content copied
content
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
2026-05-17 14:30 - 2026-05-17 14:30 - 000000000 ____D C:\Users\LEGION\AppData\Roaming\RenPy
CustomCLSID: HKU\S-1-5-21-2734100830-3323759659-2413208671-1001_Classes\CLSID\{45deb463-5bb8-0952-1bcc-1f2d3611af28}\localserver32 -> "C:\WINDOWS\System32\DriverStore\FileRepository\aispeechapo.inf_amd64_5f362ed1467d686e\AispeechAudioNotify.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2734100830-3323759659-2413208671-1001_Classes\CLSID\{E318E9D2-EA9C-BD83-D764-10F029BD8886}\InprocServer32 -> C:\Program Files\Common Files\System\ole32.dll => No File
CustomCLSID: HKU\S-1-5-21-2734100830-3323759659-2413208671-1001_Classes\CLSID\{f9517764-05a4-a748-620a-95087d06a241}\localserver32 -> "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" -ToastActivated => No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\czyqxrmd.sys:changelist [626]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zfginhkq.sys:changelist [626]
FirewallRules: [{2748FE7F-A61B-42BC-BAA5-5F87033A843B}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{128C4AF5-BD50-4EAB-83C8-62B1FB39EEA4}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{0F91C4DB-86BA-4613-A071-B678BB6C9CC6}] => (Allow) C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe => No File
FirewallRules: [TCP Query User{2E62F934-77CE-4756-AD46-6ED431C69552}C:\users\legion\appdata\local\postman\app-11.80.3\postman.exe] => (Allow) C:\users\legion\appdata\local\postman\app-11.80.3\postman.exe => No File
FirewallRules: [UDP Query User{B0303629-A931-4E11-8FB6-04C4A8E9F87F}C:\users\legion\appdata\local\postman\app-11.80.3\postman.exe] => (Allow) C:\users\legion\appdata\local\postman\app-11.80.3\postman.exe => No File
FirewallRules: [TCP Query User{BFB0EA54-8AEA-469C-A274-D3BD3804D66E}C:\users\legion\appdata\local\postman\app-11.81.4\postman.exe] => (Allow) C:\users\legion\appdata\local\postman\app-11.81.4\postman.exe => No File
FirewallRules: [UDP Query User{819038D9-5EA7-4653-92D8-CF3953CFF183}C:\users\legion\appdata\local\postman\app-11.81.4\postman.exe] => (Allow) C:\users\legion\appdata\local\postman\app-11.81.4\postman.exe => No File
ShortcutTarget: Cloudflare WARP.lnk -> C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe (No File)
Task: {A882E359-7E2F-43B9-98B2-F863E5924EB7} - System32\Tasks\infatica_p2b => "C:\Program Files (x86)\Infatica P2B\infatica_agent.exe" (No File)
Task: {5F914CFF-2DB3-4B18-AA0F-6BA21534B0DF} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {51A926BA-C253-4C90-9CC1-D037B19DB19F} - System32\Tasks\MATLAB R2024b Startup Accelerator => C:\Program Files\MATLAB\R2024b\bin\win64\MATLABStartupAccelerator.exe (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S2 CloudflareWARP; "C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe" (No File)
S2 rsDNSClientSvc; C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe (No File)
S2 rsDNSResolver; "C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe" (No File)
S2 rsDNSSvc; "C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe" (No File)
S2 rsVPNClientSvc; C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe (No File)
S2 rsVPNSvc; "C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe" (No File)
S3 denuvo_denuvowo; \??\D:\Games\Crimson Desert\bin64\hyperkd.sys (No File)
2026-05-17 19:55 - 2025-05-22 19:07 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\73b744cda150126a967fb4386c87d2172628aa829d81a22b29a36c31ff42d8a4
2026-05-17 19:27 - 2025-12-10 16:29 - 000000802 _____ C:\Users\LEGION\AppData\LocalLow\aa4da96e9f393e8b6c2668b31ad5c71ec464a8db9264441fe6eb9378bdca02ed
2026-05-17 18:48 - 2025-11-04 21:24 - 000000634 _____ C:\Users\LEGION\AppData\LocalLow\9cfb34571de769a18b95b241f700cdef6cfcbb91ff54bd27b88c1c6229b83cda
2026-05-17 17:41 - 2025-06-07 03:28 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\4c4dbb116a6549df53c630444745f2035f0b70432bc24de0f282fe5b9b32bd4b
2026-05-16 17:34 - 2025-11-04 21:24 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\1647d89963fb890d2abb03472c75f60d9d8b7bb96b16befa7b836be2cec948cd
2026-05-15 23:44 - 2025-05-17 06:12 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\eb4180b566259c4c4151d8ed10e3afc287d78be326e06067b72f2537b238d9e9
2026-05-15 00:23 - 2025-09-27 00:17 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\1c86abc6af9b78778b057d4dae4b2a1b743ae82b28d3bd73f78b76d9d936c3fe
2026-05-11 00:17 - 2025-05-18 18:37 - 000151625 _____ C:\Users\LEGION\AppData\LocalLow\cd30d884c80c89ee937ebb8511b3b5caab3cf7b9a54e37c28fd27723c6769483
2026-05-11 00:09 - 2025-12-10 16:29 - 000160697 _____ C:\Users\LEGION\AppData\LocalLow\444f4d1c710e14f04fa96bb0e04ba60ea41c9442f19553c22b11c9323b8ebbc0
2026-05-10 12:09 - 2025-12-10 16:29 - 001226296 _____ C:\Users\LEGION\AppData\LocalLow\a4b47b78f4b34b393075137edb446db2a8df3ca8d76f0c956cd8e6acb746f520
2026-05-09 22:23 - 2025-11-22 18:25 - 000000466 _____ C:\Users\LEGION\AppData\LocalLow\62f9009974d8fe5a2c5b3ce728226dd27fcd6fa32952edccddcead82abaa7fea
2026-05-09 18:14 - 2025-05-31 17:53 - 000788601 _____ C:\Users\LEGION\AppData\LocalLow\50a0e738fa59a18e41eacc629d47c50c64f7bbdfcc40dcd64616abf63e379377
2026-05-07 22:33 - 2025-08-19 03:39 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\e9943804e2f13bd11bbc9f09e9daa618bf6ba9e3f4a3b68b86d68ae8d1c209c4
2026-04-30 13:25 - 2025-10-10 00:21 - 000616004 _____ C:\Users\LEGION\AppData\LocalLow\950fe9697c0179fa650b224e88d025b2da72b67bd25e6d238b3aa7c5239b7e5e
2026-04-30 13:23 - 2025-10-10 00:21 - 000000298 _____ C:\Users\LEGION\AppData\LocalLow\4b6d3651ff7eee383e325aa2bca63560464e8b8b49f6a3eec23d512f868b8082
2026-04-28 13:26 - 2025-05-18 06:02 - 000002146 _____ C:\Users\LEGION\AppData\LocalLow\84f62a5c11c757ee4e08ddc4b3dd7d4eccff8dc29cb795dbe9dc1009d411fb37
2026-04-28 13:24 - 2025-05-18 06:02 - 001602015 _____ C:\Users\LEGION\AppData\LocalLow\f89ce271c181f60e4130458aede19b80d4fa7762a172e285158fe15d8fecffce
2026-04-23 19:53 - 2025-05-31 17:53 - 000001138 _____ C:\Users\LEGION\AppData\LocalLow\7f446bf919e79dfeb1f61c6e9d3cc8b838b7a949be786d010d2d7e6c37d3526c
2026-04-23 19:17 - 2025-05-18 06:58 - 000000130 _____ C:\Users\LEGION\AppData\LocalLow\af73d6bec050e7258d4fd30d1ee1360a05d1901b1c12de40a72b0d1954fef96a
HKU\S-1-5-21-2734100830-3323759659-2413208671-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-2734100830-3323759659-2413208671-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-2734100830-3323759659-2413208671-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2734100830-3323759659-2413208671-1001\Software\Classes\.cmd: => <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-2734100830-3323759659-2413208671-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {EE2A0F38-55DA-4638-B4A0-431CDD53CC10} - System32\Tasks\Atari Morocco 99965-671-1001 => C:\Users\LEGION\AppData\Roaming\Xeno\Local Storage\5afdcf6ae5551ca2b52a9dca9791d6a1\pythonw.exe -> "C:\Users\LEGION\AppData\Roaming\Xeno\Local Storage\5afdcf6ae5551ca2b52a9dca9791d6a1\gamelan.py" <==== ATTENTION
C:\Users\LEGION\AppData\Roaming\Xeno\Local Storage\5afdcf6ae5551ca2b52a9dca9791d6a1
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
File: C:\WINDOWS\System32\wpninprc.dll
File: C:\WINDOWS\system32\drivers\zfginhkq.sys
2026-05-17 14:37 - 2026-05-17 14:37 - 000003460 _____ C:\WINDOWS\system32\Tasks\Atari Morocco 99965-671-1001
StartPowershell:
Try {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) {
Remove-MpPreference -ExclusionPath $Path -force -ErrorAction Stop
}
foreach ($Extension in $Extensions) {
Remove-MpPreference -ExclusionExtension $Extension -force -ErrorAction Stop
}
foreach ($Process in $Processes) {
Remove-MpPreference -ExclusionProcess $Process -force -ErrorAction Stop
}
}
Catch {
Write-Error "Error occurred while removing Windows Defender exclusions: $_"
}
EndPowershell:
StartPowerShell:
# Enable real-time protection
Set-MpPreference -DisableRealtimeMonitoring $false
# Enable behavioural protection
Set-MpPreference -DisableBehaviorMonitoring $false
# Enable PUP detection
Set-MpPreference -PUAProtection Enabled
# Enable cloud protection to level 4 - aggressively block unknowns and apply additional protection measures, alternatively use 2 for lower protection or 0 for default
Set-MpPreference -CloudBlockLevel 4
# Send advanced information about malicious/unwanted software present on your device
Set-MpPreference -MAPSReporting 2
# Send safe samples automatically to Microsoft
Set-MpPreference -SubmitSamplesConsent 1
# Enables inspection of HTTP traffic to detect malicious websites
Set-MpPreference -EnableNetworkProtection Enabled
# Enables block at first seen
Set-MpPreference -DisableBlockAtFirstSeen $false
# Allows scanning of archive files, such as .zip and .cab files for malware/PUP
Set-MpPreference -DisableArchiveScanning $false
# Enables automatic scanning of USB & removal drives
Set-MpPreference -DisableRemovableDriveScanning $false
# Enables scanning of network files
Set-MpPreference -DisableScanningNetworkFiles $false
# Forces signature check before running a scan
Set-MpPreference -CheckForSignaturesBeforeRunningScan $true
# Extends cloud check timer from default 10 to 30 seconds
Set-MpPreference -CloudExtendedTimeout 30
# Enables automatic scanning of all downloaded files and attachments
Set-MpPreference -DisableIOAVProtection $false
# Enables script detection
Set-MpPreference -DisableScriptScanning $false
# Disables automatic exclusions from scanning
Set-MpPreference -DisableAutoExclusions 1
# Enables scanning of mapped network drives
Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan 0
# Enables scanning of email files
Set-MpPreference -DisableEmailScanning 0
# Enables blocking of malicious domains and IP's on DNS level
Set-MpPreference -EnableDnsSinkhole $true
# Enables signature updates every 12 hours
Set-MpPreference -SignatureUpdateInterval 12
# Enables automatic quarantine for threats labelled as high and severe
Set-MpPreference -HighThreatDefaultAction Quarantine
Set-MpPreference -SevereThreatDefaultAction Quarantine
# Updates signatures
Update-MpSignature
EndPowerShell:
StartPowerShell:
# This snippet downloads Emsisoft Emergency Kit (EEK) from the Emsisoft's official site, updates it, scans with it.
# Do note that the executable is 300MB and may take some time to download.
# ---
# This will scan for malware and PUP's in 1) system memory 2) important folders as documentation says
# It will scan in compressed archives, in mail archives, in NTFS alternate data streams and use cloud requests
# ---
# You can use argument "/delete" to delete found objects including references but this is permanent and irreversible.
# You can remove the "/quick" argument to do a full scan but that may take longer than what FRST can handle.
# You can use argument "/quarantine="[folder]"" to put found malware into quarantine, but I personally prefer first verifying the detections.
$downloadUrl = "https://dl.emsisoft.com/EmsisoftEmergencyKit.exe"
$systemDrive = $env:SystemDrive
$frstPath = "$systemDrive\FRST"
$savePath = "$frstPath\EEK.exe"
$extractPath = "$frstPath\EEK"
if (-not (Test-Path $frstPath)) {
New-Item -Path $frstPath -ItemType Directory -Force | Out-Null
}
if (-not (Test-Path $extractPath)) {
New-Item -Path $extractPath -ItemType Directory -Force | Out-Null
}
Invoke-WebRequest -Uri $downloadUrl -OutFile $savePath -UseBasicParsing
$proc = Start-Process -FilePath $savePath -ArgumentList "-s -d`"$extractPath`"" -PassThru
while (-not (Test-Path "$extractPath\bin64\a2cmd.exe")) { Start-Sleep -Milliseconds 1000 }
Stop-Process -Id $proc.Id -Force -ErrorAction SilentlyContinue
if ([Environment]::Is64BitOperatingSystem) {
$a2cmdPath = Join-Path $extractPath "bin64\a2cmd.exe"
} else {
$a2cmdPath = Join-Path $extractPath "bin32\a2cmd.exe"
}
Start-Process -FilePath $a2cmdPath -ArgumentList "/update" -Wait -NoNewWindow
Start-Process -FilePath $a2cmdPath -ArgumentList "/malware /quick /m /t /pup /a /am /cloud=1 /la=`"$frstPath\EEK_scan.log`"" -Wait -NoNewWindow
Get-Content "$frstPath\EEK_scan.log"
exit
EndPowerShell:
StartPowerShell:
# Downloads newest AdwCleaner version directly from Malwarebytes, performs an update, scans, cleans and writes the log in console
# Does not clean preinstalled objects, only PUP/Adware
# If you would like to delete preinstalled objects, add an argument /preinstalled to the /clean argument
# If you would like to only scan with it, change the argument from /clean to /scan
New-Item -ItemType Directory -Force -Path "$env:SystemDrive\AdwCleaner" | Out-Null
Invoke-WebRequest -Uri "https://adwcleaner.malwarebytes.com/adwcleaner?channel=release" -OutFile "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe"
Start-Process -FilePath "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe" -ArgumentList "/eula" -Wait -WindowStyle Hidden
$logFile = "$env:SystemDrive\AdwCleaner\AdwCleanerOutputFRST.txt"
Start-Process -FilePath "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe" -ArgumentList "/noreboot /clean" -Wait -WindowStyle Hidden -RedirectStandardOutput $logFile
Get-Content $logFile -Encoding Unicode
Remove-Item -Path $logFile -Force -ErrorAction SilentlyContinue
EndPowerShell:
Comment: Remove unwanted files from common folders using native removal power of Farbar to include remove on reboot if needed
C:\ProgramData\*.a3x
C:\ProgramData\*.ahk
C:\ProgramData\*.au3
C:\ProgramData\*.bat
C:\ProgramData\*.cab
C:\ProgramData\*.cmd
C:\ProgramData\*.com
C:\ProgramData\*.dll
C:\ProgramData\*.exe
C:\ProgramData\*.hta
C:\ProgramData\*.jar
C:\ProgramData\*.js
C:\ProgramData\*.jse
C:\ProgramData\*.lnk
C:\ProgramData\*.pif
C:\ProgramData\*.ps1
C:\ProgramData\*.py
C:\ProgramData\*.pyc
C:\ProgramData\*.pyd
C:\ProgramData\*.scr
C:\ProgramData\*.tmp
C:\ProgramData\*.vbe
C:\ProgramData\*.vbs
C:\ProgramData\*.wsf
C:\ProgramData\*.wsh
C:\ProgramData\*.zip
C:\Users\*\AppData\Roaming\*.au3
C:\Users\*\AppData\Roaming\*.bat
C:\Users\*\AppData\Roaming\*.cab
C:\Users\*\AppData\Roaming\*.cmd
C:\Users\*\AppData\Roaming\*.com
C:\Users\*\AppData\Roaming\*.dll
C:\Users\*\AppData\Roaming\*.exe
C:\Users\*\AppData\Roaming\*.hta
C:\Users\*\AppData\Roaming\*.jar
C:\Users\*\AppData\Roaming\*.js
C:\Users\*\AppData\Roaming\*.jse
C:\Users\*\AppData\Roaming\*.lnk
C:\Users\*\AppData\Roaming\*.pif
C:\Users\*\AppData\Roaming\*.ps1
C:\Users\*\AppData\Roaming\*.py
C:\Users\*\AppData\Roaming\*.pyc
C:\Users\*\AppData\Roaming\*.pyd
C:\Users\*\AppData\Roaming\*.scr
C:\Users\*\AppData\Roaming\*.tmp
C:\Users\*\AppData\Roaming\*.vbe
C:\Users\*\AppData\Roaming\*.vbs
C:\Users\*\AppData\Roaming\*.wsf
C:\Users\*\AppData\Roaming\*.wsh
C:\Users\*\AppData\Roaming\*.zip
C:\Users\CurrentUserName\AppData\Local\*.a3x
C:\Users\CurrentUserName\AppData\Local\*.ahk
C:\Users\CurrentUserName\AppData\Local\*.au3
C:\Users\CurrentUserName\AppData\Local\*.bat
C:\Users\CurrentUserName\AppData\Local\*.cab
C:\Users\CurrentUserName\AppData\Local\*.cmd
C:\Users\CurrentUserName\AppData\Local\*.com
C:\Users\CurrentUserName\AppData\Local\*.dll
C:\Users\CurrentUserName\AppData\Local\*.exe
C:\Users\CurrentUserName\AppData\Local\*.hta
C:\Users\CurrentUserName\AppData\Local\*.jar
C:\Users\CurrentUserName\AppData\Local\*.js
C:\Users\CurrentUserName\AppData\Local\*.jse
C:\Users\CurrentUserName\AppData\Local\*.lnk
C:\Users\CurrentUserName\AppData\Local\*.pif
C:\Users\CurrentUserName\AppData\Local\*.ps1
C:\Users\CurrentUserName\AppData\Local\*.py
C:\Users\CurrentUserName\AppData\Local\*.pyc
C:\Users\CurrentUserName\AppData\Local\*.pyd
C:\Users\CurrentUserName\AppData\Local\*.scr
C:\Users\CurrentUserName\AppData\Local\*.tmp
C:\Users\CurrentUserName\AppData\Local\*.vbe
C:\Users\CurrentUserName\AppData\Local\*.vbs
C:\Users\CurrentUserName\AppData\Local\*.wsf
C:\Users\CurrentUserName\AppData\Local\*.wsh
C:\Users\CurrentUserName\AppData\Local\*.zip
C:\Users\CurrentUserName\AppData\Roaming\*.a3x
C:\Users\CurrentUserName\AppData\Roaming\*.ahk
C:\Users\CurrentUserName\AppData\Roaming\*.au3
C:\Users\CurrentUserName\AppData\Roaming\*.bat
C:\Users\CurrentUserName\AppData\Roaming\*.cab
C:\Users\CurrentUserName\AppData\Roaming\*.cmd
C:\Users\CurrentUserName\AppData\Roaming\*.com
C:\Users\CurrentUserName\AppData\Roaming\*.dll
C:\Users\CurrentUserName\AppData\Roaming\*.exe
C:\Users\CurrentUserName\AppData\Roaming\*.hta
C:\Users\CurrentUserName\AppData\Roaming\*.jar
C:\Users\CurrentUserName\AppData\Roaming\*.js
C:\Users\CurrentUserName\AppData\Roaming\*.jse
C:\Users\CurrentUserName\AppData\Roaming\*.lnk
C:\Users\CurrentUserName\AppData\Roaming\*.pif
C:\Users\CurrentUserName\AppData\Roaming\*.ps1
C:\Users\CurrentUserName\AppData\Roaming\*.py
C:\Users\CurrentUserName\AppData\Roaming\*.pyc
C:\Users\CurrentUserName\AppData\Roaming\*.pyd
C:\Users\CurrentUserName\AppData\Roaming\*.scr
C:\Users\CurrentUserName\AppData\Roaming\*.tmp
C:\Users\CurrentUserName\AppData\Roaming\*.vbe
C:\Users\CurrentUserName\AppData\Roaming\*.vbs
C:\Users\CurrentUserName\AppData\Roaming\*.wsf
C:\Users\CurrentUserName\AppData\Roaming\*.wsh
C:\Users\CurrentUserName\AppData\Roaming\*.zip
C:\Windows\System32\config\systemprofile\AppData\Local\*.tmp
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
C:\Windows\System32\GroupPolicyUsers
C:\Windows\System32\GroupPolicy
CMD: DISM.exe /Online /Cleanup-image /Restorehealth
CMD: SFC.exe /scannow
CMD: netsh int ip reset
CMD: netsh int ipv6 reset
CMD: ipconfig /flushDNS
CMD: netsh winsock reset catalog
C:\Users\CurrentUserName\AppData\Local\Temp\*
C:\Windows\Temp\*
C:\Windows\SystemTemp\*
EmptyTemp:
End::
Warning
Executing a Fixlist on the wrong system may permanently damage it. Continue only if this link was meant for you.
To view the content, acknowledge this warning.