Contas do instagram e discord invadidas

Waterfill · 4 de junho de 2022

Olá! Estou precisando de ajuda, recentemente minhas duas contas do instagram, ficaram com a foto de perfil de outras pessoas aleatórios e um dia antes uns 30 perfis fake me seguiram, logo troquei de senha. Porém percebi que no meu discord, q é a mesmo q do instagram, também estava com outra foto de perfil, e várias pessoas no mei privado, algumas com msg e outras sem mensagem, como se tivesse uma conversa porém tivesse apagado, creio que pegaram minha conta pra propagar mensagens falsas, tanto que o discord baniu minha conta logo depois que eu troquei de senha. Isso aconteceu ontem, 03/06/22 por volta de 14:00 no instagram e 21:00 no discord. Queria saber o que posso fazer para tirar esse malware do pc, porque eu creio q seja uma ***** que eu fiz acabei clicando no link e baixando um arquivo .exe que se passava por outra coisa, era sobre o executive ape e as figuras nft, só q isso faz mais de 3 meses, e até entao não tinha nada de errado, o windows tinha colocado em quarentena, porém não sei se removeu, o que eu posso fazer?

Lusitano · 4 de junho de 2022

Caro usuário,

Para que o possamos ajudar, por gentileza siga as instruções desse tópico e na sua próxima resposta anexe TODOS os resultados das análises solicitadas.

Abraços

Waterfill · 5 de junho de 2022

Olá! me desculpe pela demora da resposta! muito obrigado por estar ajudando

log adwcleaner

log adcleane.txt

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-04-2022
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 10
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\RelevantKnowledge
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Deleted C:\Users\Sistemas\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Windows\SysWOW64\rlls.dll
Deleted C:\Windows\System32\rlls64.dll

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0352907-12D7-4958-A76C-6EE3FDF1196A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8BF911ED-0CB3-4304-B198-45A9CA6AACA1}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{EA7DE6BD-6DAE-44C7-BF43-2E9344112257}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2374 octets] - [04/06/2022 22:23:23]
AdwCleaner[S01].txt - [2435 octets] - [04/06/2022 22:25:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

log FRST

Addition.txt FRST.txt

Lusitano · 5 de junho de 2022

@Waterfill Olá,

1. Pressione as teclas win + R e digite appwiz.cpl

Desinstale os programas, caso eles existam:

Driver Booster
uTorrent (Este deixo á sua escolha se quer remover ou não. Programas deste tipo devem ser evitados porque a grande maioria dos programas que aí circulam violam a lei e contêm malwares)

2. Execução FRST:

Clique direito do mouse no icone do FRST e selecione executar como administrador
Selecione TODO o conteúdo da caixa abaixo e pressione ao mesmo tempo as teclas Ctrl + C, para que tudo seja copiado.Não é necessário colar a informação.A ferramenta FRST fará isso automaticamente.

Citação

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [TeamsMachineInstaller] => %ProgramFiles%\Teams Installer\Teams.exe --checkInstall --source=PROPLUS (Nenhum Arquivo)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
Task: {1E80E1EA-0631-4339-9466-3E34193867FF} - System32\Tasks\Opera scheduled Autoupdate 1642776188 => C:\Users\Sistemas\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {21A4330A-1A7A-416C-AB04-C01913035E7D} - System32\Tasks\Driver Booster SkipUAC (Sistemas) => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\DriverBooster.exe [8625688 2022-01-11] (IObit CO., LTD -> IObit)
Task: {CF89B24C-A90D-4544-BD82-705BC06CCF06} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\AutoUpdate.exe [2462744 2021-12-29] (IObit CO., LTD -> IObit)
2022-06-04 22:25 - 2022-01-21 19:01 - 000000000 ____D C:\Users\Sistemas\AppData\Roaming\IObit
FirewallRules: [{D95723E7-B949-45DD-8F4B-0631B7501544}] => (Allow) C:\Users\Sistemas\AppData\Local\Programs\Opera\83.0.4254.19\opera.exe => Nenhum Arquivo
FirewallRules: [{B9BCF964-0EB4-4CA2-AB35-B18708F03904}] => (Allow) C:\Windows\[email protected] => Nenhum Arquivo
FirewallRules: [{D2697639-B820-4C6F-9733-348A97391F22}] => (Allow) C:\Windows\[email protected] => Nenhum Arquivo
FirewallRules: [TCP Query User{43B60E2B-A9F3-4C0B-8333-3976CE3C50EF}C:\program files (x86)\d3reflection\diablo iii.exe] => (Allow) C:\program files (x86)\d3reflection\diablo iii.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{6648D68C-1E14-4DA7-B78B-9844C37807F2}C:\program files (x86)\d3reflection\diablo iii.exe] => (Allow) C:\program files (x86)\d3reflection\diablo iii.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{E9706EED-C321-459D-A330-A50F3C1A648F}C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EABAF5BA-3478-42EE-904A-E2A7C4321C3C}C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe => Nenhum Arquivo
FirewallRules: [{7E5F70D1-B2D4-4533-B188-B5C81ABA0DB9}] => (Allow) D:\BlueStacks X\BlueStacksWeb.exe => Nenhum Arquivo
FirewallRules: [{A04A5E49-38B4-458D-B0BF-AD24CACDE32E}] => (Allow) D:\BlueStacks X\Cloud Game.exe => Nenhum Arquivo
FirewallRules: [{FB07970E-B6B1-4CC2-BB76-9759FE4659B4}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{4FDD148B-B268-49D9-8826-6364BC1843F7}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{5A5394FD-7F95-4BDC-A0AF-53AD5B568209}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{C98C0C61-C7D7-400A-A034-F3CC04007370}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{F196523C-5502-4B3F-86D4-8A0B008D2EA1}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe => Nenhum Arquivo
FirewallRules: [{1F748524-97BB-47E3-9911-07C3F3F3A729}] => (Allow) C:\Users\Sistemas\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{43C3DE30-4C6D-4FE4-8DDB-C8A224E4ECF7}] => (Allow) C:\Users\Sistemas\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
Unlock: C:\Users\Sistemas\AppData\Roaming\IObit
Folder: C:\Users\Sistemas\AppData\Roaming\IObit
startpowershell:
Set-Service -Name "BITS" -StartupType Manual -Verbose
Set-Service -Name "Dhcp" -StartupType Automatic -Verbose
Set-Service -Name "EventLog" -StartupType Automatic -Verbose
Set-Service -Name "EventSystem" -StartupType Automatic -Verbose
Set-Service -Name "nsi" -StartupType Automatic -Verbose
Set-Service -Name "RasMan" -StartupType Manual -Verbose
Set-Service -Name "SDRSVC" -StartupType Manual -Verbose
Set-Service -Name "SstpSvc" -StartupType Manual -Verbose
Set-Service -Name "TrustedInstaller" -StartupType Manual -Verbose
Set-Service -Name "VSS" -StartupType Manual -Verbose
Set-Service -Name "Winmgmt" -StartupType Automatic -Verbose
Set-Service -Name "wuauserv" -StartupType Manual -Verbose

Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository
CMD: Winmgmt /resetrepository
CMD: winmgmt /resyncperf
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: sfc /scannow
C:\WINDOWS\SysWOW64\*.tmp
C:\WINDOWS\System32\*.tmp
C:\Windows\SystemTemp\*.tmp
EmptyTemp:
End::

Clique em Corrigir.
Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta e por gentileza me informe se tem notado mais esse sintoma relatado anteriormente.
Nota: Um dos comandos acima, irá remover cookies e com isso pode resultar em dificuldades em aceder a algumas páginas web (nomeadamente bancos) e poderá ser necessário reaplicar o código verificação da própria instituição. Os procedimentos acima poderão ser demorados. Por gentileza seja paciente e aguarde. Serão removidos os arquivos temporários.

Waterfill · 5 de junho de 2022

Fixlog.txt

Não notei nenhum sintoma estranho em si no pc, e sim nas contas do google, provavelmente utilizaram das senhas salvas pra entrar nas minhas contas.

Lusitano · 5 de junho de 2022

6 horas atrás, Lusitano disse:

Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta

Waterfill · 5 de junho de 2022

O anexo aparace para mim no meu ultimo post, só que deve estar com problema, vou copiar e colar aqui \/

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 04-06-2022 01
Executado por Sistemas (05-06-2022 10:26:01) Run:1
Executando a partir de C:\Users\Sistemas\Desktop
Perfis Carregados: Sistemas
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [TeamsMachineInstaller] => %ProgramFiles%\Teams Installer\Teams.exe --checkInstall --source=PROPLUS (Nenhum Arquivo)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
Task: {1E80E1EA-0631-4339-9466-3E34193867FF} - System32\Tasks\Opera scheduled Autoupdate 1642776188 => C:\Users\Sistemas\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {21A4330A-1A7A-416C-AB04-C01913035E7D} - System32\Tasks\Driver Booster SkipUAC (Sistemas) => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\DriverBooster.exe [8625688 2022-01-11] (IObit CO., LTD -> IObit)
Task: {CF89B24C-A90D-4544-BD82-705BC06CCF06} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\AutoUpdate.exe [2462744 2021-12-29] (IObit CO., LTD -> IObit)
2022-06-04 22:25 - 2022-01-21 19:01 - 000000000 ____D C:\Users\Sistemas\AppData\Roaming\IObit
FirewallRules: [{D95723E7-B949-45DD-8F4B-0631B7501544}] => (Allow) C:\Users\Sistemas\AppData\Local\Programs\Opera\83.0.4254.19\opera.exe => Nenhum Arquivo
FirewallRules: [{B9BCF964-0EB4-4CA2-AB35-B18708F03904}] => (Allow) C:\Windows\[email protected] => Nenhum Arquivo
FirewallRules: [{D2697639-B820-4C6F-9733-348A97391F22}] => (Allow) C:\Windows\[email protected] => Nenhum Arquivo
FirewallRules: [TCP Query User{43B60E2B-A9F3-4C0B-8333-3976CE3C50EF}C:\program files (x86)\d3reflection\diablo iii.exe] => (Allow) C:\program files (x86)\d3reflection\diablo iii.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{6648D68C-1E14-4DA7-B78B-9844C37807F2}C:\program files (x86)\d3reflection\diablo iii.exe] => (Allow) C:\program files (x86)\d3reflection\diablo iii.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{E9706EED-C321-459D-A330-A50F3C1A648F}C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EABAF5BA-3478-42EE-904A-E2A7C4321C3C}C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe => Nenhum Arquivo
FirewallRules: [{7E5F70D1-B2D4-4533-B188-B5C81ABA0DB9}] => (Allow) D:\BlueStacks X\BlueStacksWeb.exe => Nenhum Arquivo
FirewallRules: [{A04A5E49-38B4-458D-B0BF-AD24CACDE32E}] => (Allow) D:\BlueStacks X\Cloud Game.exe => Nenhum Arquivo
FirewallRules: [{FB07970E-B6B1-4CC2-BB76-9759FE4659B4}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{4FDD148B-B268-49D9-8826-6364BC1843F7}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{5A5394FD-7F95-4BDC-A0AF-53AD5B568209}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{C98C0C61-C7D7-400A-A034-F3CC04007370}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{F196523C-5502-4B3F-86D4-8A0B008D2EA1}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe] => (Allow) C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe => Nenhum Arquivo
FirewallRules: [{1F748524-97BB-47E3-9911-07C3F3F3A729}] => (Allow) C:\Users\Sistemas\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{43C3DE30-4C6D-4FE4-8DDB-C8A224E4ECF7}] => (Allow) C:\Users\Sistemas\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
Unlock: C:\Users\Sistemas\AppData\Roaming\IObit
Folder: C:\Users\Sistemas\AppData\Roaming\IObit
startpowershell:
Set-Service -Name "BITS" -StartupType Manual -Verbose
Set-Service -Name "Dhcp" -StartupType Automatic -Verbose
Set-Service -Name "EventLog" -StartupType Automatic -Verbose
Set-Service -Name "EventSystem" -StartupType Automatic -Verbose
Set-Service -Name "nsi" -StartupType Automatic -Verbose
Set-Service -Name "RasMan" -StartupType Manual -Verbose
Set-Service -Name "SDRSVC" -StartupType Manual -Verbose
Set-Service -Name "SstpSvc" -StartupType Manual -Verbose
Set-Service -Name "TrustedInstaller" -StartupType Manual -Verbose
Set-Service -Name "VSS" -StartupType Manual -Verbose
Set-Service -Name "Winmgmt" -StartupType Automatic -Verbose
Set-Service -Name "wuauserv" -StartupType Manual -Verbose
Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository
CMD: Winmgmt /resetrepository
CMD: winmgmt /resyncperf
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: sfc /scannow
C:\WINDOWS\SysWOW64\*.tmp
C:\WINDOWS\System32\*.tmp
C:\Windows\SystemTemp\*.tmp
EmptyTemp:

*****************

SystemRestore: On => completado
Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TeamsMachineInstaller" => removido (a) com sucesso.
HKLM\SOFTWARE\Policies\Mozilla => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E80E1EA-0631-4339-9466-3E34193867FF}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E80E1EA-0631-4339-9466-3E34193867FF}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1642776188 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1642776188" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21A4330A-1A7A-416C-AB04-C01913035E7D}" => não encontrado (a)
"C:\Windows\System32\Tasks\Driver Booster SkipUAC (Sistemas)" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Sistemas)" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF89B24C-A90D-4544-BD82-705BC06CCF06}" => não encontrado (a)
"C:\Windows\System32\Tasks\Driver Booster Update" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update" => não encontrado (a)
C:\Users\Sistemas\AppData\Roaming\IObit => movido com sucesso
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D95723E7-B949-45DD-8F4B-0631B7501544}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9BCF964-0EB4-4CA2-AB35-B18708F03904}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2697639-B820-4C6F-9733-348A97391F22}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{43B60E2B-A9F3-4C0B-8333-3976CE3C50EF}C:\program files (x86)\d3reflection\diablo iii.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6648D68C-1E14-4DA7-B78B-9844C37807F2}C:\program files (x86)\d3reflection\diablo iii.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E9706EED-C321-459D-A330-A50F3C1A648F}C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EABAF5BA-3478-42EE-904A-E2A7C4321C3C}C:\program files (x86)\Steam\steamapps\common\7 days to die\7daystodie.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E5F70D1-B2D4-4533-B188-B5C81ABA0DB9}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A04A5E49-38B4-458D-B0BF-AD24CACDE32E}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB07970E-B6B1-4CC2-BB76-9759FE4659B4}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4FDD148B-B268-49D9-8826-6364BC1843F7}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A5394FD-7F95-4BDC-A0AF-53AD5B568209}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\jre64\bin\java.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C98C0C61-C7D7-400A-A034-F3CC04007370}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F196523C-5502-4B3F-86D4-8A0B008D2EA1}C:\users\sistemas\downloads\project zombiod ver41.65\project zombiod\projectzomboid64.exe" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F748524-97BB-47E3-9911-07C3F3F3A729}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43C3DE30-4C6D-4FE4-8DDB-C8A224E4ECF7}" => removido (a) com sucesso.
"C:\Users\Sistemas\AppData\Roaming\IObit" => não encontrado (a)

========================= Folder: C:\Users\Sistemas\AppData\Roaming\IObit ========================

não encontrado (a).

====== Fim de Folder: ======

========= Powershell: =========

========= Fim de Powershell: =========

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= netsh winsock reset catalog =========

Cat logo Winsock redefinido com ˆxito.
Reinicie o computador para concluir a redefini‡Æo.

========= Fim de CMD: =========

========= netsh advfirewall reset =========

Ok.

========= Fim de CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Ok.

========= Fim de CMD: =========

========= netsh winhttp reset proxy =========

Configura‡äes do proxy WinHTTP atuais:

Acesso direto (nenhum servidor proxy).

========= Fim de CMD: =========

========= Bitsadmin /Reset /Allusers =========

BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Fim de CMD: =========

========= Winmgmt /salvagerepository =========

O reposit¢rio WMI est consistente

========= Fim de CMD: =========

========= Winmgmt /resetrepository =========

O reposit¢rio WMI foi redefinido

========= Fim de CMD: =========

========= winmgmt /resyncperf =========

========= Fim de CMD: =========

========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========

Info: Configura‡Æo do contador de desempenho reconstru¡da com sucesso a partir do reposit¢rio de backup do sistema

========= Fim de CMD: =========

========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========

Info: Configura‡Æo do contador de desempenho reconstru¡da com sucesso a partir do reposit¢rio de backup do sistema

========= Fim de CMD: =========

========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========

Info: Configura‡Æo do contador de desempenho reconstru¡da com sucesso a partir do reposit¢rio de backup do sistema

========= Fim de CMD: =========

========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========

Info: Configura‡Æo do contador de desempenho reconstru¡da com sucesso a partir do reposit¢rio de backup do sistema

========= Fim de CMD: =========

========= sfc /scannow =========

Iniciando verificação de arquivos. O processo levará alguns minutos para ser concluído.

Iniciando fase de verificação de verificação do sistema.
Verificação 0% concluída. Verificação 1% concluída. Verificação 1% concluída. Verificação 2% concluída. Verificação 3% concluída. Verificação 3% concluída. Verificação 4% concluída. Verificação 5% concluída. Verificação 5% concluída. Verificação 6% concluída. Verificação 7% concluída. Verificação 7% concluída. Verificação 8% concluída. Verificação 9% concluída. Verificação 9% concluída. Verificação 10% concluída. Verificação 11% concluída. Verificação 11% concluída. Verificação 12% concluída. Verificação 13% concluída. Verificação 13% concluída. Verificação 14% concluída. Verificação 14% concluída. Verificação 15% concluída. Verificação 16% concluída. Verificação 16% concluída. Verificação 17% concluída. Verificação 18% concluída. Verificação 18% concluída. Verificação 19% concluída. Verificação 20% concluída. Verificação 20% concluída. Verificação 21% concluída. Verificação 22% concluída. Verificação 22% concluída. Verificação 23% concluída. Verificação 24% concluída. Verificação 24% concluída. Verificação 25% concluída. Verificação 26% concluída. Verificação 26% concluída. Verificação 27% concluída. Verificação 27% concluída. Verificação 28% concluída. Verificação 29% concluída. Verificação 29% concluída. Verificação 30% concluída. Verificação 31% concluída. Verificação 31% concluída. Verificação 32% concluída. Verificação 33% concluída. Verificação 33% concluída. Verificação 34% concluída. Verificação 35% concluída. Verificação 35% concluída. Verificação 36% concluída. Verificação 37% concluída. Verificação 37% concluída. Verificação 38% concluída. Verificação 39% concluída. Verificação 39% concluída. Verificação 40% concluída. Verificação 41% concluída. Verificação 41% concluída. Verificação 42% concluída. Verificação 42% concluída. Verificação 43% concluída. Verificação 44% concluída. Verificação 44% concluída. Verificação 45% concluída. Verificação 46% concluída. Verificação 46% concluída. Verificação 47% concluída. Verificação 48% concluída. Verificação 48% concluída. Verificação 49% concluída. Verificação 50% concluída. Verificação 50% concluída. Verificação 51% concluída. Verificação 52% concluída. Verificação 52% concluída. Verificação 53% concluída. Verificação 54% concluída. Verificação 54% concluída. Verificação 55% concluída. Verificação 55% concluída. Verificação 56% concluída. Verificação 57% concluída. Verificação 57% concluída. Verificação 58% concluída. Verificação 59% concluída. Verificação 59% concluída. Verificação 60% concluída. Verificação 61% concluída. Verificação 61% concluída. Verificação 62% concluída. Verificação 63% concluída. Verificação 63% concluída. Verificação 64% concluída. Verificação 65% concluída. Verificação 65% concluída. Verificação 66% concluída. Verificação 67% concluída. Verificação 67% concluída. Verificação 68% concluída. Verificação 68% concluída. Verificação 69% concluída. Verificação 70% concluída. Verificação 70% concluída. Verificação 71% concluída. Verificação 72% concluída. Verificação 72% concluída. Verificação 73% concluída. Verificação 74% concluída. Verificação 74% concluída. Verificação 75% concluída. Verificação 76% concluída. Verificação 76% concluída. Verificação 77% concluída. Verificação 78% concluída. Verificação 78% concluída. Verificação 79% concluída. Verificação 80% concluída. Verificação 80% concluída. Verificação 81% concluída. Verificação 82% concluída. Verificação 82% concluída. Verificação 83% concluída. Verificação 83% concluída. Verificação 84% concluída. Verificação 85% concluída. Verificação 85% concluída. Verificação 86% concluída. Verificação 87% concluída. Verificação 87% concluída. Verificação 88% concluída. Verificação 89% concluída. Verificação 89% concluída. Verificação 90% concluída. Verificação 91% concluída. Verificação 91% concluída. Verificação 92% concluída. Verificação 93% concluída. Verificação 93% concluída. Verificação 94% concluída. Verificação 95% concluída. Verificação 95% concluída. Verificação 96% concluída. Verificação 96% concluída. Verificação 97% concluída. Verificação 98% concluída. Verificação 98% concluída. Verificação 99% concluída. Verificação 100% concluída.

A Proteção de Recursos do Windows encontrou arquivos corrompidos e os reparou com êxito.
Para reparos online, os detalhes são incluídos no arquivo de log CBS localizado em
windir\Logs\CBS\CBS.log. Por exemplo, C:\Windows\Logs\CBS\CBS.log. Para reparos
offline, os detalhes são incluídos no arquivo de log fornecido pelo sinalizador /OFFLOGFILE.

========= Fim de CMD: =========

=========== "C:\WINDOWS\SysWOW64\*.tmp" ==========

C:\WINDOWS\SysWOW64\SETD219.tmp => movido com sucesso

========= Fim -> "C:\WINDOWS\SysWOW64\*.tmp" ========

=========== "C:\WINDOWS\System32\*.tmp" ==========

C:\WINDOWS\System32\SETCF0E.tmp => movido com sucesso

========= Fim -> "C:\WINDOWS\System32\*.tmp" ========

=========== "C:\Windows\SystemTemp\*.tmp" ==========

não encontrado (a)

========= Fim -> "C:\Windows\SystemTemp\*.tmp" ========

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 160988324 B
Java, Discord, Steam htmlcache => 1006706147 B
Windows/system/drivers => 71087329 B
Edge => 0 B
Chrome => 806291877 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1149134 B
systemprofile32 => 43427484 B
LocalService => 43434758 B
NetworkService => 43728102 B
Sistemas => 548799739 B

RecycleBin => 0 B
EmptyTemp: => 2.5 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 10:29:39 ====

Lusitano · 6 de junho de 2022

@Waterfill Olá, Já alterou as suas senhas? Faça isso, caso ainda não tenha feito e utilize o 2FA.

Vamos verificar mais umas coisas. Seja paciente que esta análise pode ser demorada:

Faça o download ESET Online Scanner e salve no seu Desktop
Clique direito em esetonlinescanner_enu.exe e execute como administrador
Clique em Computer Scan
Clique em Full scan
Selecione Enable ESET to detect and quarantine potentially unwanted applications
Clique em Start scan
Quando terminar, salve o resultado no seu desktop como ESETScan.txt
Clique Continue e depois em Close
Anexe o arquivo ESETScan.txt
Gere e anexe também novos logs do FRST (frst.txt e addition.txt)

Waterfill · 6 de junho de 2022

Sim, alterei minhas senhas, usei já o 2fa.

segue os txt dos logs

log eset.txt logscan.txt FRST.txt Addition.txt

Lusitano · 6 de junho de 2022

@WaterfillOi, nada foi detetado no scan, apenas o que já estava na quarentena do adwcleaner e eu apenas vejo uma entrada orfã que nada de significativo implica com o desempenho e muito menos malware.

Ainda nota algo estranho?

Waterfill · 6 de junho de 2022

Não Lusitano! foi só em questão das contas do insta e discord mesmo que a minha conta adicionou automaticamente várias pessoas e mandou várias mensagens enganosas pra vários usuários e alteraram minha foto, Porém depois disso que mudei as senhas não ocorreu mais! Só uma dúvida, no meu gerenciador de tarefas não aparece nenhum aplicativos em inicializar ao ligar o pc, é por conta dos programas scans que desabilitaram?

Lusitano · 7 de junho de 2022

As minhas instruções não incluíram nada que mexesse com a gerenciador de tarefas, mas vamos ver se descobrimos a causa disso.

Execução FRST:

Clique direito do mouse no icone do FRST e selecione executar como administrador
Selecione TODO o conteúdo da caixa abaixo e pressione ao mesmo tempo as teclas Ctrl + C, para que tudo seja copiado. Não é necessário colar a informação. A ferramenta FRST fará isso automaticamente.

Citação

start::
CreateRestorePoint:
HKU\S-1-5-21-3946368670-3391554782-2956722438-1001\...\Run: [utweb] => "C:\Users\Sistemas\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Nenhum Arquivo)
CMD: dism /online /cleanup-image /restorehealth
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
end::

Clique em Corrigir.
Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta

Waterfill · 7 de junho de 2022

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 04-06-2022 01
Executado por Sistemas (07-06-2022 14:22:16) Run:2
Executando a partir de C:\Users\Sistemas\Desktop
Perfis Carregados: Sistemas
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3946368670-3391554782-2956722438-1001\...\Run: [utweb] => "C:\Users\Sistemas\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Nenhum Arquivo)
CMD: dism /online /cleanup-image /restorehealth
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies

*****************

Ponto de Restauração criado com sucesso.
"HKU\S-1-5-21-3946368670-3391554782-2956722438-1001\Software\Microsoft\Windows\CurrentVersion\Run\\utweb" => removido (a) com sucesso.

========= dism /online /cleanup-image /restorehealth =========

Ferramenta de Gerenciamento e Manuten‡Æo de Imagens de Implanta‡Æo
VersÆo: 10.0.19041.844

VersÆo da Imagem: 10.0.19044.1706

[== 3.8% ]
[== 4.0% ]
[== 4.7% ]
[=== 5.3% ]
[=== 6.0% ]
[=== 6.8% ]
[==== 7.7% ]
[===== 8.7% ]
[===== 9.7% ]
[====== 10.6% ]
[====== 11.6% ]
[======= 12.4% ]
[======= 13.3% ]
[======== 14.3% ]
[======== 15.2% ]
[========= 16.2% ]
[========= 17.2% ]
[========== 18.2% ]
[=========== 19.2% ]
[=========== 20.2% ]
[============ 21.1% ]
[============ 22.1% ]
[============= 23.1% ]
[============= 24.1% ]
[============== 25.1% ]
[============== 25.6% ]
[=============== 26.3% ]
[=============== 26.9% ]
[=============== 27.1% ]
[=============== 27.2% ]
[================ 28.2% ]
[================ 29.1% ]
[================= 30.1% ]
[================== 31.1% ]
[================== 32.1% ]
[=================== 33.1% ]
[=================== 34.0% ]
[==================== 35.0% ]
[==================== 35.3% ]
[===================== 36.2% ]
[===================== 37.1% ]
[====================== 38.0% ]
[====================== 38.4% ]
[====================== 38.5% ]
[====================== 38.7% ]
[====================== 38.9% ]
[====================== 39.2% ]
[====================== 39.5% ]
[======================= 39.9% ]
[======================= 40.1% ]
[======================= 40.3% ]
[======================= 40.7% ]
[======================= 40.8% ]
[======================= 41.1% ]
[======================== 41.6% ]
[======================== 41.9% ]
[======================== 42.4% ]
[======================== 42.6% ]
[========================= 43.6% ]
[========================= 44.2% ]
[========================== 45.1% ]
[========================== 45.7% ]
[========================== 46.0% ]
[========================== 46.3% ]
[===========================46.9% ]
[===========================47.7% ]
[===========================48.7% ]
[===========================49.1% ]
[===========================50.0% ]
[===========================50.6% ]
[===========================51.6% ]
[===========================52.6% ]
[===========================53.6% ]
[===========================53.7% ]
[===========================53.7% ]
[===========================53.7% ]
[===========================53.9% ]
[===========================54.0% ]
[===========================54.0% ]
[===========================54.0% ]
[===========================54.1% ]
[===========================54.2% ]
[===========================54.2% ]
[===========================54.2% ]
[===========================54.3% ]
[===========================54.3% ]
[===========================54.4% ]
[===========================54.5% ]
[===========================54.6% ]
[===========================54.7% ]
[===========================54.8% ]
[===========================54.8% ]
[===========================54.9% ]
[===========================54.9% ]
[===========================54.9% ]
[===========================55.0% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.3% ]
[===========================55.4% ]
[===========================55.4% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.6% ]
[===========================55.7% ]
[===========================55.7% ]
[===========================55.8% ]
[===========================56.0% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.4% ]
[===========================56.5% ]
[===========================56.6% ]
[===========================56.7% ]
[===========================56.8% ]
[===========================57.4%= ]
[===========================58.1%= ]
[===========================58.3%= ]
[===========================59.2%== ]
[===========================60.2%== ]
[===========================62.3%==== ]
[===========================84.9%================= ]
[==========================100.0%==========================]
Opera‡Æo de restaura‡Æo conclu¡da com ˆxito.
A opera‡Æo foi conclu¡da com ˆxito.

========= Fim de CMD: =========

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"="1"
"NoComponents"="1"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"ScanWithAntiVirus"="3"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection]
"AllowTelemetry"="3"
"MaxTelemetryAllowed"="3"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection\Users]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"="0"
"NoActiveDesktop"="1"
"NoActiveDesktopChanges"="1"
"NoRecentDocsHistory"="0"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]
"{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}"="1"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum]
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="32"
"{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF}"="1073741857"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="1"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Servicing]
"CountryCode"="BR"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"="5"
"ConsentPromptBehaviorUser"="3"
"DSCAutomationHostEnabled"="2"
"EnableCursorSuppression"="1"
"EnableFullTrustStartupTasks"="2"
"EnableInstallerDetection"="1"
"EnableLUA"="1"
"EnableSecureUIAPaths"="1"
"EnableUIADesktopToggle"="0"
"EnableUwpStartupTasks"="2"
"EnableVirtualization"="1"
"PromptOnSecureDesktop"="1"
"SupportFullTrustStartupTasks"="1"
"SupportUwpStartupTasks"="1"
"ValidateAdminCodeSignatures"="0"
"dontdisplaylastusername"="0"
"legalnoticecaption"=""
"legalnoticetext"="*"
"scforceoption"="0"
"shutdownwithoutlogon"="1"
"undockwithoutlogon"="1"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_BITMAP"="2"
"CF_DIB"="8"
"CF_DIBV5"="17"
"CF_OEMTEXT"="7"
"CF_PALETTE"="9"
"CF_TEXT"="1"
"CF_UNICODETEXT"="13"

=== Fim de ExportKey ===

==== Fim de Fixlog 14:25:20 ====

Fixlog.txt

Lusitano · 7 de junho de 2022

@Waterfill Continua com o seu gerenciador sem mostrar os processos? Se SIM, siga as instruções abaixo, caso contrário, NÃO execute, apenas me informe.

Execução FRST:

Clique direito do mouse no icone do FRST e selecione executar como administrador
Selecione TODO o conteúdo da caixa abaixo e pressione ao mesmo tempo as teclas Ctrl + C, para que tudo seja copiado. Não é necessário colar a informação. A ferramenta FRST fará isso automaticamente.

Citação

start::
CreateRestorePoint:
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
end::

Clique em Corrigir.
Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta

Waterfill · 8 de junho de 2022

Sim, ainda continua sem mostrar os programas que iniciam junto com o windows.

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 04-06-2022 01
Executado por Sistemas (07-06-2022 22:49:50) Run:3
Executando a partir de C:\Users\Sistemas\Desktop
Perfis Carregados: Sistemas
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

*****************

Ponto de Restauração criado com sucesso.
================== ExportKey: ===================

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe" => não encontrado (a)

=== Fim de ExportKey ===

==== Fim de Fixlog 22:49:57 ====

Fixlog.txt

Lusitano · 8 de junho de 2022

Olá, vamos verificar mais uma coisa.

Execução FRST:

Clique direito do mouse no icone do FRST e selecione executar como administrador
Selecione TODO o conteúdo da caixa abaixo e pressione ao mesmo tempo as teclas Ctrl + C, para que tudo seja copiado. Não é necessário colar a informação. A ferramenta FRST fará isso automaticamente.

Citação

start::
CreateRestorePoint:
ExportKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
end::

Clique em Corrigir.
Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta

Waterfill · 11 de junho de 2022

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 10-06-2022 01
Executado por Sistemas (11-06-2022 11:48:13) Run:4
Executando a partir de C:\Users\Sistemas\Desktop
Perfis Carregados: Sistemas
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
ExportKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

*****************

Ponto de Restauração criado com sucesso.
================== ExportKey: ===================

"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" => não encontrado (a)

=== Fim de ExportKey ===

==== Fim de Fixlog 11:48:20 ====

Lusitano · 11 de junho de 2022

@Waterfill Vamos tentar reconstruir essa chave:

Execução FRST:

Clique direito do mouse no icone do FRST e selecione executar como administrador
Selecione TODO o conteúdo da caixa abaixo e pressione ao mesmo tempo as teclas Ctrl + C, para que tudo seja copiado. Não é necessário colar a informação. A ferramenta FRST fará isso automaticamente.

Citação

start::
CreateRestorePoint:

StartRegedit:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] “DisableTaskMgr” =dword:00000000

EndRegedit:

Clique em Corrigir.
Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta e por gentileza me informe se tem notado mais esse sintoma relatado anteriormente.

Waterfill · 12 de junho de 2022

Está apresentando esse erro ao clicar em corrigir.

Lusitano · 12 de junho de 2022

@Waterfill Ok, vamos fazer de outra forma:

Salve o arquivo (fixlist.txt) no anexo dessa mensagem em seu Desktop (Área de Trabalho).

Clique com o botão direito em FRST.exe ou FRST64.exe e escolha Executar como Administrador.
Clique no botão Fix (Corrigir) e aguarde.
O sistema pode ser reiniciado.
Será criado um arquivo de texto Fixlog.txt em seu Desktop.
Anexe-o em sua próxima resposta.

fixlist.txt

Waterfill · 13 de junho de 2022

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 13-06-2022
Executado por Sistemas (13-06-2022 14:16:06) Run:5
Executando a partir de C:\Users\Sistemas\Desktop
Perfis Carregados: Sistemas
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CMD: fltmc instances
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: Bitsadmin /Reset /Allusers
CMD: for /F "tokens=*" %i in ('wevtutil.exe el') DO wevtutil.exe cl "%i"
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
EMPTYTEMP:
CMD: DISM.exe /Online /Cleanup-Image /Restorehealth
CMD: SFC /ScanNow
StartRegedit:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] “DisableTaskMgr” =dword:00000000
EndRegedit:

*****************

Ponto de Restauração criado com sucesso.

========= fltmc instances =========

Filtro Nome do Volume Altitude Nome da Instƒncia Quadro SprtFtrs VlStatus
-------------------- ------------------------------------- ------------ --------------------- ----- --------
FileInfo 40500 FileInfo 0 00000007
FileInfo 40500 FileInfo 0 00000007
FileInfo 40500 FileInfo 0 00000007
FileInfo 40500 FileInfo 0 00000007
FileInfo 40500 FileInfo 0 00000007
FileInfo 40500 FileInfo 0 00000007
FileInfo \Device\HarddiskVolumeShadowCopy10 40500 FileInfo 0 00000007
FileInfo \Device\HarddiskVolumeShadowCopy11 40500 FileInfo 0 00000007
FileInfo \Device\HarddiskVolumeShadowCopy7 40500 FileInfo 0 00000007
FileInfo \Device\HarddiskVolumeShadowCopy8 40500 FileInfo 0 00000007
FileInfo \Device\Mup 40500 FileInfo 0 00000007
SbieDrv 86900 SbieDrv Instance 0 00000000
SbieDrv 86900 SbieDrv Instance 0 00000000
SbieDrv 86900 SbieDrv Instance 0 00000000
SbieDrv 86900 SbieDrv Instance 0 00000000
SbieDrv 86900 SbieDrv Instance 0 00000000
SbieDrv 86900 SbieDrv Instance 0 00000000
SbieDrv \Device\HarddiskVolumeShadowCopy10 86900 SbieDrv Instance 0 00000000
SbieDrv \Device\HarddiskVolumeShadowCopy11 86900 SbieDrv Instance 0 00000000
SbieDrv \Device\HarddiskVolumeShadowCopy7 86900 SbieDrv Instance 0 00000000
SbieDrv \Device\HarddiskVolumeShadowCopy8 86900 SbieDrv Instance 0 00000000
SbieDrv \Device\Mup 86900 SbieDrv Instance 0 00000000
Wof 40700 Wof Instance 0 00000007
Wof 40700 Wof Instance 0 00000007
Wof 40700 Wof Instance 0 00000007
Wof 40700 Wof Instance 0 00000007
Wof \Device\HarddiskVolumeShadowCopy10 40700 Wof Instance 0 00000007
Wof \Device\HarddiskVolumeShadowCopy11 40700 Wof Instance 0 00000007
Wof \Device\HarddiskVolumeShadowCopy7 40700 Wof Instance 0 00000007
Wof \Device\HarddiskVolumeShadowCopy8 40700 Wof Instance 0 00000007
bindflt 409800 bindflt Instance 0 00000007
eamonm 328700 AmonMinifilter Instance 0 0000000f
eamonm 328700 AmonMinifilter Instance 0 0000000f
eamonm 328700 AmonMinifilter Instance 0 0000000f
eamonm 328700 AmonMinifilter Instance 0 0000000f
eamonm 328700 AmonMinifilter Instance 0 0000000f
eamonm 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\HarddiskVolumeShadowCopy10 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\HarddiskVolumeShadowCopy11 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\HarddiskVolumeShadowCopy7 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\HarddiskVolumeShadowCopy8 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\Mailslot 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\Mup 328700 AmonMinifilter Instance 0 0000000f
eamonm \Device\NamedPipe 328700 AmonMinifilter Instance 0 0000000f
luafv 135000 luafv 0 00000007
npsvctrig \Device\NamedPipe 46000 npsvctrig 0 00000000

========= Fim de CMD: =========

========= netsh advfirewall reset =========

Ok.

========= Fim de CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Ok.

========= Fim de CMD: =========

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= netsh winsock reset catalog =========

Cat logo Winsock redefinido com ˆxito.
Reinicie o computador para concluir a redefini‡Æo.

========= Fim de CMD: =========

========= netsh int ip reset C:\resettcpip.txt =========

Redefinindo Encaminhamento de Compartimento, OK!
Redefinindo Compartimento, OK!
Redefinindo Protocolo de Controle, OK!
Redefinindo Solicita‡Æo de Sequˆncia de Eco, OK!
Redefinindo Global, OK!
Redefinindo Interface, OK!
Redefinindo Endere‡o Anycast, OK!
Redefinindo Endere‡o multicast, OK!
Redefinindo Endere‡o Unicast, OK!
Redefinindo Vizinho, OK!
Redefinindo Caminho, OK!
Redefinindo Potencial, OK!
Redefinindo Pol¡tica de Prefixo, OK!
Redefinindo Vizinho de Proxy, OK!
Redefinindo Rota, OK!
Redefinindo Prefixo do Site, OK!
Redefinindo Subinterface, OK!
Redefinindo PadrÆo de Ativa‡Æo, OK!
Redefinindo Resolver Vizinho, OK!
Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Falha ao redefinir .
Acesso negado.

Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Redefinindo , OK!
Reinicie o computador para concluir esta a‡Æo.

========= Fim de CMD: =========

========= Bitsadmin /Reset /Allusers =========

BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Fim de CMD: =========

========= for /F "tokens=*" %i in ('wevtutil.exe el') DO wevtutil.exe cl "%i" =========

C:\Windows\system32>wevtutil.exe cl "AMSI/Debug"

C:\Windows\system32>wevtutil.exe cl "AirSpaceChannel"

C:\Windows\system32>wevtutil.exe cl "Analytic"

C:\Windows\system32>wevtutil.exe cl "Application"

C:\Windows\system32>wevtutil.exe cl "DirectShowFilterGraph"

C:\Windows\system32>wevtutil.exe cl "DirectShowPluginControl"

C:\Windows\system32>wevtutil.exe cl "Els_Hyphenation/Analytic"

C:\Windows\system32>wevtutil.exe cl "EndpointMapper"

C:\Windows\system32>wevtutil.exe cl "FirstUXPerf-Analytic"

C:\Windows\system32>wevtutil.exe cl "ForwardedEvents"

C:\Windows\system32>wevtutil.exe cl "General Logging"

C:\Windows\system32>wevtutil.exe cl "HardwareEvents"

C:\Windows\system32>wevtutil.exe cl "IHM_DebugChannel"

C:\Windows\system32>wevtutil.exe cl "Intel-iaLPSS-GPIO/Analytic"

C:\Windows\system32>wevtutil.exe cl "Intel-iaLPSS-I2C/Analytic"

C:\Windows\system32>wevtutil.exe cl "Intel-iaLPSS2-GPIO2/Debug"

C:\Windows\system32>wevtutil.exe cl "Intel-iaLPSS2-GPIO2/Performance"

C:\Windows\system32>wevtutil.exe cl "Intel-iaLPSS2-I2C/Debug"

C:\Windows\system32>wevtutil.exe cl "Intel-iaLPSS2-I2C/Performance"

C:\Windows\system32>wevtutil.exe cl "Internet Explorer"

C:\Windows\system32>wevtutil.exe cl "Key Management Service"

C:\Windows\system32>wevtutil.exe cl "MF_MediaFoundationDeviceMFT"

C:\Windows\system32>wevtutil.exe cl "MF_MediaFoundationDeviceProxy"

C:\Windows\system32>wevtutil.exe cl "MF_MediaFoundationFrameServer"

C:\Windows\system32>wevtutil.exe cl "MedaFoundationVideoProc"

C:\Windows\system32>wevtutil.exe cl "MedaFoundationVideoProcD3D"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationAsyncWrapper"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationContentProtection"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationDS"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationDeviceProxy"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationMP4"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationMediaEngine"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationPerformance"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationPerformanceCore"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationPipeline"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationPlatform"

C:\Windows\system32>wevtutil.exe cl "MediaFoundationSrcPrefetch"

C:\Windows\system32>wevtutil.exe cl "Microsoft-AppV-Client-Streamingux/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-AppV-Client/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-AppV-Client/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-AppV-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-AppV-Client/Virtual Applications"

C:\Windows\system32>wevtutil.exe cl "Microsoft-AppV-SharedPerformance/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Client-Licensing-Platform/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Client-Licensing-Platform/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Client-Licensing-Platform/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-IE/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-IEFRAME/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-JSDumpHeap/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-OneCore-Setup/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-PerfTrack-IEFRAME/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-PerfTrack-MSHTML/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-Admin/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-Agent Driver/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-Agent Driver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-App Agent/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-App Agent/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-App Agent/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-IPC/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-SQM Uploader/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-SQM Uploader/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-User Experience Virtualization-SQM Uploader/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AAD/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AAD/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ADSI/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ASN1/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ATAPort/General"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ATAPort/SATA-LPM"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ActionQueue/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-All-User-Install-Agent/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AllJoyn/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AllJoyn/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppHost/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppHost/ApplicationTracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppHost/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppHost/Internal"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppID/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppLocker/EXE and DLL"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppLocker/MSI and Script"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppLocker/Packaged app-Deployment"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppLocker/Packaged app-Execution"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppModel-Runtime/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppModel-Runtime/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppModel-Runtime/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppModel-Runtime/Diagnostics"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppModel-State/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppModel-State/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppReadiness/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppReadiness/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppReadiness/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppSruProv"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppXDeployment/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppXDeployment/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppXDeploymentServer/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppXDeploymentServer/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppXDeploymentServer/Restricted"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ApplicabilityEngine/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ApplicabilityEngine/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application Server-Applications/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application Server-Applications/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application Server-Applications/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application Server-Applications/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Program-Inventory"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Program-Telemetry"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Application-Experience/Steps-Recorder"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppxPackaging/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppxPackaging/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AppxPackaging/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AssignedAccess/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AssignedAccess/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AssignedAccessBroker/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AssignedAccessBroker/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AsynchronousCausality/Causality"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audio/CaptureMonitor"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audio/GlitchDetection"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audio/Informational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audio/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audio/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audio/PlaybackManager"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Audit/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Authentication User Interface/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Authentication/ProtectedUser-Client"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-AxInstallService/Log"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BTH-BTHPORT/HCI"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BTH-BTHPORT/L2CAP"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BTH-BTHUSB/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Backup"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Battery/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Biometrics/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Biometrics/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BitLocker-DrivePreparationTool/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BitLocker-DrivePreparationTool/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BitLocker/BitLocker Management"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BitLocker/BitLocker Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BitLocker/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Bits-Client/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Bits-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Bluetooth-Bthmini/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Bluetooth-Policy/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BranchCache/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BranchCacheClientEventProvider/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BranchCacheEventProvider/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BranchCacheMonitoring/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BranchCacheSMB/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-BranchCacheSMB/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CAPI2/Catalog Database Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CAPI2/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CDROM/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/ApartmentInitialize"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/ApartmentUninitialize"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/Call"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/CreateInstance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/ExtensionCatalog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/FreeUnusedLibrary"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COM/RundownInstrumentation"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COMRuntime/Activations"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COMRuntime/MessageProcessing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-COMRuntime/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CertPoleEng/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Cleanmgr/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CloudStore/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CloudStore/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CmiSetup/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CodeIntegrity/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CodeIntegrity/Verbose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ComDlg32/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ComDlg32/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Compat-Appraiser/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Compat-Appraiser/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Containers-BindFlt/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Containers-BindFlt/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Containers-Wcifs/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Containers-Wcifs/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Containers-Wcnfs/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Containers-Wcnfs/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreApplication/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreApplication/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreApplication/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreWindow/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CoreWindow/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crashdump/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-CredUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-BCRYPT/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-CNG/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-DPAPI/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-DPAPI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-DSSEnh/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-NCrypt/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-RNG/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Crypto-RSAEnh/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-D3D10Level9/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-D3D10Level9/PerfTiming"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DAL-Provider/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DAL-Provider/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DAMM/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DCLocator/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DDisplay/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DDisplay/Logging"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DLNA-Namespace/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DNS-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DSC/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DSC/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DSC/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DSC/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DUSER/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DXGI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DXGI/Logging"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DXP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Data-Pdf/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DataIntegrityScan/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DateTimeControlPanel/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DateTimeControlPanel/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DateTimeControlPanel/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Deduplication/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Deduplication/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Deduplication/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Deduplication/Scrubbing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Defrag-Core/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Deplorch/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceAssociationService/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceConfidence/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceGuard/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceGuard/Verbose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceSetupManager/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceSetupManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceSetupManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceSetupManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceSync/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceSync/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceUpdateAgent/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceUx/Informational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DeviceUx/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Devices-Background/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dhcp-Client/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dhcp-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dhcpv6-Client/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dhcpv6-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DiagCpl/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-DPS/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-DPS/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-DPS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-MSDE/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-PCW/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-PCW/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-PCW/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-PLA/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-PLA/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-Scheduled/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-Scripted/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-Scripted/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-Scripted/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-Scripted/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-WDC/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnosis-WDI/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-Networking/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-Networking/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Diagnostics-Performance/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D10/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D10_1/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D11/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D11/Logging"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D11/PerfTiming"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D12/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D12/Logging"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D12/PerfTiming"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3D9/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Direct3DShaderCache/Default"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DirectComposition/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DirectManipulation/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DirectShow-KernelSupport/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DirectSound/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Disk/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DiskDiagnostic/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DiskDiagnosticResolver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dism-Api/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dism-Api/ExternalAnalytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dism-Api/InternalAnalytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dism-Cli/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DisplayColorCalibration/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DisplayColorCalibration/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DisplaySwitch/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Documents/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dot3MM/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DucUpdateAgent/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dwm-API/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dwm-Core/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dwm-Dwm/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dwm-Redir/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Dwm-Udwm/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxgKrnl-Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxgKrnl-Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxgKrnl/Contention"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxgKrnl/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxgKrnl/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxgKrnl/Power"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EDP-Application-Learning/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EDP-Audit-Regular/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EDP-Audit-TCB/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EFS/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-esse/IODiagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-esse/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapHost/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapHost/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapHost/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapMethods-RasChap/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapMethods-RasTls/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapMethods-Sim/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EapMethods-Ttls/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EaseOfAccess/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Energy-Estimation-Engine/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EventCollector/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EventCollector/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EventLog-WMIProvider/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EventLog/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-EventLog/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FMS/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FMS/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FMS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FeatureConfiguration/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FeatureConfiguration/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Catalog/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Catalog/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-ConfigManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Core/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Core/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Core/WHC"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Engine/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Engine/BackupLog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Engine/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-EventListener/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-EventListener/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Service/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-Service/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-UI-Events/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileHistory-UI-Events/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-FileInfoMinifilter/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Firewall-CPL/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Folder Redirection/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Forwarding/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Forwarding/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-GPIO-ClassExtension/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-GenericRoaming/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-GroupPolicy/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HAL/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HealthCenter/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HealthCenter/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HealthCenterCPL/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HelloForBusiness/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Help/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HomeGroup Control Panel/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HomeGroup Listener Service/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HomeGroup Provider Service/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HomeGroup-ListenerService"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HotspotAuth/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HotspotAuth/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HttpService/Log"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-HttpService/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-VID-Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Hyper-V-VID-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IE-SmartScreen"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IKE/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IKEDBG/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-Broker/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-CandidateUI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-JPAPI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-JPLMP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-JPPRED/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-JPSetting/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-JPTIP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-KRAPI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-KRTIP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-OEDCompiler/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-TCCORE/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-TCTIP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IME-TIP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IPNAT/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IPSEC-SRV/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IPxlatCfg/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IPxlatCfg/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IdCtrls/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IdCtrls/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Input-HIDCLASS-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-InputSwitch/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Iphlpsvc/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Iphlpsvc/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Iphlpsvc/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-KdsSvc/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kerberos/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Acpi/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-AppCompat/General"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-AppCompat/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-ApphelpCache/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-ApphelpCache/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Boot/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Boot/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Disk/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-EventTracing/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-EventTracing/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-File/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-IO/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-LiveDump/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-LiveDump/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Memory/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Network/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Pdc/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Pep/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-PnP/Configuration"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Power/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Power/Thermal-Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Process/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Registry/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-Registry/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-ShimEngine/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-ShimEngine/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-StoreMgr/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-StoreMgr/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-WDI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-WDI/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-WDI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-WHEA/Errors"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-WHEA/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Kernel-XDV/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-KeyboardFilter/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-KeyboardFilter/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-KeyboardFilter/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Known Folders API Service"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-L2NA/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LDAP-Client/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LSA/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LSA/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LSA/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LanguagePackSetup/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LanguagePackSetup/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LanguagePackSetup/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LimitsManagement/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LiveId/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-LiveId/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MPEG2-vídeo-Encoder-MFT_Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MPS-CLNT/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MPS-DRV/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MPS-SRV/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MSFTEDIT/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MSPaint/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MSPaint/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MSPaint/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MUI/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MUI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MUI/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MUI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Media-Streaming/DMC"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Media-Streaming/DMR"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Media-Streaming/MDE"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Minstore/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Minstore/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-MobilityCenter/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Mprddm/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NCSI/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NCSI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NDIS/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NDIS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NTLM/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NWiFi/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Narrator/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Ncasvc/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NcdAutoSetup/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NcdAutoSetup/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NdisImPlatform/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Ndu/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetShell/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Network-Connection-Broker"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Network-DataUsage/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Network-Setup/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkBridge/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkLocationWizard/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkProfile/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkProfile/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkProvider/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkProvisioning/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkProvisioning/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkSecurity/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NetworkStatus/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Networking-Correlation/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NlaSvc/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-NlaSvc/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Ntfs/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Ntfs/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Ntfs/WHC"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OLE/Clipboard-Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OLEACC/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OLEACC/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OOBE-Machine-DUI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OcpUpdateAgent/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OfflineFiles/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OfflineFiles/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OfflineFiles/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OfflineFiles/SyncLog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OneBackup/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OneX/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OneX/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OobeLdr/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-OtpCredentialProvider/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PCI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PackageStateRoaming/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PackageStateRoaming/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PackageStateRoaming/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ParentalControls/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Partition/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Partition/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PerceptionRuntime/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PerceptionSensorDataService/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PhotoAcq/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PlayToManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Policy/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Policy/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerCfg/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerCpl/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PowerShell/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PrimaryNetworkIcon/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PrintBRM/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PrintService-USBMon/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PrintService/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PrintService/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PrintService/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Privacy-Auditing/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ProcessStateManager/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Proximity-Common/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Proximity-Common/Informational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Proximity-Common/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PushNotification-Developer/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PushNotification-InProc/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PushNotification-Platform/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PushNotification-Platform/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-PushNotification-Platform/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-QoS-Pacer/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-QoS-qWAVE/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RPC-Proxy/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RPC/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RPC/EEInfo"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RRAS/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RRAS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RadioManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RasAgileVpn/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RasAgileVpn/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ReFS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ReadyBoost/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ReadyBoost/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ReadyBoostDriver/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ReadyBoostDriver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Regsvr32/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteAssistance/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteAssistance/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteAssistance/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-User-Mode-Transport/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Remotefs-Rdbss/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ResetEng-Trace/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ResourcePublication/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RestartManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RetailDemo/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-RetailDemo/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Graphics/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Networking/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Web-Http/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-WebAPI/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime/CreateInstance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Runtime/Error"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SENSE/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBClient/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBClient/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBDirect/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBDirect/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBDirect/Netmon"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Audit"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Connectivity"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBServer/Security"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBWitnessClient/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SMBWitnessClient/Informational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SPB-ClassExtension/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SPB-HIDI2C/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Schannel-Events/Perf"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sdbus/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sdbus/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sdstor/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Search-Core/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SearchUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SearchUI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SecureAssessment/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Adminless/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-IdentityListener/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-IdentityStore/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Mitigations/KernelMode"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Mitigations/UserMode"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Netlogon/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-SPP-UX/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-SPP/Perf"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-UserConsentVerifier/Audit"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Security-Vault/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SecurityMitigationsBroker/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SecurityMitigationsBroker/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SecurityMitigationsBroker/Perf"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SendTo/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sens/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SenseIR/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sensors/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sensors/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Serial-ClassExtension/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ServiceReportingApi/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Services-Svchost/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Services/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Servicing/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync-Azure/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync-Azure/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync-OneDrive/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync-OneDrive/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync-OneDrive/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SettingSync/VerboseDebug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Setup/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SetupCl/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SetupPlatform/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SetupQueue/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SetupUGC/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-Core/ActionCenter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-Core/AppDefaults"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-Core/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-Core/LogonTasksChannel"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-Core/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-OpenWith/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-Shwebsvc"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Shsvcs/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SleepStudy/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmartCard-Audit/Authentication"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmartScreen/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmbClient/Audit"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmbClient/Connectivity"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmbClient/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SmbClient/Security"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Speech-UserExperience/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Spell-Checking/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SpellChecker/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Spellchecking-Host/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SruMon/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SrumTelemetry"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StateRepository/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StateRepository/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StateRepository/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StateRepository/Restricted"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorDiag/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorPort/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ATAPort/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ATAPort/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ATAPort/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ATAPort/Diagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ATAPort/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ClassPnP/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ClassPnP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ClassPnP/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ClassPnP/Diagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-ClassPnP/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Disk/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Disk/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Disk/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Disk/Diagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Disk/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Storport/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Storport/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Storport/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Storport/Diagnose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Storport/Health"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Storport/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storage-Tiering/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageManagement/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageManagement/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSettings/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSpaces-Driver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSpaces-Driver/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Store/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Storsvc/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Subsys-Csr/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Subsys-SMSS/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Superfetch/Main"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Superfetch/PfApLog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Superfetch/StoreLog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Sysprep/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SystemSettingsHandlers/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SystemSettingsThreshold/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-SystemSettingsThreshold/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TCPIP/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TCPIP/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TSF-msctf/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TSF-msctf/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TSF-msutb/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TSF-msutb/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TTS/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TWinAPI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TWinUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TWinUI/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TZSync/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TZSync/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TZUtil/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TaskScheduler/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TaskScheduler/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TaskScheduler/Maintenance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TaskScheduler/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TaskbarCPL/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TenantRestrictions/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-Printers/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-Printers/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-Printers/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-Printers/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RDPClient/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RDPClient/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TerminalServices-ServerUSBDevices/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Tethering-Manager/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Tethering-Station/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ThemeCPL/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ThemeUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Threat-Intelligence/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Time-Service/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Troubleshooting-Recommended/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Troubleshooting-Recommended/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-TunnelDriver"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UAC-FileVirtualization/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UAC/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UI-Shell/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UIAnimation/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UIAutomationCore/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UIAutomationCore/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UIAutomationCore/Perf"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UIRibbon/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-MAUSBHOST-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-UCX-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-USBHUB/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-USBHUB3-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-USBPORT/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-USBXHCI-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UniversalTelemetryClient/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Control Panel Performance/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Control Panel Usage/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Control Panel/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Control Panel/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Device Registration/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Device Registration/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Profile Service/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User Profile Service/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User-Loader/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-User-Loader/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserAccountControl/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserModePowerService/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserPnp/ActionCenter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserPnp/DeviceInstall"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserPnp/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UserPnp/SchedulerOperations"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UxInit/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-UxTheme/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VAN/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VDRVROOT/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VHDMP-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VHDMP-Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VIRTDISK-Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VPN-Client/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VPN/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VWiFi/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VerifyHardwareSecurity/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VerifyHardwareSecurity/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Volume/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VolumeControl/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WABSyncProvider/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WCNWiz/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WDAG-PolicyEvaluator-CSP/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WDAG-PolicyEvaluator-GP/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WEPHOSTSVC/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WER-PayloadHealth/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WFP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WFP/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WLAN-AutoConfig/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WLAN-Driver/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMI-Activity/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMI-Activity/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMI-Activity/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMPDMCUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMPNSS-Service/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMPNSS-Service/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WMPNSSUI/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-API/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-ClassInstaller/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-ClassInstaller/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-MTPBT/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-MTPClassDriver/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-MTPIP/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WPD-MTPUS/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WSC-SRV/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WUSA/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WWAN-CFE/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WWAN-SVC-Events/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wcmsvc/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wcmsvc/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebAuth/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebAuthN/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebIO-NDF/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebIO/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebPlatStorage-Server"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebServices/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WebcamProvider/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WiFiDisplay/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Concurrency"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Contention"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Messages"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Power"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Render"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Win32k/UIPI"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinHttp/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinINet-Capture/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinINet/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinINet/UsageLog"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinINet/WebSocket"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinMDE/MDE"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinML/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinNat/Oper"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinNat/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinRM/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinRM/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinRM/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WinURLMon/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windeploy/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Defender/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Defender/WHC"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsBackup/ActionCenter"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsColorSystem/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsColorSystem/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsUIImmersive/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsUpdateClient/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WindowsUpdateClient/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wininit/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Winlogon/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Winlogon/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Winsock-AFD/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Winsock-NameResolution/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Winsock-WS2HELP/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Winsrv/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wired-AutoConfig/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WlanDlg/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wordpad/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wordpad/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Wordpad/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WorkFolders/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WorkFolders/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WorkFolders/Operational"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-WorkFolders/WHC"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-Workplace Join/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-XAML-Diagnostics/Default"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-XAML/Default"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-XAudio2/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-XAudio2/Performance"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-glcnd/Admin"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-glcnd/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-glcnd/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-mobsync/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ntshrui"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-ntshrui-perf"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-osk/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-stobject/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-wmbclass/Analytic"

C:\Windows\system32>wevtutil.exe cl "Microsoft-Windows-wmbclass/Trace"

C:\Windows\system32>wevtutil.exe cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel"

C:\Windows\system32>wevtutil.exe cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug"

C:\Windows\system32>wevtutil.exe cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug"

C:\Windows\system32>wevtutil.exe cl "NIS-Driver-WFP/Diagnostic"

C:\Windows\system32>wevtutil.exe cl "Navigator"

C:\Windows\system32>wevtutil.exe cl "Network Isolation Operational"

C:\Windows\system32>wevtutil.exe cl "OAlerts"

C:\Windows\system32>wevtutil.exe cl "OSK_SoftKeyboard_Channel"

C:\Windows\system32>wevtutil.exe cl "OfficeChannel"

C:\Windows\system32>wevtutil.exe cl "OfficeDebugChannel"

C:\Windows\system32>wevtutil.exe cl "OpenSSH/Admin"

C:\Windows\system32>wevtutil.exe cl "OpenSSH/Debug"

C:\Windows\system32>wevtutil.exe cl "OpenSSH/Operational"

C:\Windows\system32>wevtutil.exe cl "Physical_Keyboard_Manager_Channel"

C:\Windows\system32>wevtutil.exe cl "PlayReadyPerformanceChannel"

C:\Windows\system32>wevtutil.exe cl "RTWorkQueueExtended"

C:\Windows\system32>wevtutil.exe cl "RTWorkQueueTheading"

C:\Windows\system32>wevtutil.exe cl "SMSApi"

C:\Windows\system32>wevtutil.exe cl "Security"

C:\Windows\system32>wevtutil.exe cl "Setup"

C:\Windows\system32>wevtutil.exe cl "SmbWmiAnalytic"

C:\Windows\system32>wevtutil.exe cl "System"

C:\Windows\system32>wevtutil.exe cl "SystemEventsBroker"

C:\Windows\system32>wevtutil.exe cl "TabletPC_InputPanel_Channel"

C:\Windows\system32>wevtutil.exe cl "TabletPC_InputPanel_Channel/IHM"

C:\Windows\system32>wevtutil.exe cl "TimeBroker"

C:\Windows\system32>wevtutil.exe cl "UIManager_Channel"

C:\Windows\system32>wevtutil.exe cl "Uac/Debug"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_KS_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_MFH264Enc_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_MP4SDECD_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_MSMPEG2ADEC_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_MSMPEG2VDEC_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_VC1ENC_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_WMPHOTO_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WINDOWS_wmvdecod_CHANNEL"

C:\Windows\system32>wevtutil.exe cl "WMPSetup"

C:\Windows\system32>wevtutil.exe cl "WMPSyncEngine"

C:\Windows\system32>wevtutil.exe cl "Windows Networking Vpn Plugin Platform/Operational"

C:\Windows\system32>wevtutil.exe cl "Windows Networking Vpn Plugin Platform/OperationalVerbose"

C:\Windows\system32>wevtutil.exe cl "Windows PowerShell"

C:\Windows\system32>wevtutil.exe cl "WordChannel"

C:\Windows\system32>wevtutil.exe cl "muxencode"

Falha ao limpar log Microsoft-Windows-LiveId/Analytic.
Acesso negado.
Falha ao limpar log Microsoft-Windows-LiveId/Operational.
Acesso negado.

========= Fim de CMD: =========

=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\119d94c4-8879-462a-95f5-d7acc317a8e2.tmp => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220605-1030.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220606-1648.log => movido com sucesso
Não pode ser movido "C:\Windows\Temp\DESKTOP-2C710B2-20220606-1907.log" => Agendado para ser movido na reinicialização.
C:\Windows\Temp\DESKTOP-2C710B2-20220606-1912.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220606-1946.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1146.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1149.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1149a.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1151.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1333.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1357.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1559.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1700.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-1939.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220607-2328.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220608-1107.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220608-1107a.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220608-1109.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220608-1149.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220608-1253.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-1417.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-1420.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-1420a.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-1422.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-1533.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-1818.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220609-2246.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1230.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1230a.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1232.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1327.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1340.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1405.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1420.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1835.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1846.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220610-1940.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220611-0039.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220611-1148.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220611-1148a.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220611-1150.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220611-1230.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220611-1308.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1107.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1109.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1125.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1148.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1336.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1350.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220612-1638.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220613-1028.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220613-1028a.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220613-1030.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220613-1107.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220613-1300.log => movido com sucesso
C:\Windows\Temp\DESKTOP-2C710B2-20220613-1305.log => movido com sucesso
C:\Windows\Temp\DevInst.log => movido com sucesso
C:\Windows\Temp\msedge_installer.log => movido com sucesso
Não pode ser movido "C:\Windows\Temp\officeclicktorun.exe_streamserver(20220606190746F98).log" => Agendado para ser movido na reinicialização.
C:\Windows\Temp\WacomInstallO.txt => movido com sucesso
C:\Windows\Temp\wct268B.tmp => movido com sucesso
C:\Windows\Temp\wct6259.tmp => movido com sucesso
C:\Windows\Temp\wct666C.tmp => movido com sucesso
C:\Windows\Temp\wct8ED2.tmp => movido com sucesso
C:\Windows\Temp\wct9396.tmp => movido com sucesso
C:\Windows\Temp\wct9EE2.tmp => movido com sucesso
C:\Windows\Temp\wctA2A7.tmp => movido com sucesso
C:\Windows\Temp\wctA2E6.tmp => movido com sucesso
C:\Windows\Temp\wctA396.tmp => movido com sucesso
C:\Windows\Temp\wctA78A.tmp => movido com sucesso
C:\Windows\Temp\wctB257.tmp => movido com sucesso
C:\Windows\Temp\wctB779.tmp => movido com sucesso

========= Fim -> "C:\Windows\Temp\*.*" ========

=========== "C:\WINDOWS\system32\*.tmp" ==========

não encontrado (a)

========= Fim -> "C:\WINDOWS\system32\*.tmp" ========

=========== "C:\WINDOWS\syswow64\*.tmp" ==========

não encontrado (a)

========= Fim -> "C:\WINDOWS\syswow64\*.tmp" ========

========= DISM.exe /Online /Cleanup-Image /Restorehealth =========

Ferramenta de Gerenciamento e Manuten‡Æo de Imagens de Implanta‡Æo
VersÆo: 10.0.19041.844

VersÆo da Imagem: 10.0.19044.1706

[== 3.8% ]
[== 4.1% ]
[== 4.7% ]
[=== 5.3% ]
[=== 5.8% ]
[=== 6.3% ]
[==== 7.2% ]
[==== 7.9% ]
[===== 8.7% ]
[===== 9.7% ]
[====== 10.6% ]
[====== 11.6% ]
[======= 12.2% ]
[======= 12.8% ]
[======== 13.8% ]
[======== 14.8% ]
[========= 15.8% ]
[========= 16.8% ]
[========== 17.7% ]
[========== 18.7% ]
[=========== 19.7% ]
[=========== 20.7% ]
[============ 21.7% ]
[============= 22.6% ]
[============= 23.6% ]
[============== 24.6% ]
[============== 25.5% ]
[============== 25.8% ]
[=============== 26.5% ]
[=============== 26.9% ]
[=============== 27.1% ]
[=============== 27.2% ]
[================ 27.8% ]
[================ 28.8% ]
[================= 29.8% ]
[================= 30.8% ]
[================== 31.8% ]
[================== 32.6% ]
[=================== 33.6% ]
[==================== 34.6% ]
[==================== 35.3% ]
[==================== 35.8% ]
[===================== 36.8% ]
[===================== 37.3% ]
[====================== 38.3% ]
[====================== 38.5% ]
[====================== 38.7% ]
[====================== 38.9% ]
[====================== 39.1% ]
[====================== 39.5% ]
[======================= 39.9% ]
[======================= 40.1% ]
[======================= 40.3% ]
[======================= 40.7% ]
[======================= 40.8% ]
[======================= 40.8% ]
[======================= 41.1% ]
[======================== 41.5% ]
[======================== 42.0% ]
[======================== 42.4% ]
[======================== 42.6% ]
[========================= 43.6% ]
[========================= 44.2% ]
[========================== 45.0% ]
[========================== 45.5% ]
[========================== 45.8% ]
[========================== 46.4% ]
[===========================47.4% ]
[===========================48.2% ]
[===========================48.8% ]
[===========================49.8% ]
[===========================50.7% ]
[===========================51.7% ]
[===========================52.7% ]
[===========================53.7% ]
[===========================53.7% ]
[===========================53.7% ]
[===========================53.9% ]
[===========================54.0% ]
[===========================54.0% ]
[===========================54.0% ]
[===========================54.0% ]
[===========================54.1% ]
[===========================54.1% ]
[===========================54.2% ]
[===========================54.2% ]
[===========================54.3% ]
[===========================54.3% ]
[===========================54.4% ]
[===========================54.5% ]
[===========================54.6% ]
[===========================54.6% ]
[===========================54.8% ]
[===========================54.8% ]
[===========================54.9% ]
[===========================54.9% ]
[===========================54.9% ]
[===========================54.9% ]
[===========================55.0% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.3% ]
[===========================55.4% ]
[===========================55.4% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.6% ]
[===========================55.7% ]
[===========================55.7% ]
[===========================55.8% ]
[===========================55.9% ]
[===========================56.1% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.3% ]
[===========================56.4% ]
[===========================56.5% ]
[===========================56.6% ]
[===========================56.6% ]
[===========================56.7% ]
[===========================56.8% ]
[===========================57.3%= ]
[===========================57.4%= ]
[===========================57.7%= ]
[===========================58.7%== ]
[===========================59.7%== ]
[===========================62.3%==== ]
[===========================84.9%================= ]
[==========================100.0%==========================]
Opera‡Æo de restaura‡Æo conclu¡da com ˆxito.
A opera‡Æo foi conclu¡da com ˆxito.

========= Fim de CMD: =========

========= SFC /ScanNow =========

Iniciando verificação de arquivos. O processo levará alguns minutos para ser concluído.

Iniciando fase de verificação de verificação do sistema.
Verificação 0% concluída. Verificação 1% concluída. Verificação 1% concluída. Verificação 2% concluída. Verificação 3% concluída. Verificação 3% concluída. Verificação 4% concluída. Verificação 5% concluída. Verificação 5% concluída. Verificação 6% concluída. Verificação 7% concluída. Verificação 7% concluída. Verificação 8% concluída. Verificação 9% concluída. Verificação 9% concluída. Verificação 10% concluída. Verificação 11% concluída. Verificação 11% concluída. Verificação 12% concluída. Verificação 13% concluída. Verificação 13% concluída. Verificação 14% concluída. Verificação 14% concluída. Verificação 15% concluída. Verificação 16% concluída. Verificação 16% concluída. Verificação 17% concluída. Verificação 18% concluída. Verificação 18% concluída. Verificação 19% concluída. Verificação 20% concluída. Verificação 20% concluída. Verificação 21% concluída. Verificação 22% concluída. Verificação 22% concluída. Verificação 23% concluída. Verificação 24% concluída. Verificação 24% concluída. Verificação 25% concluída. Verificação 26% concluída. Verificação 26% concluída. Verificação 27% concluída. Verificação 27% concluída. Verificação 28% concluída. Verificação 29% concluída. Verificação 29% concluída. Verificação 30% concluída. Verificação 31% concluída. Verificação 31% concluída. Verificação 32% concluída. Verificação 33% concluída. Verificação 33% concluída. Verificação 34% concluída. Verificação 35% concluída. Verificação 35% concluída. Verificação 36% concluída. Verificação 37% concluída. Verificação 37% concluída. Verificação 38% concluída. Verificação 39% concluída. Verificação 39% concluída. Verificação 40% concluída. Verificação 41% concluída. Verificação 41% concluída. Verificação 42% concluída. Verificação 42% concluída. Verificação 43% concluída. Verificação 44% concluída. Verificação 44% concluída. Verificação 45% concluída. Verificação 46% concluída. Verificação 46% concluída. Verificação 47% concluída. Verificação 48% concluída. Verificação 48% concluída. Verificação 49% concluída. Verificação 50% concluída. Verificação 50% concluída. Verificação 51% concluída. Verificação 52% concluída. Verificação 52% concluída. Verificação 53% concluída. Verificação 54% concluída. Verificação 54% concluída. Verificação 55% concluída. Verificação 55% concluída. Verificação 56% concluída. Verificação 57% concluída. Verificação 57% concluída. Verificação 58% concluída. Verificação 59% concluída. Verificação 59% concluída. Verificação 60% concluída. Verificação 61% concluída. Verificação 61% concluída. Verificação 62% concluída. Verificação 63% concluída. Verificação 63% concluída. Verificação 64% concluída. Verificação 65% concluída. Verificação 65% concluída. Verificação 66% concluída. Verificação 67% concluída. Verificação 67% concluída. Verificação 68% concluída. Verificação 68% concluída. Verificação 69% concluída. Verificação 70% concluída. Verificação 70% concluída. Verificação 71% concluída. Verificação 72% concluída. Verificação 72% concluída. Verificação 73% concluída. Verificação 74% concluída. Verificação 74% concluída. Verificação 75% concluída. Verificação 76% concluída. Verificação 76% concluída. Verificação 77% concluída. Verificação 78% concluída. Verificação 78% concluída. Verificação 79% concluída. Verificação 80% concluída. Verificação 80% concluída. Verificação 81% concluída. Verificação 82% concluída. Verificação 82% concluída. Verificação 83% concluída. Verificação 83% concluída. Verificação 84% concluída. Verificação 85% concluída. Verificação 85% concluída. Verificação 86% concluída. Verificação 87% concluída. Verificação 87% concluída. Verificação 88% concluída. Verificação 89% concluída. Verificação 89% concluída. Verificação 90% concluída. Verificação 91% concluída. Verificação 91% concluída. Verificação 92% concluída. Verificação 93% concluída. Verificação 93% concluída. Verificação 94% concluída. Verificação 95% concluída. Verificação 95% concluída. Verificação 96% concluída. Verificação 96% concluída. Verificação 97% concluída. Verificação 98% concluída. Verificação 98% concluída. Verificação 99% concluída. Verificação 100% concluída.

A Proteção de Recursos do Windows não encontrou nenhuma violação de integridade.

========= Fim de CMD: =========

Registro ====> A opera��o foi conclu�da com �xito.

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43159984 B
Java, Discord, Steam htmlcache => 151068007 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 1047847443 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 232334 B
systemprofile32 => 232334 B
LocalService => 241376 B
NetworkService => 246786 B
Sistemas => 9110539278 B

RecycleBin => 23307 B
EmptyTemp: => 9.6 GB de dados temporários Removidos.

================================

Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 13-06-2022 14:22:51)

C:\Windows\Temp\DESKTOP-2C710B2-20220606-1907.log => foi movido com sucesso
C:\Windows\Temp\officeclicktorun.exe_streamserver(20220606190746F98).log => foi movido com sucesso

==== Fim de Fixlog 14:22:51 ====

Lusitano · 13 de junho de 2022

@Waterfilljá fizemos o que havia para fazer. Quanto a malwares o seu pc está limpo.

Como está o pc agora?

Waterfill · 14 de junho de 2022

Está normal! só ainda não tem nada no inicializador kkk não sei q desgraça é essa, devo ter desabilitado de algum jeito, vou resolver dps, mas mt mt obrigado pela ajuda!! valeu mesmo

Lusitano · 15 de junho de 2022

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.