Trusted Connect Service Client x64.)  =>.Intel Corporation
O90 - PUC: "593FE484FDB8B714FA205377C7A5CF23" [HKLM] . (.Microsoft VC++ redistributables repacked..)  =>.bl.org
O90 - PUC: "5A48B219CC1680342B44C5432C0C8299" [HKLM] . (.Microsoft .NET Core Runtime - 3.1.8 (x64).)  =>.Microsoft Corporation
O90 - PUC: "62DBF9290209B993A9A757D1160F9B24" [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.)  =>.Microsoft Corporation
O90 - PUC: "67D6ECF5CD5FBA732B8B22BAC8DE1B4D" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161.)  =>.bl.org
O90 - PUC: "68959691EC52CA14C9F645976435DEAB" [HKLM] . (.Epic Online Services.) -- C:\WINDOWS\Installer\{19695986-25CE-41AC-9C6F-54794653EDBA}\Installer.ico
O90 - PUC: "6E815EB96CCE9A53884E7857C57002F0" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.)  =>.bl.org
O90 - PUC: "6E8D947A316B3EB3F8F540C548BE2AB9" [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.)  =>.Microsoft Corporation
O90 - PUC: "74F3F879A6EF8AC44B21A2840CBD50EA" [HKLM] . (.Python Launcher.) -- C:\WINDOWS\Installer\{978F3F47-FE6A-4CA8-B412-2A48C0DB05AE}\ARPIcon  =>.Python
O90 - PUC: "7C06097C2503F134299F06B93813A777" [HKLM] . (.Microsoft VC++ redistributables repacked..)  =>.bl.org
O90 - PUC: "7C9F8B73BF303523781852719CD9C700" [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.)  =>.Microsoft Corporation
O90 - PUC: "804C89766362C844A86C4F3E1401D272" [HKLM] . (.Windows PC Health Check.) -- C:\WINDOWS\Installer\{6798C408-2636-448C-8AC6-F4E341102D27}\ArpIcon.ico
O90 - PUC: "87A0E709FD4B53E48987EF2E2FB28625" [HKLM] . (.Microsoft .NET Core Host FX Resolver - 3.1.8 (x64).)  =>.Microsoft Corporation
O90 - PUC: "8800A266DCF6DD54E97A86760485EA5D" [HKLM] . (.Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704.)  =>.Microsoft Corporation
O90 - PUC: "8A567BD6FA501A947AD1F646E53EEC14" [HKLM] . (.Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704.)  =>.Microsoft Corporation
O90 - PUC: "8CF94C41B9E392F458626226B9C53FB0" [HKLM] . (.Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334.)  =>.Microsoft Corporation
O90 - PUC: "93CC448C82CBAC642893F3738DEFA295" [HKLM] . (.Intel(R) Chipset Device Software.)  =>.Intel Corporation
O90 - PUC: "9AF6CD051229B5949BFBFE937DCBF4ED" [HKLM] . (.Intel(R) Management Engine Driver.)  =>.Intel Corporation
O90 - PUC: "9EFC6197D58D86E498E15D3A8C787BA3" [HKLM] . (.UE Prerequisites (x64).) -- C:\WINDOWS\Installer\{7916CFE9-D85D-4E68-891E-D5A3C887B73A}\Setup.ico  =>.Legitimate
O90 - PUC: "B81BE4D1EEF0E4444B1DF6C2BF3C366E" [HKLM] . (.Epic Games Launcher.) -- C:\WINDOWS\Installer\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}\Installer.ico  =>.Epic Games
O90 - PUC: "C025571B2A687A53689168CD7369889B" [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.)  =>.Microsoft Corporation
O90 - PUC: "c1c4f01781cc94c4c8fb1542c0981a2a" [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.)  =>.bl.org
O90 - PUC: "C3AEB2FCAE628F23AAB933F1E743AB79" [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.)  =>.Microsoft Corporation
O90 - PUC: "D20352A90C039D93DBF6126ECE614057" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.)  =>.bl.org
O90 - PUC: "D6EE573DFE819CE4280655D5BEE04ECE" [HKLM] . (.Microsoft .NET Core Host - 3.1.8 (x64).)  =>.Microsoft Corporation
O90 - PUC: "DC4C966DE35023C458C3F95CF33AF5DE" [HKLM] . (.Eclipse Temurin JDK with Hotspot 17+35 (x64).) -- C:\WINDOWS\Installer\{D669C4CD-053E-4C32-853C-9FC53FA35FED}\logo.ico  =>.AnchorFree Inc.
O90 - PUC: "DC8A59DBF9D1DA5389A1E3975220E6BB" [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.)  =>.Microsoft Corporation
O90 - PUC: "DDF4D1FB316663F4EA42DE3E7D3EC04F" [HKLM] . (.Intel(R) Management Engine Components.)  =>.Intel Corporation
O90 - PUC: "EFEE0228DC83E77358593193D847A0EC" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17.)  =>.bl.org
O90 - PUC: "F60730A4A66673047777F5728467D401" [HKLM] . (.Java Auto Updater.)  =>.Sun Microsystems
O90 - PUC: "0511549E87D5B5B47A7FC2D10EE1AA78" [HKCU] . (.Python 3.8.7 Executables (64-bit).)  =>.bl.org
O90 - PUC: "4329C30133C47A74AB371028FEEA1EEA" [HKCU] . (.Python 3.8.7 Core Interpreter (64-bit).)  =>.Python
O90 - PUC: "43CFC5B2D9FD1E647BA44A7D65AA728B" [HKCU] . (.Python 3.8.7 Development Libraries (64-bit).)  =>.Python
O90 - PUC: "467D15BAF652CFF4F900DF79EED8A44E" [HKCU] . (.Python 3.8.7 Documentation (64-bit).)  =>.Python
O90 - PUC: "5D51B55522D54DA4DA192D8D80D591F8" [HKCU] . (.Python 3.8.7 Utility Scripts (64-bit).)  =>.Python
O90 - PUC: "7912700F6FCFFB14D98338B2419522CD" [HKCU] . (.Paradox Launcher v2.) -- %APPDATA%\Microsoft\Installer\{F0072197-FCF6-41BF-9D38-832B145922DC}\ParadoxIcon
O90 - PUC: "8A1F6DF90555FA64589072D10F7E865B" [HKCU] . (.Dual-Core Optimizer.) -- %APPDATA%\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe  =>.Legitimate
O90 - PUC: "9E93480491A162C45BDDEEC793DA7F94" [HKCU] . (.Python 3.8.7 pip Bootstrap (64-bit).)  =>.Python
O90 - PUC: "B7BBEAF46A3E58E4D8C3D83D5CC3A7E4" [HKCU] . (.Python 3.8.7 Standard Library (64-bit).)  =>.Python
O90 - PUC: "E052E4D4200703B4DADCF4ECBBCC10B5" [HKCU] . (.Python 3.8.7 Tcl/Tk Support (64-bit).)  =>.Python
O90 - PUC: "ED65D1D46AF8903449F14F4BB13AA61A" [HKCU] . (.Python 3.8.7 Test Suite (64-bit).)  =>.Python
O90 - PUC: "0511549E87D5B5B47A7FC2D10EE1AA78" [HKU] . (.Python 3.8.7 Executables (64-bit).)  =>.bl.org
O90 - PUC: "4329C30133C47A74AB371028FEEA1EEA" [HKU] . (.Python 3.8.7 Core Interpreter (64-bit).)  =>.Python
O90 - PUC: "43CFC5B2D9FD1E647BA44A7D65AA728B" [HKU] . (.Python 3.8.7 Development Libraries (64-bit).)  =>.Python
O90 - PUC: "467D15BAF652CFF4F900DF79EED8A44E" [HKU] . (.Python 3.8.7 Documentation (64-bit).)  =>.Python
O90 - PUC: "5D51B55522D54DA4DA192D8D80D591F8" [HKU] . (.Python 3.8.7 Utility Scripts (64-bit).)  =>.Python
O90 - PUC: "7912700F6FCFFB14D98338B2419522CD" [HKU] . (.Paradox Launcher v2.) -- %APPDATA%\Microsoft\Installer\{F0072197-FCF6-41BF-9D38-832B145922DC}\ParadoxIcon
O90 - PUC: "8A1F6DF90555FA64589072D10F7E865B" [HKU] . (.Dual-Core Optimizer.) -- %APPDATA%\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe  =>.Legitimate
O90 - PUC: "9E93480491A162C45BDDEEC793DA7F94" [HKU] . (.Python 3.8.7 pip Bootstrap (64-bit).)  =>.Python
O90 - PUC: "B7BBEAF46A3E58E4D8C3D83D5CC3A7E4" [HKU] . (.Python 3.8.7 Standard Library (64-bit).)  =>.Python
O90 - PUC: "E052E4D4200703B4DADCF4ECBBCC10B5" [HKU] . (.Python 3.8.7 Tcl/Tk Support (64-bit).)  =>.Python
O90 - PUC: "ED65D1D46AF8903449F14F4BB13AA61A" [HKU] . (.Python 3.8.7 Test Suite (64-bit).)  =>.Python

---\\ Windows Installer Scan (29) - 7s
[MD5.F1D7C4CA034C2F9C10C474CFD3205C93] [WIS][2020/08/07 06:47:22] (.Paradox Interactive - Paradox Launcher v2.) -- C:\WINDOWS\Installer\130ee459.msi  [74158080]  =>.Paradox Interactive
[MD5.0E2D8C2788D0E33A7C909A3DDF36C3F4] [WIS][2020/12/21 19:11:38] (.Python Software Foundation - Python 3.8.7 Core Interpreter (64-bit).) -- C:\WINDOWS\Installer\16c5203c.msi  [1597440]  =>.Python Software Foundation
[MD5.A477E3E86CDA61BAD79B63A6DD67448B] [WIS][2020/12/21 19:12:00] (.Python Software Foundation - Python 3.8.7 Development Libraries (64-bit).) -- C:\WINDOWS\Installer\16c52040.msi  [282624]  =>.Python Software Foundation
[MD5.7FCB329FBF5A7843930A46792EE4C1E8] [WIS][2020/12/21 19:12:12] (.Python Software Foundation - Python 3.8.7 Executables (64-bit).) -- C:\WINDOWS\Installer\16c52044.msi  [516096]  =>.Python Software Foundation
[MD5.3D5BEB041FDA8A0B99C0CC6B4E1C41B0] [WIS][2020/12/21 19:12:42] (.Python Software Foundation - Python 3.8.7 Standard Library (64-bit).) -- C:\WINDOWS\Installer\16c52048.msi  [8224768]  =>.Python Software Foundation
[MD5.B4B5F208F955DD6A61A7C56D297BEA39] [WIS][2020/12/21 19:14:00] (.Python Software Foundation - Python 3.8.7 Test Suite (64-bit).) -- C:\WINDOWS\Installer\16c5204c.msi  [3469312]  =>.Python Software Foundation
[MD5.6FA3B79D702430457C346994595209E9] [WIS][2020/12/21 19:12:10] (.Python Software Foundation - Python 3.8.7 Documentation (64-bit).) -- C:\WINDOWS\Installer\16c52050.msi  [8568832]  =>.Python Software Foundation
[MD5.3932485A218B1F49EC374F99FF5E4796] [WIS][2020/12/21 19:14:08] (.Python Software Foundation - Python 3.8.7 Utility Scripts (64-bit).) -- C:\WINDOWS\Installer\16c52054.msi  [208896]  =>.Python Software Foundation
[MD5.1BD4CF494B6957DD8CC550D0FE1B1A03] [WIS][2020/12/21 19:13:36] (.Python Software Foundation - Python 3.8.7 Tcl/Tk Support (64-bit).) -- C:\WINDOWS\Installer\16c52058.msi  [3563520]  =>.Python Software Foundation
[MD5.16BFBA039A710278BD84E890D5145D4B] [WIS][2020/12/21 19:08:40] (.Python Software Foundation - Python Launcher.) -- C:\WINDOWS\Installer\16c52061.msi  [602112]  =>.Python Software Foundation
[MD5.13A4344875ECDE53876B37B4AFE9E44D] [WIS][2020/12/21 19:13:18] (.Python Software Foundation - Python 3.8.7 pip Bootstrap (64-bit).) -- C:\WINDOWS\Installer\16c52065.msi  [253952]  =>.Python Software Foundation
[MD5.A3EBB925E89DFFEFF8809ECAAA969A66] [WIS][2006/09/22 15:07:21] (.InstallShield Software Corporation - GAME.) -- C:\WINDOWS\Installer\2d77062.msi  [9166128]  =>.InstallShield Software Corporation
[MD5.A8E6C6AC9A6E6C61641102AC0D8FA351] [WIS][2018/01/31 21:56:24] (.Intel Corporation - Intel(R) Management Engine Driver.) -- C:\WINDOWS\Installer\32bd7.msi  [1433600]  =>.Intel Corporation
[MD5.2CD4160C0537C170A00F5F82DB6211EB] [WIS][2018/01/31 21:54:58] (.Intel Corporation - Intel(R) Management Engine Components.) -- C:\WINDOWS\Installer\32bdb.msi  [303104]  =>.Intel Corporation
[MD5.69AB3052E018BDA243F812214CB8D684] [WIS][2018/01/31 21:55:22] (.Intel Corporation - Microsoft VC++ redistributables repacked..) -- C:\WINDOWS\Installer\32bdf.msi  [12840960]  =>.Intel Corporation
[MD5.1C38353620A1E1209DB47BC4B05F5323] [WIS][2018/01/31 21:55:30] (.Intel Corporation - Microsoft VC++ redistributables repacked..) -- C:\WINDOWS\Installer\32be3.msi  [14307328]  =>.Intel Corporation
[MD5.ABC73900BF25A520EF874CE6908E8A05] [WIS][2018/01/31 21:56:12] (.Intel Corporation - Intel(R) Management Engine Components.) -- C:\WINDOWS\Installer\32be7.msi  [15622160]  =>.Intel Corporation
[MD5.2D818C2D5E817EC87A1CD952B0E35A0A] [WIS][2017/11/16 21:24:52] (.Intel Corporation - Intel(R) Trusted Connect Service Client x64.) -- C:\WINDOWS\Installer\32beb.msi  [3686400]  =>.Intel Corporation
[MD5.86C7E46126FABBB2ACAC9ED553423908] [WIS][2017/11/16 21:21:12] (.Intel Corporation - Intel(R) Trusted Connect Service Client x86.) -- C:\WINDOWS\Installer\32bef.msi  [8237056]  =>.Intel Corporation
[MD5.E4D544771E89C6C07E82BE840E7A82A5] [WIS][2020/06/01 20:50:58] (.Dokany Project - Dokan Library 1.4.0.1000 (x64).) -- C:\WINDOWS\Installer\4cd487b8.msi  [4497408]  =>.Dokany Project
[MD5.7FA9A6BA8688B9C459D125CE62C2CE17] [WIS][2020/05/22 09:02:57] (.Epic Games, Inc. - Epic Games Launcher.) -- C:\WINDOWS\Installer\5e1d124.msi  [44081152]  =>.Epic Games, Inc.
[MD5.2517299FA67020242316C30D31AE403B] [WIS][2022/07/14 13:42:41] (.Epic Games, Inc. - Epic Online Services.) -- C:\WINDOWS\Installer\618247f.msi  [114106368]  =>.Epic Games, Inc.
[MD5.DA6B08A4210B2DF28E791B5583FFE598] [WIS][2018/01/10 11:42:34] (.Intel Corporation - Intel(R) Chipset Device Software.) -- C:\WINDOWS\Installer\991dc.msi  [1933312]  =>.Intel Corporation
[MD5.D1722715C35C600D83DBC8DE4FDD5E0E] [WIS][2021/04/03 18:18:19] (.Mojang - Minecraft Launcher.) -- C:\WINDOWS\Installer\a74f660.msi  [2674688]  =>.Mojang
[MD5.6531E4A5373F1AB95BFC94510E323884] [WIS][2022/07/22 17:48:02] (.Oracle Corporation - Java SE Runtime Environment 8 Update 341.) -- C:\WINDOWS\Installer\aa64ee3.msi  [46469120]  =>.Oracle Corporation
[MD5.0F0D25C251EEDBED3B114E8FD529D457] [WIS][2022/07/22 17:47:58] (.Oracle Corporation - Java Auto Updater.) -- C:\WINDOWS\Installer\aa64eec.msi  [1040384]  =>.Oracle Corporation
[MD5.1A621582E26B3E086420558B391C1546] [WIS][2022/05/04 20:12:36] (.Epic Games, Inc. - UE Prerequisites (x64).) -- C:\WINDOWS\Installer\cbf72a0.msi  [11968512]  =>.Epic Games, Inc.
[MD5.A526F3740EE565B77C2C52321504FD5A] [WIS][2021/10/03 15:10:27] (.Eclipse Foundation - Eclipse Temurin Development Kit with Hotspo.) -- C:\WINDOWS\Installer\e761642.msi  [168548352]  =>.Eclipse Foundation
[MD5.AEF8C93404FB9BD11CCAEBD67FB21B9F] [WIS][2022/03/26 16:48:21] (.AMD - Dual-Core Optimizer.) -- C:\WINDOWS\Installer\f1dd1f8.msi  [1058304]  =>.AMD

---\\ FEATURE CONTROL. (130) - 0s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:mbam.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:mbamtray.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:OneDrive.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:eek:utlook.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:eek:utlook.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:presentationHost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe  =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe  =>.Legitimate

---\\ Observer Of Events (136) - 22s

Application.Warning: ESENT (2)
~Numéro: 37940
~Date: 10/06/2022 05:28:27 AM
~ID: 636
~Description: %1 (%2) %3Flush map file "%4" will be deleted. Reason: %5.
~Suggestion: Aucune

Application.Error: VSS (4)
~Numéro: 37923
~Date: 10/06/2022 05:27:16 AM
~ID: 8193
~Description: Volume Shadow Copy Service error: Unexpected error calling routine %1.  hr = %2.
~Suggestion: Utiliser la procédure de reconstruction du VSS

Application.Error: Application Error (71)
~Numéro: 37873
~Date: 10/05/2022 04:51:41 PM
~ID: 1000
~Description: Faulting application name: %1, version: %2, time stamp: 0x61e82da2 Faulting module name: %4, version: %5, time stamp: 0x58892bb7 Exception code: 0xc0000005 Fault offset: 0x00313278 Faulting process id: 0x2ff0 Faulting application start time: 0x01d8d8
~Suggestion: Réparer ou réinstaller l'application.

Application.Error: Application Hang (10)
~Numéro: 37746
~Date: 10/04/2022 09:55:30 PM
~ID: 1002
~Description: The program %1 version %2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.  Process ID: 4700  Start Time: 01d8d85c361f
~Suggestion: Essayer les commandes suivantes ipconfig /release et ipconfig / renew.

Application.Error: .NET Runtime (12)
~Numéro: 37550
~Date: 10/02/2022 02:28:01 PM
~ID: 1023
~Description: Application: SecurityService.exeCoreCLR Version: 4.700.21.26205.NET Core Version: 3.1.16Description: The process was terminated due to an internal error in the .NET Runtime at IP 73A917FF (738E0000) with exit code c0000005.

Application.Warning: Steam Client Service (18)
~Numéro: 37247
~Date: 09/28/2022 11:36:01 PM
~ID: 2
~Description: Warning: Updated file "SteamService.dll" from version 0x0007003400270039 to version 0x00070035005d003d.

Application.Warning: Microsoft-Windows-WMI (6)
~Numéro: 36105
~Date: 09/16/2022 06:22:53 AM
~ID: 63
~Description: A provider, %1, has been registered in the Windows Management Instrumentation namespace %2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
~Suggestion: Généralement LocalSystem n'est pas nécessaire et le contexte de sécurité NetworkServiceHost est plus approprié.

Application.Warning: Microsoft-Windows-System-Restore (1)
~Numéro: 35928
~Date: 09/15/2022 06:13:37 PM
~ID: 8303
~Description: Scoping unsuccessful for shadowcopy %1 with error %2.
~Suggestion: Exécuter la commande chkdsk / f

System.Warning: DCOM (1386)
~Numéro: 65653
~Date: 10/06/2022 04:52:38 PM
~ID: 10016
~Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-Q1JOHSVsatchS-1-5-21-3795020384-2431542903-1114512080-1003LocalHost (Using LRPC)Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_ne
~Suggestion: Vérifier les autorisations pour l'accès DCOM

System.Error: Service Control Manager (83)
~Numéro: 65634
~Date: 10/06/2022 04:46:32 PM
~ID: 7000
~Description: The %1 service failed to start due to the following error:  %%2

System.Warning: e1dexpress (17)
~Numéro: 65615
~Date: 10/06/2022 04:46:27 PM
~ID: 27
~Description: Intel(R) Ethernet Connection (7) I219-V
~Suggestion: Vérifier la Connection Ethernet

System.Warning: disk (54)
~Numéro: 65613
~Date: 10/06/2022 04:46:26 PM
~ID: 158
~Description: Disk %2 has the same disk identifiers as one or more disks connected to the system. Go to Microsoft's support website (http://support.microsoft.com) and search for KB2983588 to resolve the issue.
~Suggestion: https://support.microsoft.com/en-hk/help/2983588/event-id-158-is-logged-for-identical-disk-guids

System.Warning: Microsoft-Windows-WLAN-AutoConfig (22)
~Numéro: 65565
~Date: 10/06/2022 04:45:51 PM
~ID: 10002
~Description: WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll
~Suggestion: 1)Désactivez/Réactiver la connexion réseau sans fil. ou 2) Redémarrer le service WLAN AutoConfig

System.Warning: BTHUSB (38)
~Numéro: 65537
~Date: 10/06/2022 06:26:22 AM
~ID: 3
~Description: A command sent to the adapter has timed out. The adapter did not respond.

System.Warning: Microsoft-Windows-DNS-Client (121)
~Numéro: 65387
~Date: 10/05/2022 05:18:43 PM
~ID: 1014
~Description: Name resolution for the name %1 timed out after none of the configured DNS servers responded.
~Suggestion: https://social.technet.microsoft.com/wiki/contents/articles/3336.event-id-1014-microsoft-windows-dns-client.aspx

System.Error: Application Popup (15)
~Numéro: 65385
~Date: 10/05/2022 04:56:09 PM
~ID: 1060
~Description: \??\C:\Users\satch\AppData\Local\Temp\ehdrv.sys

System.Error: EventLog (10)
~Numéro: 65109
~Date: 10/04/2022 10:50:49 PM
~ID: 6008
~Description: The previous system shutdown at %1 on %2 was unexpected.

System.Error: Microsoft-Windows-Kernel-Boot (8)
~Numéro: 65098
~Date: 10/04/2022 10:50:35 PM
~ID: 29
~Description: 3221225684A fatal error occurred processing the restoration data.

System.Error: volsnap (2)
~Numéro: 65061
~Date: 10/03/2022 10:11:28 PM
~ID: 36
~Description: The shadow copies of volume %2 were aborted because the shadow copy storage could not grow due to a user imposed limit.

System.Warning: avgntflt (14)
~Numéro: 64991
~Date: 10/02/2022 02:30:57 PM
~ID: 18
~Description: TIMEOUT<WerFault.exe> C:\Windows\SysWOW64\wbem\wbemdisp.dll

System.Warning: Microsoft-Windows-NDIS (88)
~Numéro: 64906
~Date: 09/30/2022 05:40:49 PM
~ID: 10400
~Description: The network interface "%4" has begun resetting.  There will be a momentary disruption in network connectivity while the hardware resets. Reason: %5. This network interface has reset %6 time(s) since it was last initialized.
~Suggestion: Vérifier la connexion à l'interface réseau

System.Error: Netwtw04 (189)
~Numéro: 64905
~ID: 5007
~Description: 5007 - TX/CMD timeout (TfdQueue hanged)

System.Warning: HidBth (12)
~Numéro: 64874
~Date: 09/30/2022 04:49:09 PM
~Description: Bluetooth HID device %2 either went out of range or became unresponsive.

System.Error: Schannel (1)
~Numéro: 64426
~Date: 09/26/2022 01:53:24 AM
~ID: 4103
~Description: A fatal error occurred while creating a TLS %1 credential. The internal error state is %2.

System.Error: Microsoft-Windows-WindowsUpdateClient (1)
~Numéro: 62025
~Date: 09/03/2022 09:56:25 AM
~ID: 20
~Description: Installation Failure: Windows failed to install the following update with error %1: %2.
~Suggestion: http://kb.eventtracker.com/evtpass/evtpages/EventId_20_Microsoft-Windows-WindowsUpdateClient_63351.asp

---\\ Additional Scan (O88) (543) - 13s
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32  =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}  =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32  =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32  =>.SUP.Orphan
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\000  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\001  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\002  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\003  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\004  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\005  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\006  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\007  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\009  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\010  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\011  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\012  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\013  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\014  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\015  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\016  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\017  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\018  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\019  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\020  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\021  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\022  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\023  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\024  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\025  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\026  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\027  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\028  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\029  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\030  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\031  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\032  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\033  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\034  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\035  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\036  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\037  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\038  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\040  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\041  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\042  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\043  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\044  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\045  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\046  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\047  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\048  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\049  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\050  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\051  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\052  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\053  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\054  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\055  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\056  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\057  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\058  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\059  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\060  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\061  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\062  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\063  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\064  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\065  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\066  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\067  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\068  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\069  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\070  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\071  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\072  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\073  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\074  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\075  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\076  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\077  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\078  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\079  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\080  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\081  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\082  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\083  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\084  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\085  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\086  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\087  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\088  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\089  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\090  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\091  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\092  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\093  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\094  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\095  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\096  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\097  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\098  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\099  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\100  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\101  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\102  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\103  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\104  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\105  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\106  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\107  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\108  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\110  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\111  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\112  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\113  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\114  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\115  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\116  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\117  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\118  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\119  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\120  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\121  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\122  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\123  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\124  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\125  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\126  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\127  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\128  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\129  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\130  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\131  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\132  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\133  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\134  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\135  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\136  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\137  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\138  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\139  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\140  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\141  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\142  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\143  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\144  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\145  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\146  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\147  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\148  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\149  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\150  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\151  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\152  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\153  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\154  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\155  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\156  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\157  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\158  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\159  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\160  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\161  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\162  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\163  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\164  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\165  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\166  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\167  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\168  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\169  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\170  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\171  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\172  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\173  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\174  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\175  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\176  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\177  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\178  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\179  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\180  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\181  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\182  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\183  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\184  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\185  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\186  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\187  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\188  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\189  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\190  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\191  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\192  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\193  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\194  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\195  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\196  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\197  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\198  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\199  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\200  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\201  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\202  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\203  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\204  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\205  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\206  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\207  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\208  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\209  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\210  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\211  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\212  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\213  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\214  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\215  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\216  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\217  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\218  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\219  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\220  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\221  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\222  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\223  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\224  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\225  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\226  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\227  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\228  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\229  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\230  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\231  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\232  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\233  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\234  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\235  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\236  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\237  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\238  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\239  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\240  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\241  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\242  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\243  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\244  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\245  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\246  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\247  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\248  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\249  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\250  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\251  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\252  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\253  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\254  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\255  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\256  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\257  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\258  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\259  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\260  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\261  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\262  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\263  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\264  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\265  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\266  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\267  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\268  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\269  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\270  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\271  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\272  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\273  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\274  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\275  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\276  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\277  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\278  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\279  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\280  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\281  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\282  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\283  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\285  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\286  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\287  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\288  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\289  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\290  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\291  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\292  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\293  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\294  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\295  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\296  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\297  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\298  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\299  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\300  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\301  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\302  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\303  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\304  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\305  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\306  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\308  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\309  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\310  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\311  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\312  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\313  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\314  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\315  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\316  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\317  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\318  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\319  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\320  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\321  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\322  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\323  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\324  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\325  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\326  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\327  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\328  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\329  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\330  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\331  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\332  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\333  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\334  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\335  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\336  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\337  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\338  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\339  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\340  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\341  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\342  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\343  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\344  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\345  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\346  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\347  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\348  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\349  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\350  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\351  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\352  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\353  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\354  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\355  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\356  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\357  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\358  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\359  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\360  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\361  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\362  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\363  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\364  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\365  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\366  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\367  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\368  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\369  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\370  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\371  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\372  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\373  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\374  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\375  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\376  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\377  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\378  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\379  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\380  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\381  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\382  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\383  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\384  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\385  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\386  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\387  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\388  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\389  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\390  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\391  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\392  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\393  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\394  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\395  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\396  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\397  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\398  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\399  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\400  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\401  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\402  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\403  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\404  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\405  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\406  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\407  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\408  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\409  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\410  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\411  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\412  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\413  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\414  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\415  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\416  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\417  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\418  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\419  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\420  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\421  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\422  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\423  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\424  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\425  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\426  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\427  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\428  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\429  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\430  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\431  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\432  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\433  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\434  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\435  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\436  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\437  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\438  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\439  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\440  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\441  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\442  =>.SUP.Temporary.Chrome
C:\Users\satch\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins  =>.SUP.Temporary.Chrome
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Star Traders Frontiers\StarTradersFrontiers.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\downloads\nut.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MiniTool Partition Wizard 11\partitionwizard.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\nut for tinfoil\nut.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\The beasts of 9500\The beasts of 9500.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\genshin impact\genshin impact game\genshinimpact.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Prehistoric Kingdom\Prehistoric Kingdom.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe  =>.SUP.Discord
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.FriendlyAppName =>.SUP.Discord
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.ApplicationCompany =>.SUP.Discord
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\feed.and.grow.fish.v0.14.0.2\feed.and.grow.fish.v0.14.0.2\feed and grow.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Star Traders Frontiers\StarTradersFrontiers.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\hc-bin64\cityofheroes.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Desktop\Game\Sunrise\Sunrise.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_281\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\downloads\nut.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\MiniTool Partition Wizard 11\partitionwizard.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\desktop\nut for tinfoil\nut.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\Avast\AvastUI.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\The beasts of 9500\The beasts of 9500.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\Downloads\tinfoil_driver.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\genshin impact\genshin impact game\genshinimpact.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Pathfinder Second Adventure\Wrath.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\users\satch\onedrive\desktop\nut for tinfoil\nut.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_311\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\zadig-2.7.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\Prehistoric Kingdom\Prehistoric Kingdom.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\ProgramData\Alderon Games\Path of Titans-demo\WindowsNoEditor\PathOfTitans\Binaries\Win64\PathOfTitans-Win64-Shipping_BE.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\program files\epic games\neverwinter\neverwinter\live\x64\gameclient.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\OneDrive\Desktop\Portramatic.exe-169-2021-11-11-1636605497.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Java\jre1.8.0_321\bin\javaw.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.FriendlyAppName  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\TotalAV\TotalAV.exe.ApplicationCompany  =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.FriendlyAppName =>.SUP.Discord
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\satch\AppData\Local\Discord\app-1.0.9006\Discord.exe.ApplicationCompany =>.SUP.Discord
[HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe.FriendlyAppName =>.Unsigned

---\\ Summary of the elements found (8) - 0s
https://nicolascoolman.eu/2022/09/05/zhpdiag-lanalyse-s-m-a-r-t-du-disque-systeme/  => SMART Information
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/  =>.SUP.Orphan
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/  =>.SUP.Discord
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
https://nicolascoolman.eu/forum/Topic/warning-eventlogapp-evenement-dapplication/  =>Warning.EventLogApp
https://nicolascoolman.eu/forum/Topic/warning-eventlogsys-evenement-systeme/  =>Warning.EventLogSys
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/  =>.SUP.Orphan.MUICache

---\\ Serial Number
[00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [04/10/2022] (.Malwarebytes Inc..) - C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [31/08/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [31/08/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll  =>.Malwarebytes Inc.
[00A657F778B31AE523D667131718D16EB2] [31/08/2022] (.Malwarebytes Inc..) - C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe  =>.Malwarebytes Inc.
[00A921C2866BA4737D] [18/08/2022] (.TT Games Studios Limited.) - C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe  =>.Not verified
[00C079D009476C5C4C] [14/03/2022] (.Black Tree Gaming Limited.) - C:\Program Files\Black Tree Gaming Ltd\Vortex\Uninstall Vortex.exe  =>.Not verified
[00C079D009476C5C4C] [14/03/2022] (.Black Tree Gaming Limited.) - C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe  =>.Not verified
[0190971E99FF712E3CD4EF85086849EF] [04/07/2022] (.CAPCOM CO., LTD..) - C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter Stories 2\game.exe  =>.CAPCOM CO., LTD.
[0190971E99FF712E3CD4EF85086849EF] [28/09/2022] (.CAPCOM CO., LTD..) - C:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe  =>.CAPCOM CO., LTD.
[01993E38970DE6088DE6B6CB39BBEE24] [12/09/2022] (.Cisco WebEx LLC.) - C:\Users\satch\AppData\Local\Discord\app-1.0.9006\modules\discord_voice-2\discord_voice\openh264-2.2.0-win32.dll  =>.Cisco WebEx LLC
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [12/09/2022] (.Discord Inc..) - C:\Users\satch\AppData\Local\Discord\app-1.0.9006\modules\discord_voice-2\discord_voice\capture_helper.exe  =>.SUP.Discord
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [12/09/2022] (.Discord Inc..) - C:\Users\satch\AppData\Local\Discord\app-1.0.9006\modules\discord_voice-2\discord_voice\mediapipe.dll  =>.SUP.Discord
[0320BE3EB866526927F999B97B04346E] [28/02/2018] (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe  =>.Realtek Semiconductor Corp.
[033ED5EDA065D1B8C91DFCF92A6C9BD8] [17/02/2021] (.Python Software Foundation.) - C:\Users\satch\AppData\Local\Package Cache\{a32da68d-eab0-48d8-947e-8187f9630441}\python-3.8.7-amd64.exe  =>.Python Software Foundation
[034A447570D970982409EBB3DA98B69D] [14/09/2021] (.Eclipse.org Foundation, Inc..) - C:\Program Files\Eclipse Foundation\jdk-17.0.0.35-hotspot\bin\jabswitch.exe  =>.Not verified
[034A447570D970982409EBB3DA98B69D] [14/09/2021] (.Eclipse.org Foundation, Inc..) - C:\Program Files\Eclipse Foundation\jdk-17.0.0.35-hotspot\bin\javaw.exe  =>.Not verified
[03AE8F49A5CF5213A20ED85DA16310B9] [28/07/2022] (.Alderon Games Canada Corporation.) - C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Alderon Games Launcher.exe  =>.Not verified
[03AE8F49A5CF5213A20ED85DA16310B9] [28/07/2022] (.Alderon Games Canada Corporation.) - C:\Users\satch\AppData\Local\Programs\alderon-games-launcher\Uninstall Alderon Games Launcher.exe  =>.Not verified
[045D9B6716C516EF45A1216DFD9F3060] [12/09/2019] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys  =>.Realtek Semiconductor Corp.
[05101D15D8F858EE5327DC9BF4B5E60B] [27/09/2021] (.Realtek Semiconductor Corp..) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe  =>.Realtek Semiconductor Corp.
[055100FDBCB3E2F470A627F03FCFE5B8] [13/07/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys  =>.Nvidia Corporation
[05B9E5C73998821D2E591A368995B191] [01/06/2020] (.ADAPP SASU.) - C:\Program Files\Dokan\Dokan Library-1.4.0\dokanctl.exe  =>.Not verified
[05B9E5C73998821D2E591A368995B191] [01/06/2020] (.ADAPP SASU.) - C:\WINDOWS\System32\DRIVERS\dokan1.sys  =>.Not verified
[05B9E5C73998821D2E591A368995B191] [24/12/2020] (.ADAPP SASU.) - C:\ProgramData\Package Cache\{97cfdb6c-2faa-43ba-afbc-469e01845e99}\DokanSetup.exe  =>.Not verified
[05E6110CFCCFAF76] [03/10/2021] (.Travellers Tales (UK) Limited.) - C:\Program Files (x86)\Steam\steamapps\common\LEGO Marvel Super Heroes 2\LEGOMARVEL2_DX11.exe  =>.Travellers Tales (UK) Limited
[05F97D054A9BFCBF9D5E12F8D0ABBE07] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\edls_64.dll  =>.ESET, spol. s r.o.
[05F97D054A9BFCBF9D5E12F8D0ABBE07] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em002_64.dll  =>.ESET, spol. s r.o.
[05F97D054A9BFCBF9D5E12F8D0ABBE07] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em003_64.dll  =>.ESET, spol. s r.o.
[0689B3BCEB4409890A32D71976B132A4] [27/09/2022] (.Valve Corp..) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe  =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [27/09/2022] (.Valve Corp..) - C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe  =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [27/09/2022] (.Valve Corp..) - C:\Program Files (x86)\Steam\steam.exe  =>.Valve Corp.
[068BE2F53452C882F18ED41A5DD4E7A3] [16/06/2022] (.Oracle America, Inc..) - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle America, Inc.
[06AEA76BAC46A9E8CFE6D29E45AAF033] [29/08/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe  =>.Google LLC
[06AEA76BAC46A9E8CFE6D29E45AAF033] [29/08/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe  =>.Google LLC
[0751A21B29586708685BB12FFCC97D05] [09/08/2022] (.Electronic Arts, Inc..) - C:\Program Files (x86)\Origin\OriginClientService.exe  =>.Not verified
[0751A21B29586708685BB12FFCC97D05] [09/08/2022] (.Electronic Arts, Inc..) - C:\Program Files (x86)\Origin\OriginUninstall.exe  =>.Not verified
[0751A21B29586708685BB12FFCC97D05] [09/08/2022] (.Electronic Arts, Inc..) - C:\Program Files (x86)\Origin\OriginWebHelperService.exe  =>.Not verified
[07C70F7CAB145BC1ED385FBE69FA3130] [24/08/2021] (.AVAST Software s.r.o..) - C:\WINDOWS\System32\drivers\aswTap.sys  =>.AVAST Software s.r.o.
[0800EE4ED1A959CC9887E905AD662BFE] [01/03/2022] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [04/08/2022] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [07/09/2022] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [12/09/2022] (.Nvidia Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [15/07/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nv3dappshext.dll  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvlddmkm.sys  =>.Nvidia Corporation
[0800EE4ED1A959CC9887E905AD662BFE] [23/09/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_70cfb45e19c20af4\nvshext.dll  =>.Nvidia Corporation
[084CAF4DF499141D404B7199AA2C2131] [21/05/2018] (.Valve.) - C:\Program Files (x86)\Steam\uninstall.exe  =>.Valve
[094DC9C3B9D09B4F1D07FA327100E5D5] [09/06/2021] (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe  =>.BattlEye Innovations e.K.
[0960B84A46DE76DF04471DCD32C20C1A] [29/09/2022] (.Gearbox Software, L.L.C..) - C:\program files\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe  =>.Not verified
[0A7EE3E63C26B444D53EC4B19A29615E] [04/10/2022] (.ArenaNet, LLc.) - C:\Program Files (x86)\Steam\steamapps\common\Guild Wars 2\Gw2-64.exe  =>.ArenaNet, LLc
[0BFCFAC08E216A1C1FDAA6B77BB2D66E] [01/04/2021] (.Realtek Semiconductor Corp..) - C:\Windows\RtkBtManServ.exe  =>.Realtek Semiconductor Corp.
[0BFCFAC08E216A1C1FDAA6B77BB2D66E] [01/04/2021] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RtkBtfilter.sys  =>.Realtek Semiconductor Corp.
[0D2CACCD3E9EEC06738410BA31BF6595] [09/06/2020] (.Adobe Inc..) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Inc.
[0D601DC6F2239F4FDDC08DB90E9578AC] [18/08/2022] (.PROXIMA BETA PTE. LIMITED.) - C:\Program Files (x86)\Steam\steamapps\common\chimeraland\client\x64\Release\Chimeraland.exe  =>.Not verified
[0DFE7BA482F076DB90BCC22B2C487CBD] [11/07/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe  =>.Epic Games Inc.
[0DFE7BA482F076DB90BCC22B2C487CBD] [26/06/2022] (.Epic Games Inc..) - C:\ProgramData\Package Cache\{284a69a5-9805-4ad5-98ac-173e9f776e0f}\UEPrereqSetup_x64.exe  =>.Epic Games Inc.
[0DFE7BA482F076DB90BCC22B2C487CBD] [28/09/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe  =>.Epic Games Inc.
[0DFE7BA482F076DB90BCC22B2C487CBD] [28/09/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe  =>.Epic Games Inc.
[0DFE7BA482F076DB90BCC22B2C487CBD] [28/09/2022] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe  =>.Epic Games Inc.
[0E4418E2DEDE36DD2974C3443AFB5CE5] [05/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\elevation_service.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [05/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [06/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [06/10/2022] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\setup.exe  =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [19/09/2022] (.Google LLC.) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\software_reporter_tool.exe  =>.Google LLC
[0E9ADC2716DC2E59463C0A8A51BE66D7] [30/04/2018] (.Travis Lee Robinson.) - C:\WINDOWS\System32\drivers\libusbK.sys  =>.Travis Lee Robinson
[0F316A214F60D59DC921AEB9685136CC] [17/07/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuard64.exe  =>.Not verified
[0F316A214F60D59DC921AEB9685136CC] [17/07/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe  =>.Not verified
[0F316A214F60D59DC921AEB9685136CC] [23/09/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\WINDOWS\system32\drivers\ACE-BASE.sys  =>.Not verified
[0F316A214F60D59DC921AEB9685136CC] [23/09/2022] (.HIGH MORALE DEVELOPMENTS LIMITED.) - C:\WINDOWS\system32\drivers\ACE-GAME.sys  =>.Not verified
[0F65F4572517CBCCAA8B3776580A8D3D] [05/10/2021] (.Rockstar Games, Inc..) - C:\Program Files (x86)\Rockstar Games\Social Club\SocialClubHelper.exe  =>.Rockstar Games, Inc.
[0F65F4572517CBCCAA8B3776580A8D3D] [05/10/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe  =>.Rockstar Games, Inc.
[0F65F4572517CBCCAA8B3776580A8D3D] [05/10/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe  =>.Rockstar Games, Inc.
[0F65F4572517CBCCAA8B3776580A8D3D] [25/11/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe  =>.Rockstar Games, Inc.
[0F65F4572517CBCCAA8B3776580A8D3D] [25/11/2021] (.Rockstar Games, Inc..) - C:\Program Files\Rockstar Games\Launcher\uninstall.exe  =>.Rockstar Games, Inc.
[0F6C9450E4E7F91B4C42CCCA2297B12F] [28/09/2022] (.Spotify AB.) - C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe  =>.Spotify AB
[1044F31AE1F93A0BB95F19AB9FAAC6BB] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em000_64.dll  =>.ESET, spol. s r.o.
[1121CB5D7302C7544C0407CB59FFDE7FB180] [29/05/2019] (.MiniTool Solution Ltd.) - C:\WINDOWS\System32\pwdrvio.sys  =>.MiniTool Solution Ltd
[1121CB5D7302C7544C0407CB59FFDE7FB180] [29/05/2019] (.MiniTool Solution Ltd.) - C:\Windows\system32\pwdspio.sys  =>.MiniTool Solution Ltd
[1201DB4C3B232ABA43B1B557] [25/07/2022] (.Mega Limited.) - C:\Users\satch\AppData\Local\MEGAsync\MEGAsync.exe  =>.Mega Limited
[1201DB4C3B232ABA43B1B557] [25/07/2022] (.Mega Limited.) - C:\Users\satch\AppData\Local\MEGAsync\ShellExtX64.dll  =>.Mega Limited
[1201DB4C3B232ABA43B1B557] [25/07/2022] (.Mega Limited.) - C:\Users\satch\AppData\Local\MEGAsync\uninst.exe  =>.Mega Limited
[14781BC862E8DC503A559346F5DCC518] [18/03/2019] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstusb.sys  =>.NVIDIA Corporation
[14F8FDD167F92402B1570B5DC495C815] [05/07/2019] (.Google Inc.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
[17DF1E696D347A2530B48532] [16/07/2019] (.AVB Disc Soft, SIA.) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys  =>.AVB Disc Soft, SIA
[17DF1E696D347A2530B48532] [16/07/2019] (.AVB Disc Soft, SIA.) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys  =>.AVB Disc Soft, SIA
[26504E0645C8DDDC8C28CC15] [27/02/2022] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe  =>.EasyAntiCheat Oy
[266D333EDE17A8B472053E4FA3934572] [25/12/2021] (.AVG Technologies CZ, s.r.o..) - C:\WINDOWS\System32\drivers\lpsport.sys  =>.AVG Technologies CZ, s.r.o.
[32BF4351F36EC352F398A1A70598DE81] [16/01/2022] (.UBISOFT ENTERTAINMENT INC..) - C:\Program Files (x86)\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe  =>.UBISOFT ENTERTAINMENT INC.
[330000029B1302828FF3904ED200000000029B] [14/09/2022] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe  =>.Skype Software Sarl
[36336D836A19E244FF0E52882EB5B1DE] [05/07/2019] (.Creative Labs Inc.) - C:\Program Files (x86)\OpenAL\oalinst.exe  =>.Creative Labs Inc
[54CCA67C86AD2DDFBB5CE4D41DC7A3E2] [22/05/2020] (.Epic Games Inc..) - C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe  =>.Epic Games Inc.
[56000001475EA46CCAEF0B7481000000000147] [30/03/2019] (.Intel(R) Trust Services.) - C:\ProgramData\Package Cache\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}\iclsClientInstaller.exe  =>.Intel(R) Trust Services
[56000001757376CD78AD000C9A000000000175] [04/06/2018] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\WINDOWS\System32\drivers\ICCWDT.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group
[56000001757376CD78AD000C9A000000000175] [31/01/2018] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group
[56000002143D5BA1B4E496B7C1000000000214] [30/03/2019] (.Intel(R) Software and Firmware Products.) - C:\ProgramData\Package Cache\{55d73ea7-6354-42db-8831-02d048ae57f8}\SetupChipset.exe  =>.Intel(R) Software and Firmware Products
[560000077B478C76C9AFCAFCAF00000000077B] [24/04/2020] (.Intel(R) INTELND1820.) - C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_f6c146a8872514f7\e1d68x64.sys  =>.Intel(R) INTELND1820
[560000082B1E36C56B00276A8A00000000082B] [15/10/2020] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_6557ea4289534d04\x64\TeeDriverW10x64.sys  =>.Intel(R) Embedded Subsystems and IP Blocks Group
[560000089D2953A788A5B8886900000000089D] [24/01/2019] (.Intel(R) Wireless Connectivity Solutions.) - C:\WINDOWS\System32\drivers\ibtusb.sys  =>.Intel(R) Wireless Connectivity Solutions
[5600000BF5F350B283A372355D000000000BF5] [10/07/2020] (.Intel(R) Wireless Connectivity Solutions.) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4d9e3f3539995c76\ibtusb.sys  =>.Intel(R) Wireless Connectivity Solutions
[5600000C970A207F2C4F00043D000000000C97] [16/06/2021] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe  =>.Intel(R) Embedded Subsystems and IP Blocks Group
[62E745E92165213C971F5C490AEA12A5] [03/12/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys  =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [12/04/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys  =>.NVIDIA Corporation
[6385A608FBD858EB4471A022CCE76B8F] [18/10/2019] (.McAfee, Inc..) - C:\WINDOWS\System32\drivers\tap0901.sys  =>.McAfee, Inc.
[65628C146ACE93037FC58659F14BD35F] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em001_64.dll  =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em004_64.dll  =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [01/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\Google\Chrome\User Data\SwReporter\105.290.200\em005_64.dll  =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [05/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [05/10/2022] (.ESET, spol. s r.o..) - C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner\sciter-x.dll  =>.ESET, spol. s r.o.
[71E68684F7A885A24ABF921CBBF4E0C3] [21/06/2021] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys  =>.NVIDIA Corporation
[722A666775DC480EA2B841413D7B8765] [29/01/2022] (.Ubisoft Entertainment Sweden AB.) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe  =>.Ubisoft Entertainment Sweden AB
[75B5499C96D676A5FAE2656B351E1FD6] [11/11/2020] (.Samsung Electronics Co., Ltd..) - C:\WINDOWS\System32\DRIVERS\ssudmdm.sys  =>.Samsung Electronics Co., Ltd.
[7625A59EA40A7E7B913F910723328E26] [25/06/2020] (.win.rar GmbH.) - C:\Program Files\WinRAR\Rar.exe  =>.win.rar GmbH
[7625A59EA40A7E7B913F910723328E26] [25/06/2020] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll  =>.win.rar GmbH
[7625A59EA40A7E7B913F910723328E26] [25/06/2020] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe  =>.win.rar GmbH
[76BA9423DDBCE7B145A95F01EE015F17] [09/11/2021] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avgntflt.sys  =>.Avira Operations GmbH & Co. KG
[76BA9423DDBCE7B145A95F01EE015F17] [09/11/2021] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys  =>.Avira Operations GmbH & Co. KG
[76BA9423DDBCE7B145A95F01EE015F17] [09/11/2021] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\DRIVERS\avkmgr.sys  =>.Avira Operations GmbH & Co. KG

~ Unselected Options:  WR,
~ End of the scan, 10435 items in 02mn57s (3074)(0)

Malnutrition · Oct 7, 2022

Adobe Flash Player is no longer supported and is a security risk.

Download Adobe Flash Player Uninstaller and save it to your Desktop
Right click on the icon and select Run as administrator
Click Uninstall then Done to reboot your computer\

FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Now please post Fresh FRST and Addition.txt logs, also let me know if defender starts now and how the machine is performing.

Rum Ham · Oct 7, 2022

Ok so shortly after my last post I downloaded AVIRA for an antivirus and things seemed to be working fine actually. As far as I could tell anyway.

Then I went ahead and did the FRST fix and I have posted the log below.

After that. I checked Defender and it indeed does allow me to run it now, with an option for running it simultaneously with Avira.

Is Avira useless and should stick with Defender, run them both, or is it in fact a good replacement to run alone without Defender at all? Anyhow I'll get back to reply tomorrow after work, I appreciate the help with everything.

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2022

Code:

Ran by satch (06-10-2022 21:25:04) Run:2
Running from C:\Users\satch\OneDrive\Desktop
Loaded Profiles: satch
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe
DeleteKey: HKCU\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71
DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f7
C:\WINDOWS\System32\DRIVERS\avgntflt.sys
C:\WINDOWS\System32\drivers\aswTap.sys
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastUI.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|Avast SecureLine VPN.lnk
DeleteKey: HKLM\SOFTWARE\AVAST Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software
DeleteKey: HKCU\SOFTWARE\Avast Software
DeleteKey: HKCU\SOFTWARE\Browser Cleanup
DeleteKey: HKU\.DEFAULT\SOFTWARE\AVAST Software
DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Avast Software
DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Browser Cleanup
C:\Program Files (x86)\AVAST Software
C:\ProgramData\AVAST Software
C:\Users\satch\AppData\Local\AVAST Software
C:\WINDOWS\System32\drivers\aswTap.sys
C:\Program Files\AVAST Software
C:\WINDOWS\System32\DRIVERS\avgntflt.sys
C:\WINDOWS\System32\DRIVERS\avipbb.sys
C:\WINDOWS\System32\DRIVERS\avkmgr.sys
C:\WINDOWS\System32\drivers\avgntflt.sys
C:\WINDOWS\System32\drivers\avipbb.sys 
C:\WINDOWS\System32\drivers\avkmgr.sys
C:\WINDOWS\System32\DRIVERS\avgntflt.sys
C:\WINDOWS\System32\DRIVERS\avipbb.sys
C:\WINDOWS\System32\DRIVERS\avkmgr.sys
C:\WINDOWS\System32\drivers\lpsport.sys
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent
C:\ProgramData\TotalAv
C:\ProgramData\Avira
C:\WINDOWS\system32\drivers\etc\hosts
Hosts:
C:\Program Files (x86)\TotalAV
C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Discord
DeleteValue: HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|utweb
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastUI.exe
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SunJavaUpdateSched
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|Avast SecureLine VPN.lnk
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Eset
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan Plus.lnk
DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee
DeleteKey: HKLM\SOFTWARE\WOW6432Node\mcafeeupdater
DeleteKey: HKCU\SOFTWARE\McAfee
DeleteKey: HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\McAfee
C:\ProgramData\McAfee
C:\WINDOWS\System32\drivers\tap0901.sys
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent
C:\Users\satch\AppData\Local\BitTorrentHelper
C:\WINDOWS\System32\drivers\webshieldfilter.sys
C:\WINDOWS\System32\drivers\tap0901.sys
cmd: del /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\*.*"
cmd: del /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.log"
cmd: del /s /q "C:\ProgramData\Microsoft\Windows Defender\support\*.log"
startpowershell:
Set-MpPreference -DisableAutoExclusions $true -Force
set-mppreference -mapsreporting basic -Force
set-mppreference -DisableRealtimeMonitoring $false -Force
set-mppreference -DisablePrivacyMode $true -Force
set-mppreference -DisableIOAVProtection $false -Force
set-mppreference -CheckForSignaturesBeforeRunningScan $true -Force
set-mppreference -PUAProtection enabled -Force
Update-MpSignature
Get-MpComputerStatus
get-mppreference
endpowershell:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
cmd: DISM.exe /Online /Cleanup-image /Scanhealth
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
CMD: fltmc instances
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
EmptyTemp:
CMD: ipconfig /flushdns
Reboot:
End::

*****************

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"C:\Users\satch\AppData\Roaming\uTorrent Web\utweb.exe" => not found
HKCU\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f71 => removed successfully
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\d05407ca-ebac-5ab1-82f3-0ac6dd4e3f7 => not found
C:\WINDOWS\System32\DRIVERS\avgntflt.sys => moved successfully
C:\WINDOWS\System32\drivers\aswTap.sys => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AvastUI.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|Avast SecureLine VPN.lnk => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\AVAST Software => removed successfully
RegLink Found. Source: "" => Target: "HKLM\SOFTWARE\Avast Software"
"HKLM\SOFTWARE\WOW6432Node\Avast Software" => removed successfully
HKCU\SOFTWARE\Avast Software => removed successfully
HKCU\SOFTWARE\Browser Cleanup => removed successfully
HKU\.DEFAULT\SOFTWARE\AVAST Software => removed successfully
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Avast Software => not found
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Browser Cleanup => not found
C:\Program Files (x86)\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Users\satch\AppData\Local\AVAST Software => moved successfully
"C:\WINDOWS\System32\drivers\aswTap.sys" => not found
"C:\Program Files\AVAST Software" => not found
"C:\WINDOWS\System32\DRIVERS\avgntflt.sys" => not found
C:\WINDOWS\System32\DRIVERS\avipbb.sys => moved successfully
C:\WINDOWS\System32\DRIVERS\avkmgr.sys => moved successfully
"C:\WINDOWS\System32\drivers\avgntflt.sys" => not found
"C:\WINDOWS\System32\drivers\avipbb.sys" => not found
"C:\WINDOWS\System32\drivers\avkmgr.sys" => not found
"C:\WINDOWS\System32\DRIVERS\avgntflt.sys" => not found
"C:\WINDOWS\System32\DRIVERS\avipbb.sys" => not found
"C:\WINDOWS\System32\DRIVERS\avkmgr.sys" => not found
C:\WINDOWS\System32\drivers\lpsport.sys => moved successfully
HKLM\SOFTWARE\WOW6432Node\Tencent => removed successfully
"C:\ProgramData\TotalAv" => not found

"C:\ProgramData\Avira" folder move:

Could not move "C:\ProgramData\Avira" => Scheduled to move on reboot.

C:\WINDOWS\system32\drivers\etc\hosts => moved successfully
Hosts restored successfully.
"C:\Program Files (x86)\TotalAV" => not found
C:\Users\satch\AppData\Local\ESET\ESETOnlineScanner => moved successfully
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Discord" => removed successfully
"HKEY_USERS\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\utweb" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AvastUI.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder" => not found
HKLM\SOFTWARE\WOW6432Node\Eset => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk" => removed successfully
HKLM\SOFTWARE\WOW6432Node\McAfee => removed successfully
HKLM\SOFTWARE\WOW6432Node\mcafeeupdater => removed successfully
HKCU\SOFTWARE\McAfee => removed successfully
HKU\S-1-5-21-3795020384-2431542903-1114512080-1003\SOFTWARE\McAfee => not found
C:\ProgramData\McAfee => moved successfully
C:\WINDOWS\System32\drivers\tap0901.sys => moved successfully
HKLM\SOFTWARE\WOW6432Node\Tencent => not found
C:\Users\satch\AppData\Local\BitTorrentHelper => moved successfully
C:\WINDOWS\System32\drivers\webshieldfilter.sys => moved successfully
"C:\WINDOWS\System32\drivers\tap0901.sys" => not found

========= del /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\*.*" =========

The system cannot find the file specified.

========= End of CMD: =========


========= del /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.log" =========

Deleted file - C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log
Deleted file - C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log

========= End of CMD: =========


========= del /s /q "C:\ProgramData\Microsoft\Windows Defender\support\*.log" =========

Deleted file - C:\ProgramData\Microsoft\Windows Defender\support\MPDetection-20220801-162006.log
Deleted file - C:\ProgramData\Microsoft\Windows Defender\support\MPDetection-20220831-162838.log
C:\ProgramData\Microsoft\Windows Defender\support\MPDetection-20221004-225051.log
C:\ProgramData\Microsoft\Windows Defender\support\MPDeviceControl-20220414-200519.log
C:\ProgramData\Microsoft\Windows Defender\support\MPLog-20220414-195118.log

========= End of CMD: =========


========= Powershell: =========



AMEngineVersion                  : 0.0.0.0
AMProductVersion                 : 4.18.2203.5
AMRunningMode                    : Not running
AMServiceEnabled                 : False
AMServiceVersion                 : 0.0.0.0
AntispywareEnabled               : False
AntispywareSignatureAge          : 4294967295
AntispywareSignatureLastUpdated  :
AntispywareSignatureVersion      : 0.0.0.0
AntivirusEnabled                 : False
AntivirusSignatureAge            : 4294967295
AntivirusSignatureLastUpdated    :
AntivirusSignatureVersion        : 0.0.0.0
BehaviorMonitorEnabled           : False
ComputerID                       : EC685A49-23A7-4945-A4C0-B50F9252DD06
ComputerState                    : 0
DefenderSignaturesOutOfDate      : False
DeviceControlDefaultEnforcement  : N/A
DeviceControlPoliciesLastUpdated : 12/31/1600 7:00:00 PM
DeviceControlState               : N/A
FullScanAge                      : 4294967295
FullScanEndTime                  :
FullScanOverdue                  : False
FullScanRequired                 : False
FullScanSignatureVersion         :
FullScanStartTime                :
IoavProtectionEnabled            : False
IsTamperProtected                : False
IsVirtualMachine                 : False
LastFullScanSource               : 0
LastQuickScanSource              : 0
NISEnabled                       : False
NISEngineVersion                 : 0.0.0.0
NISSignatureAge                  : 4294967295
NISSignatureLastUpdated          :
NISSignatureVersion              : 0.0.0.0
OnAccessProtectionEnabled        : False
ProductStatus                    : 1
QuickScanAge                     : 4294967295
QuickScanEndTime                 :
QuickScanOverdue                 : False
QuickScanSignatureVersion        :
QuickScanStartTime               :
RealTimeProtectionEnabled        : False
RealTimeScanDirection            : 0
RebootRequired                   : False
TamperProtectionSource           : Signatures
TDTMode                          : N/A
TDTStatus                        : N/A
TDTTelemetry                     : N/A
PSComputerName                   :

AllowDatagramProcessingOnWinServer            : False
AllowNetworkProtectionDownLevel               : False
AllowNetworkProtectionOnWinServer             : False
AllowSwitchToAsyncInspection                  : False
AttackSurfaceReductionOnlyExclusions          :
AttackSurfaceReductionRules_Actions           :
AttackSurfaceReductionRules_Ids               :
CheckForSignaturesBeforeRunningScan           : False
CloudBlockLevel                               : 1
CloudExtendedTimeout                          : 1
ComputerID                                    : EC685A49-23A7-4945-A4C0-B50F9252DD06
ControlledFolderAccessAllowedApplications     :
ControlledFolderAccessProtectedFolders        :
DefinitionUpdatesChannel                      : 0
DisableArchiveScanning                        : False
DisableAutoExclusions                         : False
DisableBehaviorMonitoring                     : False
DisableBlockAtFirstSeen                       : False
DisableCatchupFullScan                        : True
DisableCatchupQuickScan                       : True
DisableCpuThrottleOnIdleScans                 : True
DisableDatagramProcessing                     : False
DisableDnsOverTcpParsing                      : False
DisableDnsParsing                             : False
DisableEmailScanning                          : True
DisableFtpParsing                             : False
DisableGradualRelease                         : False
DisableHttpParsing                            : False
DisableInboundConnectionFiltering             : False
DisableIOAVProtection                         : False
DisableNetworkProtectionPerfTelemetry         : False
DisablePrivacyMode                            : False
DisableRdpParsing                             : False
DisableRealtimeMonitoring                     : False
DisableRemovableDriveScanning                 : True
DisableRestorePoint                           : True
DisableScanningMappedNetworkDrivesForFullScan : True
DisableScanningNetworkFiles                   : False
DisableScriptScanning                         : False
DisableSshParsing                             : False
DisableTDTFeature                             : False
DisableTlsParsing                             : False
EnableControlledFolderAccess                  : 0
EnableDnsSinkhole                             : True
EnableFileHashComputation                     : False
EnableFullScanOnBatteryPower                  : False
EnableLowCpuPriority                          : False
EnableNetworkProtection                       : 0
EngineUpdatesChannel                          : 0
ExclusionExtension                            :
ExclusionIpAddress                            :
ExclusionPath                                 :
ExclusionProcess                              :
ForceUseProxyOnly                             : False
HighThreatDefaultAction                       : 0
LowThreatDefaultAction                        : 0
MAPSReporting                                 : 2
MeteredConnectionUpdates                      : False
ModerateThreatDefaultAction                   : 0
PlatformUpdatesChannel                        : 0
ProxyBypass                                   :
ProxyPacUrl                                   :
ProxyServer                                   :
PUAProtection                                 : 1
QuarantinePurgeItemsAfterDelay                : 90
RandomizeScheduleTaskTimes                    : True
RealTimeScanDirection                         : 0
RemediationScheduleDay                        : 0
RemediationScheduleTime                       : 02:00:00
ReportingAdditionalActionTimeOut              : 10080
ReportingCriticalFailureTimeOut               : 10080
ReportingNonCriticalTimeOut                   : 1440
ScanAvgCPULoadFactor                          : 50
ScanOnlyIfIdleEnabled                         : True
ScanParameters                                : 1
ScanPurgeItemsAfterDelay                      : 15
ScanScheduleDay                               : 0
ScanScheduleOffset                            : 120
ScanScheduleQuickScanTime                     : 00:00:00
ScanScheduleTime                              : 02:00:00
SchedulerRandomizationTime                    : 4
ServiceHealthReportInterval                   : 60
SevereThreatDefaultAction                     : 0
SharedSignaturesPath                          :
SignatureAuGracePeriod                        : 0
SignatureBlobFileSharesSources                :
SignatureBlobUpdateInterval                   : 60
SignatureDefinitionUpdateFileSharesSources    :
SignatureDisableUpdateOnStartupWithoutEngine  : False
SignatureFallbackOrder                        : MicrosoftUpdateServer|MMPC
SignatureFirstAuGracePeriod                   : 120
SignatureScheduleDay                          : 8
SignatureScheduleTime                         : 01:45:00
SignatureUpdateCatchupInterval                : 1
SignatureUpdateInterval                       : 0
SubmitSamplesConsent                          : 1
ThreatIDDefaultAction_Actions                 :
ThreatIDDefaultAction_Ids                     :
ThrottleForScheduledScanOnly                  : True
TrustLabelProtectionStatus                    : 0
UILockdown                                    : False
UnknownThreatDefaultAction                    : 0
PSComputerName                                :




========= End of Powershell: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Default Gateway . . . . . . . . . :

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.0.11
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


========= netsh int ipv4 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\wct4B5F.tmp => moved successfully
C:\Windows\Temp\wct899E.tmp => moved successfully

========= End -> "C:\Windows\Temp\*.*" ========


=========== "C:\WINDOWS\system32\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\system32\*.tmp" ========


=========== "C:\WINDOWS\syswow64\*.tmp" ==========

not found

========= End -> "C:\WINDOWS\syswow64\*.tmp" ========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Error: Unable to rebuild performance counter setting from system backup store, error code is 2
========= End of CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= "C:\Windows\SysWOW64\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= "C:\Windows\SYSTEM32\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= DISM.exe /Online /Cleanup-image /Scanhealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19043.2006


[==                         4.9%                           ]

[===                        5.5%                           ]

[===                        6.4%                           ]

[====                       7.4%                           ]

[====                       7.9%                           ]

[====                       8.4%                           ]

[=====                      9.0%                           ]

[=====                      10.0%                          ]

[======                     10.9%                          ]

[======                     11.9%                          ]

[=======                    12.4%                          ]

[=======                    13.4%                          ]

[========                   14.3%                          ]

[========                   15.3%                          ]

[=========                  16.3%                          ]

[==========                 17.3%                          ]

[==========                 18.2%                          ]

[===========                19.2%                          ]

[===========                20.2%                          ]

[============               21.2%                          ]

[============               21.6%                          ]

[=============              22.4%                          ]

[=============              23.4%                          ]

[==============             24.4%                          ]

[==============             25.4%                          ]

[===============            26.3%                          ]

[===============            27.3%                          ]

[================           28.3%                          ]

[================           29.3%                          ]

[=================          30.2%                          ]

[==================         31.2%                          ]

[==================         32.2%                          ]

[===================        33.2%                          ]

[===================        34.1%                          ]

[====================       35.1%                          ]

[====================       36.1%                          ]

[=====================      37.1%                          ]

[======================     38.0%                          ]

[======================     39.0%                          ]

[=======================    40.0%                          ]

[=======================    41.0%                          ]

[========================   42.0%                          ]

[========================   42.5%                          ]

[=========================  43.5%                          ]

[=========================  44.0%                          ]

[=========================  44.6%                          ]

[=========================  44.8%                          ]

[========================== 45.0%                          ]

[========================== 46.0%                          ]

[===========================46.9%                          ]

[===========================47.9%                          ]

[===========================48.9%                          ]

[===========================49.9%                          ]

[===========================50.8%                          ]

[===========================51.8%                          ]

[===========================52.7%                          ]

[===========================53.7%                          ]

[===========================54.6%                          ]

[===========================55.6%                          ]

[===========================56.6%                          ]

[===========================57.3%=                         ]

[===========================57.5%=                         ]

[===========================58.0%=                         ]

[===========================59.0%==                        ]

[===========================60.0%==                        ]

[===========================60.3%==                        ]

[===========================61.2%===                       ]

[===========================62.1%====                      ]

[===========================62.4%====                      ]

[===========================63.0%====                      ]

[===========================63.4%====                      ]

[===========================63.7%====                      ]

[===========================64.5%=====                     ]

[===========================64.6%=====                     ]

[===========================64.8%=====                     ]

[===========================65.3%=====                     ]

[===========================65.7%======                    ]

[===========================66.6%======                    ]

[===========================67.2%======                    ]

[===========================67.5%=======                   ]

[===========================68.1%=======                   ]

[===========================68.4%=======                   ]

[===========================68.9%=======                   ]

[===========================69.0%========                  ]

[===========================69.2%========                  ]

[===========================69.3%========                  ]

[===========================70.1%========                  ]

[===========================70.9%=========                 ]

[===========================71.2%=========                 ]

[===========================71.6%=========                 ]

[===========================72.0%=========                 ]

[===========================73.0%==========                ]

[===========================73.0%==========                ]

[===========================73.1%==========                ]

[===========================74.0%==========                ]

[===========================74.3%===========               ]

[===========================75.2%===========               ]

[===========================76.2%============              ]

[===========================77.2%============              ]

[===========================78.1%=============             ]

[===========================79.1%=============             ]

[===========================80.1%==============            ]

[===========================81.1%===============           ]

[===========================82.0%===============           ]

[===========================83.0%================          ]

[===========================84.0%================          ]

[===========================85.0%=================         ]

[===========================86.0%=================         ]

[===========================86.0%=================         ]

[===========================86.2%==================        ]

[===========================86.2%==================        ]

[===========================86.5%==================        ]

[===========================86.5%==================        ]

[===========================86.6%==================        ]

[===========================86.7%==================        ]

[===========================86.7%==================        ]

[===========================86.8%==================        ]

[===========================86.9%==================        ]

[===========================87.0%==================        ]

[===========================87.0%==================        ]

[===========================87.1%==================        ]

[===========================87.2%==================        ]

[===========================87.3%==================        ]

[===========================87.3%==================        ]

[===========================87.5%==================        ]

[===========================87.6%==================        ]

[===========================87.7%==================        ]

[===========================87.8%==================        ]

[===========================87.9%==================        ]

[===========================87.9%==================        ]

[===========================88.1%===================       ]

[===========================88.2%===================       ]

[===========================88.3%===================       ]

[===========================88.4%===================       ]

[===========================88.4%===================       ]

[===========================88.5%===================       ]

[===========================88.6%===================       ]

[===========================88.7%===================       ]

[===========================88.7%===================       ]

[===========================88.8%===================       ]

[===========================88.9%===================       ]

[===========================89.1%===================       ]

[===========================89.1%===================       ]

[===========================89.2%===================       ]

[===========================89.5%===================       ]

[===========================89.7%====================      ]

[===========================89.9%====================      ]

[===========================90.0%====================      ]

[===========================90.1%====================      ]

[===========================90.3%====================      ]

[===========================90.4%====================      ]

[===========================90.5%====================      ]

[===========================90.5%====================      ]

[===========================91.5%=====================     ]

[===========================92.0%=====================     ]

[===========================92.2%=====================     ]

[===========================92.7%=====================     ]

[===========================93.7%======================    ]

[===========================94.6%======================    ]

[===========================95.6%=======================   ]

[===========================96.6%========================  ]

[===========================97.1%========================  ]

[==========================100.0%==========================]
No component store corruption detected.
The operation completed successfully.

========= End of CMD: =========


========= DISM.exe /Online /Cleanup-image /Restorehealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19043.2006


[==                         3.8%                           ]

[==                         4.8%                           ]

[===                        5.7%                           ]

[===                        6.7%                           ]

[====                       7.7%                           ]

[=====                      8.7%                           ]

[=====                      9.7%                           ]

[======                     10.6%                          ]

[======                     11.6%                          ]

[=======                    12.6%                          ]

[=======                    13.6%                          ]

[========                   14.6%                          ]

[=========                  15.5%                          ]

[=========                  16.5%                          ]

[==========                 17.5%                          ]

[==========                 18.5%                          ]

[===========                19.5%                          ]

[===========                20.5%                          ]

[============               21.4%                          ]

[=============              22.4%                          ]

[=============              23.4%                          ]

[==============             24.4%                          ]

[==============             25.4%                          ]

[===============            26.3%                          ]

[===============            27.0%                          ]

[================           28.0%                          ]

[================           28.2%                          ]

[================           29.1%                          ]

[=================          30.1%                          ]

[==================         31.1%                          ]

[==================         32.1%                          ]

[===================        33.1%                          ]

[===================        34.0%                          ]

[====================       35.0%                          ]

[====================       36.0%                          ]

[=====================      37.0%                          ]

[======================     38.0%                          ]

[======================     38.9%                          ]

[=======================    39.9%                          ]

[=======================    40.8%                          ]

[========================   41.8%                          ]

[========================   42.8%                          ]

[=========================  43.2%                          ]

[=========================  44.2%                          ]

[=========================  44.3%                          ]

[========================== 45.3%                          ]

[========================== 45.4%                          ]

[========================== 46.4%                          ]

[===========================47.4%                          ]

[===========================48.4%                          ]

[===========================49.4%                          ]

[===========================50.3%                          ]

[===========================51.3%                          ]

[===========================52.3%                          ]

[===========================53.3%                          ]

[===========================53.5%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.8%                          ]

[===========================53.8%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.2%                          ]

[===========================54.3%                          ]

[===========================54.4%                          ]

[===========================54.5%                          ]

[===========================54.6%                          ]

[===========================54.7%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================55.0%                          ]

[===========================55.1%                          ]

[===========================55.2%                          ]

[===========================55.5%                          ]

[===========================55.7%                          ]

[===========================56.0%                          ]

[===========================56.1%                          ]

[===========================57.1%=                         ]

[===========================58.0%=                         ]

[===========================59.0%==                        ]

[===========================60.0%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


========= fltmc instances =========

Filter                Volume Name                              Altitude        Instance Name       Frame   SprtFtrs  VlStatus
--------------------  -------------------------------------  ------------  ----------------------  -----   --------  --------
BdSentry                                                        266211     BdSentryInstance          0     0000000c 
BdSentry                                                        266211     BdSentryInstance          0     0000000c 
BdSentry              C:                                        266211     BdSentryInstance          0     0000000c 
BdSentry              \Device\HarddiskVolumeShadowCopy1         266211     BdSentryInstance          0     0000000c 
BdSentry              \Device\Mup                               266211     BdSentryInstance          0     0000000c 
CldFlt                C:                                        180451     CldFlt                    0     00000007 
CldFlt                \Device\HarddiskVolumeShadowCopy1         180451     CldFlt                    0     00000007 
FileInfo                                                         40500     FileInfo                  0     00000007 
FileInfo                                                         40500     FileInfo                  0     00000007 
FileInfo              C:                                         40500     FileInfo                  0     00000007 
FileInfo              \Device\HarddiskVolumeShadowCopy1          40500     FileInfo                  0     00000007 
FileInfo              \Device\Mup                                40500     FileInfo                  0     00000007 
WdFilter                                                        328010     WdFilter Instance         0     00000007 
WdFilter                                                        328010     WdFilter Instance         0     00000007 
WdFilter              C:                                        328010     WdFilter Instance         0     00000007 
WdFilter              \Device\HarddiskVolumeShadowCopy1         328010     WdFilter Instance         0     00000007 
WdFilter              \Device\Mup                               328010     WdFilter Instance         0     00000007 
Wof                                                              40700     Wof Instance              0     00000007 
Wof                   C:                                         40700     Wof Instance              0     00000007 
Wof                   \Device\HarddiskVolumeShadowCopy1          40700     Wof Instance              0     00000007 
avgntflt                                                        320500     avgntflt                  0     00000007 
avgntflt                                                        320500     avgntflt                  0     00000007 
avgntflt              C:                                        320500     avgntflt                  0     00000007 
avgntflt              \Device\Mup                               320500     avgntflt                  0     00000007 
bindflt               C:                                        409800     bindflt Instance          0     00000007 
luafv                 C:                                        135000     luafv                     0     00000007 
npsvctrig             \Device\NamedPipe                          46000     npsvctrig                 0     00000000 
rtp_filesystem_filter                                            320500.5   rtp_filesystem_filter     0     00000007 
rtp_filesystem_filter                                            320500.5   rtp_filesystem_filter     0     00000007 
rtp_filesystem_filter  C:                                        320500.5   rtp_filesystem_filter     0     00000007 
rtp_filesystem_filter  \Device\Mup                               320500.5   rtp_filesystem_filter     0     00000007 
rtp_filesystem_filter  \Device\NamedPipe                         320500.5   rtp_filesystem_filter     0     00000007 
wcifs                 C:                                        189900     wcifs Instance            0     00000007 

========= End of CMD: =========


========= del /s /q C:\Windows\SoftwareDistribution\download\*.* =========

Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\24635bc8-97e7-4d9f-b0a5-3c2ea521e7d9.AggregatedMetadata.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ar-sa.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ar-sa.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_bg-bg.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_bg-bg.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ca-es.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ca-es.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_cs-cz.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_cs-cz.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_da-dk.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_da-dk.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_de-de.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_de-de.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_el-gr.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_el-gr.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-gb.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-gb.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-us.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_en-us.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-es.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-es.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-mx.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_es-mx.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_et-ee.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_et-ee.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fi-fi.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fi-fi.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-ca.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-ca.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-fr.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_fr-fr.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_he-il.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_he-il.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hr-hr.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hr-hr.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hu-hu.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_hu-hu.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_id-id.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_id-id.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_it-it.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_it-it.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ja-jp.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ja-jp.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ko-kr.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ko-kr.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lt-lt.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lt-lt.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lv-lv.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_lv-lv.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nb-no.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nb-no.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_Neutral.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_Neutral.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nl-nl.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_nl-nl.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pl-pl.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pl-pl.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-br.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-br.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-pt.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_pt-pt.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ro-ro.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ro-ro.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ru-ru.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_ru-ru.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sk-sk.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sk-sk.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sl-si.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sl-si.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sr-latn-rs.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sr-latn-rs.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sv-se.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_sv-se.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_th-th.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_th-th.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_tr-tr.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_tr-tr.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_uk-ua.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_uk-ua.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_vi-vn.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_vi-vn.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-cn.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-cn.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-tw.CompDB.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopBaselessCompDB_zh-tw.CompDB.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ar-sa.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ar-sa.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_bg-bg.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_bg-bg.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ca-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ca-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_corecountryspecific_zh-cn.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_corecountryspecific_zh-cn.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_bg-bg.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_bg-bg.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_cs-cz.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_cs-cz.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_da-dk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_da-dk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_de-de.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_de-de.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_el-gr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_el-gr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-gb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-gb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-us.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_en-us.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_es-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_es-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_et-ee.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_et-ee.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fi-fi.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fi-fi.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fr-fr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_fr-fr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hr-hr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hr-hr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hu-hu.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_hu-hu.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_it-it.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_it-it.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lt-lt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lt-lt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lv-lv.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_lv-lv.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nb-no.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nb-no.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nl-nl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_nl-nl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pl-pl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pl-pl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pt-pt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_pt-pt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_ro-ro.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_ro-ro.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sk-sk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sk-sk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sl-si.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sl-si.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sv-se.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_coren_sv-se.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ar-sa.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ar-sa.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_bg-bg.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_bg-bg.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_cs-cz.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_cs-cz.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_da-dk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_da-dk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_de-de.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_de-de.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_el-gr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_el-gr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-gb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-gb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-us.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_en-us.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-mx.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_es-mx.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_et-ee.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_et-ee.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fi-fi.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fi-fi.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-ca.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-ca.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-fr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_fr-fr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_he-il.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_he-il.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hr-hr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hr-hr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hu-hu.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_hu-hu.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_it-it.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_it-it.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ja-jp.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ja-jp.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ko-kr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ko-kr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lt-lt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lt-lt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lv-lv.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_lv-lv.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nb-no.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nb-no.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nl-nl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_nl-nl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pl-pl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pl-pl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-br.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-br.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-pt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_pt-pt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ro-ro.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ro-ro.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ru-ru.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_ru-ru.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sk-sk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sk-sk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sl-si.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sl-si.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sr-latn-rs.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sr-latn-rs.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sv-se.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_sv-se.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_th-th.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_th-th.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_tr-tr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_tr-tr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_uk-ua.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_uk-ua.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-cn.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-cn.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-tw.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_core_zh-tw.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_cs-cz.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_cs-cz.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_da-dk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_da-dk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_de-de.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_de-de.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_el-gr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_el-gr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-gb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-gb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-us.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_en-us.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-mx.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_es-mx.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_et-ee.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_et-ee.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fi-fi.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fi-fi.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-ca.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-ca.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-fr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_fr-fr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_he-il.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_he-il.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hr-hr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hr-hr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hu-hu.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_hu-hu.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_id-id.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_id-id.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_it-it.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_it-it.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ja-jp.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ja-jp.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ko-kr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ko-kr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lt-lt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lt-lt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lv-lv.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_lv-lv.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nb-no.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nb-no.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_Neutral.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_Neutral.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nl-nl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_nl-nl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pl-pl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pl-pl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ar-sa.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ar-sa.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_bg-bg.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_bg-bg.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_cs-cz.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_cs-cz.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_da-dk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_da-dk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_de-de.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_de-de.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_el-gr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_el-gr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-gb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-gb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-us.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_en-us.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-mx.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_es-mx.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_et-ee.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_et-ee.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fi-fi.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fi-fi.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-ca.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-ca.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-fr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_fr-fr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_he-il.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_he-il.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hr-hr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hr-hr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hu-hu.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_hu-hu.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_it-it.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_it-it.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ja-jp.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ja-jp.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ko-kr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ko-kr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lt-lt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lt-lt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lv-lv.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_lv-lv.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nb-no.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nb-no.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nl-nl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_nl-nl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pl-pl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pl-pl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-br.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-br.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-pt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_pt-pt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ro-ro.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ro-ro.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ru-ru.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_ru-ru.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sk-sk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sk-sk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sl-si.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sl-si.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sr-latn-rs.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sr-latn-rs.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sv-se.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_sv-se.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_th-th.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_th-th.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_tr-tr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_tr-tr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_uk-ua.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_uk-ua.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-cn.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-cn.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-tw.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_PPIPro_zh-tw.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_bg-bg.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_bg-bg.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_cs-cz.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_cs-cz.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_da-dk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_da-dk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_de-de.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_de-de.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_el-gr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_el-gr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-gb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-gb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-us.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_en-us.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_es-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_es-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_et-ee.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_et-ee.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fi-fi.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fi-fi.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fr-fr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_fr-fr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hr-hr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hr-hr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hu-hu.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_hu-hu.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_it-it.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_it-it.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lt-lt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lt-lt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lv-lv.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_lv-lv.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nb-no.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nb-no.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nl-nl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_nl-nl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pl-pl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pl-pl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pt-pt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_pt-pt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_ro-ro.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_ro-ro.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sk-sk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sk-sk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sl-si.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sl-si.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sv-se.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professionaln_sv-se.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ar-sa.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ar-sa.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_bg-bg.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_bg-bg.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_cs-cz.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_cs-cz.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_da-dk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_da-dk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_de-de.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_de-de.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_el-gr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_el-gr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-gb.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-gb.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-us.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_en-us.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-es.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-es.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-mx.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_es-mx.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_et-ee.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_et-ee.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fi-fi.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fi-fi.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-ca.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-ca.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-fr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_fr-fr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_he-il.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_he-il.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hr-hr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hr-hr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hu-hu.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_hu-hu.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_it-it.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_it-it.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ja-jp.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ja-jp.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ko-kr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ko-kr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lt-lt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lt-lt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lv-lv.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_lv-lv.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nb-no.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nb-no.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nl-nl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_nl-nl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pl-pl.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pl-pl.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-br.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-br.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-pt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_pt-pt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ro-ro.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ro-ro.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ru-ru.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_ru-ru.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sk-sk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sk-sk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sl-si.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sl-si.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sr-latn-rs.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sr-latn-rs.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sv-se.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_sv-se.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_th-th.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_th-th.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_tr-tr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_tr-tr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_uk-ua.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_uk-ua.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-cn.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-cn.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-tw.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_professional_zh-tw.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-br.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-br.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-pt.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_pt-pt.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ro-ro.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ro-ro.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ru-ru.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_ru-ru.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sk-sk.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sk-sk.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sl-si.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sl-si.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sr-latn-rs.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sr-latn-rs.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sv-se.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_sv-se.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_th-th.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_th-th.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_tr-tr.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_tr-tr.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_uk-ua.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_uk-ua.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_vi-vn.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_vi-vn.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-cn.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-cn.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-tw.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetCompDB_zh-tw.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetServicedCompdb_Neutral.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DesktopTargetServicedCompDB_Neutral.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\DeviceInventory.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\dpx.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\EKBUpdateCompDB_KB5000736.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\EKBUpdateCompDB_KB5000736.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\LCUCompDB_KB5017308.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\LCUCompDB_KB5017308.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\Mitigation.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\OasisAssetCompDB_KB5008575.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\OasisAssetCompDB_KB5008575.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\ReserveManager.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SafeOSDUCompDB_KB5011577.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SafeOSDUCompDB_KB5011577.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705-express.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705-express.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705.xml
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\SSUCompDB_KB5016705.xml.cab
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\TurboStack.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\UAOneSettings.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\UpdateAgent.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\wcp.dll
Deleted file - C:\Windows\SoftwareDistribution\download\68e58438f17b1bacff3cb6867768b89f\Metadata\WinREAgent.dll
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\11b9a533894bc9d9f83ce7045a76c34df807e223087e7b5214b0aea9c395d6b4
Deleted file - C:\Windows\SoftwareDistribution\download\SharedFileCache\ecdb03814462aeeb90ce91e145a057feb64c6a34de35a6651f9a51980dfa1773

========= End of CMD: =========


========= del /s /q "%userprofile%\AppData\Local\temp\*.*" =========

Deleted file - C:\Users\satch\AppData\Local\temp\.ses
Deleted file - C:\Users\satch\AppData\Local\temp\591d0145-3a3f-47c5-8609-0c3ebab14503.tmp
Deleted file - C:\Users\satch\AppData\Local\temp\c0bcd14c-f067-4e4b-833d-5105b3e0f6d8.tmp
Deleted file - C:\Users\satch\AppData\Local\temp\cv_debug.log
Deleted file - C:\Users\satch\AppData\Local\temp\e79e8490-ef7b-490b-ad96-8c9969ea8f01.tmp
Deleted file - C:\Users\satch\AppData\Local\temp\ea86eacc-ab79-4e11-b880-83e1ddaa6423.tmp
Deleted file - C:\Users\satch\AppData\Local\temp\ecache.bin
Deleted file - C:\Users\satch\AppData\Local\temp\fb8939b1-9413-4984-828e-0011d0d66331.tmp
Deleted file - C:\Users\satch\AppData\Local\temp\jusched.log
Deleted file - C:\Users\satch\AppData\Local\temp\wctCA3F.tmp
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_0
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_1
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_2
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\data_3
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000001
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000002
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000003
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000004
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000005
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000006
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000007
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000008
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000009
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000a
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000b
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000c
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000d
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000e
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00000f
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000010
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000011
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000012
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000013
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000014
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000015
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000016
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000017
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000018
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000019
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001a
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001b
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001c
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001d
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001e
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00001f
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000020
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000021
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000022
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000023
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000024
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000025
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000026
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000027
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000028
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000029
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002a
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002b
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002c
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002d
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002e
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00002f
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000030
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000031
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000032
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000033
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000034
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000035
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000036
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000037
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000038
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000039
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003a
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003b
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003c
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003d
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003e
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00003f
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000040
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000041
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000042
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000043
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000044
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000045
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000046
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000047
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000048
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000049
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004a
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004b
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004c
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004d
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004e
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00004f
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000050
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000051
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000052
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000053
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000054
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000055
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000056
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000057
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000058
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000059
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005a
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005b
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005c
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005d
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005e
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_00005f
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000060
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000061
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000062
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\f_000063
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Cache\index
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_0
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_1
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_2
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\data_3
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\GPUCache\index
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_file_0.localstorage
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_file_0.localstorage-journal
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_web_0.localstorage
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\coui_web_0.localstorage-journal
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\https_gemstore-dfw-live.ncplatform.net_0.localstorage
Deleted file - C:\Users\satch\AppData\Local\temp\gw2cache-{0B00A8C1-8A24-28EF-C2A8-000B248AEF28}\user\Local Storage\https_gemstore-dfw-live.ncplatform.net_0.localstorage-journal

========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10693417 B
Java, Discord, Steam htmlcache => 54500264 B
Windows/system/drivers => 179268544 B
Edge => 0 B
Chrome => 209899805 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 64854 B
systemprofile32 => 65286 B
LocalService => 75726 B
NetworkService => 75726 B
satch => 2028074 B

RecycleBin => 523631 B
EmptyTemp: => 436 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-10-2022 21:32:43)

C:\ProgramData\Avira => Could not move

==== End of Fixlog 21:32:45 ====

Malnutrition · Oct 7, 2022

For now lets just use Windows defender.
Uninstall Avira with GeekUninstaller. Then...
Run the Avira Removal Tool.
Select all options.
Also, let me know how the machine is performing, as far as CPU usage, I know you said things were fine, but I am just wanting to know of any issues whatsoever.

I'll see the state of the machine with the new logs, also I'd like to see an autoruns log, so we can trim the work load on your machine.

Download Autoruns and Autorunsc Unzip it to your desktop and then right click

Run as Admin.
After the scan is finished then click on File----Then click----Save
The default name will be autoruns.arn make sure to leave it this way.
Attach the file in your next reply.
If the file is too large, then use catbox.moe or Ufile.io and send the link in your next reply.

Rum Ham · Oct 8, 2022

Yeah I don't think I looked at it much if at all before this thing started, but I think things look normal with CPU usage and memory, if just a tad high at this very moment with memory (30%). But its never been showing the 97%-99% usage lately that alerted me to a problem.

The Avira removal tool had a problem and said I needed to start in safe mode to remove all the registry, unfortunately I only have a bluetooth keyboard that will not connect at all during the selection screen where it requires me to hit 4 to go safe, so I couldn't do that.

Guess it was too large here is the link https://files.catbox.moe/lsu1y1.arn

Malnutrition · Oct 9, 2022

Just removing Avira with Geek uninstaller should be fine, you can use just windows defender and also I suggest installing ublock origin.

Windows defender is fine, and you do not need another antivirus hogging up memory. I'd install a little firewall like Glasswire, or Xvirus firewall if you want an extra layer of protection.

Also, I suggest that you run O&O Antispyware this can trim down bandwidth consumption, by stopping your machine uploading to MS servers so constantly.

Then for now, disable windows update. You can re enable anytime, you feel like you want to update.

Consider Adblocking DNS server. This can be set on your router to block ads on all devices, or individually on your machine with these instructions

Security Check Scan.

Download Security Check to your desktop.
Right click it run as administrator.
When the program completes, the tool will automatically open a log file.
Please Copy and paste that log here in your next post

Right click Autoruns and run as admin, uncheck the YELLOW ONLY highlighted items the ones I highlighed and the ones that read file not found. and then reboot the computer. Leave One drive checked if you use it.

Rum Ham · Oct 9, 2022

Ok after the security check I did the autoruns again and uncheck everything highlighted, plus anything else that was a 'file not found' although there was a lot of file not founds that it gave an error and said failed to remove or something, so I left those alone.

Log below of security check

SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
WebSite: www.safezone.cc
DateLog: 09.10.2022 09:07:26
Path starting: C:\Users\satch\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: satch
VersionXML: 10.22is-08.10.2022
___________________________________________________________________________

Windows 10(6.3.19043) (x64) Core Release: 2009 Lang: English(0409)
Installation date OS: 19.02.2021 22:47:08
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
SystemDrive: C: FS: [NTFS] Capacity: [930.9 Gb] Used: [637.8 Gb] Free: [293.1 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.789.19041.0
User Account Control enabled (Level 3)
Never check for updates
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
--------------------------- [ FirewallWindows ] ---------------------------
Windows Defender Firewall (mpssvc) - The service is running
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Malwarebytes version 4.5.14.210 v.4.5.14.210
--------------------------- [ OtherUtilities ] ----------------------------
NVIDIA GeForce Experience 3.26.0.131 v.3.26.0.131
Python 3.8.7 (64-bit) v.3.8.7150.0 Warning! Download Update
Steam v.2.10.91.91
Epic Games Launcher v.1.1.267.0
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.22.191.0911.0001
------------------------------ [ ArchAndFM ] ------------------------------
WinRAR 5.91 (64-bit) v.5.91.0 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 341 v.8.0.3410.10
------------------------------- [ Browser ] -------------------------------
Google Chrome v.106.0.5249.103
Microsoft Edge v.106.0.1370.37
------------------ [ AntivirusFirewallProcessServices ] -------------------
Malwarebytes Service (MBAMService) - The service has stopped
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe v.4.18.2207.7
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe v.4.18.2207.7
Microsoft Defender Antivirus Service (WinDefend) - The service is running
Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running
----------------------------- [ End of Log ] ------------------------------

Malnutrition · Oct 9, 2022

Update phython and winrar, and if there are no more questions or issues, I’ll mark this as solved for you?

Rum Ham · Oct 9, 2022

Yes everything seems good now, its been some yrs since I had any general knowledge of regular computer maintenance, what antivirus to use, etc. so that is apparent when I used Total AV when I was trying to get up to speed a bit again.

Thanks again for your time and help its very much appreciated

Malnutrition · Oct 10, 2022

Sweet, I'll mark this as solved. If you could tell a friend or two about us, or perhaps share a link to this site on any social media if you have or so choose. Have a great night.

Rum Ham

Attachments

Malnutrition

Malnurished Mod

Rum Ham

Malnutrition

Malnurished Mod

Rum Ham

Malnutrition

Malnurished Mod

Attachments

Rum Ham

Malnutrition

Malnurished Mod

Attachments

Rum Ham

Malnutrition

Malnurished Mod

Rum Ham

Malnutrition

Malnurished Mod

Rum Ham

Malnutrition

Malnurished Mod

Rum Ham

Malnutrition

Malnurished Mod

Search

Search

Solved high memory usage, suspect i have malware