Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
S1 drqcffhd; \??\C:\WINDOWS\system32\drivers\drqcffhd.sys [X]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ncdlfdpl.sys:changelist [918]
EmptyTemp:
End::