Tech News, Latest Technology, Mobiles, Laptops

Laptop freezes frequently, suspicious services – infected ?

28

Laptop freezes frequently, suspicious services – infected ?

Hi,
 
My laptop started freezing often. It started not long ago. It will freeze from 30 seconds up-to 1 mins.
It generally seems sluggish.

 

Then I noticed many suspicious looking services running like ‘WpnUserService_395df’, ‘CDPUserSvc_395df’, ‘CaptureService_e39e4’ and many more like that.
Also noticed many security audit events in event viewer for ‘Credential Manager credentials were read’, ‘Special privileges assigned to new logon’, ‘An account was successfully logged on’, ‘An attempt was made to register a security event source.’ It all looked very suspicious.

 

So I did Windows 10 ‘Reset this PC’ but chose to keep my data files. After reset I am not sure if things are back to normal. I still see suspicious services and event log entries. While searching on internet I found this forum. Hope people here can help identifying any issues. 

I am posting logs from running ‘Farbar Recovery Scan Tool ‘ below:

 

||||||||| FRST.txt ||||||||||

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by asingh (administrator) on AJAY-LAPTOP (Dell Inc. Latitude E6430s) (03-01-2021 16:42:41)
Running from C:UsersasinghDownloadsBC_AntivirusTools
Loaded Profiles: asingh
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:Program FilesDellTPadApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:Program FilesDellTPadApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:Program FilesDellTPadApoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:Program FilesDellTPadhidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:Program FilesDellTPadHidMonitorSvc.exe
(Intel® pGFX -> Intel Corporation) C:WindowsSystem32igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:WindowsSystem32igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:WindowsSystem32igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:WindowsSystem32igfxTray.exe
(Malwarebytes Inc -> Malwarebytes) E:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) E:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweMicrosoftEdge.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbweWinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MicrosoftEdgeCP.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2011.6-0MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2011.6-0NisSrv.exe
(O2Micro Inc. -> O2Micro International) C:WindowsSystem32o2flash.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [Apoint] => C:Program FilesDellTPadApoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM…Run: [Logitech Download Assistant] => C:WindowsSystem32LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
Startup: C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupRealtime.ffs_real [2020-01-21] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E1AB296-CEF4-4D6B-AF5F-62C2080830F1} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2011.6-0MpCmdRun.exe [545704 2021-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {46F15CF9-D253-4FC9-AAA0-F4779952D241} – System32TasksEOSv3 Scheduler onLogOn => D:AntiVirusToolsesetonlinescanner.exe [15012440 2021-01-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {BA08F010-928F-48F2-B621-E10AD9099542} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2011.6-0MpCmdRun.exe [545704 2021-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C2762499-3D1D-4ECF-B453-C6BEC4EF5C0F} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2011.6-0MpCmdRun.exe [545704 2021-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C788CF01-AB61-43EF-A1B5-0AC4ED9D3348} – System32TasksEOSv3 Scheduler onTime => D:AntiVirusToolsesetonlinescanner.exe [15012440 2021-01-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {FA353D50-4E2D-4DDB-93BE-B0D2E0772EDB} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2011.6-0MpCmdRun.exe [545704 2021-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 172.20.10.1
Tcpip..Interfaces{b6b06722-83de-4974-b91f-3a2dd7fbf5fe}: [DhcpNameServer] 172.20.10.1

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:Program FilesDellTPadHidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 MBAMService; E:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7456464 2021-01-02] (Malwarebytes Inc -> Malwarebytes)
R2 O2FLASH; C:WINDOWSsystem32o2flash.exe [244328 2011-11-16] (O2Micro Inc. -> O2Micro International)
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5197552 2020-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2011.6-0NisSrv.exe [2491880 2021-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2011.6-0MsMpEng.exe [128376 2021-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DellRbtn; C:WINDOWSSystem32driversDellRbtn.sys [29160 2018-07-27] (Dell Inc -> OSR Open Systems Resources, Inc.)
S3 HBtnKey; C:WINDOWSSystem32driversHBtnKey.sys [20424 2012-01-25] (Dell Inc -> Dell Inc.)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [220160 2021-01-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248968 2021-01-02] (Malwarebytes Inc -> Malwarebytes)
S3 nusb3hub; C:WINDOWSSystem32driversnusb3hub.sys [80384 2010-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 nusb3xhc; C:WINDOWSSystem32driversnusb3xhc.sys [181248 2010-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 O2MDFRDR; C:WINDOWSSystem32driversO2MDFvstx64.sys [72936 2011-01-03] (O2Micro Inc. -> O2Micro)
S3 O2MDRRDR; C:WINDOWSSystem32driversO2MDRvstx64.sys [75112 2011-01-03] (O2Micro Inc. -> O2Micro)
R3 O2SDJRDR; C:WINDOWSSystem32driverso2sdjvstx64.sys [84712 2011-11-14] (O2Micro Inc. -> O2Micro)
S0 ST7007; C:WINDOWSSystem32driversST7007.sys [67696 2011-06-20] (STMicroelectronics -> STMicroelectronics)
R0 stdcfltn; C:WINDOWSSystem32DRIVERSstdcfltn.sys [22128 2011-07-15] (STMicroelectronics -> ST Microelectronics)
S3 USBAAPL64; C:WINDOWSSystem32Driversusbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxUSB; C:WINDOWSSystem32DriversVBoxUSB.sys [174000 2020-01-15] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [48536 2021-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [429296 2021-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [70896 2021-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 wdvpnpbus; C:WINDOWSSystem32driverswdvpnpbus.sys [20608 2017-11-21] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 16:40 – 2021-01-03 16:42 – 000000000 ____D C:UsersasinghDownloadsBC_AntivirusTools
2021-01-03 16:40 – 2021-01-03 16:40 – 000000000 ____D C:UsersasinghDownloadsBC_AntiVirus_ScanLogs
2021-01-03 15:02 – 2021-01-03 15:02 – 000000000 ____D C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsTouchPad
2021-01-03 14:01 – 2021-01-03 14:02 – 000000000 ____D C:UsersasinghAppDataRoamingCode
2021-01-03 13:27 – 2021-01-03 13:27 – 000000000 ____D C:UsersasinghAppDataRoamingZoom
2021-01-03 07:55 – 2021-01-03 07:55 – 000000000 ___HD C:UsersasinghMicrosoftEdgeBackups
2021-01-02 23:21 – 2021-01-03 15:01 – 070254592 _____ C:WINDOWSsystem32configSOFTWARE
2021-01-02 22:04 – 2021-01-02 22:06 – 000000000 ____D C:WINDOWSsystem32MRT
2021-01-02 20:13 – 2021-01-02 20:13 – 000000000 ____D C:UsersasinghAppDataLocalOneDrive
2021-01-02 20:10 – 2021-01-03 07:53 – 000003784 _____ C:WINDOWSsystem32TasksEOSv3 Scheduler onLogOn
2021-01-02 20:10 – 2021-01-03 07:53 – 000003342 _____ C:WINDOWSsystem32TasksEOSv3 Scheduler onTime
2021-01-02 19:50 – 2021-01-02 19:50 – 000000000 ____D C:UsersasinghAppDataLocalPlaceholderTileLogoFolder
2021-01-02 19:39 – 2021-01-02 19:39 – 000000000 ____D C:UsersasinghAppDataLocalPeerDistRepub
2021-01-02 19:37 – 2021-01-02 19:37 – 000000000 ____D C:AdwCleaner
2021-01-02 19:36 – 2021-01-03 07:53 – 000000000 ____D C:UsersasinghDownloadsAntiVirusToolRun_Results
2021-01-02 18:09 – 2021-01-02 19:36 – 000000000 ____D C:ProgramDataRogueKiller
2021-01-02 18:07 – 2021-01-02 23:05 – 000000744 _____ C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk
2021-01-02 18:07 – 2021-01-02 23:05 – 000000646 _____ C:UsersasinghDesktopESET Online Scanner.lnk
2021-01-02 18:07 – 2021-01-02 23:05 – 000000000 ____D C:UsersasinghAppDataLocalESET
2021-01-02 10:18 – 2021-01-02 10:18 – 000000000 ____D C:ProgramDataSophos
2021-01-02 10:17 – 2021-01-02 10:17 – 000002775 _____ C:UsersPublicDesktopSophos Virus Removal Tool.lnk
2021-01-02 10:17 – 2021-01-02 10:17 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSophos
2021-01-02 10:17 – 2021-01-02 10:17 – 000000000 ____D C:Program Files (x86)Sophos
2021-01-02 10:12 – 2021-01-02 10:12 – 000000985 _____ C:UsersPublicDesktopMalwarebytes.lnk
2021-01-02 10:12 – 2021-01-02 10:12 – 000000985 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2021-01-02 10:12 – 2021-01-02 10:12 – 000000000 ____D C:UsersasinghAppDataLocalmbam
2021-01-02 10:11 – 2021-01-02 10:11 – 000248968 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2021-01-02 10:11 – 2021-01-02 10:11 – 000220160 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2021-01-02 10:11 – 2021-01-02 10:11 – 000153312 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys
2021-01-02 10:11 – 2021-01-02 10:11 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys
2021-01-02 10:11 – 2021-01-02 10:11 – 000000000 ____D C:ProgramDataMalwarebytes
2021-01-02 04:02 – 2021-01-02 23:21 – 000000000 ____D C:WINDOWSMicrosoft Antimalware
2021-01-02 01:06 – 2021-01-02 01:06 – 000000144 _____ C:WINDOWSsystem32{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-01 22:00 – 2021-01-01 19:20 – 000000000 ____D C:WINDOWSPanther
2021-01-01 21:57 – 2021-01-02 06:00 – 000000000 ____D C:Windows.old
2021-01-01 21:56 – 2021-01-01 21:56 – 000000000 ____D C:WINDOWSServiceProfiles
2021-01-01 21:55 – 2021-01-01 21:55 – 000000000 ____D C:Program FilesDellTPad
2021-01-01 21:54 – 2021-01-01 21:54 – 000000000 ____D C:Program FilesSTMicroelectronics
2021-01-01 21:53 – 2021-01-01 21:53 – 000008192 _____ C:WINDOWSsystem32configuserdiff
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64winrm
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64WCN
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64sysprep
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64slmgr
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64Printing_Admin_Scripts
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64MailContactsCalendarSync
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64FxsTmp
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64409
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32winrm
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32WCN
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32slmgr
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32Printing_Admin_Scripts
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32OpenSSH
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32MailContactsCalendarSync
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSetup
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSOCR
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSaddins
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:ProgramDatassh
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:Program FilesReference Assemblies
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:Program FilesMSBuild
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:Program Files (x86)Reference Assemblies
2021-01-01 21:52 – 2021-01-01 21:52 – 000000000 ____D C:Program Files (x86)MSBuild
2021-01-01 21:52 – 2021-01-01 19:20 – 000000000 ____D C:WINDOWSsystem32FxsTmp
2021-01-01 21:51 – 2021-01-01 21:51 – 000000000 ____D C:WINDOWSsystem32409
2021-01-01 21:51 – 2021-01-01 21:51 – 000000000 ____D C:WINDOWSDigitalLocker
2021-01-01 21:51 – 2020-10-02 19:33 – 000835472 _____ (Adobe) C:WINDOWSSysWOW64FlashPlayerApp.exe
2021-01-01 21:51 – 2020-10-02 19:33 – 000179608 _____ (Adobe) C:WINDOWSSysWOW64FlashPlayerCPLApp.cpl
2021-01-01 21:49 – 2021-01-03 16:34 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-01-01 21:49 – 2021-01-03 07:55 – 000000000 ____D C:WINDOWSappcompat
2021-01-01 21:49 – 2021-01-02 19:49 – 000000000 ____D C:Program FilesWindows Defender
2021-01-01 21:49 – 2021-01-02 10:17 – 000000000 ___RD C:Program Files (x86)
2021-01-01 21:49 – 2021-01-02 10:11 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-01-01 21:49 – 2021-01-01 22:00 – 000000000 ____D C:WINDOWSContainers
2021-01-01 21:49 – 2021-01-01 21:58 – 000028672 _____ C:WINDOWSsystem32configBCD-Template
2021-01-01 21:49 – 2021-01-01 21:57 – 000000000 __RHD C:UsersPublicLibraries
2021-01-01 21:49 – 2021-01-01 21:57 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase
2021-01-01 21:49 – 2021-01-01 21:57 – 000000000 ____D C:WINDOWSCSC
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ___SD C:WINDOWSSysWOW64F12
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ___SD C:WINDOWSsystem32F12
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64setup
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64oobe
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64MUI
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSysWOW64Com
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSSystemResources
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32Sysprep
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32setup
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32MUI
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSsystem32migwiz
2021-01-01 21:49 – 2021-01-01 21:52 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ___SD C:WINDOWSsystem32dsc
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:WINDOWSsystem32Dism
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:WINDOWSsystem32Com
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:WINDOWSIME
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:WINDOWSHelp
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program FilesWindows Photo Viewer
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program FilesWindows NT
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program Files (x86)Windows NT
2021-01-01 21:49 – 2021-01-01 21:51 – 000000000 ____D C:Program Files (x86)Windows Defender
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 __SHD C:WINDOWSBitLockerDiscoveryVolumeContents
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 __SHD C:Program FilesWindows Sidebar
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 __SHD C:Program Files (x86)Windows Sidebar
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 __RSD C:WINDOWSMedia
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSSysWOW64Nui
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSSysWOW64Configuration
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSsystem32UNP
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSsystem32Nui
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSsystem32Configuration
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSsystem32AppV
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___SD C:WINDOWSDownloaded Program Files
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___RD C:WINDOWSOffline Web Pages
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ___HD C:WINDOWSLanguageOverlayCache
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSWeb
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSWaaS
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSVss
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWStracing
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSTAPI
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64SMI
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64ras
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64PerceptionSimulation
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64NDF
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64Msdtc
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64migwiz
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64Macromed
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64Keywords
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64Ipmi
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64InputMethod
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64inetsrv
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64IME
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64icsxml
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicyUsers
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicy
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64downlevel
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64Bthprops
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64AppLocker
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSysWOW64AdvancedInstallers
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSystemApps
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32WinMetadata
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32winevt
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ti-et
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ta-lk
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ta-in
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32si-lk
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ShellExperiences
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32Sgrm
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32SecureBootUpdates
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ras
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ProximityToast
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32PointOfService
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32osa-Osge-001
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32NDF
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32my-mm
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32MsDtc
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32Macromed
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32Keywords
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32Ipmi
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32InputMethod
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32inetsrv
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32IME
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32icsxml
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ias
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32Hydrogen
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32GroupPolicyUsers
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32GroupPolicy
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ff-Adlm-SN
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32DriverState
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32DriversDriverData
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32downlevel
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32DDFs
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32ContainerSettingsProviders
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32configsystemprofile
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32configRegBack
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32configJournal
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32Bthprops
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32appraiser
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32AppLocker
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32am-et
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32AdvancedInstallers
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSystem
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSKB
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSShellExperiences
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSShellComponents
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsecurity
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSschemas
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSSchCache
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSResources
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSrescache
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSRemotePackages
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSRegistration
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSProvisioning
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSPLA
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSPerformance
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSModemLogs
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSLiveKernelReports
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSL2Schemas
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSInputMethod
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSIdentityCRL
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSGlobalization
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSGameBarPresenceWriter
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSDiagTrack
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSCursors
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSBranding
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSbcastdvr
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:ProgramDataWindowsHolographicDevices
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:ProgramDataUSOShared
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program FilesWindows Security
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program FilesWindows Portable Devices
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program FilesWindows Multimedia Platform
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program FilesModifiableWindowsApps
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program FilesCommon FilesServices
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program Files (x86)Windows Portable Devices
2021-01-01 21:49 – 2021-01-01 21:49 – 000000000 ____D C:Program Files (x86)Windows Multimedia Platform
2021-01-01 21:49 – 2021-01-01 21:47 – 000215943 _____ C:WINDOWSSysWOW64dssec.dat
2021-01-01 21:49 – 2021-01-01 21:47 – 000215943 _____ C:WINDOWSsystem32dssec.dat
2021-01-01 21:49 – 2021-01-01 21:47 – 000020908 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml
2021-01-01 21:49 – 2021-01-01 21:47 – 000017635 _____ C:WINDOWSsystem32Driversetcservices
2021-01-01 21:49 – 2021-01-01 21:47 – 000003683 _____ C:WINDOWSsystem32Driversetclmhosts.sam
2021-01-01 21:49 – 2021-01-01 21:47 – 000003103 _____ C:WINDOWSSysWOW64mmc.exe.config
2021-01-01 21:49 – 2021-01-01 21:47 – 000003103 _____ C:WINDOWSsystem32mmc.exe.config
2021-01-01 21:49 – 2021-01-01 21:47 – 000001358 _____ C:WINDOWSsystem32Driversetcprotocol
2021-01-01 21:49 – 2021-01-01 21:47 – 000000858 _____ C:WINDOWSsystem32DefaultQuestions.json
2021-01-01 21:49 – 2021-01-01 21:47 – 000000741 _____ C:WINDOWSSysWOW64NOISE.DAT
2021-01-01 21:49 – 2021-01-01 21:47 – 000000741 _____ C:WINDOWSsystem32NOISE.DAT
2021-01-01 21:49 – 2021-01-01 21:47 – 000000407 _____ C:WINDOWSsystem32Driversetcnetworks
2021-01-01 21:49 – 2021-01-01 21:47 – 000000219 _____ C:WINDOWSsystem.ini
2021-01-01 21:49 – 2021-01-01 21:47 – 000000092 _____ C:WINDOWSwin.ini
2021-01-01 21:49 – 2021-01-01 21:31 – 000000000 ____D C:ProgramDataUSOPrivate
2021-01-01 21:49 – 2021-01-01 20:13 – 000000000 ____D C:WINDOWSAppReadiness
2021-01-01 21:49 – 2021-01-01 20:05 – 000000000 ____D C:WINDOWSServiceState
2021-01-01 21:49 – 2021-01-01 20:04 – 000000000 ___RD C:WINDOWSPrintDialog
2021-01-01 21:49 – 2021-01-01 19:48 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-01-01 21:49 – 2021-01-01 19:48 – 000000000 ___HD C:Program FilesWindowsApps
2021-01-01 21:49 – 2021-01-01 19:20 – 000000000 ____D C:WINDOWSsystem32spool
2021-01-01 21:49 – 2021-01-01 19:20 – 000000000 ____D C:WINDOWSsystem32oobe
2021-01-01 21:49 – 2021-01-01 19:00 – 000000000 ____D C:WINDOWSsystem32configTxR
2021-01-01 21:49 – 2016-06-02 13:41 – 000069120 _____ (Khronos Group) C:WINDOWSSysWOW64opencl.dll
2021-01-01 21:48 – 2021-01-03 15:06 – 000000000 ____D C:WINDOWSINF
2021-01-01 21:44 – 2021-01-02 22:13 – 000000000 ____D C:WINDOWSCbsTemp
2021-01-01 21:43 – 2021-01-03 15:01 – 014680064 _____ C:WINDOWSsystem32configSYSTEM
2021-01-01 21:43 – 2021-01-03 15:01 – 000524288 _____ C:WINDOWSsystem32configDEFAULT
2021-01-01 21:43 – 2021-01-03 15:01 – 000524288 _____ C:WINDOWSsystem32configBBI
2021-01-01 21:43 – 2021-01-03 15:01 – 000065536 _____ C:WINDOWSsystem32configSECURITY
2021-01-01 21:43 – 2021-01-03 15:01 – 000065536 _____ C:WINDOWSsystem32configSAM
2021-01-01 21:43 – 2021-01-02 22:13 – 000000000 ____D C:WINDOWSservicing
2021-01-01 21:43 – 2021-01-01 21:49 – 000000000 ____D C:WINDOWSsystem32SMI
2021-01-01 21:43 – 2021-01-01 19:11 – 000032768 _____ C:WINDOWSsystem32configELAM
2021-01-01 20:06 – 2021-01-01 20:06 – 000000000 ____D C:UsersasinghAppDataLocalComms
2021-01-01 19:56 – 2021-01-02 02:00 – 000000000 ____D C:toolfrst
2021-01-01 19:52 – 2021-01-03 16:43 – 000000000 ____D C:FRST
2021-01-01 19:52 – 2021-01-01 19:52 – 000000000 ____H C:WINDOWSsystem32DriversMsft_User_WpdFs_01_11_00.Wdf
2021-01-01 19:51 – 2021-01-02 19:47 – 000003372 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2589756144-158593631-1387058302-1001
2021-01-01 19:51 – 2021-01-01 19:51 – 000000000 ____D C:UsersasinghAppDataLocalD3DSCache
2021-01-01 19:50 – 2021-01-01 19:50 – 000000000 ____D C:UsersasinghAppDataRoamingElectrum
2021-01-01 19:49 – 2021-01-03 07:55 – 000000000 ____D C:UsersasinghAppDataLocalMicrosoftEdge
2021-01-01 19:49 – 2021-01-01 19:49 – 000001450 _____ C:UsersasinghDesktopMicrosoft Edge.lnk
2021-01-01 19:49 – 2021-01-01 19:49 – 000000000 ____D C:ProgramDataMicrosoft OneDrive
2021-01-01 19:48 – 2021-01-01 20:06 – 000000000 ____D C:UsersasinghAppDataLocalPackages
2021-01-01 19:48 – 2021-01-01 20:05 – 000000000 ____D C:ProgramDataPackages
2021-01-01 19:48 – 2021-01-01 19:48 – 000000451 _____ C:WINDOWSsystem32{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2021-01-01 19:48 – 2021-01-01 19:48 – 000000020 ___SH C:Usersasinghntuser.ini
2021-01-01 19:48 – 2021-01-01 19:48 – 000000000 ____D C:UsersasinghAppDataRoamingAdobe
2021-01-01 19:48 – 2021-01-01 19:48 – 000000000 ____D C:UsersasinghAppDataLocalVirtualStore
2021-01-01 19:48 – 2021-01-01 19:48 – 000000000 ____D C:UsersasinghAppDataLocalPublishers
2021-01-01 19:48 – 2021-01-01 19:48 – 000000000 ____D C:UsersasinghAppDataLocalConnectedDevicesPlatform
2021-01-01 19:13 – 2021-01-03 15:06 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-01-01 19:13 – 2021-01-01 19:13 – 000000000 _SHDL C:UsersDefault User
2021-01-01 19:13 – 2021-01-01 19:13 – 000000000 _SHDL C:UsersAll Users
2021-01-01 19:11 – 2021-01-01 19:11 – 000038922 _____ C:UsersasinghDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:Usersvmc_tribyte_apiDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UserspubnubChatDemoDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:Usersproxy_vmc_freshdesk_ssoDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UsersphpmyadminDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UsersMantisBTDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:Usersintellaops_aibotDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UsersInnotrailWebSiteDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UsersDefaultAppPoolDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:Userschabot_demo_intelaopsDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UserscbsampleDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:UsersagentchatDesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:Users.NET v4.5DesktopRemoved Apps.html
2021-01-01 19:11 – 2021-01-01 19:11 – 000035098 _____ C:Users.NET v4.5 ClassicDesktopRemoved Apps.html
2021-01-01 19:05 – 2021-01-03 13:27 – 000000000 ____D C:Usersasingh
2021-01-01 19:05 – 2021-01-02 19:47 – 000002372 _____ C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:Usersproxy_vmc_freshdesk_sso
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:Usersphpmyadmin
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:Usersintellaops_aibot
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:UsersInnotrailWebSite
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:UsersDefaultAppPool
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:Userschabot_demo_intelaops
2021-01-01 19:05 – 2021-01-01 19:11 – 000000000 ____D C:Userscbsample
2021-01-01 19:05 – 2021-01-01 19:08 – 000000000 ____D C:Usersvmc_tribyte_api
2021-01-01 19:05 – 2021-01-01 19:08 – 000000000 ____D C:UserspubnubChatDemo
2021-01-01 19:05 – 2021-01-01 19:08 – 000000000 ____D C:UsersMantisBT
2021-01-01 19:05 – 2021-01-01 19:08 – 000000000 ____D C:Usersagentchat
2021-01-01 19:05 – 2021-01-01 19:08 – 000000000 ____D C:Users.NET v4.5 Classic
2021-01-01 19:05 – 2021-01-01 19:08 – 000000000 ____D C:Users.NET v4.5
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:Usersvmc_tribyte_apiAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UserspubnubChatDemoAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:Usersproxy_vmc_freshdesk_ssoAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UsersphpmyadminAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UsersMantisBTAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:Usersintellaops_aibotAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UsersInnotrailWebSiteAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UsersDefaultAppPoolAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:Userschabot_demo_intelaopsAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UserscbsampleAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:UsersagentchatAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:Users.NET v4.5AppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:05 – 2019-12-07 04:10 – 000001105 _____ C:Users.NET v4.5 ClassicAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-01-01 19:03 – 2021-01-01 19:03 – 000000000 ____H C:WINDOWSsystem32DriversMsft_Kernel_ST_ACCEL_01009.Wdf
2021-01-01 19:03 – 2021-01-01 19:03 – 000000000 ____D C:Program FilesDIFX
2021-01-01 19:02 – 2021-01-03 15:02 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-01-01 19:02 – 2021-01-02 19:49 – 000000000 ____D C:WINDOWSsystem32Driverswd
2021-01-01 19:02 – 2021-01-01 19:02 – 000000000 ____H C:WINDOWSsystem32DriversMsft_Kernel_Apfiltr_01009.Wdf
2021-01-01 19:02 – 2021-01-01 19:02 – 000000000 ____D C:WINDOWSdevcon
2021-01-01 19:02 – 2021-01-01 19:02 – 000000000 ____D C:Program FilesIntel
2021-01-01 19:02 – 2016-06-02 13:41 – 000072704 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.DLL
2021-01-01 19:02 – 2011-07-15 21:31 – 000022128 _____ (ST Microelectronics) C:WINDOWSsystem32Driversstdcfltn.sys
2021-01-01 19:00 – 2021-01-03 16:34 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-01-01 19:00 – 2021-01-01 19:00 – 000258688 _____ C:WINDOWSsystem32FNTCACHE.DAT
2020-12-26 20:58 – 2020-12-26 20:58 – 000000238 _____ C:Usersasingh.gitconfig
2020-12-24 19:30 – 2020-12-24 19:30 – 000297986 _____ C:UsersasinghDocumentsDadi_Dadu_gift_2020.pdf
2020-12-24 19:23 – 2020-12-24 19:30 – 000627308 _____ C:UsersasinghDocumentsDadi_Dadu_gift_2020.pptx
2020-12-18 14:26 – 2021-01-01 19:11 – 000000000 ____D C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsElectrum
2020-12-18 14:26 – 2020-12-18 14:26 – 000000792 _____ C:UsersasinghDesktopElectrum.lnk
2020-12-17 12:50 – 2021-01-01 21:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDropbox
2020-12-16 10:03 – 2020-12-24 17:53 – 000000000 ____D C:Usersasingh.thinkorswim
2020-12-16 10:01 – 2021-01-01 21:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsthinkorswim
2020-12-16 10:01 – 2020-12-16 10:01 – 000000850 _____ C:UsersPublicDesktopthinkorswim.lnk
2020-12-14 08:39 – 2021-01-01 19:11 – 000000000 ____D C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom
2020-12-09 12:32 – 2020-12-09 12:32 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2020-12-09 12:32 – 2020-12-09 12:32 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2020-12-09 12:32 – 2020-12-09 12:32 – 002260480 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 001822272 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2020-12-09 12:32 – 2020-12-09 12:32 – 001393496 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi
2020-12-09 12:32 – 2020-12-09 12:32 – 001333248 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000363520 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000266240 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000240640 _____ C:WINDOWSSysWOW64CoreMas.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000165376 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe
2020-12-09 12:32 – 2020-12-09 12:32 – 000102912 _____ (Microsoft Corporation) C:WINDOWSsystem32ncpa.cpl
2020-12-09 12:32 – 2020-12-09 12:32 – 000100864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ncpa.cpl
2020-12-09 12:32 – 2020-12-09 12:32 – 000089088 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000073216 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe
2020-12-09 12:32 – 2020-12-09 12:32 – 000048640 _____ (Adobe Systems) C:WINDOWSsystem32atmlib.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000039936 _____ (Adobe Systems) C:WINDOWSSysWOW64atmlib.dll
2020-12-09 12:32 – 2020-12-09 12:32 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe
2020-12-09 12:32 – 2020-12-09 12:32 – 000010912 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2020-12-09 12:32 – 2020-12-09 12:32 – 000010752 _____ C:WINDOWSSysWOW64agentactivationruntimestarter.exe
2020-12-09 12:32 – 2020-12-09 12:32 – 000001370 _____ C:WINDOWSsystem32ThirdPartyNoticesBySHS.txt
2020-12-08 19:47 – 2020-12-08 19:59 – 000000000 ____D C:UsersasinghDocumentsSound recordings
2020-12-04 20:49 – 2020-12-04 20:51 – 000000000 ____D C:UsersasinghDesktopshopping
2020-12-04 00:04 – 2020-12-04 00:04 – 000000551 _____ C:UsersasinghDesktopAWS_Jam_lounge.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 16:40 – 2020-09-20 08:42 – 000000000 ____D C:UsersasinghDownloadsOld_downloads
2021-01-03 15:02 – 2020-05-10 22:00 – 000008192 ___SH C:DumpStack.log.tmp
2021-01-03 15:02 – 2020-01-19 10:46 – 000000000 __SHD C:UsersasinghIntelGraphicsProfiles
2021-01-02 22:08 – 2020-05-10 20:40 – 000000000 ___HD C:$WinREAgent
2021-01-02 19:47 – 2020-01-19 10:49 – 000000000 ___RD C:UsersasinghOneDrive
2021-01-01 21:57 – 2020-11-10 00:09 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsIIS
2021-01-01 21:57 – 2020-10-13 23:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGit
2021-01-01 21:57 – 2020-08-31 08:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes
2021-01-01 21:57 – 2020-07-20 19:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPDFsam Basic
2021-01-01 21:57 – 2020-06-16 19:58 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOBS Studio
2021-01-01 21:57 – 2020-05-16 13:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVM for Windows
2021-01-01 21:57 – 2020-04-11 17:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2021-01-01 21:57 – 2020-03-02 00:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFileZilla FTP Client
2021-01-01 21:57 – 2020-02-22 13:42 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Kits
2021-01-01 21:57 – 2020-02-22 13:34 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVisual Studio 2017
2021-01-01 21:57 – 2020-02-22 13:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPython 2.7
2021-01-01 21:57 – 2020-01-27 17:58 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTortoiseHg
2021-01-01 21:57 – 2020-01-27 17:09 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVisual Studio 2019
2021-01-01 21:57 – 2020-01-21 22:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinMerge
2021-01-01 21:57 – 2020-01-21 22:15 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRealTimeSync
2021-01-01 21:56 – 2020-04-11 16:58 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOWASP
2021-01-01 21:56 – 2020-03-06 18:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMySQL
2021-01-01 21:56 – 2020-02-09 22:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDell
2021-01-01 19:48 – 2020-01-19 10:46 – 000000000 __RHD C:UsersPublicAccountPictures
2021-01-01 19:48 – 2020-01-19 10:46 – 000000000 ___RD C:Usersasingh3D Objects
2021-01-01 19:11 – 2020-05-16 13:20 – 000000000 ____D C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsVisual Studio Code
2021-01-01 16:49 – 2020-01-21 14:04 – 000000000 ____D C:UsersasinghAppDataLocalLowMozilla
2020-12-26 21:04 – 2020-04-17 21:46 – 000031524 _____ C:Usersasingh.bash_history
2020-12-24 17:55 – 2020-01-21 17:19 – 000001045 _____ C:UsersasinghDesktopmagicJack.lnk
2020-12-24 17:55 – 2020-01-21 10:25 – 000001031 _____ C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsmagicJack.lnk
2020-12-24 10:30 – 2020-01-27 18:49 – 000000000 ____D C:Usersasingh.VirtualBox
2020-12-21 21:31 – 2020-05-29 21:07 – 000000000 ____D C:UsersasinghAppDataRoamingMicrosoftWindowsStart MenuProgramsPostman
2020-12-14 08:39 – 2020-05-11 22:45 – 000001940 _____ C:UsersasinghDesktopZoom.lnk
2020-12-11 22:22 – 2020-09-10 15:01 – 000000818 _____ C:UsersPublicDesktopWinSCP.lnk
2020-12-11 22:22 – 2020-09-10 15:01 – 000000818 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWinSCP.lnk
2020-12-07 19:07 – 2020-03-02 00:53 – 000001004 _____ C:UsersPublicDesktopFileZilla Client.lnk
2020-12-06 22:00 – 2020-04-11 15:57 – 000001672 _____ C:UsersasinghDesktop1.txt
2020-12-06 22:00 – 2020-04-11 15:57 – 000001493 _____ C:UsersasinghDesktop2..txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

 

|||||||||||| Addition.txt |||||||||||
 

​

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by asingh (03-01-2021 16:44:21)
Running from C:UsersasinghDownloadsBC_AntivirusTools
Windows 10 Pro Version 2004 19041.685 (X64) (2021-01-02 00:20:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2589756144-158593631-1387058302-500 – Administrator – Disabled)
asingh (S-1-5-21-2589756144-158593631-1387058302-1001 – Administrator – Enabled) => C:Usersasingh
DefaultAccount (S-1-5-21-2589756144-158593631-1387058302-503 – Limited – Disabled)
Guest (S-1-5-21-2589756144-158593631-1387058302-501 – Limited – Disabled)
WDAGUtilityAccount (S-1-5-21-2589756144-158593631-1387058302-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Dell Touchpad (HKLM…{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 – ALPS ELECTRIC CO., LTD.)
Malwarebytes version 4.3.0.98 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 – Malwarebytes)
Microsoft OneDrive (HKUS-1-5-21-2589756144-158593631-1387058302-1001…OneDriveSetup.exe) (Version: 20.201.1005.0009 – Microsoft Corporation)
Sophos Virus Removal Tool (HKLM-x32…{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.8.0 – Sophos Limited)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsmicrosoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsmicrosoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2021-01-01] (Microsoft Studios) [MS Ad]
MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2021-01-01] (Microsoft Corporation) [MS Ad]
Your Phone -> C:Program FilesWindowsAppsMicrosoft.YourPhone_1.19122.89.0_x64__8wekyb3d8bbwe [2021-01-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-2589756144-158593631-1387058302-1001_ClassesCLSID{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}localserver32 -> C:WINDOWSsystem32igfxEM.exe (Intel® pGFX -> Intel Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-01-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:WINDOWSsystem32igfxDTCM.dll [2016-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-01-02] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-01-01 21:49 – 2021-01-01 21:47 – 000000824 _____ C:WINDOWSsystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-2589756144-158593631-1387058302-1001Control PanelDesktopWallpaper ->
DNS Servers: 172.20.10.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedRun: => “Apoint”
HKUS-1-5-21-2589756144-158593631-1387058302-1001…StartupApprovedStartupFolder: => “Realtime.ffs_real”
HKUS-1-5-21-2589756144-158593631-1387058302-1001…StartupApprovedRun: => “OneDrive”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A0ABB77C-9803-4E0A-ABFF-C8CF97F46770}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF8B14B4-23F3-462D-8736-1660662B2C41}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3528DCA4-A00A-4EE7-A836-D7DBAB35BDA7}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FACB490C-12B5-43C7-88CA-8EFFD9633766}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5957FF10-2963-48FC-9E73-C2DECE9F30B4}E:program filesmicrosoft vs codecode.exe] => (Block) E:program filesmicrosoft vs codecode.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{BFDB37C1-74AF-4033-BA2D-DD1957F3C227}E:program filesmicrosoft vs codecode.exe] => (Block) E:program filesmicrosoft vs codecode.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

Name: STMicroelectronics 3-Axis Digital Accelerometer
Description: STMicroelectronics 3-Axis Digital Accelerometer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: STMicroelectronics
Service: ST_ACCEL
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: ========================

Application errors:
==================
Error: (01/03/2021 01:27:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

 DETAIL – Access is denied.

Error: (01/03/2021 01:27:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

 DETAIL – Access is denied.

Error: (01/02/2021 07:40:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/02/2021 07:33:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/02/2021 01:06:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/01/2021 07:55:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 13.12.2020.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 714

Start Time: 01d6e0a19b4429b2

Termination Time: 4294967295

Application Path: G:FRST64.exe

Report Id: 51df1b0a-9822-490f-add9-ab721210df1f

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (01/01/2021 07:48:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/01/2021 07:21:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent

System errors:
=============
Error: (01/03/2021 10:08:56 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, DeviceHarddisk0DR0, has a bad block.

Error: (01/03/2021 10:05:36 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, DeviceHarddisk0DR0, has a bad block.

Error: (01/03/2021 12:18:07 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {D726464B-98F1-4627-86CD-4A082A1E5307} did not register with DCOM within the required timeout.

Error: (01/03/2021 12:12:58 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {D726464B-98F1-4627-86CD-4A082A1E5307} did not register with DCOM within the required timeout.

Error: (01/03/2021 12:12:27 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, DeviceHarddisk0DR0, has a bad block.

Error: (01/03/2021 12:09:04 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (01/03/2021 12:09:04 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, DeviceHarddisk0DR0, has a bad block.

Error: (01/03/2021 12:07:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Windows Defender:
===================================
Date: 2021-01-03 04:25:40.0260000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {17AC93A5-A0BE-4A57-B6FB-627EB67BA16C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-01-03 15:12:42.0960000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1558.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-01-03 13:42:15.3800000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1558.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-01-02 01:16:21.0420000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1477.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-01-01 21:49:09.2650000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1477.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

BIOS: Dell Inc. A20 02/21/2018
Motherboard: Dell Inc.
Processor: Intel® Core™ i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 21%
Total physical RAM: 16287 MB
Available physical RAM: 12820.94 MB
Total Virtual: 19231 MB
Available Virtual: 15895.31 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:124.8 GB) (Free:74.86 GB) NTFS
Drive d: (Data) (Fixed) (Total:100 GB) (Free:94.7 GB) NTFS
Drive e: (Data2) (Fixed) (Total:1863.01 GB) (Free:1763.63 GB) NTFS

?Volume{3182553a-0000-0000-0000-003338000000} (Recovery) (Fixed) (Total:13.68 GB) (Free:5.94 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 3182553A)
Partition 1: (Not Active) – (Size=124.8 GB) – (Type=07 NTFS)
Partition 2: (Not Active) – (Size=100 GB) – (Type=07 NTFS)
Partition 3: (Active) – (Size=13.7 GB) – (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B974F1A7)
Partition 1: (Not Active) – (Size=1863 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================

 

 

Comments